Merge branch 'master' of github.com:OWASP/railsgoat into top-10-2013

2013-09-10 13:31:48 -04:00
parent 17e082a63e 2eeb8291ba
commit d5801f0684
12 changed files with 117 additions and 15 deletions
@@ -0,0 +1,4 @@
+language: ruby
+rvm:
+  - "1.9.3"
+before_script: rake db:migrate
@@ -12,11 +12,13 @@ gem 'foreman'
 group :development do
  gem 'brakeman'
  gem 'guard-brakeman'
+	gem 'guard-rspec'
  gem 'rb-fsevent'
  gem 'guard-shell'
  gem 'bundler-audit'
  gem 'guard-livereload'
  gem 'rack-livereload'
+	gem 'travis-lint'
 end

 gem 'gauntlt'
@@ -25,7 +27,6 @@ group :development, :test do
  gem 'rspec-rails'
 end

-
 # Gems used only for assets and not required
 # in production environments by default.
 group :assets do
@@ -56,6 +57,8 @@ gem 'powder'
 gem 'aruba'
 gem 'minitest', '~> 4.0', :require=> "minitest/autorun"

+#gem 'minitest'
+
 # Deploy with Capistrano
 # gem 'capistrano'

@@ -95,10 +95,14 @@ GEM
      em-websocket (>= 0.2.0)
      guard (>= 1.5.0)
      multi_json (~> 1.0)
+    guard-rspec (2.5.4)
+      guard (>= 1.1)
+      rspec (~> 2.11)
    guard-shell (0.5.1)
      guard (>= 1.1.0)
    haml (4.0.2)
      tilt
+    hashr (0.0.22)
    highline (1.6.16)
    hike (1.2.2)
    http_parser.rb (0.5.3)
@@ -159,10 +163,14 @@ GEM
    rb-fsevent (0.9.3)
    rdoc (3.12.2)
      json (~> 1.4)
-    rspec-core (2.14.4)
+    rspec (2.14.1)
+      rspec-core (~> 2.14.0)
+      rspec-expectations (~> 2.14.0)
+      rspec-mocks (~> 2.14.0)
+    rspec-core (2.14.2)
    rspec-expectations (2.14.0)
      diff-lcs (>= 1.1.3, < 2.0)
-    rspec-mocks (2.14.2)
+    rspec-mocks (2.14.1)
    rspec-rails (2.14.0)
      actionpack (>= 3.0)
      activesupport (>= 3.0)
@@ -195,6 +203,8 @@ GEM
    terminal-table (1.4.5)
    thor (0.18.1)
    tilt (1.3.7)
+    travis-lint (1.7.0)
+      hashr (~> 0.0.22)
    treetop (1.4.12)
      polyglot
      polyglot (>= 0.3.1)
@@ -221,6 +231,7 @@ DEPENDENCIES
  gauntlt
  guard-brakeman
  guard-livereload
+  guard-rspec
  guard-shell
  jquery-fileupload-rails
  jquery-rails
@@ -232,5 +243,6 @@ DEPENDENCIES
  rspec-rails
  sass-rails (~> 3.2.3)
  sqlite3
+  travis-lint
  uglifier (>= 1.0.3)
  unicorn
@@ -20,3 +20,26 @@ guard 'livereload', host: "railsgoat.dev", port: '35727' do
  # Rails Assets Pipeline
  watch(%r{(app|vendor)(/assets/\w+/(.+\.(css|js|html))).*}) { |m| "/assets/#{m[3]}" }
 end
+
+
+guard 'rspec' do
+  watch(%r{^spec/.+_spec\.rb$})
+  watch(%r{^lib/(.+)\.rb$})     { |m| "spec/lib/#{m[1]}_spec.rb" }
+  watch('spec/spec_helper.rb')  { "spec" }
+
+  # Rails example
+  watch(%r{^app/(.+)\.rb$})                           { |m| "spec/#{m[1]}_spec.rb" }
+  watch(%r{^app/(.*)(\.erb|\.haml)$})                 { |m| "spec/#{m[1]}#{m[2]}_spec.rb" }
+  watch(%r{^app/controllers/(.+)_(controller)\.rb$})  { |m| ["spec/routing/#{m[1]}_routing_spec.rb", "spec/#{m[2]}s/#{m[1]}_#{m[2]}_spec.rb", "spec/acceptance/#{m[1]}_spec.rb"] }
+  watch(%r{^spec/support/(.+)\.rb$})                  { "spec" }
+  watch('config/routes.rb')                           { "spec/routing" }
+  watch('app/controllers/application_controller.rb')  { "spec/controllers" }
+
+  # Capybara features specs
+  watch(%r{^app/views/(.+)/.*\.(erb|haml)$})          { |m| "spec/features/#{m[1]}_spec.rb" }
+
+  # Turnip features and steps
+  watch(%r{^spec/acceptance/(.+)\.feature$})
+  watch(%r{^spec/acceptance/steps/(.+)_steps\.rb$})   { |m| Dir[File.join("**/#{m[1]}.feature")][0] || 'spec/acceptance' }
+end
+
@@ -1,3 +1,24 @@
+## Getting Started ##
+#### With Ruby, Rubygems, Git, and Bundler installed ####
+
+	git clone https://github.com/OWASP/railsgoat.git
+
+	cd railsgoat
+
+	rvm use 1.9.3@railsgoat --create
+
+	bundle
+
+	rake db:create
+
+	rake db:migrate
+
+	rails s
+
+	open http://0.0.0.0:3000
+
+	Start hacking!!!
+
 ### Developer Note ###
 <p/>
 Conversion to the OWASP Top 10, 2013 is under way. 
@@ -9,6 +30,10 @@ You can view progress within the top-10-2013 branch.
 Then proceed with browsing the site as normal :thumbsup:
 <hr/>

