diff --git a/app/controllers/application.rb b/app/controllers/application.rb
index 9f8991a..acb4730 100644
--- a/app/controllers/application.rb
+++ b/app/controllers/application.rb
@@ -50,7 +50,8 @@ class ApplicationController < ActionController::Base
end
def load_profile
- @profile = Profile.find_by_identifier(params[:profile])
+ @profile = Profile.find_by_identifier(params[:profile]) unless @profile
+ render_not_found unless @profile
end
def user
diff --git a/app/controllers/profile_admin/enterprise_editor_controller.rb b/app/controllers/profile_admin/enterprise_editor_controller.rb
index f8ee2fa..d568d9a 100644
--- a/app/controllers/profile_admin/enterprise_editor_controller.rb
+++ b/app/controllers/profile_admin/enterprise_editor_controller.rb
@@ -1,6 +1,5 @@
class EnterpriseEditorController < ProfileAdminController
- needs_profile
- protect 'edit_profile', :profile, :exept => :destroy
+ protect 'edit_profile', :profile, :user, :except => :destroy
protect 'destroy_profile', :profile, :only => :destroy
before_filter :check_enterprise
@@ -28,7 +27,7 @@ class EnterpriseEditorController < ProfileAdminController
# Elimitates the enterprise of the system
def destroy
#raise "bli"
- if @enterprise.destroy!
+ if @enterprise.destroy
flash[:notice] = _('Enterprise sucessfully erased from the system')
redirect_to :controller => 'profile_editor', :action => 'index', :profile => current_user.login
else
@@ -36,24 +35,8 @@ class EnterpriseEditorController < ProfileAdminController
end
end
- # Activate a validated enterprise
- def activate
- if @enterprise.activatepermission.nil?
- flash[:notice] = _('Enterprise successfuly activacted')
- else
- flash[:notice] = _('Failed to activate the enterprise')
- end
- redirect_to :action => 'index'
- end
-
protected
- def permission
- 'bli'
- end
- def permission=(perm)
- @p = perm
- end
def check_enterprise
if profile.is_a?(Enterprise)
@enterprise = profile
diff --git a/app/controllers/profile_admin/profile_members_controller.rb b/app/controllers/profile_admin/profile_members_controller.rb
index 61b5574..d277c32 100644
--- a/app/controllers/profile_admin/profile_members_controller.rb
+++ b/app/controllers/profile_admin/profile_members_controller.rb
@@ -1,9 +1,8 @@
class ProfileMembersController < ProfileAdminController
-
protect 'manage_memberships', :profile
def index
- @members = profile.people.uniq
+ @members = profile.members
end
def change_roles
@@ -12,8 +11,8 @@ class ProfileMembersController < ProfileAdminController
end
def update_roles
- @roles = Role.find(params[:roles])
- @person = Person.find(params[:person])
+ @roles = params[:roles] ? Role.find(params[:roles]) : []
+ @person = Person.find(params[:person])
if @person.define_roles(@roles, profile)
flash[:notice] = _('Roles successfuly updated')
else
@@ -25,7 +24,7 @@ class ProfileMembersController < ProfileAdminController
def change_role
@roles = Role.find(:all).select{ |r| r.has_kind?(:profile) }
@member = Person.find(params[:id])
- @associations = RoleAssignment.find(:all, :conditions => {:person_id => @member, :resource_id => @profile, :resource_type => @profile.class.base_class.name})
+ @associations = @member.find_roles(@profile)
end
def add_role
diff --git a/app/controllers/profile_admin_controller.rb b/app/controllers/profile_admin_controller.rb
index 3a97115..7769f9c 100644
--- a/app/controllers/profile_admin_controller.rb
+++ b/app/controllers/profile_admin_controller.rb
@@ -13,8 +13,8 @@ class ProfileAdminController < ApplicationController
# a subclass of Person)
def self.requires_profile_class(some_class)
before_filter do |controller|
- unless controller.profile.kind_of?(some_class)
- controller.instance_variable_set('@message', _("This action is not available for \"%s\".") % controller.profile.name)
+ unless controller.send(:profile).kind_of?(some_class)
+ controller.instance_variable_set('@message', _("This action is not available for \"%s\".") % controller.send(:profile).name)
