Don't use render :text => "".

author Jean-Philippe Lang <jp_lang@yahoo.fr>

Thu, 21 Jul 2016 20:49:14 +0000 (20:49 +0000)

committer Jean-Philippe Lang <jp_lang@yahoo.fr>

Thu, 21 Jul 2016 20:49:14 +0000 (20:49 +0000)
author Jean-Philippe Lang <jp_lang@yahoo.fr>
Thu, 21 Jul 2016 20:49:14 +0000 (20:49 +0000)
committer Jean-Philippe Lang <jp_lang@yahoo.fr>
Thu, 21 Jul 2016 20:49:14 +0000 (20:49 +0000)
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb

index 4f5f03336c983058526b72315874b80c66ed4670..ba79b949fe378ecd5b98c87e4eb268fec6a5e8ae 100644 (file)
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -654,8 +654,7 @@ class ApplicationController < ActionController::Base
  
    # Renders a head API response
    def render_api_head(status)
-    # #head would return a response body with one space
-    render :text => '', :status => status, :layout => nil
+    head :status => status
    end
  
    # Renders API response on validation failure
diff --git a/app/controllers/mail_handler_controller.rb b/app/controllers/mail_handler_controller.rb

index 1b7cddfac00b8e109ef7343533d62e4bef898162..82ca7cce208cfe8893c302a4cfff85b94b91865f 100644 (file)
--- a/app/controllers/mail_handler_controller.rb
+++ b/app/controllers/mail_handler_controller.rb
@@ -38,7 +38,7 @@ class MailHandlerController < ActionController::Base
    def check_credential
      User.current = nil
      unless Setting.mail_handler_api_enabled? && params[:key].to_s == Setting.mail_handler_api_key
-      render :text => 'Access denied. Incoming emails WS is disabled or key is invalid.', :status => 403
+      render :plain => 'Access denied. Incoming emails WS is disabled or key is invalid.', :status => 403
      end
    end
  end
diff --git a/app/controllers/sys_controller.rb b/app/controllers/sys_controller.rb

index 87b489d3a11d2db9da3514d1b2001f0e149d28f5..6ef72a15fa87b0faa926699b70d62173993f6c3c 100644 (file)
--- a/app/controllers/sys_controller.rb
+++ b/app/controllers/sys_controller.rb
@@ -74,7 +74,7 @@ class SysController < ActionController::Base
    def check_enabled
      User.current = nil
      unless Setting.sys_api_enabled? && params[:key].to_s == Setting.sys_api_key
-      render :text => 'Access denied. Repository management WS is disabled or key is invalid.', :status => 403
+      render :plain => 'Access denied. Repository management WS is disabled or key is invalid.', :status => 403
        return false
      end
    end
diff --git a/app/controllers/watchers_controller.rb b/app/controllers/watchers_controller.rb

index eda84a82ef2409bedf4220be90bc71399ca83ea9..d0658b57401c39dbcb0e2ab9ac2b60768186f1f4 100644 (file)
--- a/app/controllers/watchers_controller.rb
+++ b/app/controllers/watchers_controller.rb
@@ -47,7 +47,7 @@ class WatchersController < ApplicationController
        end
      end
      respond_to do |format|
-      format.html { redirect_to_referer_or {render :text => 'Watcher added.', :layout => true}}
+      format.html { redirect_to_referer_or {render :html => 'Watcher added.', :status => 200, :layout => true}}
        format.js { @users = users_for_new_watcher }
        format.api { render_api_ok }
      end
@@ -69,7 +69,7 @@ class WatchersController < ApplicationController
        watchable.set_watcher(user, false)
      end
      respond_to do |format|
-      format.html { redirect_to :back }
+      format.html { redirect_to_referer_or {render :html => 'Watcher removed.', :status => 200, :layout => true} }
        format.js
        format.api { render_api_ok }
      end
@@ -108,7 +108,10 @@ class WatchersController < ApplicationController
        watchable.set_watcher(user, watching)
      end
      respond_to do |format|
-      format.html { redirect_to_referer_or {render :text => (watching ? 'Watcher added.' : 'Watcher removed.'), :layout => true}}
+      format.html {
+        text = watching ? 'Watcher added.' : 'Watcher removed.'
+        redirect_to_referer_or {render :html => text, :status => 200, :layout => true}
+      }
        format.js { render :partial => 'set_watcher', :locals => {:user => user, :watched => watchables} }
      end
    end
diff --git a/test/functional/mail_handler_controller_test.rb b/test/functional/mail_handler_controller_test.rb

index 864e30d20c39ed47955606a28c1370e7448b627c..91d31b56cb41d6d38fc2be55ccb6f925c074a270 100644 (file)
--- a/test/functional/mail_handler_controller_test.rb
+++ b/test/functional/mail_handler_controller_test.rb
@@ -74,6 +74,7 @@ class MailHandlerControllerTest < Redmine::ControllerTest
        post :index, :key => 'secret', :email => IO.read(File.join(FIXTURES_PATH, 'ticket_on_given_project.eml'))
      end
      assert_response 403
+    assert_include 'Access denied', response.body
    end
  
    def test_should_not_allow_with_wrong_key
@@ -84,6 +85,7 @@ class MailHandlerControllerTest < Redmine::ControllerTest
        post :index, :key => 'wrong', :email => IO.read(File.join(FIXTURES_PATH, 'ticket_on_given_project.eml'))
      end
      assert_response 403
+    assert_include 'Access denied', response.body
    end
  
    def test_new
diff --git a/test/functional/sys_controller_test.rb b/test/functional/sys_controller_test.rb

index 66beeca0b1835b01575fe76ce93eb44b930f60f8..becd4ec42b371981d22fd04e5708d26b43ab1457 100644 (file)
--- a/test/functional/sys_controller_test.rb
+++ b/test/functional/sys_controller_test.rb
@@ -113,6 +113,7 @@ class SysControllerTest < Redmine::ControllerTest
      with_settings :sys_api_enabled => '0' do
        get :projects
        assert_response 403
+      assert_include 'Access denied', response.body
      end
    end
  
