template_spec.rb 2.9 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091
  1. require 'rails_helper'
  2. RSpec.describe NotificationFactory::Template do
  3. subject(:template) do
  4. described_class.new(template_string, escape)
  5. end
  6. describe '#to_s' do
  7. context 'for empty input template (incl. whitespace-only)' do
  8. let(:template_string) { "\#{ }" }
  9. context 'with escape = true' do
  10. let(:escape) { true }
  11. it 'returns an ERB template with the #d helper, and passes escape arg as string' do
  12. expect(template.to_s).to eq('<%= d "", true %>')
  13. end
  14. end
  15. context 'with escape = false' do
  16. let(:escape) { false }
  17. it 'returns an ERB template with the #d helper, and passes escape arg as string' do
  18. expect(template.to_s).to eq('<%= d "", false %>')
  19. end
  20. end
  21. end
  22. context 'for input template using #t helper' do
  23. let(:template_string) { "\#{t('some text')}" }
  24. let(:escape) { false }
  25. it 'returns an ERB template with the #t helper, and passes escape arg as string' do
  26. expect(template.to_s).to eq('<%= t "some text", false %>')
  27. end
  28. context 'with double-quotes in argument' do
  29. let(:template_string) { "\#{t('some \"text\"')}" }
  30. it 'adds backslash-escaping' do
  31. expect(template.to_s).to eq('<%= t "some \"text\"", false %>')
  32. end
  33. end
  34. end
  35. # Regression test for https://github.com/zammad/zammad/issues/385
  36. context 'with HTML auto-injected by browser' do
  37. let(:escape) { true }
  38. context 'for <a> tags wrapped around "ticket.id"' do
  39. let(:template_string) { <<~'TEMPLATE'.chomp }
  40. #{<a href="http://ticket.id" title="http://ticket.id" target="_blank">ticket.id</a>}
  41. TEMPLATE
  42. it 'strips tag from resulting ERB template' do
  43. expect(template.to_s).to eq('<%= d "ticket.id", true %>')
  44. end
  45. end
  46. context 'for <a> tags wrapped around "config.fqdn"' do
  47. let(:template_string) { <<~'TEMPLATE'.chomp }
  48. #{<a href="http://config.fqdn" title="http://config.fqdn" target="_blank">config.fqdn</a>}
  49. TEMPLATE
  50. it 'strips tag from resulting ERB template' do
  51. expect(template.to_s).to eq('<%= c "fqdn", true %>')
  52. end
  53. end
  54. context 'for <a> tags surrounded by whitespace' do
  55. let(:template_string) { <<~'TEMPLATE'.chomp }
  56. #{ <a href="http://ticket.id" title="http://ticket.id" target="_blank">ticket.id </a> }
  57. TEMPLATE
  58. it 'strips tag and spaces from template' do
  59. expect(template.to_s).to eq('<%= d "ticket.id", true %>')
  60. end
  61. end
  62. context 'for unpaired <a> tag and trailing whitespace' do
  63. let(:template_string) { <<~'TEMPLATE'.chomp }
  64. #{<a href="http://ticket.id" title="http://ticket.id" target="_blank">ticket.id }
  65. TEMPLATE
  66. it 'strips tag and spaces from template' do
  67. expect(template.to_s).to eq('<%= d "ticket.id", true %>')
  68. end
  69. end
  70. end
  71. end
  72. end