-
-
Notifications
You must be signed in to change notification settings - Fork 483
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore: ensure user attributes to be escaped in sidebar spec
- Loading branch information
Mauricio Lima
committed
Oct 22, 2021
1 parent
04349ad
commit 29b1a2a
Showing
1 changed file
with
19 additions
and
9 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -32,7 +32,10 @@ def true_user | |
end | ||
|
||
context "when logged in as a supervisor" do | ||
let(:user) { build_stubbed :supervisor } | ||
let(:user) do | ||
build_stubbed :supervisor, display_name: "Supervisor's name", | ||
email: "supervisor&[email protected]" | ||
end | ||
|
||
it "renders the correct Role name on the sidebar" do | ||
sign_in user | ||
|
@@ -63,14 +66,21 @@ def true_user | |
|
||
render partial: "layouts/sidebar" | ||
|
||
expect(rendered).to match user.display_name | ||
expect(rendered).to match user.email | ||
expect(rendered).to match CGI.escapeHTML user.display_name | ||
expect(rendered).to match CGI.escapeHTML user.email | ||
end | ||
end | ||
|
||
context "when logged in as a volunteer" do | ||
let(:organization) { build(:casa_org) } | ||
let(:user) { create(:volunteer, casa_org: organization) } | ||
|
||
let(:user) do | ||
create( | ||
:volunteer, | ||
casa_org: organization, | ||
display_name: "Volunteer's name%" | ||
) | ||
end | ||
|
||
it "renders the correct Role name on the sidebar" do | ||
sign_in user | ||
|
@@ -100,8 +110,8 @@ def true_user | |
|
||
render partial: "layouts/sidebar" | ||
|
||
expect(rendered).to match user.display_name | ||
expect(rendered).to match user.email | ||
expect(rendered).to match CGI.escapeHTML user.display_name | ||
expect(rendered).to match CGI.escapeHTML user.email | ||
end | ||
|
||
context "when the volunteer does not have a transitioning case" do | ||
|
@@ -150,7 +160,7 @@ def true_user | |
end | ||
|
||
context "when logged in as a casa admin" do | ||
let(:user) { build_stubbed :casa_admin } | ||
let(:user) { build_stubbed :casa_admin, display_name: "Superviso's another n&ame" } | ||
|
||
it "renders the correct Role name on the sidebar" do | ||
sign_in user | ||
|
@@ -183,8 +193,8 @@ def true_user | |
|
||
render partial: "layouts/sidebar" | ||
|
||
expect(rendered).to match user.display_name | ||
expect(rendered).to match user.email | ||
expect(rendered).to match CGI.escapeHTML user.display_name | ||
expect(rendered).to match CGI.escapeHTML user.email | ||
end | ||
end | ||
|
||
|