static_spec.rb in angelo-0.3.2

- old
+ new

@@ -17,21 +17,29 @@
       get '/test.html' do
         'you should not see this'
       end
 
       get '/img' do
-        send_file 'what.png'
+        send_file 'public/what.png'
       end
 
       get '/what' do
-        send_file 'what.png', disposition: :attachment
+        send_file 'public/what.png', disposition: :attachment
       end
 
       get '/attachment.png' do
-        send_file 'what.png', filename: 'attachment.png'
+        send_file 'public/what.png', filename: 'attachment.png'
       end
 
+      get '/does_not_exist' do
+        send_file 'does_not_exist'
+      end
+
+      get '/etc/passwd' do
+        send_file '/etc/passwd'
+      end
+
     end
 
     it 'serves static files for gets' do
       get '/test.css'
       last_response.status.must_equal 200
@@ -96,9 +104,26 @@
     it 'sends files as different filename' do
       get '/attachment.png'
       last_response.status.must_equal 200
       last_response.headers['Content-Type'].must_equal 'image/png'
       last_response.headers['Content-Disposition'].must_equal 'attachment; filename="attachment.png"'
+    end
+
+    it '404s when send_file is called with a non-existent file' do
+      get '/does_not_exist'
+      last_response.status.must_equal 404
+    end
+
+    it 'sends fully pathed fileds' do
+      get '/etc/passwd'
+      if File.exist?('/etc/passwd')
+        last_response.status.must_equal 200
+        last_response.headers['Content-Type'].must_equal 'text/html'
+        last_response.headers['Content-Disposition'].must_be_nil
+        last_response.body.must_equal File.read('/etc/passwd')
+      else
+        last_response.status.must_equal 404
+      end
     end
 
   end
 end