11require 'cases/sqlserver_helper'
2- # require File.dirname(__FILE__) + '/../../lib/shoulda'
32
4- def uses_shoulda ( &blk )
5- begin
6- require 'rubygems'
7- require 'shoulda'
8- yield
9- rescue Gem ::LoadError
10- $stderr. puts "Sorry, you need to install shoulda to run these tests: `gem install shoulda`"
3+ class WhenSelectingWithLimitOffsetAndLimitTest < ActiveRecord ::TestCase
4+ def setup
5+ @connection = ActiveRecord ::Base . connection
6+ @select_sql = 'SELECT * FROM schema'
117 end
12- end
13-
14- uses_shoulda do
15- class OffsetAndLimitTest < ActiveRecord ::TestCase
16- def setup
17- @connection = ActiveRecord ::Base . connection
18- end
19-
20- context "selecting with limit" do
21- setup do
22- @select_sql = 'SELECT * FROM schema'
23- end
24-
25- should "alter SQL to limit number of records returned" do
26- options = { :limit => 10 }
27- assert_equal ( 'SELECT TOP 10 * FROM schema' , @connection . add_limit_offset! ( @select_sql , options ) )
28- end
298
30- should "only allow integers for limit" do
31- options = { :limit => 'ten' }
32- assert_raise ( ArgumentError ) { @connection . add_limit_offset! ( @select_sql , options ) }
33- end
9+ def test_should_alter_SQL_to_limit_number_of_records_returned
10+ options = { :limit => 10 }
11+ assert_equal ( 'SELECT TOP 10 * FROM schema' , @connection . add_limit_offset! ( @select_sql , options ) )
12+ end
3413
35- should "convert strings which look like integers to integers" do
36- options = { :limit => '42 ' }
37- assert_nothing_raised ( ArgumentError ) { @connection . add_limit_offset! ( @select_sql , options ) }
38- end
14+ def test_should_only_allow_integers_for_limit
15+ options = { :limit => 'ten ' }
16+ assert_raise ( ArgumentError ) { @connection . add_limit_offset! ( @select_sql , options ) }
17+ end
3918
40- should "not allow sql injection via limit" do
41- options = { :limit => '1 * FROM schema; DELETE * FROM table; SELECT TOP 10 *' }
42- assert_raise ( ArgumentError ) { @connection . add_limit_offset! ( @select_sql , options ) }
43- end
44- end
19+ def test_should_convert_strings_which_look_like_integers_to_integers
20+ options = { :limit => '42' }
21+ assert_nothing_raised ( ArgumentError ) { @connection . add_limit_offset! ( @select_sql , options ) }
22+ end
4523
46- context "selecting with limit and offset" do
47- setup do
48- # we have to use a real table as we need the counts
49- @select_sql = 'SELECT * FROM accounts'
50- class Account < ActiveRecord :: Base ; end
24+ def test_should_not_allow_sql_injection_via_limit
25+ options = { :limit => '1 * FROM schema; DELETE * FROM table; SELECT TOP 10 *' }
26+ assert_raise ( ArgumentError ) { @connection . add_limit_offset! ( @select_sql , options ) }
27+ end
28+ end
5129
52- # create 10 Accounts
53- ( 1 ..10 ) . each { |i | Account . create! }
54- end
30+ class WhenSelectingWithLimitAndOffsetOffsetAndLimitTest < ActiveRecord ::TestCase
31+ def setup
32+ @connection = ActiveRecord ::Base . connection
33+ # we have to use a real table as we need the counts
34+ @select_sql = 'SELECT * FROM accounts'
35+ class Account < ActiveRecord ::Base ; end
5536
56- should "have limit if offset is passed" do
57- options = { :offset => 1 }
58- assert_raise ( ArgumentError ) { @connection . add_limit_offset! ( @select_sql , options ) }
59- end
37+ # create 10 Accounts
38+ ( 1 ..10 ) . each { |i | Account . create! }
39+ end
6040
61- should "only allow integers for offset" do
62- options = { :limit => 10 , : offset=> 'five' }
63- assert_raise ( ArgumentError ) { @connection . add_limit_offset! ( @select_sql , options ) }
64- end
41+ def test_should_have_limit_if_offset_is_passed
42+ options = { :offset => 1 }
43+ assert_raise ( ArgumentError ) { @connection . add_limit_offset! ( @select_sql , options ) }
44+ end
6545
66- should "convert strings which look like integers to integers" do
67- options = { :limit => 10 , :offset => '5 ' }
68- assert_nothing_raised ( ArgumentError ) { @connection . add_limit_offset! ( @select_sql , options ) }
69- end
46+ def test_should_only_allow_integers_for_offset
47+ options = { :limit => 10 , :offset => 'five ' }
48+ assert_raise ( ArgumentError ) { @connection . add_limit_offset! ( @select_sql , options ) }
49+ end
7050
71- should "alter SQL to limit number of records returned offset by specified amount" do
72- options = { :limit => 3 , :offset => 5 }
73- expected_sql = %&SELECT * FROM (SELECT TOP 3 * FROM (SELECT TOP 8 * FROM accounts) AS tmp1) AS tmp2&
74- assert_equal ( expected_sql , @connection . add_limit_offset! ( @select_sql , options ) )
75- end
51+ def test_should_convert_strings_which_look_like_integers_to_integers
52+ options = { :limit => 10 , :offset => '5' }
53+ assert_nothing_raised ( ArgumentError ) { @connection . add_limit_offset! ( @select_sql , options ) }
54+ end
7655
77- # Not really sure what an offset sql injection might look like
78- should "not allow sql injection via offset" do
79- options = { :limit => 10 , :offset => '1 * FROM schema; DELETE * FROM table; SELECT TOP 10 *' }
80- assert_raise ( ArgumentError ) { @connection . add_limit_offset! ( @select_sql , options ) }
81- end
82- end
56+ def test_should_alter_SQL_to_limit_number_of_records_returned_offset_by_specified_amount
57+ options = { :limit => 3 , :offset => 5 }
58+ expected_sql = %&SELECT * FROM (SELECT TOP 3 * FROM (SELECT TOP 8 * FROM accounts) AS tmp1) AS tmp2&
59+ assert_equal ( expected_sql , @connection . add_limit_offset! ( @select_sql , options ) )
60+ end
8361
62+ # Not really sure what an offset sql injection might look like
63+ def test_should_not_allow_sql_injection_via_offset
64+ options = { :limit => 10 , :offset => '1 * FROM schema; DELETE * FROM table; SELECT TOP 10 *' }
65+ assert_raise ( ArgumentError ) { @connection . add_limit_offset! ( @select_sql , options ) }
8466 end
85- end
67+ end
0 commit comments