Move statusmessage create view out to partial
This commit is contained in:
Raphael Sofaer
parent
8ab54076f8
commit
da12954d22
3 changed files with 32 additions and 20 deletions
|
|
@ -42,20 +42,7 @@ class StatusMessagesController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
respond_to do |format|
|
respond_to do |format|
|
||||||
format.js { render :json => {:post_id => @status_message.id,
|
format.js { render :create, :status => 201}
|
||||||
:html => render_to_string(
|
|
||||||
:partial => 'shared/stream_element',
|
|
||||||
:locals => {
|
|
||||||
:post => @status_message,
|
|
||||||
:person => @status_message.person,
|
|
||||||
:photos => @status_message.photos,
|
|
||||||
:comments => [],
|
|
||||||
:all_aspects => current_user.aspects,
|
|
||||||
:current_user => current_user
|
|
||||||
}
|
|
||||||
)
|
|
||||||
},
|
|
||||||
:status => 201 }
|
|
||||||
format.html { redirect_to :back}
|
format.html { redirect_to :back}
|
||||||
format.mobile{ redirect_to :back}
|
format.mobile{ redirect_to :back}
|
||||||
end
|
end
|
||||||
|
|
|
||||||
11
app/views/status_messages/create.js.erb
Normal file
11
app/views/status_messages/create.js.erb
Normal file
|
|
@ -0,0 +1,11 @@
|
||||||
|
<%= {:html => render(
|
||||||
|
:partial => 'shared/stream_element',
|
||||||
|
:locals => {
|
||||||
|
:post => @status_message,
|
||||||
|
:person => @status_message.person,
|
||||||
|
:photos => @status_message.photos,
|
||||||
|
:comments => [],
|
||||||
|
:all_aspects => current_user.aspects
|
||||||
|
}
|
||||||
|
),
|
||||||
|
:post_id => @status_message.id}.to_json.html_safe%>
|
||||||
|
|
@ -59,10 +59,24 @@ describe StatusMessagesController do
|
||||||
},
|
},
|
||||||
:aspect_ids => [@aspect1.id.to_s] }
|
:aspect_ids => [@aspect1.id.to_s] }
|
||||||
}
|
}
|
||||||
it 'responds to js requests' do
|
context 'js requests' do
|
||||||
|
it 'responds' do
|
||||||
post :create, status_message_hash.merge(:format => 'js')
|
post :create, status_message_hash.merge(:format => 'js')
|
||||||
response.status.should == 201
|
response.status.should == 201
|
||||||
end
|
end
|
||||||
|
it 'responds with json' do
|
||||||
|
post :create, status_message_hash.merge(:format => 'js')
|
||||||
|
json = JSON.parse(response.body)
|
||||||
|
json['post_id'].should_not be_nil
|
||||||
|
json['html'].should_not be_nil
|
||||||
|
end
|
||||||
|
it 'escapes XSS' do
|
||||||
|
xss = "<script> alert('hi browser') </script>"
|
||||||
|
post :create, status_message_hash.merge(:format => 'js', :message => xss)
|
||||||
|
json = JSON.parse(response.body)
|
||||||
|
json['html'].should_not =~ /<script>/
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
it "dispatches the post to the specified services" do
|
it "dispatches the post to the specified services" do
|
||||||
s1 = Services::Facebook.new
|
s1 = Services::Facebook.new
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue