Commit f18abc0982fb52a0f54589a2408555d6211662b5
Exists in
production
Merge branch 'master' into production
Showing
12 changed files
with
41 additions
and
73 deletions
Show diff stats
app/controllers/my_profile/profile_roles_controller.rb
1 | 1 | class ProfileRolesController < MyProfileController |
2 | 2 | |
3 | 3 | protect 'manage_custom_roles', :profile |
4 | + before_filter :ensure_organization | |
4 | 5 | |
5 | 6 | def index |
6 | 7 | @roles = profile.custom_roles |
... | ... | @@ -113,4 +114,8 @@ class ProfileRolesController < MyProfileController |
113 | 114 | end |
114 | 115 | end |
115 | 116 | |
117 | + def ensure_organization | |
118 | + render_not_found unless profile.organization? | |
119 | + end | |
120 | + | |
116 | 121 | end | ... | ... |
features/step_definitions/web_steps.rb
... | ... | @@ -315,3 +315,8 @@ When /^(?:|I )follow exact "([^"]*)"(?: within "([^"]*)")?$/ do |link, selector| |
315 | 315 | find("a", :text => /\A#{link}\z/).click |
316 | 316 | end |
317 | 317 | end |
318 | + | |
319 | +When /^(?:|I )wait ([^ ]+) seconds?(?:| .+)$/ do |seconds| | |
320 | + sleep seconds.to_f | |
321 | +end | |
322 | + | ... | ... |
features/template_block_management.feature
... | ... | @@ -1,64 +0,0 @@ |
1 | -Feature: user template | |
2 | - As an user | |
3 | - I want to create templates with mirror blocks | |
4 | - In order to keep these blocks always updated | |
5 | - | |
6 | - Background: | |
7 | - Given the following users | |
8 | - | login | name | is_template | | |
9 | - | person | person | true | | |
10 | - And the following blocks | |
11 | - | owner | type | mirror | | |
12 | - | person | ArticleBlock | true | | |
13 | - | person | RawHTMLBlock | false | | |
14 | - And I go to /account/signup | |
15 | - And I fill in "Username" with "mario" | |
16 | - And I fill in "Password" with "123456" | |
17 | - And I fill in "Password confirmation" with "123456" | |
18 | - And I fill in "e-Mail" with "mario@mario.com" | |
19 | - And I fill in "Full name" with "Mario" | |
20 | - And wait for the captcha signup time | |
21 | - And I press "Create my account" | |
22 | - And I am logged in as admin | |
23 | - | |
24 | - @selenium | |
25 | - Scenario: The block Article name is changed | |
26 | - Given I am on person's control panel | |
27 | - And I follow "Edit sideboxes" | |
28 | - And display ".button-bar" | |
29 | - And I follow "Edit" within ".block-outer .article-block" | |
30 | - And I fill in "Custom title for this block:" with "Mirror" | |
31 | - And I press "Save" | |
32 | - And I go to /profile/mario | |
33 | - Then I should see "Mirror" | |
34 | - | |
35 | - @selenium | |
36 | - Scenario: The block LinkList is changed but the user's block doesnt change | |
37 | - Given I am on person's control panel | |
38 | - And I follow "Edit sideboxes" | |
39 | - And display ".button-bar" | |
40 | - And I follow "Edit" within ".block-outer .raw-html-block" | |
41 | - And I fill in "Custom title for this block:" with "Raw HTML Block" | |
42 | - And I press "Save" | |
43 | - And I go to /profile/mario | |
44 | - Then I should not see "Raw HTML Block" | |
45 | - | |
46 | - @selenium | |
47 | - Scenario: The block Article cannot move or modify | |
48 | - Given I am on person's control panel | |
49 | - And I follow "Edit sideboxes" | |
50 | - And display ".button-bar" | |
51 | - And I follow "Edit" within ".block-outer .article-block" | |
52 | - And I select "Cannot be moved" from "Move options:" | |
53 | - And I select "Cannot be modified" from "Edit options:" | |
54 | - And I press "Save" | |
55 | - And I follow "Logout" | |
56 | - And Mario's account is activated | |
57 | - And I follow "Login" | |
58 | - And I fill in "Username / Email" with "mario" | |
59 | - And I fill in "Password" with "123456" | |
60 | - And I press "Log in" | |
61 | - And I go to /myprofile/mario | |
62 | - And I follow "Edit sideboxes" | |
63 | - And display ".button-bar" | |
64 | - Then I should not see "Edit" within ".block-outer .article-block" |
lib/tasks/gettext.rake
... | ... | @@ -107,7 +107,7 @@ file 'tmp/makemo.stamp' do |t| |
107 | 107 | end |
108 | 108 | |
109 | 109 | task :updatepo => 'gettext:po:update' do |
110 | - Dir.glob('**/*.po').each do |po| | |
110 | + Dir.glob('{po,plugins}/**/*.po').each do |po| | |
111 | 111 | sh "cp #{po} #{po}.tmp && msguniq -o #{po} #{po}.tmp && rm -f #{po}.tmp" |
112 | 112 | end |
113 | 113 | end | ... | ... |
lib/tasks/selenium.rake
plugins/people_block/lib/ext/person.rb
plugins/people_block/test/unit/members_block_test.rb
... | ... | @@ -240,6 +240,10 @@ class MembersBlockTest < ActionView::TestCase |
240 | 240 | |
241 | 241 | assert_includes profiles, profile1 |
242 | 242 | assert_not_includes profiles, profile2 |
243 | + | |
244 | + profile_list = block.profile_list | |
245 | + assert_includes profile_list, profile1 | |
246 | + assert_not_includes profile_list, profile2 | |
