Cucumber, Webrat or RSpec testing file uploading - ruby-on-rails

Background:
I need to perform file uploading. I am currently using Uploadify to push files directly to s3 (but would be happy to use plupload). The files that i am working with are large, and i need to show a progress bar. Everything works fine
Issue / Question: How do I set up a test (cucumber) for this?
Uploadify and Plupload both rely on flash (or silverliht) runtime to interact directly with s3. I am unaware of a way for cucumber or webrat to be able to interact with the flash (or silverlight) to click the "browse" button and select a file.
Has anyone found a solution that they are happy with?
Thanks!

Plupload is still based on an HTML form, which you can see if you turn off javascript and load your uploader page.
Then it's simply a matter of using webrat's 'click_button' in cucumber steps using a file fixture as the input to the file field.
Being brutal about it, this is possibly an example of a trusted externality. Ask yourself "do I trust Uploadify"? In the case that you answer yes, you omit actual upload tests for it and just assert that the form field elements you expect to see are present on the page, and then assuming a mocked response of success/fail that your application does the right thing.

Related

Remove unused files from ActiveStorage+DirectUpload

Consider the following example:
I have a form that includes a multiple files input;
The input file uses ActiveStorage and DirectUpload to upload files automatically as soon as they are included;
After adding some files they are uploaded automatically;
I never click the submit button so those files are never used nor accessible anywhere;
Does Rails support some built-in mechanism for removing these files or is something we have to implement ourselves?
Seems rather trivial to perform a DoS by continuously uploading files until something breaks.
Update 1
Forgot to mention that the example I'm following uses a 3rd party library (Dropzone in this case) and follow the example from the official documentation.
According to the documentation after a file upload we inject a hidden input field with the id of the uploaded blob.
I think the answer of Chiperific is good, since DirectUpload is executed in the submit there is little time for the requests to fail.
I mention requests because as far as i understand it, the process is like this:
The user selects a file from his computer and fills the rest form.
DirectUpload uploads the file to the storage.
The backend receives the body and updates the attachment and either creates or updates a model.
So, what happens if the file upload is successful but model validation is not? you would end up with a file in the storage without his corresponding model or with dirty one.
More information here: https://github.com/rails/rails/issues/31985
The answer then is no, rails does not have a mechanism of removing this files automatically. I guess you could check if the model creation/update was successful and remove the file manually if not.
I think your premise is incorrect.
The input file uses ActiveStorage and DirectUpload to upload files automatically as soon as they are included;
According to the docs:
Active Storage, with its included JavaScript library, supports uploading directly from the client to the cloud.
and
That's it! Uploads begin upon form submission.
So the point of Direct Storage seems to be to bypass some Rails ActiveStorage things and go straight to the service. BUT, it still doesn't happen until the form is submitted.
The example on the non-edge docs shows the user clicking "Submit" before the files are actually uploaded.

Is it possible to test file download in Poltergiest without using selenium or chrome driver

I am using Poltergiest driver to do headless Browser to test my rails application with capybara Rspec. Everything is working fine.
But I am unable to figure out what is the default download directory, if I download file using poltergeist Or how to verify whether a file download happened or not on a button(link) click.
The rails app I am testing has a button which on clicked initiates a file download. I want to test file-1-time-stamped.pdf is downloaded.
so far I have tried
I tried this answer https://stackoverflow.com/a/16217485/3000299
page.response_headers['Content-Disposition'].should include("filename=\"file.zip\"")
using the above approach is not feasible because the file name is dynamic (file name contains time stamp which is done on server side).
I found an issue logged to Poltergiest which was closed with a suggestion to ask the question over here https://github.com/teampoltergeist/poltergeist/issues/485
is there a way to access the most recently downloaded file?
Any suggests or help would be great.
The latest released PhantomJS doesn't support downloading files, so you are limited to the method, you linked to, of checking response_headers. You mention that it isn't feasible because the filename has a timestamp in it, but as long as you're not trying to verify the exact value of the timestamp portion of it you can use the match matcher with a regex. Something like
page.response_headers['Content-Disposition'].should match(/filename="file-\d+\.pdf"/)
should match filenames like file-1234.pdf

Embed PDF in a website, allow user to modify editable fields in PDF, and save back to the server

