Pass locale through preliminary step (#2444)

* Pass locale through preliminary step * Add Tests to validate
pglombardo · Aug 23, 2024 · 94d81c1 · 94d81c1
1 parent 2be7408
commit 94d81c1
Show file tree

Hide file tree

Showing 8 changed files with 296 additions and 7 deletions.
diff --git a/Gemfile b/Gemfile
@@ -16,7 +16,6 @@ group :development do
   # https://blog.arkency.com/how-to-get-burned-by-16-years-old-hack-in-2024/
   gem "debase", ">= 0.2.5.beta2", platforms: %i[mri mingw x64_mingw]
 
-
   gem "pry-rails"
   gem "web-console"
 end
@@ -33,7 +32,7 @@ end
 
 group :development, :test do
   # See https://guides.rubyonrails.org/debugging_rails_applications.html#debugging-with-the-debug-gem
-  gem "debug", platforms: %i[ mri windows ], require: "debug/prelude"
+  gem "debug", platforms: %i[mri windows], require: "debug/prelude"
 
   # Static analysis for security vulnerabilities [https://brakemanscanner.org/]
   gem "brakeman", require: false

diff --git a/app/controllers/file_pushes_controller.rb b/app/controllers/file_pushes_controller.rb
@@ -219,7 +219,7 @@ def preliminary
       end
       return
     else
-      @secret_url = helpers.secret_url(@push, with_retrieval_step: false)
+      @secret_url = helpers.secret_url(@push, with_retrieval_step: false, locale: params[:locale])
     end
 
     respond_to do |format|

diff --git a/app/controllers/passwords_controller.rb b/app/controllers/passwords_controller.rb
@@ -230,7 +230,7 @@ def preliminary
       end
       return
     else
-      @secret_url = helpers.secret_url(@push, with_retrieval_step: false)
+      @secret_url = helpers.secret_url(@push, with_retrieval_step: false, locale: params[:locale])
     end
 
     respond_to do |format|

diff --git a/app/controllers/urls_controller.rb b/app/controllers/urls_controller.rb
@@ -229,7 +229,7 @@ def preliminary
       end
       return
     else
-      @secret_url = helpers.secret_url(@push, with_retrieval_step: false)
+      @secret_url = helpers.secret_url(@push, with_retrieval_step: false, locale: params[:locale])
     end
 
     respond_to do |format|

diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
@@ -22,7 +22,7 @@ def current_controller?(names)
   # @param [Password, Url, FilePush] password - The push to generate a URL for
   # @param [Boolean] with_retrieval_step - Whether to include the retrieval step in the URL
   # @return [String] - The fully qualified URL
-  def secret_url(password, with_retrieval_step: true)
+  def secret_url(password, with_retrieval_step: true, locale: nil)
     raw_url = if password.retrieval_step && with_retrieval_step
       case password
       when Password
@@ -50,9 +50,11 @@ def secret_url(password, with_retrieval_step: true)
     # Delete any existing ?locale= query parameter
     raw_url = raw_url.split("?").first
 
+    # Append the locale query parameter
     if params["push_locale"].present? && Settings.enabled_language_codes.include?(params["push_locale"])
-      # Append the locale query parameter
       raw_url += "?locale=#{params["push_locale"]}"
+    elsif locale.present? && Settings.enabled_language_codes.include?(locale)
+      raw_url += "?locale=#{locale}"
     end
 
