Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

Disallow gem names with CAPS for users AND TESTS #451

Closed
wants to merge 1 commit into from

5 participants

@daveott

Fixes #421. Adds uppercase letters to list of invalid characters on rubygem creation.

@travisbot

This pull request passes (merged f0e664f into 29fabb2).

@cmeiklejohn
Collaborator

Ah, unless I'm missing something here it looks like that name validator is run on all saves, not just creates so this would cause gems with capitals already in the system to be invalid suddenly. Also, what is the motivation behind this change?

@cmeiklejohn
Collaborator

Ah, derp. I just noticed the original issue. I think this still needs to be patched to not cause existing gems to be invalid, and a test case which verifies that case would be great. Thanks for the pull!

@coffeencoke

working on this.

@coffeencoke

Added #481 - looks like the implementation was already there, just needed to add a unit test.

@evanphx
Owner

I'm going to go ahead and say no to this (8 months in, I know). We need to case preserve but be case insensitive in checks.

@evanphx evanphx closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Aug 22, 2012
  1. Gem names cannot contain capital letters

    Gabriel Horner and Dave Ott authored daveott committed
This page is out of date. Refresh to see the latest.
View
2  app/models/rubygem.rb
@@ -246,7 +246,7 @@ def ensure_name_format
errors.add :name, "must be a String"
elsif name =~ /\A[\d]+\Z/
errors.add :name, "must include at least one letter"
- elsif name !~ NAME_PATTERN
+ elsif name !~ (new_record? ? CREATE_NAME_PATTERN : NAME_PATTERN)
errors.add :name, "can only include letters, numbers, dashes, and underscores"
end
end
View
6 features/dashboard.feature
@@ -38,10 +38,10 @@ Feature: Dashboard
Scenario: Yanked gem is hidden from listing
Given the following versions exist:
| rubygem | number | indexed |
- | name: RGem | 1.2.2 | true |
- | name: RGem | 1.2.3 | false |
+ | name: rgem | 1.2.2 | true |
+ | name: rgem | 1.2.3 | false |
When I go to the dashboard
- And I follow "RGem"
+ And I follow "rgem"
Then I should not see "yanked"
And I should see "1.2.2"
And I should see "Show all versions (2 total)"
View
16 features/gems_api.feature
@@ -9,14 +9,14 @@ Feature: List gems API
| user@example.com | myhandle |
And the following version exists:
| rubygem | number |
- | name: AGem | 1.0.0 |
+ | name: agem | 1.0.0 |
And the following ownership exists:
| rubygem | user |
- | name: AGem | email: user@example.com |
- | name: BGem | |
+ | name: agem | email: user@example.com |
+ | name: bgem | |
When I list the gems for owner "myhandle"
- Then I should see "AGem"
- And I should not see "BGem"
+ Then I should see "agem"
+ And I should not see "bgem"
Scenario: Anonymous user lists gems for unknown user
When I list the gems for owner "nobody"
@@ -27,9 +27,9 @@ Feature: List gems API
And I have an API key for "original@owner.org/password"
And the following version exists:
| rubygem | number |
- | name: MyGem | 1.0.0 |
+ | name: mygem | 1.0.0 |
And the following ownership exists:
| rubygem | user |
- | name: MyGem | email: original@owner.org |
+ | name: mygem | email: original@owner.org |
When I list the gems with my API key
- Then I should see "MyGem"
+ Then I should see "mygem"
View
30 features/owner.feature
@@ -10,15 +10,15 @@ Feature: Manage owners
| new@owner.org |
And the following rubygem exists:
| name |
- | OGem |
+ | ogem |
And the following ownership exists:
| user | rubygem |
- | email: original@owner.org | name: OGem |
+ | email: original@owner.org | name: ogem |
Scenario Outline: Gem owner user lists gem owners
Given I sign in as "original@owner.org"
And I have an API key for "original@owner.org/password"
- When I list the owners of gem "OGem" as "<format>" with my API key
+ When I list the owners of gem "ogem" as "<format>" with my API key
Then I should see "original@owner.org"
And I should not see "new@owner.org"
@@ -30,15 +30,15 @@ Feature: Manage owners
