Domů Procházet Nápověda
Registrovat se Přihlásit se
benjamin.harris
/
tas_councils
1
0
Rozštěpit 0
Soubory Úkoly 0 Pull Requesty 0 Wiki
Strom: 44a524ef46
Větve Značky
tas_councils
/
test
/
test_db_validation.rb

test_db_validation.rb 2.2 KB
Historie Surový

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172 
  1. require "minitest/autorun"
    2. 

  2. require_relative "support/stubs"
    3. 

  3. 

  4. # Tests for DB.validate_table_name!
    5. 

  5. # The stub in support/stubs.rb implements the same regex as lib/db.rb,
    6. 

  6. # so these tests validate the intended allowlist pattern.
    7. 

  7. 

  8. class TestDbValidateTableName < Minitest::Test
    9. 

  9.   # --- Valid names ---
    10. 

  10. 

  11.   def test_simple_council_name
    12. 

  12.     assert_equal "da_brighton", DB.validate_table_name!("da_brighton")
    13. 

  13.   end
    14. 

  14. 

  15.   def test_hyphenated_council_name
    16. 

  16.     assert_equal "da_break_oday", DB.validate_table_name!("da_break_oday")
    17. 

  17.   end
    18. 

  18. 

  19.   def test_council_with_numbers
    20. 

  20.     assert_equal "da_waratah_wynyard", DB.validate_table_name!("da_waratah_wynyard")
    21. 

  21.   end
    22. 

  22. 

  23.   def test_all_known_tables
    24. 

  24.     known = %w[
    25. 

  25.       da_break_oday da_brighton da_burnie da_centralcoast da_centralhighlands
    26. 

  26.       da_circularhead da_clarence da_derwentvalley da_devonportcity da_dorset
    27. 

  27.       da_flinders_council da_georgetown da_glamorgan da_glenorchy da_hobartcity
    28. 

  28.       da_huonvalley da_kentish da_kingborough da_latrobe da_launcestoncity
    29. 

  29.       da_meandervalley da_northernmidlands da_southernmidlands da_tasman
    30. 

  30.       da_waratah_wynyard da_westcoast da_westtamar
    31. 

  31.     ]
    32. 

  32.     known.each do |t|
    33. 

  33.       assert_equal t, DB.validate_table_name!(t), "Expected #{t} to be valid"
    34. 

  34.     end
    35. 

  35.   end
    36. 

  36. 

  37.   # --- Invalid names ---
    38. 

  38. 

  39.   def test_no_da_prefix_raises
    40. 

  40.     assert_raises(ArgumentError) { DB.validate_table_name!("users") }
    41. 

  41.   end
    42. 

  42. 

  43.   def test_sql_injection_raises
    44. 

  44.     assert_raises(ArgumentError) { DB.validate_table_name!("da_foo; DROP TABLE users--") }
    45. 

  45.   end
    46. 

  46. 

  47.   def test_backtick_injection_raises
    48. 

  48.     assert_raises(ArgumentError) { DB.validate_table_name!("da_foo`") }
    49. 

  49.   end
    50. 

  50. 

  51.   def test_empty_string_raises
    52. 

  52.     assert_raises(ArgumentError) { DB.validate_table_name!("") }
    53. 

  53.   end
    54. 

  54. 

  55.   def test_nil_raises
    56. 

  56.     assert_raises(ArgumentError) { DB.validate_table_name!(nil) }
    57. 

  57.   end
    58. 

  58. 

  59.   def test_uppercase_raises
    60. 

  60.     # Table names are lowercase by convention; uppercase would be unexpected
    61. 

  61.     assert_raises(ArgumentError) { DB.validate_table_name!("DA_BRIGHTON") }
    62. 

  62.   end
    63. 

  63. 

  64.   def test_whitespace_raises
    65. 

  65.     assert_raises(ArgumentError) { DB.validate_table_name!("da_foo bar") }
    66. 

  66.   end
    67. 

  67. 

  68.   def test_error_message_includes_name
    69. 

  69.     err = assert_raises(ArgumentError) { DB.validate_table_name!("bad_name") }
    70. 

  70.     assert_includes err.message, "bad_name"
    71. 

  71.   end
    72. 

  72. end
    73.