Commit 72691c97acc950c0d00076050d7625a48413dfea
Exists in
master
and in
22 other branches
Merge branch 'stable'
Showing
21 changed files
with
233 additions
and
151 deletions
Show diff stats
app/controllers/public/content_viewer_controller.rb
| ... | ... | @@ -26,11 +26,6 @@ class ContentViewerController < ApplicationController |
| 26 | 26 | end |
| 27 | 27 | end |
| 28 | 28 | |
| 29 | - # only show unpublished articles to those who can edit then | |
| 30 | - if @page && !@page.published && !@page.allow_post_content?(user) | |
| 31 | - @page = nil | |
| 32 | - end | |
| 33 | - | |
| 34 | 29 | # page not found, give error |
| 35 | 30 | if @page.nil? |
| 36 | 31 | render_not_found(@path) | ... | ... |
app/helpers/application_helper.rb
app/helpers/folder_helper.rb
| 1 | 1 | module FolderHelper |
| 2 | 2 | |
| 3 | - def list_articles(articles, recursive = false) | |
| 4 | - content_tag( | |
| 5 | - 'table', | |
| 6 | - content_tag('tr', content_tag('th', _('Title')) + content_tag('th', _('Last update'))) + | |
| 7 | - articles.select { |item| item.public? }.map {|item| display_article_in_listing(item, recursive, 0)}.join('') | |
| 8 | - ) | |
| 3 | + def list_articles(articles, user, recursive = false) | |
| 4 | + if !articles.blank? | |
| 5 | + content_tag( | |
| 6 | + 'table', | |
| 7 | + content_tag('tr', content_tag('th', _('Title')) + content_tag('th', _('Last update'))) + | |
| 8 | + articles.select { |item| item.display_to?(user)}.map {|item| display_article_in_listing(item, recursive, 0)}.join('') | |
| 9 | + ) | |
| 10 | + else | |
| 11 | + content_tag('em', _('(empty folder)')) | |
| 12 | + end | |
| 9 | 13 | end |
| 10 | 14 | |
| 11 | 15 | def display_article_in_listing(article, recursive = false, level = 0) | ... | ... |
app/models/article.rb
| ... | ... | @@ -84,13 +84,6 @@ class Article < ActiveRecord::Base |
| 84 | 84 | pending_categorizations.clear |
| 85 | 85 | end |
| 86 | 86 | |
| 87 | - before_save do |article| | |
| 88 | - if article.parent | |
| 89 | - article.public_article = article.parent.public_article | |
| 90 | - end | |
| 91 | - true | |
| 92 | - end | |
| 93 | - | |
| 94 | 87 | acts_as_taggable |
| 95 | 88 | N_('Tag list') |
| 96 | 89 | |
| ... | ... | @@ -123,11 +116,10 @@ class Article < ActiveRecord::Base |
| 123 | 116 | options = { :limit => limit, |
| 124 | 117 | :conditions => [ |
| 125 | 118 | "advertise = ? AND |
| 126 | - public_article = ? AND | |
| 127 | 119 | published = ? AND |
| 128 | 120 | profiles.visible = ? AND |
| 129 | 121 | profiles.public_profile = ? AND |
| 130 | - ((articles.type != ? and articles.type != ? and articles.type != ?) OR articles.type is NULL)", true, true, true, true, true, 'UploadedFile', 'RssFeed', 'Blog' | |
| 122 | + ((articles.type != ? and articles.type != ? and articles.type != ?) OR articles.type is NULL)", true, true, true, true, 'UploadedFile', 'RssFeed', 'Blog' | |
| 131 | 123 | ], |
| 132 | 124 | :include => 'profile', |
| 133 | 125 | :order => 'articles.published_at desc, articles.id desc' |
| ... | ... | @@ -221,16 +213,32 @@ class Article < ActiveRecord::Base |
| 221 | 213 | false |
| 222 | 214 | end |
| 223 | 215 | |
| 216 | + def published? | |
| 217 | + if self.published | |
| 218 | + if self.parent && !self.parent.published? | |
| 219 | + return false | |
| 220 | + end | |
| 221 | + true | |
| 222 | + else | |
| 223 | + false | |
| 224 | + end | |
| 225 | + end | |
| 226 | + | |
| 224 | 227 | named_scope :folders, :conditions => { :type => ['Folder', 'Blog'] } |
| 225 | 228 | |
| 229 | + def display_unpublished_article_to?(user) | |
| 230 | + self.author == user || allow_view_private_content?(user) || user == self.profile || | |
| 231 | + user.is_admin?(self.profile.environment) || user.is_admin?(self.profile) | |
| 232 | + end | |
| 233 | + | |
| 226 | 234 | def display_to?(user) |
| 227 | - if self.public_article | |
| 235 | + if self.published? | |
| 228 | 236 | self.profile.display_info_to?(user) |
| 229 | 237 | else |
| 230 | 238 | if user.nil? |
| 231 | 239 | false |
| 232 | 240 | else |
| 233 | - (user == self.profile) || user.has_permission?('view_private_content', self.profile) | |
| 241 | + self.display_unpublished_article_to?(user) | |
| 234 | 242 | end |
| 235 | 243 | end |
| 236 | 244 | end |
| ... | ... | @@ -243,6 +251,10 @@ class Article < ActiveRecord::Base |
| 243 | 251 | user && user.has_permission?('publish_content', profile) |
| 244 | 252 | end |
| 245 | 253 | |
| 254 | + def allow_view_private_content?(user = nil) | |
| 255 | + user && user.has_permission?('view_private_content', profile) | |
| 256 | + end | |
| 257 | + | |
| 246 | 258 | def comments_updated |
| 247 | 259 | ferret_update |
| 248 | 260 | end |
| ... | ... | @@ -252,18 +264,31 @@ class Article < ActiveRecord::Base |
| 252 | 264 | end |
| 253 | 265 | |
| 254 | 266 | def public? |
| 255 | - profile.visible? && profile.public? && public_article | |
