Merge branch 'not_destroy_user_with_moderate_task' into stable

Victor Costa
2 parents a43eb635 e8e5c33a
Showing 9 changed files with 153 additions and 15 deletions Show diff stats
app/models/article.rb
app/models/person.rb
app/models/user.rb
lib/user_activation_job.rb
po/pt/noosfero.po
test/unit/article_test.rb
test/unit/person_test.rb
test/unit/user_activation_job_test.rb
test/unit/user_test.rb
@@ -497,15 +497,16 @@ class Article &lt; ActiveRecord::Base
   scope :more_recent, :order => "created_at DESC"
  
   scope :display_filter, lambda {|user, profile|
-    user.nil? ? 
-    {:conditions => ['articles.published = ?', true]} :  
-    {:conditions => ["  articles.published = ? OR
-                        articles.last_changed_by_id = ? OR
-                        articles.profile_id = ? OR
-                        ? OR  articles.show_to_followers = ? AND ? ",
-                        true, user.id, user.id, user.has_permission?(:view_private_content, profile),
-                        true, user.follows?(profile)]
-    }
+    return published if (user.nil? && profile && profile.public?)
+    return [] if user.nil? || (profile && !profile.public? && !user.follows?(profile))
+    where(
+      [
+       "published = ? OR last_changed_by_id = ? OR profile_id = ? OR ? 
+        OR  (show_to_followers = ? AND ?)", true, user.id, user.id, 
+        profile.nil? ?  false : user.has_permission?(:view_private_content, profile),
+        true, user.follows?(profile)
+      ] 
+    )
   }
  
  
@@ -435,6 +435,7 @@ roles] }
   end
  
   def follows?(profile)
+    return false if profile.nil?
     profile.followed_by?(self)
   end
  
@@ -159,6 +159,7 @@ class User &lt; ActiveRecord::Base
     @task.name = self.name
     @task.email = self.email
     @task.target = self.environment
+    @task.requestor = self.person
     @task.save
   end
  
@@ -301,6 +302,10 @@ class User &lt; ActiveRecord::Base
     end
   end
  
+  def moderate_registration_pending?
+    return ModerateUserRegistration.exists?(:requestor_id => self.person.id, :target_id => self.environment.id, :status => Task::Status::ACTIVE)
+  end
+
   def data_hash(gravatar_default = nil)
     friends_list = {}
     enterprises = person.enterprises.map { |e| { 'name' => e.short_name, 'identifier' => e.identifier } }
 class UserActivationJob < Struct.new(:user_id)
   def perform
     user = User.find(user_id)
-    user.destroy unless user.activated? || user.person.is_template?
+    user.destroy unless user.activated? || user.person.is_template? || user.moderate_registration_pending?
   end
 end
@@ -13,8 +13,8 @@ msgid &quot;&quot;
 msgstr ""
 "Project-Id-Version: 1.0-690-gcb6e853\n"
 "POT-Creation-Date: 2015-03-05 12:10-0300\n"
-"PO-Revision-Date: 2015-03-13 14:56+0200\n"
-"Last-Translator: TWS <tablettws@gmail.com>\n"
+"PO-Revision-Date: 2015-03-14 22:06+0200\n"
+"Last-Translator: daniel <dtygel@eita.org.br>\n"
 "Language-Team: Portuguese "
 "<https://hosted.weblate.org/projects/noosfero/noosfero/pt/>\n"
 "Language: pt\n"
@@ -26,15 +26,15 @@ msgstr &quot;&quot;
  
 #: app/models/approve_comment.rb:17
 msgid "Anonymous"
-msgstr "Anonimo"
+msgstr "Anônimo"
  
 #: app/models/approve_comment.rb:25 app/models/approve_article.rb:17
 msgid "Article removed."
-msgstr "Articolo Rimosso."
+msgstr "Artigo removido."
  
 #: app/models/approve_comment.rb:33
 msgid "New comment to article"
-msgstr "Nuovo commento in questo articolo"
+msgstr "Novo comentário para o artigo"
  
 #: app/models/approve_comment.rb:49 app/models/approve_comment.rb:51
 msgid "%{requestor} commented on the article: %{linked_subject}."
@@ -2018,4 +2018,107 @@ class ArticleTest &lt; ActiveSupport::TestCase
     assert_equal [a], Article.display_filter(user, p)
   end
  
