Skip to content

Commit 82a9346

Browse files
jlledomclaude
andcommitted
Add new test suit for CSP loader
Co-Authored-By: Claude <noreply@anthropic.com>
1 parent d793136 commit 82a9346

File tree

1 file changed

+135
-0
lines changed

1 file changed

+135
-0
lines changed
Lines changed: 135 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,135 @@
1+
require 'test_helper'
2+
3+
class ThreeScale::ContentSecurityPolicyTest < ActiveSupport::TestCase
4+
test 'config returns Rails configuration for CSP' do
5+
config = ThreeScale::ContentSecurityPolicy.config
6+
7+
assert_not_nil config
8+
assert_kind_of ActiveSupport::OrderedOptions, config
9+
end
10+
11+
test 'enabled? returns false in test environment' do
12+
assert_equal false, ThreeScale::ContentSecurityPolicy.enabled?
13+
end
14+
15+
test 'policy_config returns hash of CSP directives from YAML' do
16+
policy_hash = ThreeScale::ContentSecurityPolicy.policy_config
17+
18+
assert_kind_of Hash, policy_hash
19+
assert policy_hash.present?
20+
21+
# Verify it contains expected directives
22+
assert policy_hash.key?(:default_src)
23+
assert policy_hash.key?(:script_src)
24+
assert policy_hash.key?(:frame_ancestors)
25+
end
26+
27+
test 'report_only? returns false from YAML config' do
28+
assert_equal false, ThreeScale::ContentSecurityPolicy.report_only?
29+
end
30+
31+
test 'report_uri returns nil from YAML config' do
32+
assert_nil ThreeScale::ContentSecurityPolicy.report_uri
33+
end
34+
35+
test 'nonce_enabled? returns true from YAML config' do
36+
assert_equal true, ThreeScale::ContentSecurityPolicy.nonce_enabled?
37+
end
38+
39+
test 'nonce_directives returns array from YAML config' do
40+
directives = ThreeScale::ContentSecurityPolicy.nonce_directives
41+
42+
assert_kind_of Array, directives
43+
assert_includes directives, 'script-src'
44+
assert_includes directives, 'style-src'
45+
end
46+
47+
test 'policy_config returns empty hash when config.policy is nil' do
48+
ThreeScale::ContentSecurityPolicy.config.stub :policy, nil do
49+
policy_hash = ThreeScale::ContentSecurityPolicy.policy_config
50+
51+
assert_equal({}, policy_hash)
52+
end
53+
end
54+
end
55+
56+
class ThreeScale::ContentSecurityPolicyWithoutYAMLTest < ActiveSupport::TestCase
57+
test 'enabled? returns false when config is missing' do
58+
empty_config = ActiveSupport::OrderedOptions.new
59+
60+
ThreeScale::ContentSecurityPolicy.stub :config, empty_config do
61+
assert_equal false, ThreeScale::ContentSecurityPolicy.enabled?
62+
end
63+
end
64+
65+
test 'policy_config returns empty hash when config is missing' do
66+
empty_config = ActiveSupport::OrderedOptions.new
67+
68+
ThreeScale::ContentSecurityPolicy.stub :config, empty_config do
69+
policy_hash = ThreeScale::ContentSecurityPolicy.policy_config
70+
71+
assert_equal({}, policy_hash)
72+
end
73+
end
74+
75+
test 'report_only? returns false when config is missing' do
76+
empty_config = ActiveSupport::OrderedOptions.new
77+
78+
ThreeScale::ContentSecurityPolicy.stub :config, empty_config do
79+
assert_equal false, ThreeScale::ContentSecurityPolicy.report_only?
80+
end
81+
end
82+
83+
test 'report_uri returns nil when config is missing' do
84+
empty_config = ActiveSupport::OrderedOptions.new
85+
86+
ThreeScale::ContentSecurityPolicy.stub :config, empty_config do
87+
assert_nil ThreeScale::ContentSecurityPolicy.report_uri
88+
end
89+
end
90+
91+
test 'nonce_enabled? returns false when config is missing' do
92+
empty_config = ActiveSupport::OrderedOptions.new
93+
94+
ThreeScale::ContentSecurityPolicy.stub :config, empty_config do
95+
assert_equal false, ThreeScale::ContentSecurityPolicy.nonce_enabled?
96+
end
97+
end
98+
99+
test 'nonce_directives returns empty array when config is missing' do
100+
empty_config = ActiveSupport::OrderedOptions.new
101+
102+
ThreeScale::ContentSecurityPolicy.stub :config, empty_config do
103+
directives = ThreeScale::ContentSecurityPolicy.nonce_directives
104+
105+
assert_equal [], directives
106+
end
107+
end
108+
109+
test 'enabled? handles nil config values gracefully' do
110+
config = ActiveSupport::OrderedOptions.new
111+
config.enabled = nil
112+
113+
ThreeScale::ContentSecurityPolicy.stub :config, config do
114+
assert_equal false, ThreeScale::ContentSecurityPolicy.enabled?
115+
end
116+
end
117+
118+
test 'nonce_enabled? handles nil config values gracefully' do
119+
config = ActiveSupport::OrderedOptions.new
120+
config.nonce_generator = nil
121+
122+
ThreeScale::ContentSecurityPolicy.stub :config, config do
123+
assert_equal false, ThreeScale::ContentSecurityPolicy.nonce_enabled?
124+
end
125+
end
126+
127+
test 'report_only? handles nil config values gracefully' do
128+
config = ActiveSupport::OrderedOptions.new
129+
config.report_only = nil
130+
131+
ThreeScale::ContentSecurityPolicy.stub :config, config do
132+
assert_equal false, ThreeScale::ContentSecurityPolicy.report_only?
133+
end
134+
end
135+
end

0 commit comments

Comments
 (0)