Scenario: Gem owner adds another owner
Given I sign in as "original@owner.org"
And I have an API key for "original@owner.org/password"
- When I add the owner "new@owner.org" to the rubygem "OGem" with my API key
- And I list the owners of gem "OGem" with my API key
+ When I add the owner "new@owner.org" to the rubygem "ogem" with my API key
+ And I list the owners of gem "ogem" with my API key
Then I should see "original@owner.org"
And I should see "new@owner.org"
Scenario: Gem owner attempts to add another owner that does not exist
Given I sign in as "original@owner.org"
And I have an API key for "original@owner.org/password"
- When I add the owner "other@owner.org" to the rubygem "OGem" with my API key
+ When I add the owner "other@owner.org" to the rubygem "ogem" with my API key
Then the response should contain "Owner could not be found."
Scenario: Gem owner removes an owner
@@ -46,16 +46,16 @@ Feature: Manage owners
And I have an API key for "original@owner.org/password"
And the following ownership exists:
| user | rubygem |
- | email: new@owner.org | name: OGem |
- When I remove the owner "new@owner.org" from the rubygem "OGem" with my API key
- And I list the owners of gem "OGem" with my API key
+ | email: new@owner.org | name: ogem |
+ When I remove the owner "new@owner.org" from the rubygem "ogem" with my API key
+ And I list the owners of gem "ogem" with my API key
Then I should see "original@owner.org"
And I should not see "new@owner.org"
Scenario: Gem owner attempts to remove ownership from a user that is not an owner
Given I sign in as "original@owner.org"
And I have an API key for "original@owner.org/password"
- When I remove the owner "new@owner.org" from the rubygem "OGem" with my API key
+ When I remove the owner "new@owner.org" from the rubygem "ogem" with my API key
Then the response should contain "Owner could not be found."
Scenario: Gem owner removes himself when he is not the last owner
@@ -63,14 +63,14 @@ Feature: Manage owners
And I have an API key for "original@owner.org/password"
And the following ownership exists:
| user | rubygem |
- | email: new@owner.org | name: OGem |
- When I remove the owner "original@owner.org" from the rubygem "OGem" with my API key
+ | email: new@owner.org | name: ogem |
+ When I remove the owner "original@owner.org" from the rubygem "ogem" with my API key
Then the response should contain "Owner removed successfully."
Scenario: Gem owner removes himself when he is the last owner
Given I sign in as "original@owner.org"
And I have an API key for "original@owner.org/password"
- When I remove the owner "original@owner.org" from the rubygem "OGem" with my API key
+ When I remove the owner "original@owner.org" from the rubygem "ogem" with my API key
Then the response should contain "Unable to remove owner."
Scenario Outline: Attempt to manage a gem without the right permission
@@ -81,5 +81,5 @@ Feature: Manage owners
Examples:
| action |
- | add the owner "new@owner.org" to the rubygem "OGem" |
- | remove the owner "original@owner.org" from the rubygem "OGem" |
+ | add the owner "new@owner.org" to the rubygem "ogem" |
+ | remove the owner "original@owner.org" from the rubygem "ogem" |
View
36 features/push.feature
@@ -5,41 +5,41 @@ Feature: Push Gems
Scenario: User pushes new gem
Given I am signed up as "email@person.com"
- And I have a gem "RGem" with version "1.2.3"
+ And I have a gem "rgem" with version "1.2.3"
And I have an API key for "email@person.com/password"
- When I push the gem "RGem-1.2.3.gem" with my API key
- And I visit the gem page for "RGem"
- Then I should see "RGem"
+ When I push the gem "rgem-1.2.3.gem" with my API key
+ And I visit the gem page for "rgem"
+ Then I should see "rgem"
And I should see "1.2.3"
Scenario: User pushes existing version of existing gem
Given I am signed up as "email@person.com"
- And I have a gem "PGem" with version "1.0.0" and summary "First try"
+ And I have a gem "pgem" with version "1.0.0" and summary "First try"
