Commit 3d111ca77eb9cc0e74d6b0f0ef82c1ffa747d1ca
Committed by
Rodrigo Souto
Rodrigo Souto
1 parent
47e5f189
Exists in
master
and in
21 other branches
Add option to block appearence edit
- Add before_filter for check permission for open edit header and footer page - Change environment feature name of disable_appearance to enable_appearance - Update cucumber test change_appearance.feature Signed-off-by: DylanGuedes <djmgguedes@gmail.com> Signed-off-by: Luciano Prestes Cavalcanti <lucianopcbr@gmail.com> Signed-off-by: Omar Junior <omarroinuj@gmail.com> Signed-off-by: vitorbaraujo <vitornga15@gmail.com> Signed-off-by: Victor Matias Navarro <victor.matias.navarro@gmail.com>
Showing
7 changed files
with
77 additions
and
5 deletions
Show diff stats
app/controllers/my_profile/profile_editor_controller.rb
| ... | ... | @@ -6,10 +6,13 @@ class ProfileEditorController < MyProfileController |
| 6 | 6 | before_filter :access_welcome_page, :only => [:welcome_page] |
| 7 | 7 | before_filter :back_to |
| 8 | 8 | before_filter :forbid_destroy_profile, :only => [:destroy_profile] |
| 9 | + before_filter :check_user_can_edit_header_footer, :only => [:header_footer] | |
| 9 | 10 | helper_method :has_welcome_page |
| 10 | 11 | |
| 11 | 12 | def index |
| 12 | 13 | @pending_tasks = Task.to(profile).pending.without_spam.select{|i| user.has_permission?(i.permission, profile)} |
| 14 | + @show_appearance_option = user.is_admin?(environment) || environment.enabled?('enable_appearance') | |
| 15 | + @show_header_footer_option = user.is_admin?(environment) || (!profile.enterprise? && !environment.enabled?('disable_header_and_footer')) | |
| 13 | 16 | end |
| 14 | 17 | |
| 15 | 18 | helper :profile |
| ... | ... | @@ -169,4 +172,9 @@ class ProfileEditorController < MyProfileController |
| 169 | 172 | redirect_to_previous_location |
| 170 | 173 | end |
| 171 | 174 | end |
| 175 | + | |
| 176 | + def check_user_can_edit_header_footer | |
| 177 | + user_can_not_edit_header_footer = !user.is_admin?(environment) && environment.enabled?('disable_header_and_footer') | |
| 178 | + redirect_to back_to if user_can_not_edit_header_footer | |
| 179 | + end | |
| 172 | 180 | end | ... | ... |
app/controllers/themes_controller.rb
| 1 | 1 | class ThemesController < ApplicationController |
| 2 | 2 | |
| 3 | 3 | before_filter :login_required |
| 4 | + before_filter :check_user_can_edit_appearance, :only => [:index] | |
| 4 | 5 | |
| 5 | 6 | no_design_blocks |
| 6 | 7 | |
| ... | ... | @@ -39,4 +40,11 @@ class ThemesController < ApplicationController |
| 39 | 40 | redirect_to :action => 'index' |
| 40 | 41 | end |
| 41 | 42 | |
| 43 | + private | |
| 44 | + | |
| 45 | + def check_user_can_edit_appearance | |
| 46 | + user_can_edit_appearance = user.is_admin?(environment) || environment.enabled?('enable_appearance') | |
| 47 | + redirect_to request.referer || "/" unless user_can_edit_appearance | |
| 48 | + end | |
| 49 | + | |
| 42 | 50 | end | ... | ... |
app/models/environment.rb
| ... | ... | @@ -158,7 +158,9 @@ class Environment < ActiveRecord::Base |
| 158 | 158 | 'allow_change_of_redirection_after_login' => _('Allow users to set the page to redirect after login'), |
| 159 | 159 | 'display_my_communities_on_user_menu' => _('Display on menu the list of communities the user can manage'), |
| 160 | 160 | 'display_my_enterprises_on_user_menu' => _('Display on menu the list of enterprises the user can manage'), |
| 161 | - 'restrict_to_members' => _('Show content only to members') | |
| 161 | + 'restrict_to_members' => _('Show content only to members'), | |
| 162 | + | |
| 163 | + 'enable_appearance' => _('Enable appearance editing by users'), | |
| 162 | 164 | } |
| 163 | 165 | end |
| 164 | 166 | |
| ... | ... | @@ -438,6 +440,7 @@ class Environment < ActiveRecord::Base |
| 438 | 440 | show_balloon_with_profile_links_when_clicked |
| 439 | 441 | show_zoom_button_on_article_images |
| 440 | 442 | use_portal_community |
| 443 | + enable_appearance | |
| 441 | 444 | ) |
| 442 | 445 | |
| 443 | 446 | before_create :enable_default_features | ... | ... |
app/views/profile_editor/index.html.erb
| ... | ... | @@ -22,9 +22,9 @@ |
| 22 | 22 | |
| 23 | 23 | <%= control_panel_button(_('Edit sideboxes'), 'blocks', :controller => 'profile_design', :action => 'index') %> |
| 24 | 24 | |
| 25 | - <%= control_panel_button(_('Edit Appearance'), 'design-editor', :controller => 'profile_themes', :action => 'index') %> | |
| 25 | + <%= control_panel_button(_('Edit Appearance'), 'design-editor', :controller => 'profile_themes', :action => 'index') if @show_appearance_option %> | |
| 26 | 26 | |