| 267 | + profile.visible? && profile.public? && published? | |
| 256 | 268 | end |
| 257 | 269 | |
| 270 | + | |
| 258 | 271 | def copy(options) |
| 259 | - attrs = attributes.reject! { |key, value| article_attr_blacklist.include?(key) } | |
| 272 | + attrs = attributes.reject! { |key, value| ATTRIBUTES_NOT_COPIED.include?(key.to_sym) } | |
| 260 | 273 | attrs.merge!(options) |
| 261 | 274 | self.class.create(attrs) |
| 262 | 275 | end |
| 263 | 276 | |
| 264 | - def article_attr_blacklist | |
| 265 | - ['id', 'profile_id', 'parent_id', 'slug', 'path', 'updated_at', 'created_at', 'last_changed_by_id', 'version', 'lock_version', 'type', 'children_count', 'comments_count', 'hits'] | |
| 266 | - end | |
| 277 | + ATTRIBUTES_NOT_COPIED = [ | |
| 278 | + :id, | |
| 279 | + :profile_id, | |
| 280 | + :parent_id, | |
| 281 | + :path, | |
| 282 | + :updated_at, | |
| 283 | + :created_at, | |
| 284 | + :last_changed_by_id, | |
| 285 | + :version, | |
| 286 | + :lock_version, | |
| 287 | + :type, | |
| 288 | + :children_count, | |
| 289 | + :comments_count, | |
| 290 | + :hits, | |
| 291 | + ] | |
| 267 | 292 | |
| 268 | 293 | def self.find_by_old_path(old_path) |
| 269 | 294 | find(:first, :include => :versions, :conditions => ['article_versions.path = ?', old_path], :order => 'article_versions.id desc') | ... | ... |
app/models/folder.rb
| ... | ... | @@ -4,6 +4,8 @@ class Folder < Article |
| 4 | 4 | |
| 5 | 5 | settings_items :view_as, :type => :string, :default => 'folder' |
| 6 | 6 | |
| 7 | + xss_terminate :only => [ :body ], :with => 'white_list' | |
| 8 | + | |
| 7 | 9 | def self.select_views |
| 8 | 10 | [[_('Folder'), 'folder'], [_('Image gallery'), 'image_gallery']] |
| 9 | 11 | end |
| ... | ... | @@ -39,7 +41,7 @@ class Folder < Article |
| 39 | 41 | end |
| 40 | 42 | |
| 41 | 43 | def folder |
| 42 | - content_tag('div', body) + tag('hr') + (children.empty? ? content_tag('em', _('(empty folder)')) : list_articles(children)) | |
| 44 | + content_tag('div', body) + tag('hr') | |
| 43 | 45 | end |
| 44 | 46 | |
| 45 | 47 | def image_gallery | ... | ... |
app/models/profile.rb
| ... | ... | @@ -448,7 +448,7 @@ private :generate_url, :url_options |
| 448 | 448 | |
| 449 | 449 | # a default private folder if public |
| 450 | 450 | if self.public? |
| 451 | - folder = Folder.new(:name => _("Intranet"), :public_article => false) | |
| 451 | + folder = Folder.new(:name => _("Intranet"), :published => false) | |
| 452 | 452 | self.articles << folder |
| 453 | 453 | end |
| 454 | 454 | end |
| ... | ... | @@ -588,10 +588,6 @@ private :generate_url, :url_options |
| 588 | 588 | end |
| 589 | 589 | end |
| 590 | 590 | |
| 591 | - def theme | |
| 592 | - self[:theme] || environment && environment.theme || 'default' | |
| 593 | - end | |
| 594 | - | |
| 595 | 591 | def public? |
| 596 | 592 | visible && public_profile |
| 597 | 593 | end |
| ... | ... | @@ -693,7 +689,7 @@ private :generate_url, :url_options |
| 693 | 689 | if user.nil? |
| 694 | 690 | false |
| 695 | 691 | else |
| 696 | - (user == self) || (user.is_admin?(self.environment)) || (user.memberships.include?(self)) | |
| 692 | + (user == self) || (user.is_admin?(self.environment)) || user.is_admin?(self) || user.memberships.include?(self) | |
| 697 | 693 | end |
| 698 | 694 | end |
| 699 | 695 | end | ... | ... |
app/views/content_viewer/view_page.rhtml
| ... | ... | @@ -81,6 +81,9 @@ |
| 81 | 81 | <% cache(@page.cache_key(params, user)) do %> |
| 82 | 82 | <div class="<%="article-body article-body-" + @page.css_class_name %>"> |
| 83 | 83 | <%= article_to_html(@page) %> |
| 84 | + <% if @page.folder? %> | |
| 85 | + <%= list_articles(@page.children, user)%> | |
| 86 | + <% end %> | |
| 84 | 87 | <br style="clear:both" /> |
| 85 | 88 | </div> <!-- end class="article-body" --> |
| 86 | 89 | <% end %> | ... | ... |
app/views/profile/sitemap.rhtml
db/migrate/084_set_public_article_into_published_attribute.rb
0 → 100644
| ... | ... | @@ -0,0 +1,10 @@ |
| 1 | +class RemovePublicArticle < ActiveRecord::Migration | |
| 2 | + def self.up | |
| 3 | + remove_column :articles, :public_article | |
| 4 | + end | |
| 5 | + | |
| 6 | + def self.down | |
| 7 | + add_column :articles, :public_article, :boolean, :default => true | |
| 8 | + execute('update articles set public_article = (1>0)') | |
| 9 | + end | |
| 10 | +end | ... | ... |
db/migrate/20100326171758_clear_default_theme_from_profiles.rb
0 → 100644
db/migrate/renumber.sh
db/schema.rb
| ... | ... | @@ -9,7 +9,7 @@ |
| 9 | 9 | # |
| 10 | 10 | # It's strongly recommended to check this file into your version control system. |
| 11 | 11 | |
| 12 | -ActiveRecord::Schema.define(:version => 83) do | |
| 12 | +ActiveRecord::Schema.define(:version => 20100326171758) do | |
| 13 | 13 | |
| 14 | 14 | create_table "article_versions", :force => true do |t| |
| 15 | 15 | t.integer "article_id" |
