Commits on Feb 2, 2009
  1. Fix display of theme homepage links

    Many thanks to Gustavo Sales (aka vatsu) for pointing out this bug and
    proposing a fix:
    In order to minimize code duplication in the *.erb files, I've rewritten
    this code as a helper method.
    emk committed Feb 2, 2009
  2. Require test gems in development environment, not test

    After experimenting a bit, this looks like a simpler approach.  It
    allows developers to run:
      rake gems:install
    ...and it allows users to run:
      export RAILS_ENV=production
      rake gems:install
    Thank you to mat for his work on this!
    emk committed Feb 2, 2009
Commits on Jan 30, 2009
  1. missing tainted string in cache listing

    Sean O'Brien committed Jan 30, 2009
Commits on Jan 19, 2009
  1. Fixed typo.

    mat committed Jan 19, 2009
Commits on Jan 13, 2009
  1. Added some brackets

    james2m committed with emk Dec 20, 2008
  2. escaped link in _page.html.erb

    Signed-off-by: James McCarthy <>
    james2m committed with emk Jan 12, 2009
Commits on Jan 9, 2009
  1. Changed user login to send user to admin section on succesful login i…

    …nstead of the blog homepage since users have the ability to post to the blog
    Chris Cummer committed with emk Jan 4, 2009
Commits on Dec 31, 2008
  1. Fixes 'attempted to output tainted string' error when rendering email…

    … address for mailto
    Chris Cummer committed with emk Dec 30, 2008
Commits on Dec 27, 2008
  1. Allow newer versions of these gems

    There's no reason to lock these to specific versions.
    emk committed Dec 27, 2008
  2. Add version numbers to config.gem statements

    Let's just go ahead and require the minimum version of each gem that we
    actually know works.  We also split out the test-specific gems into
    their own section.
    emk committed Dec 27, 2008
  3. Upgrade to interim release of Webrat from github

    This should let us experiment with Webrat::Selenium support.
    emk committed Dec 27, 2008
  4. Add integration test for "reset password"

    Note that we actually extract the activation URL from the e-mail and
    pass it directly to 'visit'.
    emk committed Dec 27, 2008
  5. Write login integration tests using Webrat

    Why do we need integration tests? We've been suffering a lot of
    regressions in the Mephisto UI, because our functional tests don't reach
    high enough up towards the browser, and whole classes of bugs manage to
    slip through.
    What is Webrat? Webrat is a "browser simulator" written in Ruby.  It
    generates a DOM and allows us to fill in forms as though an actual user
    were interacting with the site.
    Why Webrat, and not Selenium, Watir, etc?  Webrat is recommended by the
    Cucumber project as the default way to write user stories; it's very
    fast; and it has a reasonable API.  Plus, Webrat actively maintained,
    and very recent versions of Webrat can be used as a front-end to
    Why Rails integration tests, and not Cucumber stories?  Since the people
    contributing to Mephisto will largely be programmers, I decided to write
    integration tests using a Ruby-based DSL.  Cucumber stories look really
    interesting, but with no actual clients in the loop, the text-based format
    is slightly less useful and has a steeper learning curve for programmers.
    Since we're switching to a new integration testing tool, I moved a bunch of
    code out of test_helper.rb and put it into our only existing integration
    test, caching_test.rb.  I also switched blueprints.rb to set up user
    passwords using 'password' and 'password_confirm' (instead of crypted and
    salted values) to make it easier for tests to override
    emk committed Dec 27, 2008
Commits on Dec 26, 2008
  1. Remove RSpec StoryRunner files

    RSpec's StoryRunner has apparently been deprecated by the RSpec project
    in favor of Cucumber.  And we're not using it anyway.
    emk committed Dec 26, 2008
  2. JavaScript: Fix authenticity_token problems

    One of these should be a GET; the other needed a token.
    emk committed Dec 26, 2008
  3. JavaScript: Fix asset search