243 | 247 | end |
244 | 248 | |
245 | 249 | should 'list only profiles with member role' do |
... | ... | @@ -261,6 +265,10 @@ class MembersBlockTest < ActionView::TestCase |
261 | 265 | |
262 | 266 | assert_not_includes profiles, profile1 |
263 | 267 | assert_includes profiles, profile2 |
268 | + | |
269 | + profile_list = block.profile_list | |
270 | + assert_not_includes profile_list, profile1 | |
271 | + assert_includes profile_list, profile2 | |
264 | 272 | end |
265 | 273 | |
266 | 274 | should 'list available roles' do | ... | ... |
plugins/shopping_cart/features/delivery_admin.feature
... | ... | @@ -62,7 +62,7 @@ Feature: delivery administration |
62 | 62 | Then I should see "Bike" |
63 | 63 | And I follow "Remove" within ".delivery-method" |
64 | 64 | When I confirm the browser dialog |
65 | - Then I should see "Bike" | |
65 | + Then I should not see "Bike" | |
66 | 66 | |
67 | 67 | @selenium |
68 | 68 | Scenario: edit delivery | ... | ... |
plugins/shopping_cart/features/delivery_client.feature
... | ... | @@ -35,9 +35,10 @@ Feature: delivery client |
35 | 35 | Given I follow "Add to basket" |
36 | 36 | And I follow "Add to basket" |
37 | 37 | And I should see "Show basket" |
38 | - And I follow "Show basket" | |
38 | + And I follow "Show " | |
39 | + And I wait 1 second for animations | |
39 | 40 | And I follow "Shopping checkout" |
40 | - And I fill in "order_consumer_data_contact_phone" with "123456789" | |
41 | + And I fill in "Contact phone" with "123456789" | |
41 | 42 | When I select "Bike ($8.00)" from "Option" |
42 | 43 | Then I should see "My good old bike." within ".instructions" |
43 | 44 | And I should see "Address" |
... | ... | @@ -50,8 +51,9 @@ Feature: delivery client |
50 | 51 | And I follow "Add to basket" |
51 | 52 | And I should see "Show basket" |
52 | 53 | And I follow "Show basket" |
54 | + And I wait 1 second for animations | |
53 | 55 | And I follow "Shopping checkout" |
54 | - And I fill in "order_consumer_data_contact_phone" with "123456789" | |
56 | + And I fill in "Contact phone" with "123456789" | |
55 | 57 | When I select "Bar" from "Option" |
56 | 58 | Then I should see "Come to my bar and drink it!" within ".instructions" |
57 | 59 | And I should not see "Address" |
... | ... | @@ -68,8 +70,9 @@ Feature: delivery client |
68 | 70 | And I follow "Add to basket" |
69 | 71 | And I should see "Show basket" |
70 | 72 | And I follow "Show basket" |
73 | + And I wait 1 second for animations | |
71 | 74 | And I follow "Shopping checkout" |
72 | - And I fill in "order_consumer_data_contact_phone" with "123456789" | |
75 | + And I fill in "Contact phone" with "123456789" | |
73 | 76 | When I select "Bike ($8.00)" from "Option" |
74 | 77 | Then I should see "My good old bike." within ".instructions" |
75 | 78 | And I should see "Address" | ... | ... |
plugins/shopping_cart/features/purchases.feature
... | ... | @@ -121,11 +121,14 @@ Feature: purchases |
121 | 121 | | pickup | Bar | Come to my bar and drink it! | 0.00 | 0.00 | |
122 | 122 | And I am on moes-tavern's products page |
123 | 123 | And I follow "Add to basket" |
124 | + And I wait 0.2 seconds to finish the request | |
124 | 125 | And I follow "Add to basket" |
126 | + And I wait 0.2 seconds to finish the request | |
125 | 127 | And I follow "Add to basket" |
126 | 128 | And I follow "Show basket" |
129 | + And I wait 1 second for animations | |
127 | 130 | And I follow "Shopping checkout" |
128 | - And I fill in "order_consumer_data_contact_phone" with "123456789" | |
131 | + And I fill in "Contact phone" with "123456789" | |
129 | 132 | And I select "Bike ($8.00)" from "Option" |
130 | 133 | And I press "Send buy request" |
131 | 134 | And I go to homer's control panel | ... | ... |
plugins/spaminator/test/unit/spaminator_plugin/report_test.rb
... | ... | @@ -21,7 +21,6 @@ class SpaminatorPlugin::ReportTest < ActiveSupport::TestCase |
21 | 21 | |
22 | 22 | reports = SpaminatorPlugin::Report.from_environment(environment) |
23 | 23 | |
24 | - assert_equal ActiveRecord::Relation, reports.class | |
25 | 24 | assert_includes reports, r1 |
26 | 25 | assert_includes reports, r2 |
27 | 26 | assert_includes reports, r3 | ... | ... |
test/functional/profile_roles_controller_test.rb
... | ... | @@ -103,4 +103,12 @@ class ProfileRolesControllerTest < ActionController::TestCase |
103 | 103 | assert_not_includes community.members_by_role(role), moderator |
104 | 104 | assert_not_includes community.members_by_role(moderator_role), moderator |
105 | 105 | end |
106 | + | |
107 | + should 'avoid access with person profile' do | |
108 | + person = create_user('sample_user').person | |
109 | + login_as person.identifier | |
110 | + get :index , :profile => person.identifier | |
111 | + | |
112 | + assert_response 404 | |
113 | + end | |
106 | 114 | end | ... | ... |