require 'spec_helper' module RailsBestPractices module Reviews describe RestrictAutoGeneratedRoutesReview do let(:runner) { Core::Runner.new(prepares: Prepares::ControllerPrepare.new, reviews: RestrictAutoGeneratedRoutesReview.new) } describe "resources" do before :each do content =<<-EOF class PostsController < ApplicationController def show; end def new; end def create; end def edit; end def update; end def destroy; end end EOF runner.prepare('app/controllers/posts_controller.rb', content) end describe "rails2" do it "should restrict auto-generated routes" do content =<<-EOF ActionController::Routing::Routes.draw do |map| map.resources :posts end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(1) expect(runner.errors[0].to_s).to eq("config/routes.rb:2 - restrict auto-generated routes posts (except: [:index])") end it "should not restrict auto-generated routes with only" do content =<<-EOF ActionController::Routing::Routes.draw do |map| map.resources :posts, only: [:show, :new, :create, :edit, :update, :destroy] end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(0) end it "should not restrict auto-generated routes with except" do content =<<-EOF ActionController::Routing::Routes.draw do |map| map.resources :posts, except: :index end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(0) end it "should not restrict auto-generated routes with only: :none" do content =<<-EOF ActionController::Routing::Routes.draw do |map| map.resources :posts, only: :none end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(0) end it "should not restrict auto-generated routes with except: :all" do content =<<-EOF ActionController::Routing::Routes.draw do |map| map.resources :posts, except: :all end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(0) end describe "specify a controller" do it "should restrict auto-generated routes" do content =<<-EOF ActionController::Routing::Routes.draw do |map| map.resources :articles, controller: "posts" end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(1) expect(runner.errors[0].to_s).to eq("config/routes.rb:2 - restrict auto-generated routes articles (except: [:index])") end end describe "nested routes" do before :each do content =<<-EOF class CommentsController < ApplicationController def index; end def show; end def new; end def create; end def edit; end def update; end def destroy; end end EOF runner.prepare('app/controllers/comments_controller.rb', content) end it "should restrict auto-generated routes" do content =<<-EOF ActionController::Routing::Routes.draw do |map| map.resources :posts do |post| post.resources :comments end end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(1) expect(runner.errors[0].to_s).to eq("config/routes.rb:2 - restrict auto-generated routes posts (except: [:index])") end it "should not restrict auto-generated routes with only" do content =<<-EOF ActionController::Routing::Routes.draw do |map| map.resources :posts, only: [:show, :new, :create, :edit, :update, :destroy] do |post| post.resources :comments end end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(0) end it "should not restrict auto-generated routes with except" do content =<<-EOF ActionController::Routing::Routes.draw do |map| map.resources :posts, except: :index do |post| post.resources :comments end end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(0) end end end describe "rails3" do it "should restrict auto-generated routes" do content =<<-EOF RailsBestPracticesCom::Application.routes.draw do resources :posts end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(1) expect(runner.errors[0].to_s).to eq("config/routes.rb:2 - restrict auto-generated routes posts (except: [:index])") end it "should not restrict auto-generated routes with only" do content =<<-EOF RailsBestPracticesCom::Application.routes.draw do resources :posts, only: %w(show new create edit update destroy) end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(0) end it "should not restrict auto-generated routes with except" do content =<<-EOF RailsBestPracticesCom::Application.routes.draw do resources :posts, except: :index end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(0) end describe "specify a controller" do it "should restrict auto-generated routes" do content =<<-EOF RailsBestPracticesCom::Application.routes.draw do resources :articles, controller: "posts" end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(1) expect(runner.errors[0].to_s).to eq("config/routes.rb:2 - restrict auto-generated routes articles (except: [:index])") end end describe "namespace" do before do content =<<-EOF class Admin::CommentsController < ApplicationController def show; end def new; end def create; end def edit; end def update; end def destroy; end end EOF runner.prepare('app/controllers/admin/comments_controller.rb', content) end it "should restrict auto-generated routes" do content =<<-EOF RailsBestPracticesCom::Application.routes.draw do namespace :admin do resources :comments end end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(1) expect(runner.errors[0].to_s).to eq("config/routes.rb:3 - restrict auto-generated routes admin/comments (except: [:index])") end it "should restrict auto-generated routes with scope :module" do content =<<-EOF RailsBestPracticesCom::Application.routes.draw do scope module: :admin do resources :comments end end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(1) expect(runner.errors[0].to_s).to eq("config/routes.rb:3 - restrict auto-generated routes admin/comments (except: [:index])") end it "should restrict auto-generated routes with resources :module" do content =<<-EOF RailsBestPracticesCom::Application.routes.draw do resources :comments, module: :admin end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(1) expect(runner.errors[0].to_s).to eq("config/routes.rb:2 - restrict auto-generated routes admin/comments (except: [:index])") end end describe "nested routes" do before :each do content =<<-EOF class CommentsController < ApplicationController def index; end def show; end def new; end def create; end def edit; end def update; end def destroy; end end EOF runner.prepare('app/controllers/comments_controller.rb', content) end it "should restrict auto-generated routes" do content =<<-EOF RailsBestPracticesCom::Application.routes.draw do resources :posts do resources :comments end end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(1) expect(runner.errors[0].to_s).to eq("config/routes.rb:2 - restrict auto-generated routes posts (except: [:index])") end it "should not restrict auto-generated routes with only" do content =<<-EOF RailsBestPracticesCom::Application.routes.draw do resources :posts, only: %w(show new create edit update destroy) do resources :comments end end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(0) end it "should not restrict auto-generated routes with except" do content =<<-EOF RailsBestPracticesCom::Application.routes.draw do resources :posts, except: :index do resources :comments end end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(0) end end end end describe "resource" do before :each do content =<<-EOF class AccountsController < ApplicationController def show; end def new; end def create; end def edit; end def update; end end EOF runner.prepare('app/controllers/accounts_controller.rb', content) end describe "rails2" do it "should restrict auto-generated routes" do content =<<-EOF ActionController::Routing::Routes.draw do |map| map.resource :account end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(1) expect(runner.errors[0].to_s).to eq("config/routes.rb:2 - restrict auto-generated routes account (except: [:destroy])") end it "should not restrict auto-generated routes with only" do content =<<-EOF ActionController::Routing::Routes.draw do |map| map.resource :account, only: %w(show new create edit update) end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(0) end it "should not restrict auto-generated routes with except" do content =<<-EOF ActionController::Routing::Routes.draw do |map| map.resource :account, except: :destroy end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(0) end end describe "rails3" do it "should restrict auto-generated routes" do content =<<-EOF ActionController::Routing::Routes.draw do |map| map.resource :account end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(1) expect(runner.errors[0].to_s).to eq("config/routes.rb:2 - restrict auto-generated routes account (except: [:destroy])") end it "should not restrict auto-generated routes with only" do content =<<-EOF ActionController::Routing::Routes.draw do |map| map.resource :account, only: %w(show new create edit update) end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(0) end it "should not restrict auto-generated routes with except" do content =<<-EOF ActionController::Routing::Routes.draw do |map| map.resource :account, except: :destroy end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(0) end it "should not check ignored files" do runner = Core::Runner.new(prepares: Prepares::ControllerPrepare.new, reviews: RestrictAutoGeneratedRoutesReview.new(ignored_files: /config\/routes\.rb/)) content =<<-EOF ActionController::Routing::Routes.draw do |map| map.resource :account end EOF runner.review('config/routes.rb', content) expect(runner.errors.size).to eq(0) end end end end end end