discourse/spec/rails_helper.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

505 lines
14 KiB
Ruby
Raw Normal View History

# frozen_string_literal: true
2013-02-05 14:16:51 -05:00
if ENV['COVERAGE']
require 'simplecov'
SimpleCov.command_name "#{SimpleCov.command_name} #{ENV['TEST_ENV_NUMBER']}" if ENV['TEST_ENV_NUMBER']
SimpleCov.start 'rails' do
add_group 'Libraries', /^\/lib\/(?!tasks).*$/
add_group 'Scripts', 'script'
add_group 'Serializers', 'app/serializers'
add_group 'Services', 'app/services'
add_group 'Tasks', 'lib/tasks'
end
2013-02-05 14:16:51 -05:00
end
require 'rubygems'
require 'rbtrace'
2017-08-09 17:50:59 -04:00
require 'pry'
require 'pry-byebug'
require 'pry-rails'
2017-08-09 17:50:59 -04:00
# Loading more in this block will cause your tests to run faster. However,
# if you change any configuration or code from libraries loaded here, you'll
# need to restart spork for it take effect.
require 'fabrication'
require 'mocha/api'
require 'certified'
require 'webmock/rspec'
class RspecErrorTracker
def self.last_exception=(ex)
@ex = ex
end
def self.last_exception
@ex
end
def initialize(app, config = {})
@app = app
end
def call(env)
begin
@app.call(env)
DEV: Output webmock errors in request specs (#14782) * DEV: Output webmock errors in request specs In request specs, if you had not properly mocked an external HTTP call, you would end up with a 500 error with no further information instead of your expected response code, with an rspec output like this: ``` Failures: 1) UploadsController#generate_presigned_put when the store is external generates a presigned URL and creates an external upload stub Failure/Error: expect(response.status).to eq(200) expected: 200 got: 500 (compared using ==) # ./spec/requests/uploads_controller_spec.rb:727:in `block (4 levels) in <top (required)>' # ./spec/rails_helper.rb:280:in `block (2 levels) in <top (required)>' ``` This is not helpful at all when you want to find what you actually failed to mock, which is shown straight away in non-request specs. This commit introduces a rescue_from block in the application controller to log this error, so we have a much nicer output that helps the developer find the issue: ``` Failures: 1) UploadsController#generate_presigned_put when the store is external generates a presigned URL and creates an external upload stub Failure/Error: expect(response.status).to eq(200) expected: 200 got: 500 (compared using ==) # ./spec/requests/uploads_controller_spec.rb:727:in `block (4 levels) in <top (required)>' # ./spec/rails_helper.rb:280:in `block (2 levels) in <top (required)>' # ------------------ # --- Caused by: --- # WebMock::NetConnectNotAllowedError: # Real HTTP connections are disabled. Unregistered request: GET https://s3-upload-bucket.s3.us-west-1.amazonaws.com/?cors with headers {'Accept'=>'*/*', 'Accept-Encoding'=>'', 'Authorization'=>'AWS4-HMAC-SHA256 Credential=some key/20211101/us-west-1/s3/aws4_request, SignedHeaders=host;user-agent;x-amz-content-sha256;x-amz-date, Signature=test', 'Host'=>'s3-upload-bucket.s3.us-west-1.amazonaws.com', 'User-Agent'=>'aws-sdk-ruby3/3.121.2 ruby/2.7.1 x86_64-linux aws-sdk-s3/1.96.1', 'X-Amz-Content-Sha256'=>'test', 'X-Amz-Date'=>'20211101T035113Z'} # # You can stub this request with the following snippet: # # stub_request(:get, "https://s3-upload-bucket.s3.us-west-1.amazonaws.com/?cors"). # with( # headers: { # 'Accept'=>'*/*', # 'Accept-Encoding'=>'', # 'Authorization'=>'AWS4-HMAC-SHA256 Credential=some key/20211101/us-west-1/s3/aws4_request, SignedHeaders=host;user-agent;x-amz-content-sha256;x-amz-date, Signature=test', # 'Host'=>'s3-upload-bucket.s3.us-west-1.amazonaws.com', # 'User-Agent'=>'aws-sdk-ruby3/3.121.2 ruby/2.7.1 x86_64-linux aws-sdk-s3/1.96.1', # 'X-Amz-Content-Sha256'=>'test', # 'X-Amz-Date'=>'20211101T035113Z' # }). # to_return(status: 200, body: "", headers: {}) # # registered request stubs: # # stub_request(:head, "https://s3-upload-bucket.s3.us-west-1.amazonaws.com/") # # ============================================================ ``` * DEV: Require webmock in application controller if rails.env.test * DEV: Rescue from StandardError and NetConnectNotAllowedError