| ... | ... | @@ -72,7 +72,6 @@ ActiveRecord::Schema.define(:version => 83) do |
| 72 | 72 | t.date "start_date" |
| 73 | 73 | t.date "end_date" |
| 74 | 74 | t.integer "children_count", :default => 0 |
| 75 | - t.boolean "public_article", :default => true | |
| 76 | 75 | t.boolean "accept_comments", :default => true |
| 77 | 76 | t.integer "reference_article_id" |
| 78 | 77 | t.text "setting" | ... | ... |
script/apply-template
| ... | ... | @@ -8,7 +8,7 @@ env = Environment.default |
| 8 | 8 | |
| 9 | 9 | def move_articles_to_blog(profile) |
| 10 | 10 | profile.articles.each { |article| |
| 11 | - if !article.blog? && !article.is_a?(RssFeed) && article.public_article | |
| 11 | + if !article.blog? && !article.is_a?(RssFeed) && article.published? | |
| 12 | 12 | puts 'including ' + article.path + ' in the blog' |
| 13 | 13 | article.parent = profile.blog |
| 14 | 14 | article.save! | ... | ... |
test/functional/cms_controller_test.rb
| ... | ... | @@ -624,14 +624,14 @@ class CmsControllerTest < Test::Unit::TestCase |
| 624 | 624 | end |
| 625 | 625 | |
| 626 | 626 | should 'create a private article child of private folder' do |
| 627 | - folder = Folder.new(:name => 'my intranet', :public_article => false); profile.articles << folder; folder.save! | |
| 627 | + folder = Folder.new(:name => 'my intranet', :published => false); profile.articles << folder; folder.save! | |
| 628 | 628 | |
| 629 | 629 | post :new, :profile => profile.identifier, :type => 'TextileArticle', :parent_id => folder.id, :article => { :name => 'new-private-article'} |
| 630 | 630 | folder.reload |
| 631 | 631 | |
| 632 | - assert !assigns(:article).public? | |
| 632 | + assert !assigns(:article).published? | |
| 633 | 633 | assert_equal 'new-private-article', folder.children[0].name |
| 634 | - assert !folder.children[0].public? | |
| 634 | + assert !folder.children[0].published? | |
| 635 | 635 | end |
| 636 | 636 | |
| 637 | 637 | should 'load communities for that the user belongs' do | ... | ... |
test/functional/content_viewer_controller_test.rb
| ... | ... | @@ -293,10 +293,10 @@ class ContentViewerControllerTest < Test::Unit::TestCase |
| 293 | 293 | assert_response 404 |
| 294 | 294 | end |
| 295 | 295 | |
| 296 | - should 'show unpublished articles as unexisting' do | |
| 296 | + should 'show access denied to unpublished articles' do | |
| 297 | 297 | profile.articles.create!(:name => 'test', :published => false) |
| 298 | 298 | get :view_page, :profile => profile.identifier, :page => [ 'test' ] |
| 299 | - assert_response 404 | |
| 299 | + assert_response 403 | |
| 300 | 300 | end |
| 301 | 301 | |
| 302 | 302 | should 'show unpublished articles to the user himself' do |
| ... | ... | @@ -307,19 +307,9 @@ class ContentViewerControllerTest < Test::Unit::TestCase |
| 307 | 307 | assert_response :success |
| 308 | 308 | end |
| 309 | 309 | |
| 310 | - should 'show unpublished articles to members' do | |
| 311 | - community = Community.create!(:name => 'testcomm') | |
| 312 | - community.articles.create!(:name => 'test', :published => false) | |
| 313 | - community.add_member(profile) | |
| 314 | - | |
| 315 | - login_as(profile.identifier) | |
| 316 | - get :view_page, :profile => community.identifier, :page => [ 'test' ] | |
| 317 | - assert_response :success | |
| 318 | - end | |
| 319 | - | |
| 320 | 310 | should 'not show private content to members' do |
| 321 | 311 | community = Community.create!(:name => 'testcomm') |
| 322 | - Folder.create!(:name => 'test', :profile => community, :public_article => false) | |
| 312 | + Folder.create!(:name => 'test', :profile => community, :published => false) | |
| 323 | 313 | community.add_member(profile) |
| 324 | 314 | |
| 325 | 315 | login_as(profile.identifier) |
| ... | ... | @@ -332,7 +322,7 @@ class ContentViewerControllerTest < Test::Unit::TestCase |
| 332 | 322 | |
| 333 | 323 | should 'show private content to profile moderators' do |
| 334 | 324 | community = Community.create!(:name => 'testcomm') |
| 335 | - community.articles.create!(:name => 'test', :public_article => false) | |
| 325 | + community.articles.create!(:name => 'test', :published => false) | |
| 336 | 326 | community.add_moderator(profile) |
| 337 | 327 | |
| 338 | 328 | login_as(profile.identifier) |
| ... | ... | @@ -344,7 +334,7 @@ class ContentViewerControllerTest < Test::Unit::TestCase |
| 344 | 334 | |
| 345 | 335 | should 'show private content to profile admins' do |
| 346 | 336 | community = Community.create!(:name => 'testcomm') |
| 347 | - community.articles.create!(:name => 'test', :public_article => false) | |
| 337 | + community.articles.create!(:name => 'test', :published => false) | |
| 348 | 338 | community.add_admin(profile) |
| 349 | 339 | |
| 350 | 340 | login_as(profile.identifier) |
| ... | ... | @@ -430,7 +420,7 @@ class ContentViewerControllerTest < Test::Unit::TestCase |
| 430 | 420 | |
| 431 | 421 | should 'not give access to private articles if logged off' do |