controller.render :file => File.join(RAILS_ROOT, 'app', 'views', 'shared', 'access_denied.rhtml'), :layout => true, :status => 403
end
end
diff --git a/app/models/profile.rb b/app/models/profile.rb
index be6a34a..df14d29 100644
--- a/app/models/profile.rb
+++ b/app/models/profile.rb
@@ -54,7 +54,6 @@ class Profile < ActiveRecord::Base
belongs_to :environment
has_many :role_assignments, :as => :resource
- has_many :people, :through => :role_assignments
# Sets the identifier for this profile. Raises an exception when called on a
diff --git a/app/views/profile_members/change_role.rhtml b/app/views/profile_members/change_role.rhtml
index 254fae6..58c6e6c 100644
--- a/app/views/profile_members/change_role.rhtml
+++ b/app/views/profile_members/change_role.rhtml
@@ -4,7 +4,8 @@
<%= _('Roles: ') %>
<% @roles.each do |r| %>
- <%= labelled_form_field(r.name, (check_box_tag "roles[]", r.id, @associations.map(&:role).include?(r))) %>
+ <%= check_box_tag "roles[]", r.id, @associations.map(&:role).include?(r) %>
+ <%= r.name.capitalize %>
<% end %>
<%= hidden_field_tag 'person', @member.id %>
diff --git a/test/functional/enterprise_editor_controller_test.rb b/test/functional/enterprise_editor_controller_test.rb
index ebbf365..4bd917d 100644
--- a/test/functional/enterprise_editor_controller_test.rb
+++ b/test/functional/enterprise_editor_controller_test.rb
@@ -12,8 +12,8 @@ class EnterpriseEditorControllerTest < Test::Unit::TestCase
end
should 'not see index if do not logged in' do
- ent = Enterprise.create!(:identifier => 'test_enterprise', :name => 'Test enteprise')
- get 'index', :profile => 'test_enterprise'
+ ent1 = Enterprise.create!(:identifier => 'test_enterprise1', :name => 'Test enteprise1')
+ get 'index', :profile => 'test_enterprise1'
assert_response :success
assert_template 'access_denied.rhtml'
@@ -33,17 +33,56 @@ class EnterpriseEditorControllerTest < Test::Unit::TestCase
end
should 'see index if have permission' do
- user = create_user('test_user').person
ent = Enterprise.create!(:identifier => 'test_enterprise', :name => 'Test enterprise')
+ user = create_user('test_user').person
role = Role.create!(:name => 'test_role', :permissions => ['edit_profile'])
assert user.add_role(role, ent)
assert user.has_permission?('edit_profile', ent)
login_as :test_user
+ assert_equal ent, Profile.find_by_identifier('test_enterprise')
+
get 'index', :profile => 'test_enterprise'
assert_response :success
- assert @controller.send(:profile)
+ assert_equal ent, @controller.send(:profile)
+ assert_equal user, @controller.send(:user)
assert_template 'index'
end
+
+ should 'show the edit form' do
+ ent = Enterprise.create!(:identifier => 'test_enterprise', :name => 'Test enterprise')
+ user = create_user_with_permission('test_user', 'edit_profile', ent)
+ login_as :test_user
+
+ get 'edit', :profile => 'test_enterprise'
+
+ assert_response :success
+ assert_equal ent, @controller.send(:profile)
+ assert_template 'edit'
+ end
+
+ should 'update' do
+ ent = Enterprise.create!(:identifier => 'test_enterprise', :name => 'Test enterprise')
+ user = create_user_with_permission('test_user', 'edit_profile', ent)
+ login_as :test_user
+
+ post 'update', :profile => 'test_enterprise', :enterprise => {:name => 'test_name'}
+
+ assert_response :redirect
+ assert_redirected_to :action => 'index'
+ ent.reload
+ assert_equal 'test_name', ent.name
+ end
+
+ should 'destroy' do
+ ent = Enterprise.create!(:identifier => 'test_enterprise', :name => 'Test enterprise')
+ user = create_user_with_permission('test_user', 'destroy_profile', ent)
+ login_as :test_user
+
+ post 'destroy', :profile => 'test_enterprise'
+
+ assert_response :redirect
+ assert_redirected_to :controller => 'profile_editor', :profile => 'test_user'
+ end
end
diff --git a/test/functional/profile_admin_controller_test.rb b/test/functional/profile_admin_controller_test.rb
index c2e05e9..36bc10f 100644
--- a/test/functional/profile_admin_controller_test.rb
+++ b/test/functional/profile_admin_controller_test.rb