2021-11-01 02:38:41 -04:00
# This is a little repetitive, but since WebMock::NetConnectNotAllowedError
# and also Mocha::ExpectationError inherit from Exception instead of StandardError
# they do not get captured by the rescue => e shorthand :(
rescue WebMock::NetConnectNotAllowedError, Mocha::ExpectationError, StandardError => e
RspecErrorTracker.last_exception = e
raise e
end
ensure
end
end
2017-08-09 17:50:59 -04:00
ENV["RAILS_ENV"] ||= 'test'
require File.expand_path("../../config/environment", __FILE__)
require 'rspec/rails'
require 'shoulda-matchers'
2017-08-09 17:50:59 -04:00
require 'sidekiq/testing'
require 'test_prof/recipes/rspec/let_it_be'
require 'test_prof/before_all/adapters/active_record'
2017-08-09 17:50:59 -04:00
# The shoulda-matchers gem no longer detects the test framework
# you're using or mixes itself into that framework automatically.
Shoulda::Matchers.configure do |config|
config.integrate do |with|
with.test_framework :rspec
with.library :active_record
with.library :active_model
end
end
2017-08-09 17:50:59 -04:00
# Requires supporting ruby files with custom matchers and macros, etc,
# in spec/support/ and its subdirectories.
Dir[Rails.root.join("spec/support/**/*.rb")].each { |f| require f }
Dir[Rails.root.join("spec/fabricators/*.rb")].each { |f| require f }
# Require plugin helpers at plugin/[plugin]/spec/plugin_helper.rb (includes symlinked plugins).
if ENV['LOAD_PLUGINS'] == "1"
Dir[Rails.root.join("plugins/*/spec/plugin_helper.rb")].each do |f|
require f
end
2017-08-09 17:50:59 -04:00
end
2017-08-09 17:50:59 -04:00
# let's not run seed_fu every test
SeedFu.quiet = true if SeedFu.respond_to? :quiet
2017-08-09 17:50:59 -04:00
SiteSetting.automatically_download_gravatars = false
2017-08-09 17:50:59 -04:00
SeedFu.seed
2013-02-05 14:16:51 -05:00
# we need this env var to ensure that we can impersonate in test
# this enable integration_helpers sign_in helper
ENV['DISCOURSE_DEV_ALLOW_ANON_TO_IMPERSONATE'] = '1'
module TestSetup
# This is run before each test and before each before_all block
def self.test_setup(x = nil)
# TODO not sure about this, we could use a mock redis implementation here:
# this gives us really clean "flush" semantics, however the side-effect is that
# we are no longer using a clean redis implementation, a preferable solution may
# be simply flushing before tests, trouble is that redis may be reused with dev
# so that would mean the dev would act weird
#
# perf benefit seems low (shaves 20 secs off a 4 minute test suite)
#
# Discourse.redis = DiscourseMockRedis.new
RateLimiter.disable
PostActionNotifier.disable
SearchIndexer.disable
UserActionManager.disable
NotificationEmailer.disable
SiteIconManager.disable
SiteSetting.provider.all.each do |setting|
SiteSetting.remove_override!(setting.name)
end
# very expensive IO operations
SiteSetting.automatically_download_gravatars = false
Discourse.clear_readonly!
Sidekiq::Worker.clear_all
I18n.locale = SiteSettings::DefaultsProvider::DEFAULT_LOCALE
RspecErrorTracker.last_exception = nil
if $test_cleanup_callbacks
$test_cleanup_callbacks.reverse_each(&:call)
$test_cleanup_callbacks = nil
end
# in test this is very expensive, we explicitly enable when needed
Topic.update_featured_topics = false
# Running jobs are expensive and most of our tests are not concern with
# code that runs inside jobs. run_later! means they are put on the redis
# queue and never processed.
Jobs.run_later!