| 432 | 422 | profile = Profile.create!(:name => 'test profile', :identifier => 'test_profile') |
| 433 | - intranet = Folder.create!(:name => 'my_intranet', :profile => profile, :public_article => false) | |
| 423 | + intranet = Folder.create!(:name => 'my_intranet', :profile => profile, :published => false) | |
| 434 | 424 | |
| 435 | 425 | @request.stubs(:ssl?).returns(true) |
| 436 | 426 | get :view_page, :profile => 'test_profile', :page => [ 'my-intranet' ] |
| ... | ... | @@ -441,7 +431,7 @@ class ContentViewerControllerTest < Test::Unit::TestCase |
| 441 | 431 | should 'not give access to private articles if logged in but not member' do |
| 442 | 432 | login_as('testinguser') |
| 443 | 433 | profile = Profile.create!(:name => 'test profile', :identifier => 'test_profile') |
| 444 | - intranet = Folder.create!(:name => 'my_intranet', :profile => profile, :public_article => false) | |
| 434 | + intranet = Folder.create!(:name => 'my_intranet', :profile => profile, :published => false) | |
| 445 | 435 | |
| 446 | 436 | @request.stubs(:ssl?).returns(true) |
| 447 | 437 | get :view_page, :profile => 'test_profile', :page => [ 'my-intranet' ] |
| ... | ... | @@ -452,7 +442,7 @@ class ContentViewerControllerTest < Test::Unit::TestCase |
| 452 | 442 | should 'not give access to private articles if logged in and only member' do |
| 453 | 443 | person = create_user('test_user').person |
| 454 | 444 | profile = Profile.create!(:name => 'test profile', :identifier => 'test_profile') |
| 455 | - intranet = Folder.create!(:name => 'my_intranet', :profile => profile, :public_article => false) | |
| 445 | + intranet = Folder.create!(:name => 'my_intranet', :profile => profile, :published => false) | |
| 456 | 446 | profile.affiliate(person, Profile::Roles.member(profile.environment.id)) |
| 457 | 447 | login_as('test_user') |
| 458 | 448 | |
| ... | ... | @@ -465,7 +455,7 @@ class ContentViewerControllerTest < Test::Unit::TestCase |
| 465 | 455 | should 'give access to private articles if logged in and moderator' do |
| 466 | 456 | person = create_user('test_user').person |
| 467 | 457 | profile = Profile.create!(:name => 'test profile', :identifier => 'test_profile') |
| 468 | - intranet = Folder.create!(:name => 'my_intranet', :profile => profile, :public_article => false) | |
| 458 | + intranet = Folder.create!(:name => 'my_intranet', :profile => profile, :published => false) | |
| 469 | 459 | profile.affiliate(person, Profile::Roles.moderator(profile.environment.id)) |
| 470 | 460 | login_as('test_user') |
| 471 | 461 | |
| ... | ... | @@ -478,7 +468,7 @@ class ContentViewerControllerTest < Test::Unit::TestCase |
| 478 | 468 | should 'give access to private articles if logged in and admin' do |
| 479 | 469 | person = create_user('test_user').person |
| 480 | 470 | profile = Profile.create!(:name => 'test profile', :identifier => 'test_profile') |
| 481 | - intranet = Folder.create!(:name => 'my_intranet', :profile => profile, :public_article => false) | |
| 471 | + intranet = Folder.create!(:name => 'my_intranet', :profile => profile, :published => false) | |
| 482 | 472 | profile.affiliate(person, Profile::Roles.admin(profile.environment.id)) |
| 483 | 473 | login_as('test_user') |
| 484 | 474 | |
| ... | ... | @@ -507,21 +497,21 @@ class ContentViewerControllerTest < Test::Unit::TestCase |
| 507 | 497 | |
| 508 | 498 | should 'require SSL for viewing non-public articles' do |
| 509 | 499 | Environment.default.update_attribute(:enable_ssl, true) |
| 510 | - page = profile.articles.create!(:name => 'myarticle', :body => 'top secret', :public_article => false) | |
| 500 | + page = profile.articles.create!(:name => 'myarticle', :body => 'top secret', :published => false) | |
| 511 | 501 | get :view_page, :profile => 'testinguser', :page => [ 'myarticle' ] |
| 512 | 502 | assert_redirected_to :protocol => 'https://', :profile => 'testinguser', :page => [ 'myarticle' ] |
| 513 | 503 | end |
| 514 | 504 | |
| 515 | 505 | should 'avoid SSL for viewing public articles' do |
| 516 | 506 | @request.expects(:ssl?).returns(true).at_least_once |
| 517 | - page = profile.articles.create!(:name => 'myarticle', :body => 'top secret', :public_article => true) | |
| 507 | + page = profile.articles.create!(:name => 'myarticle', :body => 'top secret', :published => true) | |
| 518 | 508 | get :view_page, :profile => 'testinguser', :page => [ 'myarticle' ] |
| 519 | 509 | assert_redirected_to :protocol => 'http://', :profile => 'testinguser', :page => [ 'myarticle' ] |
| 520 | 510 | end |
| 521 | 511 | |
| 522 | 512 | should 'not redirect to SSL if already on SSL' do |
| 523 | 513 | @request.expects(:ssl?).returns(true).at_least_once |
| 524 | - page = profile.articles.create!(:name => 'myarticle', :body => 'top secret', :public_article => false) | |
