In general, Rails applications seem to reserve a bare rake command for running 'rake test'. So I'm going ahead and making that the default here, for better or for worse.
Updated main README with instructions on how to link to these stylesheets. A codemacro Rakefile was added with tasks to test the plugin and generate a new default_coderay.css stylesheet. The codemacro plugin now wraps all code listings in a <div> enabling horizontal scrolling and dynamic width.
Sadly, unpacking tzinfo into vendor gems breaks Rails' time zone support and gives the following error when trying to access admin/settings: uninitialized constant TZInfo::Timezone::TimezoneProxy So we're going to instruct the user to install this gem using 'sudo rake gems:install' for now.
This should help prevent unescaped text from being displayed in ERB templates, which should in turn help prevent XSS attacks. This code is based on the safe_erb plugin, written by Shinya Kasatani and updated by Matthew Bass, with a whole bunch of changes to better support Mephisto and Rails 2.2. v2: Freeze emk-safe_erb 0.1.1, with MySQL support
This is an experimental change: Can we just go ahead and bundle tzinfo? This should certainly simplify installation for our users. But it also makes it (slightly) harder to upgrade tzinfo when the timezones change. Let me know if this patch causes trouble.
The Rails 2.2 santizer is an enhanced version of Rick's original white_list plugin, so let's upgrade and get the latest fixes. Note that Mephisto had separate rules for sanitizing comments and non-comments in Atom feeds. This difference was introduced in commit 88df87e. Unfortunately, I'm not able to track down any information on the problem being fixed here. Since we already add half of the tags in question to the whitelist, I've decided to just treat all sanitized Atom feed content the same. Please let me know if this breaks anything.
This allows us to write things like: <macro:code> x = y + 2 </macro:code> ...and not get gratuitous empty lines at either end.
The "css" option to the <macro:code> form was never actually implemented, and the associated unit tests are failing. So I removed the test cases and the useless option. I also added some test cases to check that "<" characters in code get escaped properly, and fixed the code to make the tests pass. In general, <macro:code> has a number of fairly serious problems, and the unit tests aren't testing what they think they're testing, largely thanks to some error-recovery code that masks underlying exceptions.
This plugin provided "gems:*" tasks, which are now available in Rails 2.2. It was also responsible for loading vendor/rubypants-0.2.0, which is an old, customized gem that we can't put into the regular gems directory without some repackaging work. So we just handle that case manually for now.
These gems can all be moved easily without breaking our unit tests. Use 'rake gems', etc., to list and manage gems declared with config.gem. We update a couple of gems here, most notable rubyzip. We don't update to the newest version of RedCloth, because Mephisto seemed to want a specific version before, and the newest version includes a native extension that we don't want to deal with right now.
All these features are available in core. We won't know if this patch is good until we actually get the website up, though.
Updated to commit 42a37fab15c6d1dacc6043ee40b25de12b63ac04 from repository git://github.com/technoweenie/attachment_fu.git . Note that this version of attachment_fu is actually deprecated in favor of the forthcoming rewrite. We need to add some explicit attr_accessible declarations to match Mephisto's old behavior.
The tests will now load, but they have a massive number of failures.
This is commit 4cb49974cc62e6e89c15b03d08bab3ba07f7213a from the git://github.com/lazyatom/engines.git repository. The released version of engines doesn't seem to support Rails 2.2 at the moment. Note that the unit tests still won't run.
With this patch, our tests now run at 100%! Our remaining spec failures all involved model_stubbing, an old library by Rick. According to Rick, he's no longer maintaining model_stubbing, and he recommends that we use machinist to generate test data instead. This patch rips out model_stubbing, and replaces it with a combination of machinist and faker. In most cases, the new code is quite a bit shorter, simpler and easier to understand. A few minor things worth noting: - Several rspec blocks have been combined or nested. - Unnecessary setup code has been removed. - Two of the three copies of the code in site_spec.rb have been deleted. - An extra test case has been added for membership_spec.rb, to better document some interesting behavior I discovered while debugging. The machinist plugin is version 17985ba55aff6420caadb70ef698dd93aef5a26b from http://github.com/notahat/machinist/tree/master.
As discovered by Aubrey Holland, model_stubbing relies on the non-portable TRUNCATE TABLE command: http://groups.google.com/group/MephistoBlog/msg/7da91b7410271ff2 Applying Aubrey's fix allows 'rake spec' to run against SQLite3. Note that there are still a good number of spec failures which will need to be addressed. It's a little bit dodgy to patch the in-tree copy of model_stubbing, but doing so will suffice for now.
The Mephisto unit tests rely on 'test/spec', which is provided by the test-spec gem. Since the rest of our test support libraries are already frozen (as vendor/plugins/rspec and vendor/plugins/rspec_on_rails), it won't hurt to freeze one more gem and make the unit tests runnable out of the box. Note that 'rake' and 'rake spec' both result in numerous errors and test failures. I've spoken to another recent Mephisto contributor on #mephisto, and they confirmed that quite a few tests are currently broken.