Permalink
Browse files

Fixed reset_session for ActiveRecord session store [#2108 state:resol…

…ved]
  • Loading branch information...
1 parent 4d4d2c3 commit 9b1b88f09cf1498f04e1cd469d0d5ffccf2b93cc @josh josh committed Mar 3, 2009
@@ -21,6 +21,11 @@ def get_session_value
render :text => "foo: #{session[:foo].inspect}"
end
+ def call_reset_session
+ reset_session
+ head :ok
+ end
+
def rescue_action(e) raise end
end
@@ -61,6 +66,22 @@ def test_getting_nil_session_value
end
end
+ def test_setting_session_value_after_session_reset
+ with_test_route_set do
+ get '/set_session_value'
+ assert_response :success
+ assert cookies['_session_id']
+
+ get '/call_reset_session'
+ assert_response :success
+ assert_not_equal [], headers['Set-Cookie']
+
+ get '/get_session_value'
+ assert_response :success
+ assert_equal 'foo: nil', response.body
+ end
+ end
+
def test_prevents_session_fixation
with_test_route_set do
get '/set_session_value'
@@ -287,16 +287,15 @@ def destroy
def get_session(env, sid)
Base.silence do
sid ||= generate_sid
- session = @@session_class.find_by_session_id(sid)
- session ||= @@session_class.new(:session_id => sid, :data => {})
+ session = find_session(sid)
env[SESSION_RECORD_KEY] = session
[sid, session.data]
end
end
def set_session(env, sid, session_data)
Base.silence do
- record = env[SESSION_RECORD_KEY]
+ record = env[SESSION_RECORD_KEY] ||= find_session(sid)
record.data = session_data
return false unless record.save
@@ -310,5 +309,10 @@ def set_session(env, sid, session_data)
return true
end
+
+ def find_session(id)
+ @@session_class.find_by_session_id(id) ||
+ @@session_class.new(:session_id => id, :data => {})
+ end
end
end

0 comments on commit 9b1b88f

Please sign in to comment.