I am writing a Program in Rub On Rails 4.x and I have to take PDF files with defined fields that can be filled out, fill in data from a form submission(This part is DONE!), and lastly allow the user to modify the saved PDF file on the server and overwrite said PDF after making their modifications.
Like I said I have already gotten the PDF files filled out with what has been submitted in the form through pdftk . What I now need to do is provide a server side editing capability to the said PDF files on server generated from the first step of the process.
I have seen similar posts but none wanting to do the same thing I do. If I am wrong links would be great. Thanks in advance for all your help!
After lots of digging and research here is what I have found to be the facts surrounding this issue and implementing a program to allow embedding the PDF file, editing it, and saving it back to the server. This process would be great however from what I can tell there is nothing out there that really does this for Ruby On Rails. To quote #Nick Veys
Seems like you need to find a Javascript PDF editor you can load your PDF into, allow the user to modify it, and ultimately submit it back to the server. Seems like they exist, here's one for ASP projects
You are correct but still wrong in the sense that yes there is one for ASP projects however that is Microsoft Based, yes I know that it can run on Linux environments through Mono. However to the point it would appear in this instance that a Ruby On Rails specific solution is indeed needed.
The solution that we have come up with is as follows
1. Use a PDF editing package in the linux repositories like PDFtk
2. You then render a page with the PDF embeded on one side and a form representing the live fields in the PDF to take input.
3. Once submitted you use PDFtk to write the values into a new template PDF file and overwrite what was previously stored.
This requires a few additional steps to process the data than I really care for myself. However it is the best solution that our team could come up with, without bleeding the project budget dry for just 1 piece of functionality.
I hope this helps anyone else looking to do the same thing in Ruby On Rails.
I have done something like this using my company's .NET product. It can also be done using its Java version too.
http://www.gnostice.com/nl_article.asp?id=255&t=Save_Form_Submit_Data_Back_To_Original_PDF_Document_In_NET

Security issue using Rails, CKEditor, and Roxy fileman

I've been using Ckeditor in my Rails app for a while now, but recently I needed to add the capability to upload html5 videos as well. I added a plugin to CKEditor to utilize the html5 'video' tag, but the generic 'browse server' functionality in CKEditor won't let me upload an mp4 (it just shows the filename as a # sign.)
my solution was to add the Roxy fileman to handle the uploads, and it work great, except there's no security at all in it by default (if the fileman is in a public folder, which is the only way i can see to do it in Rails.)
The only thing Roxy offers is a checkAccess script that gets run before each PHP script gets run, but there's no way for that script to know if the user is logged in or not.
I was thinking I could use x-sendfile to have rails check the permissions, but that seems like using a sledgehammer to hang a picture frame (and it might not even be the right way to do things here.) To me, there should be a simple answer.
Any ideas?

Is there a clever way to pass a yml locale file to my client for translation?

I have finished a rails project using i18n and now I need to pass all the text in the website to our client so that he can translate them and we can include additional locales to our app.
The problem is our client is not a geek and if we give them the actual YAML file, they will use MS Word to edit it and we'll lose all the proper markup in the process ("\n" for new lines, one line text, etc...).
How would you handle this process?
Is there a better way than giving the client a .doc file and then loosing a day to clean the text afterwards and manually converting it back to YAML?
Thanks in advance,
Augusto
This is exactly what Locale was created for : you upload your YAML files, your client/translator edits the content and you sync YAML back down. You don't email files and you don't have to deal with crappy file formats - check it out!
Full disclosure : I co-founded and develop Locale.
This sounds like a one-off thing where I you do the translation once and then be done with it.
What we do in these cases (we usually work with a Translator for these kinds of things) is that we export all the keys in the YAML to Excel and send them that.
Once we get it back we usually task a intern with fixing up the yaml (after it's been translated back into YAML - we do this manually at the moment but a little script should be easy to implement)
Other solutions could be (if you do this a lot) that you include the translations into your app and enable through some JavaScript and maybe something similar to Aloha Editor the user to simply click on texts and translate them in the app. But that's a bit excessive and only makes sense if there are really a lot of translations to be done and you want to crowdsource them (Facebook did this back in the day)

Resources