summaryrefslogtreecommitdiff
path: root/test
diff options
context:
space:
mode:
authorEddie Lebow <elebow@users.noreply.github.com>2017-05-05 05:05:53 -0400
committerw0rp <w0rp@users.noreply.github.com>2017-05-05 10:05:53 +0100
commitba7999dae093c2c9b9f924c9bff8fb9fdea167fc (patch)
tree59655bdc243e1c0bc7ccb2c47153b07aad5b4192 /test
parent14f3fc777fc4a5e1fd1e1a7b75f4edf84b0a9af0 (diff)
downloadale-ba7999dae093c2c9b9f924c9bff8fb9fdea167fc.zip
[RFC] Add Brakeman for Ruby on Rails (references #385) (#509)
* Add brakeman for Ruby on Rails
Diffstat (limited to 'test')
-rw-r--r--test/command_callback/test_brakeman_command_callback.vader26
-rw-r--r--test/handler/test_brakeman_handler.vader68
-rw-r--r--test/ruby_fixtures/not_a_rails_app/file.rb0
-rw-r--r--test/ruby_fixtures/valid_rails_app/app/dummy.rb0
-rw-r--r--test/ruby_fixtures/valid_rails_app/app/models/thing.rb0
-rw-r--r--test/ruby_fixtures/valid_rails_app/config/dummy.rb0
-rw-r--r--test/ruby_fixtures/valid_rails_app/db/dummy.rb0
7 files changed, 94 insertions, 0 deletions
diff --git a/test/command_callback/test_brakeman_command_callback.vader b/test/command_callback/test_brakeman_command_callback.vader
new file mode 100644
index 00000000..262f865e
--- /dev/null
+++ b/test/command_callback/test_brakeman_command_callback.vader
@@ -0,0 +1,26 @@
+Before:
+ runtime ale_linters/ruby/brakeman.vim
+
+After:
+ call ale#linter#Reset()
+
+Execute(The brakeman command callback should detect absence of a valid Rails app):
+ cd /testplugin/test/ruby_fixtures/not_a_rails_app/
+ AssertEqual
+ \ '',
+ \ ale_linters#ruby#brakeman#GetCommand(bufnr(''))
+
+Execute(The brakeman command callback should find a valid Rails app root):
+ cd /testplugin/test/ruby_fixtures/valid_rails_app/db/
+ AssertEqual
+ \ 'brakeman -f json -q -p /testplugin/test/ruby_fixtures/valid_rails_app',
+ \ ale_linters#ruby#brakeman#GetCommand(bufnr(''))
+
+Execute(The brakeman command callback should include configured options):
+ cd /testplugin/test/ruby_fixtures/valid_rails_app/db/
+ let g:ale_ruby_brakeman_options = '--combobulate'
+
+
+ AssertEqual
+ \ 'brakeman -f json -q --combobulate -p /testplugin/test/ruby_fixtures/valid_rails_app',
+ \ ale_linters#ruby#brakeman#GetCommand(bufnr(''))
diff --git a/test/handler/test_brakeman_handler.vader b/test/handler/test_brakeman_handler.vader
new file mode 100644
index 00000000..33db4d67
--- /dev/null
+++ b/test/handler/test_brakeman_handler.vader
@@ -0,0 +1,68 @@
+Before:
+ runtime ale_linters/ruby/brakeman.vim
+ call setbufvar(0, 'ruby_brakeman_rails_root_cached', '')
+
+
+After:
+ call ale#linter#Reset()
+
+Execute(The brakeman handler should parse JSON correctly):
+ cd! /testplugin/test/ruby_fixtures/valid_rails_app/app/models
+ silent file! thing.rb
+
+ AssertEqual
+ \ [
+ \ {
+ \ 'lnum': 84,
+ \ 'text': 'SQL Injection Possible SQL injection (Medium)',
+ \ 'type': 'W',
+ \ },
+ \ {
+ \ 'lnum': 1,
+ \ 'text': 'Mass Assignment Potentially dangerous attribute available for mass assignment (Weak)',
+ \ 'type': 'W',
+ \ }
+ \ ],
+ \ ale_linters#ruby#brakeman#Handle(bufnr(''), [
+ \ '{',
+ \ '"warnings": [',
+ \ '{',
+ \ '"warning_type": "SQL Injection",',
+ \ '"warning_code": 0,',
+ \ '"fingerprint": "1234",',
+ \ '"check_name": "SQL",',
+ \ '"message": "Possible SQL injection",',
+ \ '"file": "app/models/thing.rb",',
+ \ '"line": 84,',
+ \ '"link": "http://brakemanscanner.org/docs/warning_types/sql_injection/",',
+ \ '"code": "Thing.connection.execute(params[:data])",',
+ \ '"render_path": null,',
+ \ '"location": {',
+ \ '"type": "method",',
+ \ '"class": "Thing",',
+ \ '"method": "run_raw_sql_from_internet"',
+ \ '},',
+ \ '"user_input": "whatever",',
+ \ '"confidence": "Medium"',
+ \ '},',
+ \ '{',
+ \ '"warning_type": "Mass Assignment",',
+ \ '"warning_code": 60,',
+ \ '"fingerprint": "1235",',
+ \ '"check_name": "ModelAttrAccessible",',
+ \ '"message": "Potentially dangerous attribute available for mass assignment",',
+ \ '"file": "app/models/thing.rb",',
+ \ '"line": null,',
+ \ '"link": "http://brakemanscanner.org/docs/warning_types/mass_assignment/",',
+ \ '"code": ":name",',
+ \ '"render_path": null,',
+ \ '"location": {',
+ \ '"type": "model",',
+ \ '"model": "Thing"',
+ \ '},',
+ \ '"user_input": null,',
+ \ '"confidence": "Weak"',
+ \ '}',
+ \ ']',
+ \ '}'
+ \ ])
diff --git a/test/ruby_fixtures/not_a_rails_app/file.rb b/test/ruby_fixtures/not_a_rails_app/file.rb
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/test/ruby_fixtures/not_a_rails_app/file.rb
diff --git a/test/ruby_fixtures/valid_rails_app/app/dummy.rb b/test/ruby_fixtures/valid_rails_app/app/dummy.rb
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/test/ruby_fixtures/valid_rails_app/app/dummy.rb
diff --git a/test/ruby_fixtures/valid_rails_app/app/models/thing.rb b/test/ruby_fixtures/valid_rails_app/app/models/thing.rb
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/test/ruby_fixtures/valid_rails_app/app/models/thing.rb
diff --git a/test/ruby_fixtures/valid_rails_app/config/dummy.rb b/test/ruby_fixtures/valid_rails_app/config/dummy.rb
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/test/ruby_fixtures/valid_rails_app/config/dummy.rb
diff --git a/test/ruby_fixtures/valid_rails_app/db/dummy.rb b/test/ruby_fixtures/valid_rails_app/db/dummy.rb
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/test/ruby_fixtures/valid_rails_app/db/dummy.rb