    We desperately need some kind of unit testing framework for our
    JavaScript code, preferably with full support for integration testing
    against our application.
    I removed a 'page' parameter here that didn't seem to be doing anything.
    emk committed Dec 26, 2008
Commits on Dec 25, 2008
  1. Begin updating to latest Prototype

    Our version of Prototype is really old, and no longer compatible with
    current versions of RJS.  This breaks quite a bit of our admin interace
    in subtle ways.
    The patch upgrades our bundled version of Prototype to the version
    included with Rails 2.2.2.  We also remove some obsolete bits of
    application.js and make a few minor fixes so that it loads without
    I've only tested the JavaScript support on the articles page and the
    assets page.  Quite a bit of formerly broken stuff now seems to work,
    including updates to the list of attached files and updates to the
    contents of the bucket.  But there's still more to test and fix.
    emk committed Dec 25, 2008
Commits on Dec 24, 2008
  1. Added some notes about fixing JavaScript

    Our copy of Prototype is so old that it won't work correctly with the
    code generated by *.rjs.  But some of the stuff in application.js is
    incompatible with newer versions of Prototype.
    Fixing this is going to require testing all the JavaScript-enabled
    controllers by hand.
    emk committed Dec 24, 2008
  2. Modernize rjs: admin/articles

    I'm going to try to rename all the *.rjs files to *.js.rjs.  This is
    trickier than the other renamings, because our unit test coverage isn't
    perfect, and I'm trying to test everything by hand when possible.  So
    I'm going to do this one directory at a time.
    Other changes:
      - The live_preview and _preview stuff wasn't being used.
      - We didn't have a test case for the 'label' action.
    emk committed Dec 24, 2008
  3. Rename *.rxml files to *.xml.builder

    This also requires adding respond_to blocks to some of our actions.
    emk committed Dec 24, 2008
  4. Rename *.rhtml files to *.html.erb

    Let's go for the new-school approach here.
    emk committed Dec 24, 2008
Commits on Dec 23, 2008
  1. Change default user article filter to Textile

    A poll on #mephisto got several votes for Textile as the default, and no
    votes for Markdown.  Done.
    emk committed Dec 23, 2008
  2. Change default comment filter to Textile

    "Plain HTML" is not a very reasonable comment format for end-users, who
    probably want simple paragraph breaks to do the right thing.  So I'm
    defaulting this to Textile for new sites.
    I also considered defaulting comments to Markdown, but I didn't like the
    way that Markdown handled underscores_in_identifiers or * versus _.  For
    very simple stuff, Textile seems very slightly more intuitive than
    Markdown, though neither is perfect.
    emk committed Dec 23, 2008
Commits on Dec 22, 2008
  1. Fix theme controller bugs

    J.C. Zhu reported an InvalidAuthenticityToken error when trying to
    change themes.  This was one of several bugs in the theme switching
    code left over from the Rails 2.2 porting process and the security
    We needed to convince Ajax.Request to use a GET request when displaying
    the theme tools, and we needed to properly escape some text in the
    _tools template.
    I've also added a test case to make sure we actually render the _tools
    view successfully.
    emk committed Dec 22, 2008
  2. Unbundle tzinfo gem

    Sadly, unpacking tzinfo into vendor gems breaks Rails' time zone
    support and gives the following error when trying to access
      uninitialized constant TZInfo::Timezone::TimezoneProxy
    So we're going to instruct the user to install this gem using 'sudo
    rake gems:install' for now.
    emk committed Dec 22, 2008
Commits on Dec 20, 2008
  1. Update to emk-safe_erb 0.1.2

    This fixes script/generate and the standard Rails error page.
    emk committed Dec 20, 2008
  2. Test for safe_erb in ActionView::Template, not in ERB

    We've been installing safe_erb in all ERB templates, which breaks
    script/generate and lots of other important stuff.  But before we can
    fix this bug in our custom-hacked safe_erb, we need to narrow our
    Mephisto unit tests down so that they only test ActionView::Template.
    A safe_erb update will be along shortly.
    emk committed Dec 20, 2008