Skip to content

Commit 7ffc581

Browse files
authored
Merge pull request #159 from geokit/tests2023
Tests 2023
2 parents d1c2108 + a93dfe4 commit 7ffc581

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

55 files changed

+893
-95
lines changed

Diff for: CHANGELOG.md

+5
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,8 @@
1+
## 2.5.0
2+
3+
* Fixed dangerous YAML loading vulnerability
4+
* Rebuilt integration tests
5+
16
## 2.3.2
27

38
* Fix sqlite3 adapter error

Diff for: geokit-rails.gemspec

+6-5
Original file line numberDiff line numberDiff line change
@@ -20,14 +20,15 @@ Gem::Specification.new do |spec|
2020
spec.add_dependency 'rails', '>= 3.0'
2121
spec.add_dependency 'geokit', '~> 1.5'
2222
spec.add_development_dependency "bundler", "> 1.0"
23-
spec.add_development_dependency "simplecov", "~> 0.16.1"
23+
spec.add_development_dependency "simplecov", ">= 0.16.1"
2424
spec.add_development_dependency "simplecov-rcov"
25+
spec.add_development_dependency 'net-http'
2526
spec.add_development_dependency 'rake'
2627
spec.add_development_dependency 'test-unit'
2728
spec.add_development_dependency "mocha", "~> 0.9"
28-
spec.add_development_dependency 'coveralls'
29-
spec.add_development_dependency "mysql2", "~> 0.2"
30-
spec.add_development_dependency "activerecord-mysql2spatial-adapter"
31-
spec.add_development_dependency "pg", "~> 0.10"
29+
spec.add_development_dependency 'coveralls_reborn'
30+
spec.add_development_dependency "mysql2", ">= 0.2"
31+
# spec.add_development_dependency "activerecord-mysql2spatial-adapter"
32+
spec.add_development_dependency "pg", ">= 0.10"
3233
spec.add_development_dependency "sqlite3"
3334
end

Diff for: lib/geokit-rails/ip_geocode_lookup.rb

+4-7
Original file line numberDiff line numberDiff line change
@@ -12,11 +12,7 @@ module IpGeocodeLookup
1212
# Class method to mix into active record.
1313
module ClassMethods # :nodoc:
1414
def geocode_ip_address(filter_options = {})
15-
if respond_to? :before_action
16-
before_action :store_ip_location, filter_options
17-
else
18-
before_filter :store_ip_location, filter_options
19-
end
15+
before_action :store_ip_location, filter_options
2016
end
2117
end
2218

@@ -28,13 +24,14 @@ def geocode_ip_address(filter_options = {})
2824
# get the value.
2925
def store_ip_location
3026
session[:geo_location] ||= retrieve_location_from_cookie_or_service
31-
cookies[:geo_location] = { :value => session[:geo_location].to_yaml, :expires => 30.days.from_now } if session[:geo_location]
27+
cookies[:geo_location] = { :value => session[:geo_location].to_json, :expires => 30.days.from_now } if session[:geo_location]
3228
end
3329

3430
# Uses the stored location value from the cookie if it exists. If
3531
# no cookie exists, calls out to the web service to get the location.
3632
def retrieve_location_from_cookie_or_service
37-
return GeoLoc.new(YAML.load(cookies[:geo_location])) if cookies[:geo_location]
33+
# return GeoLoc.new(YAML.load(cookies[:geo_location])) if cookies[:geo_location]
34+
return GeoLoc.new(JSON.parse(cookies[:geo_location])) if cookies[:geo_location]
3835
location = Geocoders::MultiGeocoder.geocode(get_ip_address)
3936
return location.success ? location : nil
4037
end

Diff for: lib/geokit-rails/version.rb

+1-1
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,3 @@
11
module GeokitRails
2-
VERSION = "2.4.0.pre"
2+
VERSION = "2.5.0"
33
end

Diff for: test/dummy/Rakefile

+6
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
# Add your own tasks in files placed in lib/tasks ending in .rake,
2+
# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
3+
4+
require_relative "config/application"
5+
6+
Rails.application.load_tasks

Diff for: test/dummy/app/assets/images/.keep

Whitespace-only changes.

Diff for: test/dummy/app/assets/stylesheets/application.css

+1
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
/* Application styles */

Diff for: test/dummy/app/channels/application_cable/channel.rb

+4
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
module ApplicationCable
2+
class Channel < ActionCable::Channel::Base
3+
end
4+
end
+4
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
module ApplicationCable
2+
class Connection < ActionCable::Connection::Base
3+
end
4+
end

Diff for: test/dummy/app/controllers/application_controller.rb

+3
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
class ApplicationController < ActionController::Base
2+
attr_accessor :remote_ip
3+
end