| 514 | + page = profile.articles.create!(:name => 'myarticle', :body => 'top secret', :published => false) | |
| 525 | 515 | login_as('testinguser') |
| 526 | 516 | get :view_page, :profile => 'testinguser', :page => [ 'myarticle' ] |
| 527 | 517 | assert_response :success | ... | ... |
test/unit/application_helper_test.rb
| ... | ... | @@ -555,6 +555,12 @@ class ApplicationHelperTest < Test::Unit::TestCase |
| 555 | 555 | assert_equal 'profile-theme', current_theme |
| 556 | 556 | end |
| 557 | 557 | |
| 558 | + should 'use environment theme if the profile theme is nil' do | |
| 559 | + stubs(:environment).returns(fast_create(Environment, :theme => 'new-theme')) | |
| 560 | + stubs(:profile).returns(fast_create(Profile)) | |
| 561 | + assert_equal environment.theme, current_theme | |
| 562 | + end | |
| 563 | + | |
| 558 | 564 | protected |
| 559 | 565 | |
| 560 | 566 | def url_for(args = {}) | ... | ... |
test/unit/article_test.rb
| ... | ... | @@ -160,8 +160,8 @@ class ArticleTest < Test::Unit::TestCase |
| 160 | 160 | p = create_user('usr1').person |
| 161 | 161 | Article.destroy_all |
| 162 | 162 | |
| 163 | - first = p.articles.build(:name => 'first', :public_article => true); first.save! | |
| 164 | - second = p.articles.build(:name => 'second', :public_article => false); second.save! | |
| 163 | + first = p.articles.build(:name => 'first', :published => true); first.save! | |
| 164 | + second = p.articles.build(:name => 'second', :published => false); second.save! | |
| 165 | 165 | |
| 166 | 166 | assert_equal [ first ], Article.recent(nil) |
| 167 | 167 | end |
| ... | ... | @@ -202,8 +202,8 @@ class ArticleTest < Test::Unit::TestCase |
| 202 | 202 | |
| 203 | 203 | now = Time.now |
| 204 | 204 | |
| 205 | - first = p.articles.build(:name => 'first', :public_article => true, :created_at => now, :published_at => now); first.save! | |
| 206 | - second = p.articles.build(:name => 'second', :public_article => true, :updated_at => now, :published_at => now + 1.second); second.save! | |
| 205 | + first = p.articles.build(:name => 'first', :published => true, :created_at => now, :published_at => now); first.save! | |
| 206 | + second = p.articles.build(:name => 'second', :published => true, :updated_at => now, :published_at => now + 1.second); second.save! | |
| 207 | 207 | |
| 208 | 208 | assert_equal [ second, first ], Article.recent(2) |
| 209 | 209 | |
| ... | ... | @@ -443,21 +443,21 @@ class ArticleTest < Test::Unit::TestCase |
| 443 | 443 | assert !Article.new.accept_category?(ProductCategory.new) |
| 444 | 444 | end |
| 445 | 445 | |
| 446 | - should 'accept public_article attribute' do | |
| 447 | - assert_respond_to Article.new, :public_article | |
| 448 | - assert_respond_to Article.new, :public_article= | |
| 446 | + should 'accept published attribute' do | |
| 447 | + assert_respond_to Article.new, :published | |
| 448 | + assert_respond_to Article.new, :published= | |
| 449 | 449 | end |
| 450 | 450 | |
| 451 | 451 | should 'say that logged off user cannot see private article' do |
| 452 | 452 | profile = Profile.create!(:name => 'test profile', :identifier => 'test_profile') |
| 453 | - article = Article.create!(:name => 'test article', :profile => profile, :public_article => false) | |
| 453 | + article = Article.create!(:name => 'test article', :profile => profile, :published => false) | |
| 454 | 454 | |
| 455 | 455 | assert !article.display_to?(nil) |
| 456 | 456 | end |
| 457 | 457 | |
| 458 | 458 | should 'say that not member of profile cannot see private article' do |
| 459 | 459 | profile = Profile.create!(:name => 'test profile', :identifier => 'test_profile') |
| 460 | - article = Article.create!(:name => 'test article', :profile => profile, :public_article => false) | |
| 460 | + article = Article.create!(:name => 'test article', :profile => profile, :published => false) | |
| 461 | 461 | person = create_user('test_user').person |
| 462 | 462 | |
| 463 | 463 | assert !article.display_to?(person) |
| ... | ... | @@ -465,7 +465,7 @@ class ArticleTest < Test::Unit::TestCase |
| 465 | 465 | |
| 466 | 466 | should 'say that member user can not see private article' do |
| 467 | 467 | profile = Profile.create!(:name => 'test profile', :identifier => 'test_profile') |
| 468 | - article = Article.create!(:name => 'test article', :profile => profile, :public_article => false) | |
| 468 | + article = Article.create!(:name => 'test article', :profile => profile, :published => false) | |
| 469 | 469 | person = create_user('test_user').person |
| 470 | 470 | profile.affiliate(person, Profile::Roles.member(profile.environment.id)) |
| 471 | 471 | |
| ... | ... | @@ -474,7 +474,7 @@ class ArticleTest < Test::Unit::TestCase |
| 474 | 474 | |
| 475 | 475 | should 'say that profile admin can see private article' do |
| 476 | 476 | profile = Profile.create!(:name => 'test profile', :identifier => 'test_profile') |
| 477 | - article = Article.create!(:name => 'test article', :profile => profile, :public_article => false) | |
| 477 | + article = Article.create!(:name => 'test article', :profile => profile, :published => false) | |
| 478 | 478 | person = create_user('test_user').person |
| 479 | 479 | profile.affiliate(person, Profile::Roles.admin(profile.environment.id)) |
| 480 | 480 | |
| ... | ... | @@ -483,7 +483,7 @@ class ArticleTest < Test::Unit::TestCase |
| 483 | 483 | |
| 484 | 484 | should 'say that profile moderator can see private article' do |
| 485 | 485 | profile = Profile.create!(:name => 'test profile', :identifier => 'test_profile') |
| 486 | - article = Article.create!(:name => 'test article', :profile => profile, :public_article => false) | |
| 486 | + article = Article.create!(:name => 'test article', :profile => profile, :published => false) | |
| 487 | 487 | person = create_user('test_user').person |
| 488 | 488 | profile.affiliate(person, Profile::Roles.moderator(profile.environment.id)) |
| 489 | 489 | |
| ... | ... | @@ -492,7 +492,7 @@ class ArticleTest < Test::Unit::TestCase |
| 492 | 492 | |
| 493 | 493 | should 'not show article to non member if article public but profile private' do |
| 494 | 494 | profile = Profile.create!(:name => 'test profile', :identifier => 'test_profile', :public_profile => false) |
| 495 | - article = Article.create!(:name => 'test article', :profile => profile, :public_article => true) | |
| 495 | + article = Article.create!(:name => 'test article', :profile => profile, :published => true) | |
| 496 | 496 | person1 = create_user('test_user1').person |
| 497 | 497 | profile.affiliate(person1, Profile::Roles.member(profile.environment.id)) |
| 498 | 498 | person2 = create_user('test_user2').person |
| ... | ... | @@ -504,54 +504,27 @@ class ArticleTest < Test::Unit::TestCase |
| 504 | 504 | |
| 505 | 505 | should 'make new article private if created inside a private folder' do |
| 506 | 506 | profile = Profile.create!(:name => 'test profile', :identifier => 'test_profile') |
| 507 | - folder = Folder.create!(:name => 'my_intranet', :profile => profile, :public_article => false) | |
| 507 | + folder = Folder.create!(:name => 'my_intranet', :profile => profile, :published => false) | |
| 508 | 508 | article = Article.create!(:name => 'my private article', :profile => profile, :parent => folder) |
| 509 | 509 | |
| 510 | - assert !article.public_article | |
| 511 | - end | |
| 512 | - | |
| 513 | - should 'respond to public? like public_article if profile is public' do | |
| 514 | - p = Profile.create!(:name => 'test profile', :identifier => 'test_profile') | |
| 515 | - a1 = Article.create!(:name => 'test public article', :profile => p) | |
| 516 | - a2 = Article.create!(:name => 'test private article', :profile => p, :public_article => false) | |
| 517 | - | |
| 518 | - assert a1.public? | |
| 519 | - assert !a2.public? | |
| 520 | - end | |
| 521 | - | |
| 522 | - should 'respond to public? as false if profile is private' do | |
| 523 | - p = Profile.create!(:name => 'test profile', :identifier => 'test_profile', :public_profile => false) | |
| 524 | - a1 = Article.create!(:name => 'test public article', :profile => p) | |
| 525 | - a2 = Article.create!(:name => 'test private article', :profile => p, :public_article => false) | |
| 526 | - | |
| 527 | - assert !a1.public? | |
| 528 | - assert !a2.public? | |
| 529 | - end | |
| 530 | - | |
| 531 | - should 'respond to public? as false if profile is invisible' do | |
| 532 | - profile = fast_create(Profile, :visible => false) | |
| 533 | - article1 = fast_create(Article, :profile_id => profile.id) | |
| 534 | - article2 = fast_create(Article, :profile_id => profile.id, :public_article => false) | |
| 535 | - | |
| 536 | - assert !article1.public? | |
| 537 | - assert !article2.public? | |
| 510 | + assert !article.published? | |
| 538 | 511 | end |
| 539 | 512 | |
| 540 | 513 | should 'save as private' do |
| 541 | 514 | profile = Profile.create!(:name => 'test profile', :identifier => 'test_profile') |
| 542 | - folder = Folder.create!(:name => 'my_intranet', :profile => profile, :public_article => false) | |
| 515 | + folder = Folder.create!(:name => 'my_intranet', :profile => profile, :published => false) | |
| 543 | 516 | article = TextileArticle.new(:name => 'my private article') |
| 544 | 517 | article.profile = profile |
| 545 | 518 | article.parent = folder |
| 546 | 519 | article.save! |
| 547 | 520 | article.reload |
| 548 | 521 | |
| 549 | - assert !article.public_article | |
| 522 | + assert !article.published? | |
| 550 | 523 | end |
| 551 | 524 | |
| 552 | 525 | should 'not allow friends of private person see the article' do |
| 553 | 526 | person = create_user('test_user').person |
| 554 | - article = Article.create!(:name => 'test article', :profile => person, :public_article => false) | |
| 527 | + article = Article.create!(:name => 'test article', :profile => person, :published => false) | |