# Don't track ApplicationRequests in test mode unless opted in
ApplicationRequest.disable
# Don't queue badge grant in test mode
BadgeGranter.disable_queue
end
end
TestProf::BeforeAll.configure do |config|
config.before(:begin) do
TestSetup.test_setup
end
end
if ENV['PREFABRICATION'] == '0'
module Prefabrication
def fab!(name, &blk)
let!(name, &blk)
end
end
RSpec.configure do |config|
config.extend Prefabrication
end
else
TestProf::LetItBe.configure do |config|
config.alias_to :fab!, refind: true
end
end
2017-08-09 17:50:59 -04:00
RSpec.configure do |config|
config.fail_fast = ENV['RSPEC_FAIL_FAST'] == "1"
config.silence_filter_announcements = ENV['RSPEC_SILENCE_FILTER_ANNOUNCEMENTS'] == "1"
2017-08-09 17:50:59 -04:00
config.include Helpers
config.include MessageBus
config.include RSpecHtmlMatchers
config.include IntegrationHelpers, type: :request
2020-01-15 05:27:12 -05:00
config.include WebauthnIntegrationHelpers
config.include SiteSettingsHelpers
2020-07-24 05:16:52 -04:00
config.include SidekiqHelpers
config.include UploadsHelpers
config.include OneboxHelpers
config.include FastImageHelpers
2017-08-09 17:50:59 -04:00
config.mock_framework = :mocha
config.order = 'random'
config.infer_spec_type_from_file_location!
2013-02-05 14:16:51 -05:00
2017-08-09 17:50:59 -04:00
# If you're not using ActiveRecord, or you'd prefer not to run each of your
# examples within a transaction, remove the following line or assign false
# instead of true.
config.use_transactional_fixtures = true
2013-02-05 14:16:51 -05:00
2017-08-09 17:50:59 -04:00
# If true, the base class of anonymous controllers will be inferred
# automatically. This will be the default behavior in future versions of
# rspec-rails.
config.infer_base_class_for_anonymous_controllers = true
2013-02-05 14:16:51 -05:00
2017-08-09 17:50:59 -04:00
config.before(:suite) do
begin
ActiveRecord::Migration.check_pending!
rescue ActiveRecord::PendingMigrationError
raise "There are pending migrations, run RAILS_ENV=test bin/rake db:migrate"
end
2017-08-09 17:50:59 -04:00
Sidekiq.error_handlers.clear
2017-08-09 17:50:59 -04:00
# Ugly, but needed until we have a user creator
User.skip_callback(:create, :after, :ensure_in_trust_level_group)
DiscoursePluginRegistry.reset! if ENV['LOAD_PLUGINS'] != "1"
2017-08-09 17:50:59 -04:00
Discourse.current_user_provider = TestCurrentUserProvider
2017-08-09 17:50:59 -04:00
SiteSetting.refresh!
2017-08-09 17:50:59 -04:00
# Rebase defaults
#
# We nuke the DB storage provider from site settings, so need to yank out the existing settings
# and pretend they are default.
# There are a bunch of settings that are seeded, they must be loaded as defaults
SiteSetting.current.each do |k, v|
# skip setting defaults for settings that are in unloaded plugins
SiteSetting.defaults.set_regardless_of_locale(k, v) if SiteSetting.respond_to? k
end
SiteSetting.provider = TestLocalProcessProvider.new
2017-08-09 17:50:59 -04:00
WebMock.disable_net_connect!