And I have an API key for "email@person.com/password"
- When I push the gem "PGem-1.0.0.gem" with my API key
- And I visit the gem page for "PGem"
- Then I should see "PGem"
+ When I push the gem "pgem-1.0.0.gem" with my API key
+ And I visit the gem page for "pgem"
+ Then I should see "pgem"
And I should see "1.0.0"
And I should see "First try"
- When I have a gem "PGem" with version "1.0.0" and summary "Second try"
- And I push the gem "PGem-1.0.0.gem" with my API key
+ When I have a gem "pgem" with version "1.0.0" and summary "Second try"
+ And I push the gem "pgem-1.0.0.gem" with my API key
Then the response should contain "Repushing of gem versions is not allowed."
And the response should contain "Please use `gem yank` to remove bad gem releases."
- And I visit the gem page for "PGem"
- And I should see "PGem"
+ And I visit the gem page for "pgem"
+ And I should see "pgem"
And I should see "1.0.0"
And I should see "First try"
Scenario: User pushes new version of existing gem
Given I am signed up as "email@person.com"
And I have an API key for "email@person.com/password"
- And I have a gem "BGem" with version "2.0.0"
- And I push the gem "BGem-2.0.0.gem" with my API key
- And I have a gem "BGem" with version "3.0.0"
- When I push the gem "BGem-3.0.0.gem" with my API key
- And I visit the gem page for "BGem"
- Then I should see "BGem"
+ And I have a gem "bgem" with version "2.0.0"
+ And I push the gem "bgem-2.0.0.gem" with my API key
+ And I have a gem "bgem" with version "3.0.0"
+ When I push the gem "bgem-3.0.0.gem" with my API key
+ And I visit the gem page for "bgem"
+ Then I should see "bgem"
And I should see "2.0.0"
And I should see "3.0.0"
View
20 features/search.feature
@@ -6,7 +6,7 @@ Feature: Search
Scenario Outline: Search
Given the following versions exist:
| rubygem | description |
- | name: LDAP | mail stuff |
+ | name: ldap | mail stuff |
| name: twitter | social junk |
| name: beer_laser | amazing beer |
When I go to the homepage
@@ -20,7 +20,7 @@ Feature: Search
| beer | beer_laser |
| ldap | mail stuff |
| beer laser | amazing beer |
- | LDAP | Exact match |
+ | ldap | Exact match |
Scenario: Exact match not found
Given the following version exists:
@@ -35,19 +35,19 @@ Feature: Search
Scenario: The only pushed version of a gem is yanked
Given the following version exists:
| rubygem | number | indexed |
- | name: RGem | 1.0.0 | false |
+ | name: rgem | 1.0.0 | false |
When I go to the homepage
- And I fill in "query" with "RGem"
+ And I fill in "query" with "rgem"
And I press "Search"
- Then I should not see "RGem (1.0.0)"
+ Then I should not see "rgem (1.0.0)"
Scenario: The most recent version of a gem is yanked
Given the following versions exist:
| rubygem | number | indexed |
- | name: RGem | 1.2.1 | true |
- | name: RGem | 1.2.2 | false |
+ | name: rgem | 1.2.1 | true |
+ | name: rgem | 1.2.2 | false |
When I go to the homepage
- And I fill in "query" with "RGem"
+ And I fill in "query" with "rgem"
And I press "Search"
- And I should see "RGem (1.2.1)"
- And I should not see "RGem (1.2.2)"
+ And I should see "rgem (1.2.1)"
+ And I should not see "rgem (1.2.2)"
View
58 features/yank.feature
@@ -8,17 +8,17 @@ Feature: Delete Gems
And I have an API key for "email@person.com/password"
And the following ownership exists:
| rubygem | user |
- | name: RGem | email: email@person.com |
+ | name: rgem | email: email@person.com |
And the following versions exist:
| rubygem | number |
- | name: RGem | 1.2.2 |
- | name: RGem | 1.2.3 |
- When I yank the gem "RGem" version "1.2.3" with my API key
+ | name: rgem | 1.2.2 |
+ | name: rgem | 1.2.3 |
+ When I yank the gem "rgem" version "1.2.3" with my API key
And I go to the dashboard
- Then I should see "RGem"
- And I visit the gem page for "RGem" version "1.2.3"
+ Then I should see "rgem"
+ And I visit the gem page for "rgem" version "1.2.3"
Then I should see "This gem has been yanked"
- And I visit the gem page for "RGem"
+ And I visit the gem page for "rgem"