| 555 | 528 | friend = create_user('test_friend').person |
| 556 | 529 | person.add_friend(friend) |
| 557 | 530 | person.save! |
| ... | ... | @@ -562,7 +535,7 @@ class ArticleTest < Test::Unit::TestCase |
| 562 | 535 | |
| 563 | 536 | should 'display private articles to people who can view private content' do |
| 564 | 537 | person = create_user('test_user').person |
| 565 | - article = Article.create!(:name => 'test article', :profile => person, :public_article => false) | |
| 538 | + article = Article.create!(:name => 'test article', :profile => person, :published => false) | |
| 566 | 539 | |
| 567 | 540 | admin_user = create_user('admin_user').person |
| 568 | 541 | admin_user.stubs(:has_permission?).with('view_private_content', article.profile).returns('true') |
| ... | ... | @@ -598,6 +571,12 @@ class ArticleTest < Test::Unit::TestCase |
| 598 | 571 | assert_kind_of Folder, b |
| 599 | 572 | end |
| 600 | 573 | |
| 574 | + should 'copy slug' do | |
| 575 | + a = fast_create(Article, :slug => 'slug123') | |
| 576 | + b = a.copy({}) | |
| 577 | + assert_equal a.slug, b.slug | |
| 578 | + end | |
| 579 | + | |
| 601 | 580 | should 'load article under an old path' do |
| 602 | 581 | p = create_user('test_user').person |
| 603 | 582 | a = p.articles.create(:name => 'old-name') | ... | ... |
test/unit/folder_helper_test.rb
| ... | ... | @@ -15,4 +15,82 @@ class FolderHelperTest < Test::Unit::TestCase |
| 15 | 15 | assert_equal 'icons-mime/unknown.png', icon_for_article(art2) |
| 16 | 16 | end |
| 17 | 17 | |
| 18 | + should 'list all the folder\'s children to the owner' do | |
| 19 | + profile = create_user('Folder Owner').person | |
| 20 | + folder = fast_create(Folder, {:name => 'Parent Folder', :profile_id => profile.id}) | |
| 21 | + sub_folder = fast_create(Folder, {:name => 'Child Folder', :parent_id => folder.id, | |
| 22 | + :profile_id => profile.id}) | |
| 23 | + sub_blog = fast_create(Blog, {:name => 'Child Blog', :parent_id => folder.id, | |
| 24 | + :profile_id => profile.id}) | |
| 25 | + sub_article = fast_create(Article, {:name => 'Not Public Child Article', :parent_id => | |
| 26 | + folder.id, :profile_id => profile.id, :published => false}) | |
| 27 | + | |
| 28 | + result = folder.list_articles(folder.children, profile) | |
| 29 | + | |
| 30 | + assert_match 'Child Folder', result | |
| 31 | + assert_match 'Not Public Child Article', result | |
| 32 | + assert_match 'Child Blog', result | |
| 33 | + end | |
| 34 | + | |
| 35 | + should 'list the folder\'s children that are public to the user' do | |
| 36 | + profile = create_user('Folder Owner').person | |
| 37 | + profile2 = create_user('Folder Viwer').person | |
| 38 | + folder = fast_create(Folder, {:name => 'Parent Folder', :profile_id => profile.id}) | |
| 39 | + public_article = fast_create(Article, {:name => 'Public Article', :parent_id => | |
| 40 | + folder.id, :profile_id => profile.id, :published => true}) | |
| 41 | + not_public_article = fast_create(Article, {:name => 'Not Public Article', :parent_id => | |
| 42 | + folder.id, :profile_id => profile.id, :published => false}) | |
| 43 | + | |
| 44 | + result = folder.list_articles(folder.children, profile2) | |
| 45 | + | |
| 46 | + assert_match 'Public Article', result | |
| 47 | + assert_no_match /Not Public Article/, result | |
| 48 | + end | |
| 49 | + | |
| 50 | + should ' not list the folder\'s children to the user because the owner\'s profile is not public' do | |
| 51 | + profile = create_user('folder-owner').person | |
| 52 | + profile.public_profile = false | |
| 53 | + profile.save! | |
| 54 | + profile2 = create_user('Folder Viwer').person | |
| 55 | + folder = fast_create(Folder, {:name => 'Parent Folder', :profile_id => profile.id}) | |
| 56 | + article = fast_create(Article, {:name => 'Article', :parent_id => folder.id, :profile_id => profile.id}) | |
| 57 | + | |
| 58 | + result = folder.list_articles(folder.children, profile2) | |
| 59 | + | |
| 60 | + assert_no_match /Article/, result | |
| 61 | + end | |
| 62 | + | |
| 63 | + should ' not list the folder\'s children to the user because the owner\'s profile is not visible' do | |
| 64 | + profile = create_user('folder-owner').person | |
| 65 | + profile.visible = false | |
| 66 | + profile.save! | |
| 67 | + profile2 = create_user('Folder Viwer').person | |
| 68 | + folder = fast_create(Folder, {:name => 'Parent Folder', :profile_id => profile.id}) | |
| 69 | + article = fast_create(Article, {:name => 'Article', :parent_id => folder.id, :profile_id => profile.id}) | |
| 70 | + | |
| 71 | + result = folder.list_articles(folder.children, profile2) | |
| 72 | + | |
| 73 | + assert_no_match /Article/, result | |
| 74 | + end | |
| 75 | + | |
| 76 | + should 'list subitems as HTML content' do | |
| 77 | + profile = create_user('folder-owner').person | |