Diff for: test/dummy/app/controllers/concerns/.keep

Whitespace-only changes.
+43
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,43 @@
1+
class LocationAwareController < ApplicationController #:nodoc: all
2+
before_action :set_ip, only: [:index,:cookietest,:sessiontest]
3+
before_action :set_ip_bad, only: [:failtest]
4+
before_action :setup, only: [:cookietest,:sessiontest]
5+
geocode_ip_address
6+
7+
def index
8+
render plain: ''
9+
end
10+
11+
def cookietest
12+
cookies[:geo_location] = @success.to_json
13+
render plain: ''
14+
end
15+
16+
def sessiontest
17+
session[:geo_location] = @success.to_json
18+
render plain: ''
19+
end
20+
21+
def failtest
22+
render plain: ''
23+
end
24+
25+
def rescue_action(e) raise e end;
26+
private
27+
def set_ip
28+
request.remote_ip = "good ip"
29+
end
30+
def set_ip_bad
31+
request.remote_ip = "bad ip"
32+
end
33+
def setup
34+
@success = Geokit::GeoLoc.new
35+
@success.provider = "hostip"
36+
@success.lat = 41.7696
37+
@success.lng = -88.4588
38+
@success.city = "Sugar Grove"
39+
@success.state = "IL"
40+
@success.country_code = "US"
41+
@success.success = true
42+
end
43+
end

Diff for: test/dummy/app/helpers/application_helper.rb

+2
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
module ApplicationHelper
2+
end

Diff for: test/dummy/app/jobs/application_job.rb

+7
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
class ApplicationJob < ActiveJob::Base
2+
# Automatically retry jobs that encountered a deadlock
3+
# retry_on ActiveRecord::Deadlocked
4+
5+
# Most jobs are safe to ignore if the underlying records are no longer available
6+
# discard_on ActiveJob::DeserializationError
7+
end

Diff for: test/dummy/app/mailers/application_mailer.rb

+4
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
class ApplicationMailer < ActionMailer::Base
2+
default from: "from@example.com"
3+
layout "mailer"
4+
end

Diff for: test/dummy/app/models/application_record.rb

+3
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
class ApplicationRecord < ActiveRecord::Base
2+
primary_abstract_class
3+
end

Diff for: test/dummy/app/models/concerns/.keep

Whitespace-only changes.

Diff for: test/dummy/app/views/layouts/application.html.erb

+15
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
<!DOCTYPE html>
2+
<html>
3+
<head>
4+
<title>Dummy</title>
5+
<meta name="viewport" content="width=device-width,initial-scale=1">
6+
<%= csrf_meta_tags %>
7+
<%= csp_meta_tag %>
8+
9+
<%= stylesheet_link_tag "application" %>
10+
</head>
11+
12+
<body>
13+
<%= yield %>
14+
</body>
15+
</html>

Diff for: test/dummy/app/views/layouts/mailer.html.erb

+13
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
<!DOCTYPE html>
2+
<html>
3+
<head>
4+
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
5+
<style>
6+
/* Email styles need to be inline */
7+
</style>
8+
</head>
9+
10+
<body>
11+
<%= yield %>
12+
</body>
13+
</html>

Diff for: test/dummy/app/views/layouts/mailer.text.erb

+1
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
<%= yield %>

Diff for: test/dummy/bin/rails

+4
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
#!/usr/bin/env ruby
2+
APP_PATH = File.expand_path("../config/application", __dir__)
3+
require_relative "../config/boot"
4+
require "rails/commands"

Diff for: test/dummy/bin/rake

+4
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
#!/usr/bin/env ruby
2+
require_relative "../config/boot"
3+
require "rake"
4+
Rake.application.run

Diff for: test/dummy/bin/setup

+33
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,33 @@
1+
#!/usr/bin/env ruby
2+
require "fileutils"
3+
4+
# path to your application root.
5+
APP_ROOT = File.expand_path("..", __dir__)
6+
7+
def system!(*args)
8+
system(*args) || abort("\n== Command #{args} failed ==")
9+
end
10+
11+
FileUtils.chdir APP_ROOT do
12+
# This script is a way to set up or update your development environment automatically.
13+
# This script is idempotent, so that you can run it at any time and get an expectable outcome.
14+
# Add necessary setup steps to this file.
15+
16+
puts "== Installing dependencies =="
17+
system! "gem install bundler --conservative"
18+
system("bundle check") || system!("bundle install")
19+
20+
# puts "\n== Copying sample files =="
21+
# unless File.exist?("config/database.yml")
22+
# FileUtils.cp "config/database.yml.sample", "config/database.yml"
23+
# end
24+
25+
puts "\n== Preparing database =="
26+
system! "bin/rails db:prepare"
27+
28+
puts "\n== Removing old logs and tempfiles =="
29+
system! "bin/rails log:clear tmp:clear"
30+
31+
puts "\n== Restarting application server =="
32+
system! "bin/rails restart"
33+
end

Diff for: test/dummy/config.ru

+6
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
# This file is used by Rack-based servers to start the application.
2+
3+
require_relative "config/environment"
4+
5+
run Rails.application
6+
Rails.application.load_server

