jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
2c33539be7b10fbaca54eaa04e66d9754312dc0c
danbooru/test/unit/note_test.rb
evazion d9dc84325f Fix #5365: Don't allow whitespace-only text submission. 
Fix bug where it was possible to submit blank text in various text fields.

Caused by `String#blank?` not considering certain Unicode characters as blank. `blank?` is defined
as `match?(/\A[[:space:]]*\z/)`, where `[[:space:]]` matches ASCII spaces (space, tab, newline, etc)
and Unicode characters in the Space category ([1]). However, there are other space-like characters
not in the Space category. This includes U+200B (Zero-Width Space), and many more.

It turns out the "Default ignorable code points" [2][3] are what we're after. These are the set of 400
or so formatting and control characters that are invisible when displayed.

Note that there are other control characters that aren't invisible when rendered, instead they're
shown with a placeholder glyph. These include the ASCII C0 and C1 control codes [4], certain Unicode
control characters [5], and unassigned, reserved, and private use codepoints.

There is one outlier: the Braille pattern blank (U+2800) [6]. This character is visually blank, but is
not considered to be a space or an ignorable code point.

[1]: https://codepoints.net/search?gc[]=Z
[2]: https://codepoints.net/search?DI=1
[3]: https://www.unicode.org/review/pr-5.html
[4]: https://codepoints.net/search?gc[]=Cc
[5]: https://codepoints.net/search?gc[]=Cf
[6]: https://codepoints.net/U+2800
[7]: https://en.wikipedia.org/wiki/Whitespace_character
[8]: https://character.construction/blanks
[9]: https://invisible-characters.com
2022-12-05 01:58:34 -06:00

156 lines
4.7 KiB
Ruby
Raw Blame History

require 'test_helper'
class NoteTest < ActiveSupport::TestCase
context "In all cases" do
setup do
@user = FactoryBot.create(:user)
CurrentUser.user = @user
end
teardown do
CurrentUser.user = nil
end
context "#merge_version" do
setup do
@post = FactoryBot.create(:post)
@note = FactoryBot.create(:note, :post => @post)
end
should "not increment version" do
@note.update(x: 100)
assert_equal(1, @note.versions.count)
assert_equal(1, @note.versions.first.version)
end
end
context "for a post that already has a note" do
setup do
@post = FactoryBot.create(:post)
@note = FactoryBot.create(:note, :post => @post)
end
context "when the note is deleted the post" do
should "null out its last_noted_at_field" do
assert_not_nil(@post.reload.last_noted_at)
@note.update!(is_active: false)
assert_nil(@post.reload.last_noted_at)
end
end
end
context "creating a note" do
setup do
@post = FactoryBot.create(:post, :image_width => 1000, :image_height => 1000)
end
should "not validate if the note is outside the image" do
@note = FactoryBot.build(:note, :x => 1001, :y => 500, :post => @post)
@note.save
assert_equal(["Note must be inside the image"], @note.errors.full_messages)
end
should "not validate if the note is larger than the image" do
@note = FactoryBot.build(:note, :x => 500, :y => 500, :height => 501, :width => 500, :post => @post)
@note.save
assert_equal(["Note must be inside the image"], @note.errors.full_messages)
end
should "not validate if the body is blank" do
@note = FactoryBot.build(:note, body: " ", :post => @post)
assert_equal(false, @note.valid?)
assert_equal(["Body can't be blank"], @note.errors.full_messages)
end
should "create a version" do
assert_difference("NoteVersion.count", 1) do
travel(1.day) do
@note = FactoryBot.create(:note, :post => @post)
end
end
assert_equal(1, @note.versions.count)
assert_equal(@note.body, @note.versions.first.body)
assert_equal(1, @note.version)
assert_equal(1, @note.versions.first.version)
assert_equal(@user.id, @note.versions.first.updater_id)
end
should "update the post's last_noted_at field" do
assert_nil(@post.last_noted_at)
@note = FactoryBot.create(:note, :post => @post)
@post.reload
assert_not_nil(@post.last_noted_at)
end
end
context "updating a note" do
setup do
@post = FactoryBot.create(:post, :image_width => 1000, :image_height => 1000)
@note = FactoryBot.create(:note, :post => @post)
@note.stubs(:merge_version?).returns(false)
end
should "increment the updater's note_update_count" do
@user.reload
assert_difference("@user.note_update_count", 1) do
@note.update(body: "zzz")
@user.reload
end
end
should "update the post's last_noted_at field" do
assert_equal(@post.reload.last_noted_at.to_i, @note.updated_at.to_i)
assert_changes("@post.reload.last_noted_at") { @note.update(x: 500) }
assert_equal(@post.reload.last_noted_at.to_i, @note.reload.updated_at.to_i)
end
should "create a version" do
assert_difference("NoteVersion.count", 1) do
travel(1.day) do
@note.update(body: "fafafa")
end
end
assert_equal(2, @note.versions.count)
assert_equal(2, @note.versions.last.version)
assert_equal("fafafa", @note.versions.last.body)
assert_equal(2, @note.version)
assert_equal(@user.id, @note.versions.last.updater_id)
end
context "without making any changes" do
should "not create a new version" do
assert_no_difference("@note.versions.count") do
@note.save
end
end
end
end
context "searching for a note" do
setup do
@note = FactoryBot.create(:note, :body => "aaa")
end
context "where the body contains the string 'aaa'" do
should "return a hit" do
assert_search_equals(@note, body_matches: "aaa")
end
end
context "where the body contains the string 'bbb'" do
should "return no hits" do
assert_search_equals([], body_matches: "bbb")
end
end
end
context "when validating notes" do
should_not allow_value("").for(:body)
should_not allow_value(" ").for(:body)
should_not allow_value("\u200B").for(:body)
end
end
end
Reference in New Issue View Git Blame Copy Permalink