+  should 'display_filter do not show person private content to non friends passing nil as profile parameter' do
+    user = create_user('someuser').person
+    p = fast_create(Person)
+    assert !p.is_a_friend?(user)
+    assert !user.is_admin?
+    Article.delete_all
+    fast_create(Article, :published => false, :profile_id => p.id)
+    assert_equal [], Article.display_filter(user, nil)
+  end
+
+  should 'display_filter do not show community private content to non members passing nil as profile parameter' do
+    user = create_user('someuser').person
+    p = fast_create(Community)
+    assert !user.is_member_of?(p)
+    Article.delete_all
+    fast_create(Article, :published => false, :profile_id => p.id)
+    assert_equal [], Article.display_filter(user, nil)
+  end
+
+  should 'display_filter show community public content of private community for user members' do
+    user = create_user('someuser').person
+    p = fast_create(Community, :public_profile => false)
+    p.add_member(user)
+    assert user.is_member_of?(p)
+    user.stubs(:has_permission?).with(:view_private_content, p).returns(false)
+    Article.delete_all
+    a = fast_create(Article, :published => true, :profile_id => p.id)
+    fast_create(Article, :published => false, :profile_id => p.id)
+    fast_create(Article, :published => false, :profile_id => p.id)
+    assert_equal [a], Article.display_filter(user, p)
+  end
+
+  should 'display_filter not show public content of private community for non members' do
+    user = create_user('someuser').person
+    p = fast_create(Community, :public_profile => false)
+    assert !user.is_member_of?(p)
+    user.stubs(:has_permission?).with(:view_private_content, p).returns(false)
+    Article.delete_all
+    a = fast_create(Article, :published => true, :profile_id => p.id)
+    fast_create(Article, :published => false, :profile_id => p.id)
+    assert_equal [], Article.display_filter(user, p)
+  end
+
+  should 'display_filter not show public content of private community for non members when user is nil' do
+    p = fast_create(Community, :public_profile => false)
+    Article.delete_all
+    a = fast_create(Article, :published => true, :profile_id => p.id)
+    fast_create(Article, :published => false, :profile_id => p.id)
+    assert_equal [], Article.display_filter(nil, p)
+  end
+
+  should 'display_filter show public content for non members when profile is nil' do
+    user = create_user('someuser').person
+    p = fast_create(Community, :public_profile => true)
+    Article.delete_all
+    a1 = fast_create(Article, :published => true, :profile_id => user.id)
+    a2 = fast_create(Article, :published => true, :profile_id => p.id)
+    fast_create(Article, :published => false, :profile_id => p.id)
+    assert_equivalent [a1,a2], Article.display_filter(user, nil)
+  end
+
+  should 'display_filter show person public content of private person profile for user friends' do
+    user = create_user('someuser').person
+    p = fast_create(Person, :public_profile => false)
+    p.add_friend(user)
+    assert p.is_a_friend?(user)
+    user.stubs(:has_permission?).with(:view_private_content, p).returns(false)
+    Article.delete_all
+    a = fast_create(Article, :published => true, :profile_id => p.id)
+    fast_create(Article, :published => false, :profile_id => p.id)
+    fast_create(Article, :published => false, :profile_id => p.id)
+    assert_equal [a], Article.display_filter(user, p)
+  end
+
+  should 'display_filter not show public content of private person for non friends' do
+    user = create_user('someuser').person
+    p = fast_create(Person, :public_profile => false)
+    assert !user.is_a_friend?(p)
+    user.stubs(:has_permission?).with(:view_private_content, p).returns(false)
+    Article.delete_all
+    a = fast_create(Article, :published => true, :profile_id => p.id)
+    fast_create(Article, :published => false, :profile_id => p.id)
+    assert_equal [], Article.display_filter(user, p)
+  end
+
+  should 'display_filter not show public content of private person for non friends when user is nil' do
+    p = fast_create(Person, :public_profile => false)
+    Article.delete_all
+    a = fast_create(Article, :published => true, :profile_id => p.id)
+    fast_create(Article, :published => false, :profile_id => p.id)
+    assert_equal [], Article.display_filter(nil, p)
+  end
+
+  should 'display_filter show public content for non friends when profile is nil' do
+    user = create_user('someuser').person
+    p = fast_create(Person, :public_profile => true)
+    Article.delete_all
+    a1 = fast_create(Article, :published => true, :profile_id => user.id)
+    a2 = fast_create(Article, :published => true, :profile_id => p.id)
+    fast_create(Article, :published => false, :profile_id => p.id)
+    assert_equivalent [a1,a2], Article.display_filter(user, nil)
+  end
+
 end
@@ -1631,4 +1631,9 @@ class PersonTest &lt; ActiveSupport::TestCase
     assert person.can_change_homepage?
   end
  