@@ -6,7 +6,6 @@ class ProfileAdminController; def rescue_action(e) raise e end; end
class OnlyForPersonTestController < ProfileAdminController
requires_profile_class Person
- design :holder => :profile
def index
render :text => 'something
'
end
@@ -23,19 +22,17 @@ class ProfileAdminControllerTest < Test::Unit::TestCase
def test_should_allow_person
@controller = OnlyForPersonTestController.new
- person = Person.new(:name => 'Random Joe')
- @controller.stubs(:profile).returns(person)
+ person = create_user('random_joe')
- get :index
+ get :index, :profile => 'random_joe'
assert_response :success
end
def test_should_not_allow_bare_profile
@controller = OnlyForPersonTestController.new
- org = Organization.new(:name => 'Hacking Institute')
- @controller.stubs(:profile).returns(org)
+ org = Organization.create!(:identifier => 'hacking_institute', :name => 'Hacking Institute')
- get :index
+ get :index, :profile => 'hacking_institute'
assert_response 403 # forbidden
end
end
diff --git a/test/functional/profile_members_controller_test.rb b/test/functional/profile_members_controller_test.rb
index 0eb970b..178814c 100644
--- a/test/functional/profile_members_controller_test.rb
+++ b/test/functional/profile_members_controller_test.rb
@@ -11,8 +11,60 @@ class ProfileMembersControllerTest < Test::Unit::TestCase
@response = ActionController::TestResponse.new
end
- # Replace this with your real tests.
- def test_truth
- assert true
+ should 'not access index if dont have permission' do
+ user = create_user('test_user')
+ Enterprise.create!(:identifier => 'test_enterprise', :name => 'test enterprise')
+ login_as :test_user
+
+ get 'index', :profile => 'test_enterprise'
+
+ assert_response :success
+ assert_template 'access_denied.rhtml'
+ end
+
+ should 'access index' do
+ ent = Enterprise.create!(:identifier => 'test_enterprise', :name => 'test enterprise')
+ user = create_user_with_permission('test_user', 'manage_memberships', ent)
+ login_as :test_user
+
+ get 'index', :profile => 'test_enterprise'
+
+ assert_response :success
+ assert_template 'index'
+ end
+
+ should 'show form to change role' do
+ ent = Enterprise.create!(:identifier => 'test_enterprise', :name => 'test enterprise')
+ role = Role.create!(:name => 'member_role', :permissions => ['edit_profile'])
+ member = create_user('test_member').person
+ member.add_role(role, ent)
+ user = create_user_with_permission('test_user', 'manage_memberships', ent)
+ login_as :test_user
+
+ get 'change_role', :profile => 'test_enterprise' , :id => member
+
+ assert_response :success
+ assert_equal member, assigns('member')
+ assert_template 'change_role'
+ end
+
+ should 'update roles' do
+ ent = Enterprise.create!(:identifier => 'test_enterprise', :name => 'test enterprise')
+ role = Role.create!(:name => 'member_role', :permissions => ['edit_profile'])
+ orole = Role.create!(:name => 'owner_role', :permissions => ['edit_profile', 'destroy_profile'])
+
+ member = create_user('test_member').person
+ member.add_role(role, ent)
+ user = create_user_with_permission('test_user', 'manage_memberships', ent)
+ login_as :test_user
+
+ post 'update_roles', :profile => 'test_enterprise', :roles => [orole.id], :person => member
+
+ assert_response :redirect
+ member.reload
+ assert member.find_roles(ent).map(&:role).include?(orole)
+ assert !member.find_roles(ent).map(&:role).include?(role)
+
+
end
end
diff --git a/test/test_helper.rb b/test/test_helper.rb
index 758ff0f..2672d23 100644
--- a/test/test_helper.rb
+++ b/test/test_helper.rb
@@ -78,6 +78,19 @@ class Test::Unit::TestCase
:password_confirmation => name.underscore)
end
+ def create_user_with_permission(name, permission, target)
+ user = create_user(name).person
+ i = 0
+ while Role.find_by_name('test_role' + i.to_s)
+ i+=1
+ end
+
+ role = Role.create!(:name => 'test_role' + i.to_s, :permissions => [permission])
+ assert user.add_role(role, target)
+ assert user.has_permission?(permission, target)
+ user
+ end
+
private
def uses_host(name)
--
libgit2 0.21.2