+### Build Info ###
+
+[![Code Climate](https://codeclimate.com/github/OWASP/railsgoat.png)](https://codeclimate.com/github/OWASP/railsgoat)
+
 ### License Stuff ###

 The MIT License (MIT)
@@ -33,4 +58,4 @@ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 THE SOFTWARE.

-<hr/>
+<hr/>
@@ -18,6 +18,8 @@ class User < ActiveRecord::Base
  has_many :performance, :foreign_key => :user_id, :primary_key => :user_id, :dependent => :destroy
  
  
+  private
+  
  def full_name
    "#{self.first_name} #{self.last_name}"
  end
@@ -0,0 +1 @@
+require 'spec_helper'
@@ -0,0 +1,14 @@
+require 'spec_helper.rb'
+=begin
+describe "PaidTimeOff" do
+	user = User.new(
+	first_name: 'Tester',
+	last_name: 'MGee',
+	email: 'tester.mgee@gmail.com',
+	password: 'password',
+	password_confirmation: 'password'
+	)
+	expect(user).to be_valid
+end
+
+=end
@@ -0,0 +1,28 @@
+require 'spec_helper.rb'
+
+describe User do
+	it "can be instantiated" do
+		User.new.should be_an_instance_of(User)
+	end
+
+	it "should require a email" do
+  		User.new(:email => "").should_not be_valid
+	end
+
+	it "should require valid email" do
+		User.new(:email => "tester@gmail.com@gmail.com").should_not be_valid
+	end
+
+	it "should require unique email" do
+		user = User.all.first
+		User.new(:email => user.email).should_not be_valid
+	end
+
+	it "name can be updated" do 
+		new_name = "Bobby"
+		user = User.all.first
+		user.first_name = new_name
+		user.save!
+		User.all.first.first_name.should == new_name
+	end
+end
@@ -1,7 +1,6 @@
 # This file is copied to spec/ when you run 'rails generate rspec:install'
 ENV["RAILS_ENV"] ||= 'test'
 require File.expand_path("../../config/environment", __FILE__)
-require 'minitest/autorun'
 require 'rspec/rails'
 require 'rspec/autorun'

@@ -1,9 +1,5 @@
 require 'test_helper'

 class UsersControllerTest < ActionController::TestCase
-  test "should get new" do
-    get :new
-    assert_response :success
-  end

-end
+end
@@ -1,7 +1,2 @@
 require 'test_helper'

-class BenefitsTest < ActiveSupport::TestCase
-  # test "the truth" do
-  #   assert true
-  # end
-end