+  should 'follow? return false when no profile is passed as parameter' do
+    person = Person.new
+    assert_equal false, person.follows?(nil)
+  end
+
 end
@@ -40,6 +40,18 @@ class UserActivationJobTest &lt; ActiveSupport::TestCase
     end
   end
  
+  should 'not destroy user if a moderate user registration task exists' do
+    env = Environment.default
+    env.enable('skip_new_user_email_confirmation')
+    env.enable('admin_must_approve_new_users')
+    user = new_user :login => 'test3'
+    job = UserActivationJob.new(user.id)
+    assert_no_difference 'User.count' do
+      job.perform
+      process_delayed_job_queue
+    end
+  end
+
   protected
     def new_user(options = {})
       user = User.new({ :login => 'quire', :email => 'quire@example.com', :password => 'quire', :password_confirmation => 'quire' }.merge(options))
@@ -302,6 +302,17 @@ class UserTest &lt; ActiveSupport::TestCase
     assert !user.email_activation_pending?
   end
  
+  should 'has moderate registration pending' do
+    user = create_user('cooler')
+    ModerateUserRegistration.create!(:requestor => user.person, :target => Environment.default)
+    assert user.moderate_registration_pending?
+  end
+
+  should 'not has moderate registration pending if not have a pending task' do
+    user = create_user('cooler')
+    assert !user.moderate_registration_pending?
+  end
+
   should 'be able to use [] operator to find users by login' do
     user = fast_create(User)
     assert_equal user, User[user.login]
...	...	@@ -497,15 +497,16 @@ class Article < ActiveRecord::Base
497	497	scope :more_recent, :order => "created_at DESC"
498	498
499	499	scope :display_filter, lambda {\|user, profile\|
500		- user.nil? ?
501		- {:conditions => ['articles.published = ?', true]} :
502		- {:conditions => [" articles.published = ? OR
503		- articles.last_changed_by_id = ? OR
504		- articles.profile_id = ? OR
505		- ? OR articles.show_to_followers = ? AND ? ",
506		- true, user.id, user.id, user.has_permission?(:view_private_content, profile),
507		- true, user.follows?(profile)]
508		- }
	500	+ return published if (user.nil? && profile && profile.public?)
	501	+ return [] if user.nil? \|\| (profile && !profile.public? && !user.follows?(profile))
	502	+ where(
	503	+ [
	504	+ "published = ? OR last_changed_by_id = ? OR profile_id = ? OR ?
	505	+ OR (show_to_followers = ? AND ?)", true, user.id, user.id,
	506	+ profile.nil? ? false : user.has_permission?(:view_private_content, profile),
	507	+ true, user.follows?(profile)
	508	+ ]
	509	+ )
509	510	}
510	511
511	512
...	...
...	...	@@ -435,6 +435,7 @@ roles] }
435	435	end
436	436
437	437	def follows?(profile)
	438	+ return false if profile.nil?
438	439	profile.followed_by?(self)
439	440	end
440	441
...	...
...	...	@@ -159,6 +159,7 @@ class User < ActiveRecord::Base
159	159	@task.name = self.name
160	160	@task.email = self.email
161	161	@task.target = self.environment
	162	+ @task.requestor = self.person
162	163	@task.save
163	164	end
164	165
...	...	@@ -301,6 +302,10 @@ class User < ActiveRecord::Base
301	302	end
302	303	end
303	304
	305	+ def moderate_registration_pending?
	306	+ return ModerateUserRegistration.exists?(:requestor_id => self.person.id, :target_id => self.environment.id, :status => Task::Status::ACTIVE)
	307	+ end
	308	+
304	309	def data_hash(gravatar_default = nil)
305	310	friends_list = {}
306	311	enterprises = person.enterprises.map { \|e\| { 'name' => e.short_name, 'identifier' => e.identifier } }
...	...
1	1	class UserActivationJob < Struct.new(:user_id)
2	2	def perform
3	3	user = User.find(user_id)
4		- user.destroy unless user.activated? \|\| user.person.is_template?
	4	+ user.destroy unless user.activated? \|\| user.person.is_template? \|\| user.moderate_registration_pending?
5	5	end
6	6	end
...	...
...	...	@@ -13,8 +13,8 @@ msgid ""
13	13	msgstr ""
14	14	"Project-Id-Version: 1.0-690-gcb6e853\n"
15	15	"POT-Creation-Date: 2015-03-05 12:10-0300\n"
16		-"PO-Revision-Date: 2015-03-13 14:56+0200\n"
17		-"Last-Translator: TWS <tablettws@gmail.com>\n"