@@ -127,6 +128,7 @@ class SysControllerTest < Redmine::ControllerTest
      with_settings :sys_api_enabled => 'my_secret_key' do
        get :projects, :params => {:key => 'wrong_key'}
        assert_response 403
+      assert_include 'Access denied', response.body
      end
    end
  end
diff --git a/test/functional/watchers_controller_test.rb b/test/functional/watchers_controller_test.rb

index 422fc6cda1209aa363d1ced3b0625fd73da17852..3cec7a075660b3c68efcc1880fcc9d0d12a9dc57 100644 (file)
--- a/test/functional/watchers_controller_test.rb
+++ b/test/functional/watchers_controller_test.rb
@@ -25,6 +25,16 @@ class WatchersControllerTest < Redmine::ControllerTest
      User.current = nil
    end
  
+  def test_watch_a_single_object_as_html
+    @request.session[:user_id] = 3
+    assert_difference('Watcher.count') do
+      post :watch, :params => {:object_type => 'issue', :object_id => '1'}
+      assert_response :success
+      assert_include 'Watcher added', response.body
+    end
+    assert Issue.find(1).watched_by?(User.find(3))
+  end
+
    def test_watch_a_single_object
      @request.session[:user_id] = 3
      assert_difference('Watcher.count') do
@@ -102,6 +112,16 @@ class WatchersControllerTest < Redmine::ControllerTest
      end
    end
  
+  def test_unwatch_as_html
+    @request.session[:user_id] = 3
+    assert_difference('Watcher.count', -1) do
+      delete :unwatch, :params => {:object_type => 'issue', :object_id => '2'}
+      assert_response :success
+      assert_include 'Watcher removed', response.body
+    end
+    assert !Issue.find(1).watched_by?(User.find(3))
+  end
+
    def test_unwatch
      @request.session[:user_id] = 3
      assert_difference('Watcher.count', -1) do
@@ -154,6 +174,19 @@ class WatchersControllerTest < Redmine::ControllerTest
      assert_match /ajax-modal/, response.body
    end
  
+  def test_create_as_html
+    @request.session[:user_id] = 2
+    assert_difference('Watcher.count') do
+      post :create, :params => {
+        :object_type => 'issue', :object_id => '2',
+        :watcher => {:user_id => '4'}
+      }
+      assert_response :success
+      assert_include 'Watcher added', response.body
+    end
+    assert Issue.find(2).watched_by?(User.find(4))
+  end
+
    def test_create
      @request.session[:user_id] = 2
      assert_difference('Watcher.count') do
@@ -295,6 +328,18 @@ class WatchersControllerTest < Redmine::ControllerTest
      assert response.body.blank?
    end
  
+  def test_destroy_as_html
+    @request.session[:user_id] = 2
+    assert_difference('Watcher.count', -1) do
+      delete :destroy, :params => {
+        :object_type => 'issue', :object_id => '2', :user_id => '3'
+      }
+      assert_response :success
+      assert_include 'Watcher removed', response.body
+    end
+    assert !Issue.find(2).watched_by?(User.find(3))
+  end
+
    def test_destroy
      @request.session[:user_id] = 2
      assert_difference('Watcher.count', -1) do
diff --git a/test/integration/api_test/api_test.rb b/test/integration/api_test/api_test.rb

index 84a96e4f75d7dfd3feba8da6e5209efc08399ef1..35fd8f11bbc5e4f41e81038d93859af624a1d7a5 100644 (file)
--- a/test/integration/api_test/api_test.rb
+++ b/test/integration/api_test/api_test.rb
@@ -44,4 +44,13 @@ class Redmine::ApiTest::ApiTest < Redmine::ApiTest::Base
      get '/users/1.xml', {}, credentials('admin')
      assert_include '<created_on>2006-07-19T17:12:21Z</created_on>', response.body
    end
+
+  def test_head_response_should_have_empty_body
+    assert_difference('Issue.count', -1) do
+      delete '/issues/6.xml', {}, credentials('jsmith')
+
+      assert_response :ok
+      assert_equal '', response.body
+    end
+  end
  end
author	Jean-Philippe Lang <jp_lang@yahoo.fr>
	Thu, 21 Jul 2016 20:49:14 +0000 (20:49 +0000)
committer	Jean-Philippe Lang <jp_lang@yahoo.fr>
	Thu, 21 Jul 2016 20:49:14 +0000 (20:49 +0000)
app/controllers/application_controller.rb		patch \| blob \| history
app/controllers/mail_handler_controller.rb		patch \| blob \| history
app/controllers/sys_controller.rb		patch \| blob \| history
app/controllers/watchers_controller.rb		patch \| blob \| history
test/functional/mail_handler_controller_test.rb		patch \| blob \| history
test/functional/sys_controller_test.rb		patch \| blob \| history
test/functional/watchers_controller_test.rb		patch \| blob \| history
test/integration/api_test/api_test.rb		patch \| blob \| history