Then I should see the version "1.2.2" featured
Scenario: User yanks the last version of a gem and a new gem is pushed on that namespace
@@ -26,23 +26,23 @@ Feature: Delete Gems
And I have an API key for "email@person.com/password"
And the following ownership exists:
| rubygem | user |
- | name: RGem | email: email@person.com |
+ | name: rgem | email: email@person.com |
And the following versions exist:
| rubygem | number |
- | name: RGem | 1.2.3 |
- When I yank the gem "RGem" version "1.2.3" with my API key
+ | name: rgem | 1.2.3 |
+ When I yank the gem "rgem" version "1.2.3" with my API key
And I go to the dashboard
- And I go to the "RGem" rubygem page
+ And I go to the "rgem" rubygem page
Then I should see "This gem has been yanked"
Given I am signed up as "new@owner.com"
- And I have a gem "RGem" with version "0.1.0"
+ And I have a gem "rgem" with version "0.1.0"
And I have an API key for "new@owner.com/password"
- When I push the gem "RGem-0.1.0.gem" with my API key
- And I visit the gem page for "RGem"
- Then I should see "RGem"
+ When I push the gem "rgem-0.1.0.gem" with my API key
+ And I visit the gem page for "rgem"
+ Then I should see "rgem"
And I should see "0.1.0"
- When I list the owners of gem "RGem" with my API key
+ When I list the owners of gem "rgem" with my API key
Then I should see "new@owner.com"
And I should not see "old@owner.com"
@@ -51,11 +51,11 @@ Feature: Delete Gems
And I have an API key for "non@owner.org/password"
And the following version exists:
| rubygem | number | indexed |
- | name: RGem | 1.2.3 | true |
+ | name: rgem | 1.2.3 | true |
And the following ownership exists:
| rubygem | user |
- | name: RGem | email: the@owner.org |
- When I attempt to yank the gem "RGem" version "1.2.3" with my API key
+ | name: rgem | email: the@owner.org |
+ When I attempt to yank the gem "rgem" version "1.2.3" with my API key
Then I should see "You do not have permission to yank this gem."
Scenario: User attempts to yank a nonexistent version of a gem
@@ -63,11 +63,11 @@ Feature: Delete Gems
And I have an API key for "the@owner.com/password"
And the following ownership exists:
| rubygem | user |
- | name: RGem | email: the@owner.com |
+ | name: rgem | email: the@owner.com |
And the following versions exist:
| rubygem | number |
- | name: RGem | 1.2.3 |
- When I attempt to yank the gem "RGem" version "1.2.4" with my API key
+ | name: rgem | 1.2.3 |
+ When I attempt to yank the gem "rgem" version "1.2.4" with my API key
Then I should see "The version 1.2.4 does not exist."
Scenario: User attempts to yank a gem that has already been yanked
@@ -75,11 +75,11 @@ Feature: Delete Gems
And I have an API key for "the@owner.com/password"
And the following ownership exists:
| rubygem | user |
- | name: RGem | email: the@owner.com |
+ | name: rgem | email: the@owner.com |
And the following versions exist:
| rubygem | number | indexed |
- | name: RGem | 1.2.3 | false |
- When I attempt to yank the gem "RGem" version "1.2.3" with my API key
+ | name: rgem | 1.2.3 | false |
+ When I attempt to yank the gem "rgem" version "1.2.3" with my API key
Then I should see "The version 1.2.3 has already been yanked"
Scenario: User unyanks a gem
@@ -87,11 +87,11 @@ Feature: Delete Gems
And I have an API key for "the@owner.com/password"
And the following ownership exists:
| rubygem | user |
- | name: RGem | email: the@owner.com |
+ | name: rgem | email: the@owner.com |
And the following versions exist:
| rubygem | number | indexed |
- | name: RGem | 1.2.3 | false |
- When I unyank the gem "RGem" version "1.2.3" with my API key
+ | name: rgem | 1.2.3 | false |
+ When I unyank the gem "rgem" version "1.2.3" with my API key
And I go to the dashboard
- And I follow "RGem"
+ And I follow "rgem"
Then I should not see "This gem has been yanked."
View
11 lib/patterns.rb
@@ -1,9 +1,10 @@
module Patterns
extend ActiveSupport::Concern
- SPECIAL_CHARACTERS = ".-_"
- ALLOWED_CHARACTERS = "[A-Za-z0-9#{Regexp.escape(SPECIAL_CHARACTERS)}]+"