end
class TestLocalProcessProvider < SiteSettings::LocalProcessProvider
attr_accessor :current_site
def initialize
super
self.current_site = "test"
end
end
2017-08-09 17:50:59 -04:00
class DiscourseMockRedis < MockRedis
def without_namespace
self
end
2017-08-09 17:50:59 -04:00
def delete_prefixed(prefix)
keys("#{prefix}*").each { |k| del(k) }
end
2017-08-09 17:50:59 -04:00
end
config.after :each do |x|
if x.exception && ex = RspecErrorTracker.last_exception
# magic in a cause if we have none
unless x.exception.cause
class << x.exception
attr_accessor :cause
end
x.exception.cause = ex
end
end
unfreeze_time
ActionMailer::Base.deliveries.clear
2019-01-08 21:53:38 -05:00
if ActiveRecord::Base.connection_pool.stat[:busy] > 1
raise ActiveRecord::Base.connection_pool.stat.inspect
end
end
config.after(:suite) do
if SpecSecureRandom.value
FileUtils.remove_dir(file_from_fixtures_tmp_folder, true)
end
end
config.before :each, &TestSetup.method(:test_setup)
2013-02-05 14:16:51 -05:00
config.around :each do |example|
before_event_count = DiscourseEvent.events.values.sum(&:count)
example.run
after_event_count = DiscourseEvent.events.values.sum(&:count)
expect(before_event_count).to eq(after_event_count), "DiscourseEvent registrations were not cleaned up"
end
config.before :each do
# This allows DB.transaction_open? to work in tests. See lib/mini_sql_multisite_connection.rb
DB.test_transaction = ActiveRecord::Base.connection.current_transaction
end
# Match the request hostname to the value in `database.yml`
config.before(:all, type: [:request, :multisite]) { host! "test.localhost" }
config.before(:each, type: [:request, :multisite]) { host! "test.localhost" }
config.before(:each, type: :multisite) do
Rails.configuration.multisite = true # rubocop:disable Discourse/NoDirectMultisiteManipulation
RailsMultisite::ConnectionManagement.config_filename =
"spec/fixtures/multisite/two_dbs.yml"
RailsMultisite::ConnectionManagement.establish_connection(db: 'default')
end
config.after(:each, type: :multisite) do
ActiveRecord::Base.clear_all_connections!
Rails.configuration.multisite = false # rubocop:disable Discourse/NoDirectMultisiteManipulation
RailsMultisite::ConnectionManagement.clear_settings!
ActiveRecord::Base.establish_connection
end
2017-08-09 17:50:59 -04:00
class TestCurrentUserProvider < Auth::DefaultCurrentUserProvider
def log_on_user(user, session, cookies, opts = {})
2017-08-09 17:50:59 -04:00
session[:current_user_id] = user.id
super
end
2017-08-09 17:50:59 -04:00
def log_off_user(session, cookies)
session[:current_user_id] = nil
super
end
2017-08-09 17:50:59 -04:00
end
# Normally we `use_transactional_fixtures` to clear out a database after a test
# runs. However, this does not apply to tests done for multisite. The second time
# a test runs you can end up with stale data that breaks things. This method will
# force a rollback after using a multisite connection.
def test_multisite_connection(name)
RailsMultisite::ConnectionManagement.with_connection(name) do
ActiveRecord::Base.transaction(joinable: false) do
yield
raise ActiveRecord::Rollback
end
end
end
2017-08-09 17:50:59 -04:00
end
class TrackTimeStub
def self.stubbed
false
end
2017-08-09 17:50:59 -04:00
end
def before_next_spec(&callback)
($test_cleanup_callbacks ||= []) << callback
end
def global_setting(name, value)
GlobalSetting.reset_s3_cache!
GlobalSetting.stubs(name).returns(value)
before_next_spec do
GlobalSetting.reset_s3_cache!
end
end
def set_cdn_url(cdn_url)
global_setting :cdn_url, cdn_url
Rails.configuration.action_controller.asset_host = cdn_url
ActionController::Base.asset_host = cdn_url
before_next_spec do
Rails.configuration.action_controller.asset_host = nil
ActionController::Base.asset_host = nil
end
end
2017-08-09 17:50:59 -04:00
def freeze_time(now = Time.now)
time = now
datetime = now
if Time === now
datetime = now.to_datetime
elsif DateTime === now
time = now.to_time
else
datetime = DateTime.parse(now.to_s)
time = Time.parse(now.to_s)
end
2017-08-09 17:50:59 -04:00
if block_given?
raise "nested freeze time not supported" if TrackTimeStub.stubbed
2013-02-05 14:16:51 -05:00
end
2017-08-09 17:50:59 -04:00
DateTime.stubs(:now).returns(datetime)
Time.stubs(:now).returns(time)
Date.stubs(:today).returns(datetime.to_date)
TrackTimeStub.stubs(:stubbed).returns(true)
if block_given?