| 78 | + folder = fast_create(Folder, {:name => 'Parent Folder', :profile_id => profile.id}) | |
| 79 | + article = fast_create(Article, {:name => 'Article1', :parent_id => folder.id, :profile_id => profile.id}) | |
| 80 | + article = fast_create(Article, {:name => 'Article2', :parent_id => folder.id, :profile_id => profile.id}) | |
| 81 | + | |
| 82 | + result = folder.list_articles(folder.children, profile) | |
| 83 | + | |
| 84 | + assert_tag_in_string result, :tag => 'td', :descendant => { :tag => 'a', :attributes => { :href => /.*\/folder-owner\/my-article-[0-9]*(\?|$)/ } }, :content => /Article1/ | |
| 85 | + assert_tag_in_string result, :tag => 'td', :descendant => { :tag => 'a', :attributes => { :href => /.*\/folder-owner\/my-article-[0-9]*(\?|$)/ } }, :content => /Article2/ | |
| 86 | + end | |
| 87 | + | |
| 88 | + should 'explictly advise if empty' do | |
| 89 | + profile = create_user('folder-owner').person | |
| 90 | + folder = fast_create(Folder, {:name => 'Parent Folder', :profile_id => profile.id}) | |
| 91 | + result = folder.list_articles(folder.children, profile) | |
| 92 | + | |
| 93 | + assert_match '(empty folder)', result | |
| 94 | + end | |
| 95 | + | |
| 18 | 96 | end | ... | ... |
test/unit/folder_test.rb
| ... | ... | @@ -18,23 +18,6 @@ class FolderTest < ActiveSupport::TestCase |
| 18 | 18 | assert_not_equal Article.new.icon_name, Folder.new.icon_name |
| 19 | 19 | end |
| 20 | 20 | |
| 21 | - should 'list subitems as HTML content' do | |
| 22 | - p = create_user('testuser').person | |
| 23 | - f = Folder.create!(:profile => p, :name => 'f') | |
| 24 | - f.children.create!(:profile => p, :name => 'onearticle') | |
| 25 | - f.children.create!(:profile => p, :name => 'otherarticle') | |
| 26 | - f.reload | |
| 27 | - | |
| 28 | - assert_tag_in_string f.to_html, :tag => 'td', :descendant => { :tag => 'a', :attributes => { :href => /.*\/testuser\/f\/onearticle(\?|$)/ } }, :content => /onearticle/ | |
| 29 | - assert_tag_in_string f.to_html, :tag => 'td', :descendant => { :tag => 'a', :attributes => { :href => /.*\/testuser\/f\/otherarticle(\?|$)/ } }, :content => /otherarticle/ | |
| 30 | - end | |
| 31 | - | |
| 32 | - should 'explictly advise if empty' do | |
| 33 | - p = create_user('testuser').person | |
| 34 | - f = Folder.create!(:profile => p, :name => 'f') | |
| 35 | - assert_tag_in_string f.to_html, :content => '(empty folder)' | |
| 36 | - end | |
| 37 | - | |
| 38 | 21 | should 'show text body in HTML content' do |
| 39 | 22 | p = create_user('testuser').person |
| 40 | 23 | f = Folder.create!(:name => 'f', :profile => p, :body => 'this-is-the-text') |
| ... | ... | @@ -147,4 +130,19 @@ class FolderTest < ActiveSupport::TestCase |
| 147 | 130 | |
| 148 | 131 | assert_includes folder.images(true), pi |
| 149 | 132 | end |
| 133 | + | |
| 134 | + should 'not let pass javascript in the body' do | |
| 135 | + owner = create_user('testuser').person | |
| 136 | + folder = fast_create(Folder, {:profile_id => owner.id, :body => '<script>alert("Xss Attack!")</script>'}) | |
| 137 | + folder.save! | |
| 138 | + assert_no_match(/<script>/, folder.body) | |
| 139 | + end | |
| 140 | + | |
| 141 | + should 'let pass html in the body' do | |
| 142 | + owner = create_user('testuser').person | |
| 143 | + folder = fast_create(Folder, {:profile_id => owner.id, :body => '<strong>I am not a Xss Attack!")</strong>'}) | |
| 144 | + folder.save! | |
| 145 | + assert_match(/<strong>/, folder.body) | |
| 146 | + end | |
| 147 | + | |
| 150 | 148 | end | ... | ... |
test/unit/profile_test.rb
| ... | ... | @@ -909,15 +909,6 @@ class ProfileTest < Test::Unit::TestCase |
| 909 | 909 | assert_equal 'my-shiny-theme', p.theme |
| 910 | 910 | end |
| 911 | 911 | |
| 912 | - should 'delegate theme selection to environment by default' do | |
| 913 | - p = Profile.new | |
| 914 | - env = mock | |
| 915 | - p.stubs(:environment).returns(env) | |
| 916 | - env.expects(:theme).returns('environment-stored-theme') | |
| 917 | - | |
| 918 | - assert_equal 'environment-stored-theme', p.theme | |
| 919 | - end | |
| 920 | - | |
| 921 | 912 | should 'respond to public? as public_profile' do |
| 922 | 913 | p1 = fast_create(Profile) |
| 923 | 914 | p2 = fast_create(Profile, :public_profile => false) |
| ... | ... | @@ -930,8 +921,8 @@ class ProfileTest < Test::Unit::TestCase |
| 930 | 921 | p1 = create(Profile) |
| 931 | 922 | p2 = create(Profile, :public_profile => false) |
| 932 | 923 | |
| 933 | - assert p1.articles.find(:first, :conditions => {:public_article => false}) | |
| 934 | - assert !p2.articles.find(:first, :conditions => {:public_article => false}) | |
| 924 | + assert p1.articles.find(:first, :conditions => {:published => false}) | |
| 925 | + assert !p2.articles.find(:first, :conditions => {:published => false}) | |
| 935 | 926 | end |
| 936 | 927 | |
| 937 | 928 | should 'remove member with many roles' do | ... | ... |