- ROUTE_PATTERN = /#{ALLOWED_CHARACTERS}/
- LAZY_ROUTE_PATTERN = /#{ALLOWED_CHARACTERS}?/
- NAME_PATTERN = /\A#{ALLOWED_CHARACTERS}\Z/
+ SPECIAL_CHARACTERS = ".-_"
+ ALLOWED_CHARACTERS = "[A-Za-z0-9#{Regexp.escape(SPECIAL_CHARACTERS)}]+"
+ ROUTE_PATTERN = /#{ALLOWED_CHARACTERS}/
+ LAZY_ROUTE_PATTERN = /#{ALLOWED_CHARACTERS}?/
+ NAME_PATTERN = /\A#{ALLOWED_CHARACTERS}\Z/
+ CREATE_NAME_PATTERN = /\A[a-z0-9#{Regexp.escape(SPECIAL_CHARACTERS)}]+\Z/
end
View
2  test/factories.rb
@@ -55,7 +55,7 @@
end
sequence :name do |n|
- "RubyGem#{n}"
+ "rubygem#{n}"
end
factory :rubygem do
View
16 test/functional/api/v1/rubygems_controller_test.rb
@@ -42,9 +42,9 @@ def self.should_respond_to(format, &block)
context "with #{format.to_s.upcase} for a gem that doesn't match the slug" do
setup do
- @rubygem = create(:rubygem, :name => "ZenTest", :slug => "zentest")
+ @rubygem = create(:rubygem, :name => "zentest", :slug => "zentest")
create(:version, :rubygem => @rubygem)
- get :show, :id => "ZenTest", :format => format
+ get :show, :id => "zentest", :format => format
end
should_respond_to_show(format, &block)
@@ -115,14 +115,14 @@ def self.should_respond_to(format, &block)
def self.should_respond_to(format)
context "with #{format.to_s.upcase} for a list of gems" do
setup do
- @mygems = [ create(:rubygem, :name => "SomeGem"), create(:rubygem, :name => "AnotherGem") ]
+ @mygems = [ create(:rubygem, :name => "somegem"), create(:rubygem, :name => "anothergem") ]
@mygems.each do |rubygem|
create(:version, :rubygem => rubygem)
create(:ownership, :user => @user, :rubygem => rubygem)
end
@other_user = create(:user)
- @not_my_rubygem = create(:rubygem, :name => "NotMyGem")
+ @not_my_rubygem = create(:rubygem, :name => "notmygem")
create(:version, :rubygem => @not_my_rubygem)
create(:ownership, :user => @other_user, :rubygem => @not_my_rubygem)
@@ -136,7 +136,7 @@ def self.should_respond_to(format)
end
should "only return my gems" do
gem_names = yield(@response.body).map { |rubygem| rubygem['name'] }.sort
- assert_equal ["AnotherGem", "SomeGem"], gem_names
+ assert_equal ["anothergem", "somegem"], gem_names
end
end
end
@@ -251,7 +251,7 @@ def self.should_respond_to(format)
context "for a gem SomeGem with a version 0.1.0" do
setup do
- @rubygem = create(:rubygem, :name => "SomeGem")
+ @rubygem = create(:rubygem, :name => "somegem")
@v1 = create(:version, :rubygem => @rubygem, :number => "0.1.0", :platform => "ruby")
create(:ownership, :user => @user, :rubygem => @rubygem)
end
@@ -302,7 +302,7 @@ def self.should_respond_to(format)
assert_equal 1, @rubygem.ownerships.count
end
should "show platform in response" do
- assert_equal "Successfully yanked gem: SomeGem (0.1.1-x86-darwin-10)", @response.body
+ assert_equal "Successfully yanked gem: somegem (0.1.1-x86-darwin-10)", @response.body
end
end
end
@@ -338,7 +338,7 @@ def self.should_respond_to(format)
context "for a gem SomeGem with a yanked version 0.1.0 and unyanked version 0.1.1" do
setup do
- @rubygem = create(:rubygem, :name => "SomeGem")
+ @rubygem = create(:rubygem, :name => "somegem")
@v1 = create(:version, :rubygem => @rubygem, :number => "0.1.0", :platform => "ruby", :indexed => false)
@v2 = create(:version, :rubygem => @rubygem, :number => "0.1.1", :platform => "ruby")
@v3 = create(:version, :rubygem => @rubygem, :number => "0.1.2", :platform => "x86-darwin-10", :indexed => false)
View
4 test/unit/rubygem_test.rb
@@ -3,7 +3,7 @@
class RubygemTest < ActiveSupport::TestCase
context "with a saved rubygem" do
setup do
- @rubygem = create(:rubygem, :name => "SomeGem")
+ @rubygem = create(:rubygem, :name => "somegem")
end
subject { @rubygem }
@@ -125,7 +125,7 @@ class RubygemTest < ActiveSupport::TestCase
@rubygem = build(:rubygem, :linkset => nil)
end
- ['1337', 'Snakes!', ['zomg']].each do |bad_name|
+ ['1337', 'Snakes!', ['zomg'], 'rAils'].each do |bad_name|
should "not accept #{bad_name.inspect} as a name" do
@rubygem.name = bad_name
assert ! @rubygem.valid?
Something went wrong with that request. Please try again.