| 27 | - <%= control_panel_button(_('Edit Header and Footer'), 'header-and-footer', :controller => 'profile_editor', :action => 'header_footer') if user.is_admin?(environment) || (!profile.enterprise? && !environment.enabled?('disable_header_and_footer')) %> | |
| 27 | + <%= control_panel_button(_('Edit Header and Footer'), 'header-and-footer', :controller => 'profile_editor', :action => 'header_footer') if @show_header_footer_option %> | |
| 28 | 28 | |
| 29 | 29 | <%= control_panel_button(_('Manage Content'), 'cms', :controller => 'cms') %> |
| 30 | 30 | ... | ... |
features/change_appearance.feature
| ... | ... | @@ -6,6 +6,7 @@ Feature: Change appearance |
| 6 | 6 | Given the following users |
| 7 | 7 | | login | name | |
| 8 | 8 | | joaosilva | Joao Silva | |
| 9 | + And feature "enable_appearance" is enabled on environment | |
| 9 | 10 | |
| 10 | 11 | Scenario: Change appearance from default(3 boxes) to Left Top and Right(4 boxes) |
| 11 | 12 | Given I am logged in as "joaosilva" | ... | ... |
test/functional/profile_editor_controller_test.rb
| ... | ... | @@ -1184,4 +1184,30 @@ class ProfileEditorControllerTest < ActionController::TestCase |
| 1184 | 1184 | get :index, :profile => user.identifier |
| 1185 | 1185 | assert_tag :tag => 'div', :descendant => { :tag => 'a', :content => 'Edit Header and Footer' } |
| 1186 | 1186 | end |
| 1187 | + | |
| 1188 | + should 'user cant edit header and footer if environment dont permit' do | |
| 1189 | + environment = Environment.default | |
| 1190 | + environment.settings[:disable_header_and_footer_enabled] = true | |
| 1191 | + environment.save! | |
| 1192 | + | |
| 1193 | + user = create_user('user').person | |
| 1194 | + login_as('user') | |
| 1195 | + | |
| 1196 | + get :header_footer, :profile => user.identifier | |
| 1197 | + assert_response :redirect | |
| 1198 | + end | |
| 1199 | + | |
| 1200 | + should 'admin can edit header and footer if environment dont permit' do | |
| 1201 | + user = create_user('user').person | |
| 1202 | + | |
| 1203 | + environment = Environment.default | |
| 1204 | + environment.add_admin(user) | |
| 1205 | + environment.settings[:disable_header_and_footer_enabled] = true | |
| 1206 | + environment.save! | |
| 1207 | + | |
| 1208 | + login_as('user') | |
| 1209 | + | |
| 1210 | + get :header_footer, :profile => user.identifier | |
| 1211 | + assert_response :success | |
| 1212 | + end | |
| 1187 | 1213 | end | ... | ... |
test/functional/profile_themes_controller_test.rb
| ... | ... | @@ -17,6 +17,7 @@ class ProfileThemesControllerTest < ActionController::TestCase |
| 17 | 17 | |
| 18 | 18 | @env = Environment.default |
| 19 | 19 | @env.enable('user_themes') |
| 20 | + @env.enable_default_features | |
| 20 | 21 | @env.save! |
| 21 | 22 | end |
| 22 | 23 | attr_reader :profile, :env |
| ... | ... | @@ -116,7 +117,7 @@ class ProfileThemesControllerTest < ActionController::TestCase |
| 116 | 117 | |
| 117 | 118 | should 'create a new theme' do |
| 118 | 119 | post :new, :profile => 'testinguser', :name => 'My theme' |
| 119 | - | |
| 120 | + | |
| 120 | 121 | ok('theme should be created') do |
| 121 | 122 | profile.themes.first.id == 'my-theme' |
| 122 | 123 | end |
| ... | ... | @@ -197,7 +198,7 @@ class ProfileThemesControllerTest < ActionController::TestCase |
| 197 | 198 | should 'display "add image" button' do |
| 198 | 199 | theme = Theme.create('mytheme', :owner => profile) |
| 199 | 200 | get :edit, :profile => 'testinguser', :id => 'mytheme' |
| 200 | - | |
| 201 | + | |
| 201 | 202 | assert_tag :tag => 'a', :attributes => { :href => '/myprofile/testinguser/profile_themes/add_image/mytheme' } |
| 202 | 203 | end |
| 203 | 204 | |
| ... | ... | @@ -329,4 +330,29 @@ class ProfileThemesControllerTest < ActionController::TestCase |
| 329 | 330 | assert_equal [t2, t1], assigns(:themes) |
| 330 | 331 | end |
| 331 | 332 | |
| 333 | + should 'user cant edit appearance if environment dont permit' do | |
| 334 | + environment = Environment.default | |
| 335 | + environment.disable('enable_appearance') | |
| 336 | + environment.save! | |
| 337 | + | |
| 338 | + user = create_user('user').person | |
| 339 | + login_as('user') | |
| 340 | + | |
| 341 | + post :index, :profile => user.identifier | |
| 342 | + assert_response :redirect | |
| 343 | + end | |
| 344 | + | |
| 345 | + should 'admin can edit appearance if environment dont permit' do | |
| 346 | + user = create_user('user').person | |
| 347 | + | |
| 348 | + environment = Environment.default | |
| 349 | + environment.add_admin(user) | |
| 350 | + environment.disable('enable_appearance') | |
| 351 | + environment.save! | |
| 352 | + | |
| 353 | + login_as('user') | |
| 354 | + | |
| 355 | + post :index, :profile => user.identifier | |
| 356 | + assert_response :success | |
| 357 | + end | |
| 332 | 358 | end | ... | ... |