I am trying to pass a mocked domain instance called event to the controllers' show() method, but show() cannot find the Event in question and thus returns null.
Note that the following snippet is still work in progress.
def "trying to show an event containing malicous code"() {开发者_如何学JAVA
given: "An event named with malicous code"
mockDomain(Event)
def event = Mock(Event)
event.title >> "<script type=\"text/javascript\">alert(\"XSS\");</script>"
event.id >> 1
// Do I have to actually create a full-blown event considering all
// constraints here?
when: "I try to show that event"
controller.params.id = 1
def result = controller.show()
then: "The resulting title will be encoded HTML"
result.eventInstance.title == event.title.encodeAsHTML()
}
This is the beginning of the controllers' show() method:
def show = {
def eventInstance = Event.get(params.id)
// The event exists
if (eventInstance) {
// some processing here
return [eventInstance: eventInstance, isSubscribed: sub ? true:false, sidebar: 'sidebar']
}
- Is there a simple solution or will I have to actually create a full-blown event taking care of all constraints?
- If I have to create a full event, where would I place the according method? (We're using a createEvent() method in BootStrap.groovy at the moment for initial setup, thus it wouldn't be DRY to repeat the function here).
Try mocking the Event object in the following way:
def event = new Event()
event.title = "<script type=\"text/javascript\">alert(\"XSS\");</script>"
event.id = 1 // optional
mockDomain Event, [event]
Unless you add an instance of event to the mockDomain call, you won't be able to retrieve it with get
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论