Skip to content

Commit

Permalink
[webui] add a test that calls every route...
Browse files Browse the repository at this point in the history 
all routes listed in rake routes are called without parameters
to verify that they do not crash. This was a rather stupid idea,
but it turned out to catch tons of bugs worth fixing
  • Loading branch information
@coolo
coolo committed Nov 26, 2012
1 parent f492f5c commit f3a8985
Show file tree
Hide file tree
Showing 19 changed files with 336 additions and 122 deletions.
2 changes: 1 addition & 1 deletion src/webui/app/controllers/apidocs_controller.rb
View file
Expand Up @@ -15,7 +15,7 @@ def index
flash[:error] = "Unable to load API documentation source file: #{CONFIG['apidocs_location']}"
redirect_back_or_to :controller => 'main', :action => 'index'
else
render :file => filename
render :file => filename, format: :html
end
end

Expand Down
9 changes: 6 additions & 3 deletions src/webui/app/controllers/application_controller.rb
View file
Expand Up @@ -38,7 +38,6 @@ class ApplicationController < ActionController::Base
end
end

class MissingParameterError < Exception; end
class ValidationError < Exception
attr_reader :xml, :errors

Expand Down Expand Up @@ -177,7 +176,7 @@ def reset_activexml
def required_parameters(*parameters)
parameters.each do |parameter|
unless params.include? parameter.to_s
raise MissingParameterError, "Required Parameter #{parameter} missing"
raise ActionController::RoutingError.new "Required Parameter #{parameter} missing"
end
end
end
Expand Down Expand Up @@ -348,7 +347,7 @@ def require_configuration

# Before filter to check if current user is administrator
def require_admin
if @user and not @user.is_admin?
if !@user || !@user.is_admin?
flash[:error] = "Requires admin privileges"
redirect_back_or_to :controller => 'main', :action => 'index' and return
end
Expand Down Expand Up @@ -401,4 +400,8 @@ def mobile_request?
def check_mobile_views
#prepend_view_path(Rails.root.join('app', 'mobile_views')) if mobile_request?
end

def check_ajax
raise ActionController::RoutingError.new('Expected AJAX call') unless request.xhr?
end
end
2 changes: 2 additions & 0 deletions src/webui/app/controllers/attribute_controller.rb
View file
Expand Up @@ -46,6 +46,7 @@ def save
end

def delete
required_parameters :namespace, :name
result = @attributes.delete(params[:namespace], params[:name])
flash[result[:type]] = result[:msg]
Attribute.free_cache( @attribute_opts )
Expand All @@ -61,6 +62,7 @@ def delete
private

def requires
required_parameters :project
@project = find_cached(Project, params[:project], :expires_in => 5.minutes )
unless @project
flash[:error] = "Project not found: #{params[:project]}"
Expand Down
2 changes: 2 additions & 0 deletions src/webui/app/controllers/configuration_controller.rb
View file
@@ -1,5 +1,7 @@
class ConfigurationController < ApplicationController

include ApplicationHelper

before_filter :require_admin
before_filter :require_available_architectures, :only => [:index, :update_architectures]

Expand Down
3 changes: 2 additions & 1 deletion src/webui/app/controllers/home_controller.rb
View file
Expand Up @@ -10,7 +10,8 @@ def index
end

def icon
user = params[:id]
required_parameters :user
user = params[:user]
size = params[:size] || '20'
key = "home_face_#{user}_#{size}"
Rails.cache.delete(key) if discard_cache?
Expand Down
25 changes: 13 additions & 12 deletions src/webui/app/controllers/main_controller.rb
View file
@@ -1,5 +1,7 @@
class MainController < ApplicationController

before_filter :require_admin, only: [:delete_message]

def index
@news = find_cached(Statusmessage, :conditions => 'deleted_at IS NULL', :order => 'create_at DESC', :limit => 5, :expires_in => 15.minutes)
unless @spider_bot
Expand All @@ -19,7 +21,7 @@ def index