begin
yield
ensure
unfreeze_time
end
else
time
end
2013-02-05 14:16:51 -05:00
end
2017-08-09 17:50:59 -04:00
def unfreeze_time
DateTime.unstub(:now)
Time.unstub(:now)
Date.unstub(:today)
TrackTimeStub.unstub(:stubbed)
end
2017-08-09 17:50:59 -04:00
def file_from_fixtures(filename, directory = "images")
SpecSecureRandom.value ||= SecureRandom.hex
FileUtils.mkdir_p(file_from_fixtures_tmp_folder) unless Dir.exists?(file_from_fixtures_tmp_folder)
tmp_file_path = File.join(file_from_fixtures_tmp_folder, SecureRandom.hex << filename)
FileUtils.cp("#{Rails.root}/spec/fixtures/#{directory}/#{filename}", tmp_file_path)
File.new(tmp_file_path)
end
def file_from_fixtures_tmp_folder
File.join(Dir.tmpdir, "rspec_#{Process.pid}_#{SpecSecureRandom.value}")
2017-08-09 17:50:59 -04:00
end
def has_trigger?(trigger_name)
DB.exec(<<~SQL) != 0
SELECT 1
FROM INFORMATION_SCHEMA.TRIGGERS
WHERE trigger_name = '#{trigger_name}'
SQL
end
def silence_stdout
STDOUT.stubs(:write)
yield
ensure
STDOUT.unstub(:write)
end
class TrackingLogger < ::Logger
attr_reader :messages
def initialize(level: nil)
super(nil)
@messages = []
@level = level
end
def add(*args, &block)
if !level || args[0].to_i >= level
@messages << args
end
end
end
def track_log_messages(level: nil)
old_logger = Rails.logger
logger = Rails.logger = TrackingLogger.new(level: level)
yield logger.messages
logger.messages
ensure
Rails.logger = old_logger
end
FEATURE: Apply rate limits per user instead of IP for trusted users (#14706) Currently, Discourse rate limits all incoming requests by the IP address they originate from regardless of the user making the request. This can be frustrating if there are multiple users using Discourse simultaneously while sharing the same IP address (e.g. employees in an office). This commit implements a new feature to make Discourse apply rate limits by user id rather than IP address for users at or higher than the configured trust level (1 is the default). For example, let's say a Discourse instance is configured to allow 200 requests per minute per IP address, and we have 10 users at trust level 4 using Discourse simultaneously from the same IP address. Before this feature, the 10 users could only make a total of 200 requests per minute before they got rate limited. But with the new feature, each user is allowed to make 200 requests per minute because the rate limits are applied on user id rather than the IP address. The minimum trust level for applying user-id-based rate limits can be configured by the `skip_per_ip_rate_limit_trust_level` global setting. The default is 1, but it can be changed by either adding the `DISCOURSE_SKIP_PER_IP_RATE_LIMIT_TRUST_LEVEL` environment variable with the desired value to your `app.yml`, or changing the setting's value in the `discourse.conf` file. Requests made with API keys are still rate limited by IP address and the relevant global settings that control API keys rate limits. Before this commit, Discourse's auth cookie (`_t`) was simply a 32 characters string that Discourse used to lookup the current user from the database and the cookie contained no additional information about the user. However, we had to change the cookie content in this commit so we could identify the user from the cookie without making a database query before the rate limits logic and avoid introducing a bottleneck on busy sites. Besides the 32 characters auth token, the cookie now includes the user id, trust level and the cookie's generation date, and we encrypt/sign the cookie to prevent tampering. Internal ticket number: t54739.
2021-11-17 15:27:30 -05:00
# this takes a string and returns a copy where 2 different
# characters are swapped.
# e.g.
# swap_2_different_characters("abc") => "bac"
# swap_2_different_characters("aac") => "caa"
def swap_2_different_characters(str)
swap1 = 0
swap2 = str.split("").find_index { |c| c != str[swap1] }
# if the string is made up of 1 character
return str if !swap2
str = str.dup
str[swap1], str[swap2] = str[swap2], str[swap1]
str
end
def create_request_env(path: nil)
env = Rails.application.env_config.dup
env.merge!(Rack::MockRequest.env_for(path)) if path
env
end
def create_auth_cookie(token:, user_id: nil, trust_level: nil, issued_at: Time.zone.now)
request = ActionDispatch::Request.new(create_request_env)
data = {
token: token,
user_id: user_id,
trust_level: trust_level,
issued_at: issued_at.to_i
}
cookie = request.cookie_jar.encrypted["_t"] = { value: data }
cookie[:value]
end
def decrypt_auth_cookie(cookie)
request = ActionDispatch::Request.new(create_request_env.merge("HTTP_COOKIE" => "_t=#{cookie}"))
request.cookie_jar.encrypted["_t"]
end
class SpecSecureRandom
class << self
attr_accessor :value
end
end