     # Support forced https links with FORCE_SSL env var

diff --git a/test/integration/file_push/file_push_requested_locale_test.rb b/test/integration/file_push/file_push_requested_locale_test.rb
@@ -0,0 +1,112 @@
+# frozen_string_literal: true
+
+require "test_helper"
+
+class FilePushReqLocaleTest < ActionDispatch::IntegrationTest
+  include Devise::Test::IntegrationHelpers
+
+  setup do
+    Settings.enable_logins = true
+    Settings.enable_file_pushes = true
+    Rails.application.reload_routes!
+    @luca = users(:luca)
+    @luca.confirm
+    sign_in @luca
+  end
+
+  teardown do
+    sign_out :user
+  end
+
+  def test_requested_locale
+    get new_file_push_path
+    assert_response :success
+
+    post file_pushes_path, params: {
+      file_push: {
+        payload: "Message",
+        passphrase: "asdf",
+        retrieval_step: true,
+        files: [
+          fixture_file_upload("monkey.png", "image/jpeg")
+        ]
+      }
+    }
+    assert_response :redirect
+
+    # Preview page
+    follow_redirect!
+    assert_response :success
+    assert_select "h2", "Your push has been created."
+
+    # Retrieve the push with a locale
+    push_with_locale = request.url.sub("/preview", "") + "/r?locale=es"
+    get push_with_locale
+    assert_response :success
+    assert response.body.include?("<html lang=\"es\">\n")
+
+    links = assert_select("a")
+    assert_equal 1, links.count
+
+    push_with_locale = links.first.attributes["href"].value
+    get push_with_locale
+
+    # Redirected to the passphrase page
+    assert_response :redirect
+    follow_redirect!
+    assert_response :success
+    assert response.body.include?("<html lang=\"es\">\n")
+
+    # We should be on the passphrase page now
+
+    # Validate passphrase form
+    forms = css_select "form"
+    assert_select "form input", 1
+
+    # Provide the value passphrase
+    post forms.first.attributes["action"].value, params: {passphrase: "asdf"}
+    assert_response :redirect
+    follow_redirect!
+
+    # We should be on the password#show page now
+    assert_response :success
+    assert response.body.include?("<html lang=\"es\">\n")
+  end
+
+  def test_requested_locale_without_passphrase
+    get new_file_push_path
+    assert_response :success
+
+    post file_pushes_path, params: {
+      file_push: {
+        payload: "Message",
+        retrieval_step: true,
+        files: [
+          fixture_file_upload("monkey.png", "image/jpeg")
+        ]
+      }
+    }
+    assert_response :redirect
+
+    # Preview page
+    follow_redirect!
+    assert_response :success
+    assert_select "h2", "Your push has been created."
+
+    # Retrieve the push with a locale
+    push_with_locale = request.url.sub("/preview", "") + "/r?locale=es"
+    get push_with_locale
+    assert_response :success
+    assert response.body.include?("<html lang=\"es\">\n")
+
+    links = assert_select("a")
+    assert_equal 1, links.count
+
+    push_with_locale = links.first.attributes["href"].value
+    get push_with_locale
+
+    # We should be on the password#show page now
+    assert_response :success
+    assert response.body.include?("<html lang=\"es\">\n")
+  end
+end
diff --git a/test/integration/password/password_requested_locale_test.rb b/test/integration/password/password_requested_locale_test.rb
@@ -0,0 +1,80 @@
+# frozen_string_literal: true
+
+require "test_helper"
+
+class PasswordReqLocaleTest < ActionDispatch::IntegrationTest
+  def test_requested_locale
+    get new_password_path
+    assert_response :success
+
+    post passwords_path, params: {password: {payload: "testpw", passphrase: "asdf", retrieval_step: true}}
+    assert_response :redirect
+
+    # Preview page
+    follow_redirect!
+    assert_response :success
+    assert_select "h2", "Your push has been created."
+
+    # Retrieve the push with a locale
+    push_with_locale = request.url.sub("/preview", "") + "/r?locale=es"
+    get push_with_locale
+    assert_response :success
+    assert response.body.include?("<html lang=\"es\">\n")
+
+    links = assert_select("a")
+    assert_equal 1, links.count
+
+    push_with_locale = links.first.attributes["href"].value
+    get push_with_locale
+
+    # Redirected to the passphrase page
+    assert_response :redirect
+    follow_redirect!
+    assert_response :success
+    assert response.body.include?("<html lang=\"es\">\n")
+
+    # We should be on the passphrase page now
+
+    # Validate passphrase form