# This action does the heavy lifting for the index method and is only invoked by an AJAX request
def systemstatus
render :text => 'no ajax', :status => 400 and return unless request.xhr? # Only serve AJAX-requests
check_ajax
if @spider_bot
@workerstatus = Xmlhash::XMLHash.new
else
Expand Down Expand Up @@ -52,16 +54,14 @@ def systemstatus

def news
@news = find_cached(Statusmessage, :conditions => 'deleted_at IS NULL', :order => 'create_at DESC', :limit => 5, :expires_in => 15.minutes)
respond_to do |format|
format.rss { render :layout => false }
end
raise ActionController::RoutingError.new('expected application/rss') unless request.format == Mime::RSS
render layout: false
end

def latest_updates
raise ActionController::RoutingError.new('expected application/rss') unless request.format == Mime::RSS
@latest_updates = find_cached(LatestUpdated, :limit => 6, :expires_in => 5.minutes, :shared => true)
respond_to do |format|
format.rss { render :layout => false }
end
render layout: false
end

def sitemap
Expand All @@ -77,12 +77,12 @@ def require_projects

def sitemap_projects
require_projects
render :layout => false
render :layout => false, :content_type => "application/xml"
end

def sitemap_projects_subpage(action, changefreq, priority)
require_projects
render :template => "main/sitemap_projects_subpage", :layout => false, :locals => { :action => action, :changefreq => changefreq, :priority => priority }
render :template => "main/sitemap_projects_subpage", :layout => false, :locals => { :action => action, :changefreq => changefreq, :priority => priority }, :content_type => "application/xml"
end

def sitemap_projects_packages
Expand All @@ -107,10 +107,11 @@ def sitemap_packages
find_cached(Collection, :id, :what => 'package', :predicate => predicate).each_package do |p|
@packages << [p.value(:project), p.value(:name)]
end
render :template => 'main/sitemap_packages', :layout => false, :locals => {:action => params[:listaction]}
render :template => 'main/sitemap_packages', :layout => false, :locals => {:action => params[:listaction]}, :content_type => "application/xml"
end

def add_news_dialog
check_ajax
end

def add_news
Expand All @@ -130,14 +131,14 @@ def add_news
end

def delete_message_dialog
check_ajax
end

def delete_message
required_parameters :message_id
message = Statusmessage.find(:id => params[:message_id])
message.delete
redirect_to(:action => 'index')
rescue ActiveXML::Transport::ForbiddenError
flash[:error] = 'Only admin users may delete status messages'
end

def require_available_architectures
Expand Down
10 changes: 4 additions & 6 deletions src/webui/app/controllers/monitor_controller.rb
View file
Expand Up @@ -15,7 +15,7 @@ def old

def index
if request.post? && ! params[:project].nil? && valid_project_name?( params[:project] )
redirect_to :project => params[:project]
redirect_to project: params[:project]
else
begin
fetch_workerstatus
Expand Down Expand Up @@ -44,11 +44,8 @@ def index
end
end

def filtered_list
render :partial => 'building_table'
end

def update_building
check_ajax
workers = Hash.new
max_time = 4 * 3600
@workerstatus.elements("idle") do |b|
Expand Down Expand Up @@ -77,6 +74,7 @@ def update_building
end

def events
check_ajax
data = Hash.new
required_parameters :arch, :range

Expand Down Expand Up @@ -104,7 +102,7 @@ def events
render :json => data
end

private
private

def maximumvalue(arr)
arr.map { |time,value| value }.max || 0
Expand Down
51 changes: 24 additions & 27 deletions src/webui/app/controllers/package_controller.rb
View file
Expand Up @@ -771,48 +771,41 @@ def each
end
end

def rawsourcefile
path = "/source/#{params[:project]}/#{params[:package]}/#{params[:file]}"
path += "?rev=#{params[:srcmd5]}" unless params[:srcmd5].blank?

def try_volley(path)
# apache & mod_xforward case
if CONFIG['use_xforward'] and CONFIG['use_xforward'] != "false"
logger.debug "[backend] VOLLEY(mod_xforward): #{path}"
headers['X-Forward'] = "#{CONFIG['frontend_protocol']}://#{CONFIG['frontend_host']}:#{CONFIG['frontend_port']}#{path}"
head(200)
return
return true
end

# lighttpd 1.5 case
if CONFIG['use_lighttpd_x_rewrite']
headers['X-Rewrite-URI'] = path
headers['X-Rewrite-Host'] = CONFIG['frontend_host']
head(200) and return
head(200)
return true
end

headers['Content-Type'] = 'text/plain'
self.response_body = frontend.transport.direct_http URI(path), :timeout => 500
headers['Content-Type'] = 'text/plain'
return false
end

def rawlog
path = "/build/#{params[:project]}/#{params[:repository]}/#{params[:arch]}/#{params[:package]}/_log"
def rawsourcefile
required_parameters :project, :file, :package
path = "/source/#{params[:project]}/#{params[:package]}/#{params[:file]}"
path += "?rev=#{params[:srcmd5]}" unless params[:srcmd5].blank?

