X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=t%2F54taint.t;h=d6e35357ede8a222bdfacd1d8094fb121085fbde;hb=a8de639b29afc6645820ba346b47d53117dbbe7e;hp=69f69efa4d259cd884ee1d8e9b642cc9073ae58e;hpb=3fe04f740f70bc788e454cbe31775e30dce40397;p=dbsrgits%2FDBIx-Class.git

diff --git a/t/54taint.t b/t/54taint.t
index 69f69ef..d6e3535 100644
--- a/t/54taint.t
+++ b/t/54taint.t
@@ -1,33 +1,75 @@
-#!perl -T
+#!/usr/bin/env perl -T
 
 # the above line forces Test::Harness into taint-mode
+# DO NOT REMOVE
 
 use strict;
 use warnings;
 
-our @plan;
+# When in taint mode, PERL5LIB is ignored (but *not* unset)
+# Put it back in INC so that local-lib users can actually
+# run this test. Use lib.pm instead of an @INC unshift as
+# it will correctly add any arch subdirs encountered
+use Config;
 
-BEGIN {
-  eval "require Module::Find;";
-  @plan = $@ ? ( skip_all => 'Could not load Module::Find' )
-    : ( tests => 2 );
-}
+use lib (
+  grep { length }
+    map { split /\Q$Config{path_sep}\E/, (/^(.*)$/)[0] }  # untainting regex
+      grep { defined }
+        @ENV{qw(PERL5LIB PERLLIB)}  # precedence preserved by lib
+);
+
+# We need to specify 'lib' here as well because even if it was already in
+# @INC, the above will have put our local::lib in front of it, so now an
+# installed DBIx::Class will take precedence over the one we're trying to test.
+# In some cases, prove will have supplied ./lib as an absolute path so it
+# doesn't seem worth trying to remove the second copy since it won't hurt
+# anything.
+use lib qw(t/lib lib);
+
+use Test::More;
+use Test::Exception;
+use DBICTest;
 
-package DBICTest::Plain;
+throws_ok (
+  sub { $ENV{PATH} . (kill (0)) },
+  qr/Insecure dependency in kill/,
+  'taint mode active'
+);
 
-# Use the Plain test class namespace to avoid the need for a
-# new test infrastructure. If invalid classes will be introduced to
-# 't/lib/DBICTest/Plain/' someday, this has to be reworked.
+{
+  package DBICTest::Taint::Classes;
 
-use lib qw(t/lib);
+  use Test::More;
+  use Test::Exception;
 
-use Test::More @plan;
+  use base qw/DBIx::Class::Schema/;
 
-use base qw/DBIx::Class::Schema/;
+  lives_ok (sub {
+    __PACKAGE__->load_classes(qw/Manual/);
+    ok( __PACKAGE__->source('Manual'), 'The Classes::Manual source has been registered' );
+    __PACKAGE__->_unregister_source (qw/Manual/);
+  }, 'Loading classes with explicit load_classes worked in taint mode' );
+
+  lives_ok (sub {
+    __PACKAGE__->load_classes();
+    ok( __PACKAGE__->source('Auto'), 'The Classes::Auto source has been registered' );
+      ok( __PACKAGE__->source('Auto'), 'The Classes::Manual source has been re-registered' );
+  }, 'Loading classes with Module::Find/load_classes worked in taint mode' );
+}
 
-eval{ __PACKAGE__->load_classes() };
-cmp_ok( $@, 'eq', '',
-        'Loading classes with Module::Find worked in taint mode' );
-ok( __PACKAGE__->source('Test'), 'The Plain::Test source has been registered' );
+{
+  package DBICTest::Taint::Namespaces;
+
+  use Test::More;
+  use Test::Exception;
+
+  use base qw/DBIx::Class::Schema/;
+
+  lives_ok (sub {
+    __PACKAGE__->load_namespaces();
+    ok( __PACKAGE__->source('Test'), 'The Namespaces::Test source has been registered' );
+  }, 'Loading classes with Module::Find/load_namespaces worked in taint mode' );
+}
 
-1;
+done_testing;