+    forms = css_select "form"
+    assert_select "form input", 1
+
+    # Provide the value passphrase
+    post forms.first.attributes["action"].value, params: {passphrase: "asdf"}
+    assert_response :redirect
+    follow_redirect!
+
+    # We should be on the password#show page now
+    assert_response :success
+    assert response.body.include?("<html lang=\"es\">\n")
+  end
+
+  def test_requested_locale_without_passphrase
+    get new_password_path
+    assert_response :success
+
+    post passwords_path, params: {password: {payload: "testpw", retrieval_step: true}}
+    assert_response :redirect
+
+    # Preview page
+    follow_redirect!
+    assert_response :success
+    assert_select "h2", "Your push has been created."
+
+    # Retrieve the push with a locale
+    push_with_locale = request.url.sub("/preview", "") + "/r?locale=es"
+    get push_with_locale
+    assert_response :success
+    assert response.body.include?("<html lang=\"es\">\n")
+
+    links = assert_select("a")
+    assert_equal 1, links.count
+
+    push_with_locale = links.first.attributes["href"].value
+    get push_with_locale
+
+    # We should be on the password#show page now
+    assert_response :success
+    assert response.body.include?("<html lang=\"es\">\n")
+  end
+end
diff --git a/test/integration/url/url_requested_locale_test.rb b/test/integration/url/url_requested_locale_test.rb
@@ -0,0 +1,96 @@
+# frozen_string_literal: true
+
+require "test_helper"
+
+class UrlReqLocaleTest < ActionDispatch::IntegrationTest
+  include Devise::Test::IntegrationHelpers
+
+  setup do
+    Settings.enable_logins = true
+    Settings.enable_url_pushes = true
+    Rails.application.reload_routes!
+
+    @luca = users(:luca)
+    @luca.confirm
+    sign_in @luca
+  end
+
+  teardown do
+    sign_out @luca
+  end
+
+  def test_requested_locale
+    get new_url_path
+    assert_response :success
+
+    post urls_path, params: {url: {payload: "https://the0x00.dev", passphrase: "asdf", retrieval_step: true}}
+    assert_response :redirect
+
+    # Preview page
+    follow_redirect!
+    assert_response :success
+    assert_select "h2", "Your push has been created."
+
+    # Retrieve the push with a locale
+    push_with_locale = request.url.sub("/preview", "") + "/r?locale=es"
+    get push_with_locale
+    assert_response :success
+    assert response.body.include?("<html lang=\"es\">\n")
+
+    links = assert_select("a")
+    assert_equal 1, links.count
+
+    push_with_locale = links.first.attributes["href"].value
+    get push_with_locale
+
+    # Redirected to the passphrase page
+    assert_response :redirect
+    follow_redirect!
+    assert_response :success
+    assert response.body.include?("<html lang=\"es\">\n")
+
+    # We should be on the passphrase page now
+
+    # Validate passphrase form
+    forms = css_select "form"
+    assert_select "form input", 1
+
+    # Provide the value passphrase
+    post forms.first.attributes["action"].value, params: {passphrase: "asdf"}
+    assert_response :redirect
+    follow_redirect!
+
+    # We should be then redirected to URL
+    assert_response :redirect
+    assert_equal "https://the0x00.dev", response.headers["Location"]
+  end
+
+  def test_requested_locale_without_passphrase
+    get new_url_path
+    assert_response :success
+
+    post urls_path, params: {url: {payload: "https://the0x00.dev", retrieval_step: true}}
+    assert_response :redirect
+
+    # Preview page
+    follow_redirect!
+    assert_response :success
+    assert_select "h2", "Your push has been created."
+
+    # Retrieve the push with a locale
+    push_with_locale = request.url.sub("/preview", "") + "/r?locale=es"
+    get push_with_locale
+    assert_response :success
+    assert response.body.include?("<html lang=\"es\">\n")
+
+    links = assert_select("a")
+    assert_equal 1, links.count
+
+    push_with_locale = links.first.attributes["href"].value
+    get push_with_locale
+
+    # We should be then redirected to URL
+    assert_response :redirect
+    assert_equal "https://the0x00.dev", response.headers["Location"]
+  end
+end
-Original file line number
+Diff line change
@@ Expand Up / @@ -219,7 +219,7 @@ def preliminary @@
           end
           return
         else
-          @secret_url = helpers.secret_url(@push, with_retrieval_step: false)
+          @secret_url = helpers.secret_url(@push, with_retrieval_step: false, locale: params[:locale])
         end
         respond_to do |format|
@@ Expand Down @@