	16	+"PO-Revision-Date: 2015-03-14 22:06+0200\n"
	17	+"Last-Translator: daniel <dtygel@eita.org.br>\n"
18	18	"Language-Team: Portuguese "
19	19	"<https://hosted.weblate.org/projects/noosfero/noosfero/pt/>\n"
20	20	"Language: pt\n"
...	...	@@ -26,15 +26,15 @@ msgstr ""
26	26
27	27	#: app/models/approve_comment.rb:17
28	28	msgid "Anonymous"
29		-msgstr "Anonimo"
	29	+msgstr "Anônimo"
30	30
31	31	#: app/models/approve_comment.rb:25 app/models/approve_article.rb:17
32	32	msgid "Article removed."
33		-msgstr "Articolo Rimosso."
	33	+msgstr "Artigo removido."
34	34
35	35	#: app/models/approve_comment.rb:33
36	36	msgid "New comment to article"
37		-msgstr "Nuovo commento in questo articolo"
	37	+msgstr "Novo comentário para o artigo"
38	38
39	39	#: app/models/approve_comment.rb:49 app/models/approve_comment.rb:51
40	40	msgid "%{requestor} commented on the article: %{linked_subject}."
...	...
...	...	@@ -2018,4 +2018,107 @@ class ArticleTest < ActiveSupport::TestCase
2018	2018	assert_equal [a], Article.display_filter(user, p)
2019	2019	end
2020	2020
	2021	+ should 'display_filter do not show person private content to non friends passing nil as profile parameter' do
	2022	+ user = create_user('someuser').person
	2023	+ p = fast_create(Person)
	2024	+ assert !p.is_a_friend?(user)
	2025	+ assert !user.is_admin?
	2026	+ Article.delete_all
	2027	+ fast_create(Article, :published => false, :profile_id => p.id)
	2028	+ assert_equal [], Article.display_filter(user, nil)
	2029	+ end
	2030	+
	2031	+ should 'display_filter do not show community private content to non members passing nil as profile parameter' do
	2032	+ user = create_user('someuser').person
	2033	+ p = fast_create(Community)
	2034	+ assert !user.is_member_of?(p)
	2035	+ Article.delete_all
	2036	+ fast_create(Article, :published => false, :profile_id => p.id)
	2037	+ assert_equal [], Article.display_filter(user, nil)
	2038	+ end
	2039	+
	2040	+ should 'display_filter show community public content of private community for user members' do
	2041	+ user = create_user('someuser').person
	2042	+ p = fast_create(Community, :public_profile => false)
	2043	+ p.add_member(user)
	2044	+ assert user.is_member_of?(p)
	2045	+ user.stubs(:has_permission?).with(:view_private_content, p).returns(false)
	2046	+ Article.delete_all
	2047	+ a = fast_create(Article, :published => true, :profile_id => p.id)
	2048	+ fast_create(Article, :published => false, :profile_id => p.id)
	2049	+ fast_create(Article, :published => false, :profile_id => p.id)
	2050	+ assert_equal [a], Article.display_filter(user, p)
	2051	+ end
	2052	+
	2053	+ should 'display_filter not show public content of private community for non members' do
	2054	+ user = create_user('someuser').person
	2055	+ p = fast_create(Community, :public_profile => false)
	2056	+ assert !user.is_member_of?(p)
	2057	+ user.stubs(:has_permission?).with(:view_private_content, p).returns(false)
	2058	+ Article.delete_all
	2059	+ a = fast_create(Article, :published => true, :profile_id => p.id)
	2060	+ fast_create(Article, :published => false, :profile_id => p.id)
	2061	+ assert_equal [], Article.display_filter(user, p)
	2062	+ end
	2063	+
	2064	+ should 'display_filter not show public content of private community for non members when user is nil' do
	2065	+ p = fast_create(Community, :public_profile => false)
	2066	+ Article.delete_all
	2067	+ a = fast_create(Article, :published => true, :profile_id => p.id)
	2068	+ fast_create(Article, :published => false, :profile_id => p.id)
	2069	+ assert_equal [], Article.display_filter(nil, p)
	2070	+ end
	2071	+
	2072	+ should 'display_filter show public content for non members when profile is nil' do
	2073	+ user = create_user('someuser').person
	2074	+ p = fast_create(Community, :public_profile => true)
	2075	+ Article.delete_all
	2076	+ a1 = fast_create(Article, :published => true, :profile_id => user.id)
	2077	+ a2 = fast_create(Article, :published => true, :profile_id => p.id)
	2078	+ fast_create(Article, :published => false, :profile_id => p.id)
	2079	+ assert_equivalent [a1,a2], Article.display_filter(user, nil)