Diff for: test/dummy/config/application.rb

+22
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
require_relative "boot"
2+
3+
require "rails/all"
4+
5+
# Require the gems listed in Gemfile, including any gems
6+
# you've limited to :test, :development, or :production.
7+
Bundler.require(*Rails.groups)
8+
require "geokit-rails"
9+
10+
module Dummy
11+
class Application < Rails::Application
12+
config.load_defaults Rails::VERSION::STRING.to_f
13+
14+
# Configuration for the application, engines, and railties goes here.
15+
#
16+
# These settings can be overridden in specific environments using the files
17+
# in config/environments, which are processed later.
18+
#
19+
# config.time_zone = "Central Time (US & Canada)"
20+
# config.eager_load_paths << Rails.root.join("extras")
21+
end
22+
end

Diff for: test/dummy/config/boot.rb

+5
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
# Set up gems listed in the Gemfile.
2+
ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../../Gemfile", __dir__)
3+
4+
require "bundler/setup" if File.exist?(ENV["BUNDLE_GEMFILE"])
5+
$LOAD_PATH.unshift File.expand_path("../../../lib", __dir__)

Diff for: test/dummy/config/cable.yml

+10
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
development:
2+
adapter: async
3+
4+
test:
5+
adapter: test
6+
7+
production:
8+
adapter: redis
9+
url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
10+
channel_prefix: dummy_production

Diff for: test/dummy/config/database.yml

+25
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,25 @@
1+
# SQLite. Versions 3.8.0 and up are supported.
2+
# gem install sqlite3
3+
#
4+
# Ensure the SQLite 3 gem is defined in your Gemfile
5+
# gem "sqlite3"
6+
#
7+
default: &default
8+
adapter: sqlite3
9+
pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
10+
timeout: 5000
11+
12+
development:
13+
<<: *default
14+
database: db/development.sqlite3
15+
16+
# Warning: The database defined as "test" will be erased and
17+
# re-generated from your development database when you run "rake".
18+
# Do not set this db to the same as development or production.
19+
test:
20+
<<: *default
21+
database: db/test.sqlite3
22+
23+
production:
24+
<<: *default
25+
database: db/production.sqlite3

Diff for: test/dummy/config/environment.rb

+5
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
# Load the Rails application.
2+
require_relative "application"
3+
4+
# Initialize the Rails application.
5+
Rails.application.initialize!

Diff for: test/dummy/config/environments/development.rb

+68
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,68 @@
1+
require "active_support/core_ext/integer/time"
2+
3+
Rails.application.configure do
4+
# Settings specified here will take precedence over those in config/application.rb.
5+
6+
# In the development environment your application's code is reloaded any time
7+
# it changes. This slows down response time but is perfect for development
8+
# since you don't have to restart the web server when you make code changes.
9+
config.cache_classes = false
10+
11+
# Do not eager load code on boot.
12+
config.eager_load = false
13+
14+
# Show full error reports.
15+
config.consider_all_requests_local = true
16+
17+
# Enable server timing
18+
config.server_timing = true
19+
20+
# Enable/disable caching. By default caching is disabled.
21+
# Run rails dev:cache to toggle caching.
22+
if Rails.root.join("tmp/caching-dev.txt").exist?
23+
config.action_controller.perform_caching = true
24+
config.action_controller.enable_fragment_cache_logging = true
25+
26+
config.cache_store = :memory_store
27+
config.public_file_server.headers = {
28+
"Cache-Control" => "public, max-age=#{2.days.to_i}"
29+
}
30+
else
31+
config.action_controller.perform_caching = false
32+
33+
config.cache_store = :null_store
34+
end
35+
36+
# Store uploaded files on the local file system (see config/storage.yml for options).
37+
config.active_storage.service = :local
38+
39+
# Don't care if the mailer can't send.
40+
config.action_mailer.raise_delivery_errors = false
41+
42+
config.action_mailer.perform_caching = false
43+
44+
# Print deprecation notices to the Rails logger.
45+
config.active_support.deprecation = :log
46+
47+
# Raise exceptions for disallowed deprecations.
48+
config.active_support.disallowed_deprecation = :raise
49+
50+
# Tell Active Support which deprecation messages to disallow.
51+
config.active_support.disallowed_deprecation_warnings = []
52+
53+
# Raise an error on page load if there are pending migrations.
54+
config.active_record.migration_error = :page_load
55+
56+
# Highlight code that triggered database queries in logs.
57+
config.active_record.verbose_query_logs = true
58+
59+
60+
# Raises error for missing translations.
61+
# config.i18n.raise_on_missing_translations = true
62+
63+
# Annotate rendered view with file names.
64+
# config.action_view.annotate_rendered_view_with_filenames = true
65+
66+
# Uncomment if you wish to allow Action Cable access from any origin.
67+
# config.action_cable.disable_request_forgery_protection = true
68+
end

0 commit comments

Comments
 (0)