# apache & mod_xforward case
if CONFIG['use_xforward'] and CONFIG['use_xforward'] != "false"
logger.debug "[backend] VOLLEY(mod_xforward): #{path}"
headers['X-Forward'] = "#{CONFIG['frontend_protocol']}://#{CONFIG['frontend_host']}:#{CONFIG['frontend_port']}#{path}"
head(200)
return
end
return if try_volley(path)
self.response_body = frontend.transport.direct_http URI(path), timeout: 500
end

# lighttpd 1.5 case
if CONFIG['use_lighttpd_x_rewrite']
headers['X-Rewrite-URI'] = path
headers['X-Rewrite-Host'] = CONFIG['frontend_host']
head(200) and return
end
def rawlog
required_parameters :project, :repository, :arch, :package
path = "/build/#{params[:project]}/#{params[:repository]}/#{params[:arch]}/#{params[:package]}/_log"

headers['Content-Type'] = 'text/plain'
return if try_volley(path)
self.response_body = RawOutPutStreamer.new(frontend, params[:project], params[:package], params[:repository], params[:arch])
end

Expand Down Expand Up @@ -879,7 +872,9 @@ def wipe_binaries
end

def devel_project
tgt_pkg = find_cached(Package, params[:package], :project => params[:project])
check_ajax
required_parameters :package, :project
tgt_pkg = find_cached(Package, params[:package], project: params[:project])
if tgt_pkg and tgt_pkg.has_element?(:devel)
render :text => tgt_pkg.devel.project
else
Expand Down Expand Up @@ -944,7 +939,7 @@ def import_spec
end

def buildresult
render :text => 'no ajax', :status => 400 and return if not request.xhr?
check_ajax
# discard cache
Buildresult.free_cache( :project => @project, :package => @package, :view => 'status' )
@buildresult = find_hashed(Buildresult, :project => @project, :package => @package, :view => 'status', :expires_in => 5.minutes )
Expand All @@ -953,7 +948,7 @@ def buildresult
end

def rpmlint_result
render :text => 'no ajax', :status => 400 and return unless request.xhr?
check_ajax
@repo_list, @repo_arch_hash = [], {}
@buildresult = find_hashed(Buildresult, :project => @project, :package => @package, :view => 'status', :expires_in => 5.minutes )
repos = [] # Temp var
Expand Down Expand Up @@ -1068,6 +1063,7 @@ def file_available? url, max_redirects=5
end

def require_project
required_parameters :project
if !valid_project_name? params[:project]
unless request.xhr?
flash[:error] = "#{params[:project]} is not a valid project name"
Expand All @@ -1088,6 +1084,7 @@ def require_project
end

def require_package
required_parameters :package
params[:rev], params[:package] = params[:pkgrev].split('-', 2) if params[:pkgrev]
unless valid_package_name_read? params[:package]
logger.error "Package #{@project}/#{params[:package]} not valid"
Expand Down
3 changes: 2 additions & 1 deletion src/webui/app/controllers/patchinfo_controller.rb
View file
Expand Up @@ -248,9 +248,9 @@ def remove
end

def delete_dialog
check_ajax
end


def valid_summary? name
name != nil and name =~ /^.{10,}$/m
end
Expand Down Expand Up @@ -345,6 +345,7 @@ def get_binaries
end

def require_all
required_parameters :project
@project = Project.find( params[:project] )
unless @project
flash[:error] = "Project not found: #{params[:project]}"
Expand Down
26 changes: 0 additions & 26 deletions src/webui/app/controllers/privacy_controller.rb
View file

This file was deleted.

0 comments on commit f3a8985

Please sign in to comment.