	2080	+ end
	2081	+
	2082	+ should 'display_filter show person public content of private person profile for user friends' do
	2083	+ user = create_user('someuser').person
	2084	+ p = fast_create(Person, :public_profile => false)
	2085	+ p.add_friend(user)
	2086	+ assert p.is_a_friend?(user)
	2087	+ user.stubs(:has_permission?).with(:view_private_content, p).returns(false)
	2088	+ Article.delete_all
	2089	+ a = fast_create(Article, :published => true, :profile_id => p.id)
	2090	+ fast_create(Article, :published => false, :profile_id => p.id)
	2091	+ fast_create(Article, :published => false, :profile_id => p.id)
	2092	+ assert_equal [a], Article.display_filter(user, p)
	2093	+ end
	2094	+
	2095	+ should 'display_filter not show public content of private person for non friends' do
	2096	+ user = create_user('someuser').person
	2097	+ p = fast_create(Person, :public_profile => false)
	2098	+ assert !user.is_a_friend?(p)
	2099	+ user.stubs(:has_permission?).with(:view_private_content, p).returns(false)
	2100	+ Article.delete_all
	2101	+ a = fast_create(Article, :published => true, :profile_id => p.id)
	2102	+ fast_create(Article, :published => false, :profile_id => p.id)
	2103	+ assert_equal [], Article.display_filter(user, p)
	2104	+ end
	2105	+
	2106	+ should 'display_filter not show public content of private person for non friends when user is nil' do
	2107	+ p = fast_create(Person, :public_profile => false)
	2108	+ Article.delete_all
	2109	+ a = fast_create(Article, :published => true, :profile_id => p.id)
	2110	+ fast_create(Article, :published => false, :profile_id => p.id)
	2111	+ assert_equal [], Article.display_filter(nil, p)
	2112	+ end
	2113	+
	2114	+ should 'display_filter show public content for non friends when profile is nil' do
	2115	+ user = create_user('someuser').person
	2116	+ p = fast_create(Person, :public_profile => true)
	2117	+ Article.delete_all
	2118	+ a1 = fast_create(Article, :published => true, :profile_id => user.id)
	2119	+ a2 = fast_create(Article, :published => true, :profile_id => p.id)
	2120	+ fast_create(Article, :published => false, :profile_id => p.id)
	2121	+ assert_equivalent [a1,a2], Article.display_filter(user, nil)
	2122	+ end
	2123	+
2021	2124	end
...	...
...	...	@@ -1631,4 +1631,9 @@ class PersonTest < ActiveSupport::TestCase
1631	1631	assert person.can_change_homepage?
1632	1632	end
1633	1633
	1634	+ should 'follow? return false when no profile is passed as parameter' do
	1635	+ person = Person.new
	1636	+ assert_equal false, person.follows?(nil)
	1637	+ end
	1638	+
1634	1639	end
...	...
...	...	@@ -40,6 +40,18 @@ class UserActivationJobTest < ActiveSupport::TestCase
40	40	end
41	41	end
42	42
	43	+ should 'not destroy user if a moderate user registration task exists' do
	44	+ env = Environment.default
	45	+ env.enable('skip_new_user_email_confirmation')
	46	+ env.enable('admin_must_approve_new_users')
	47	+ user = new_user :login => 'test3'
	48	+ job = UserActivationJob.new(user.id)
	49	+ assert_no_difference 'User.count' do
	50	+ job.perform
	51	+ process_delayed_job_queue
	52	+ end
	53	+ end
	54	+
43	55	protected
44	56	def new_user(options = {})
45	57	user = User.new({ :login => 'quire', :email => 'quire@example.com', :password => 'quire', :password_confirmation => 'quire' }.merge(options))
...	...
...	...	@@ -302,6 +302,17 @@ class UserTest < ActiveSupport::TestCase
302	302	assert !user.email_activation_pending?
303	303	end
304	304
	305	+ should 'has moderate registration pending' do
	306	+ user = create_user('cooler')
	307	+ ModerateUserRegistration.create!(:requestor => user.person, :target => Environment.default)
	308	+ assert user.moderate_registration_pending?
	309	+ end
	310	+
	311	+ should 'not has moderate registration pending if not have a pending task' do
	312	+ user = create_user('cooler')
	313	+ assert !user.moderate_registration_pending?
	314	+ end
	315	+
305	316	should 'be able to use [] operator to find users by login' do
306	317	user = fast_create(User)
307	318	assert_equal user, User[user.login]
...	...