Download as
Browse Code »

Commit 7c541b4a2fef9c201c164a05f1519b190f667a5f

Authored by Victor Costa
1 parent e9bffd38
Exists in master and in 22 other branches angular_poc, api-article-archived, article-readonly, backup-7-jan-2016, captcha_serpro_plugin, content-manager-hostspot, export-comment-paragraph, fix_event_date_issue, login-captcha, master_rails3, new_video_plugin, pg_search_rank, production, refactor_with_role, refactor_with_role_scope, remove_profile_cat_icons, resend_confirmation_email, staging, staging_rails3, tasks_keep_filter_params, theme-brasil-digital-from-staging, travis

Base controller for plugins administration 

The PluginAdminController protect by default users that didn't have
edit_environment_features permission against access plugin administration.
Showing 2 changed files with 30 additions and 0 deletions   Show diff stats
app/controllers/admin/plugin_admin_controller.rb 0 → 100644
  Diff comments   View file @7c541b4
... ... @@ -0,0 +1,5 @@
  1 +class PluginAdminController < AdminController
  2 +
  3 + protect 'edit_environment_features', :environment
  4 +
  5 +end
... ...
test/functional/plugin_admin_controller_test.rb 0 → 100644
  Diff comments   View file @7c541b4
... ... @@ -0,0 +1,25 @@
  1 +require File.dirname(__FILE__) + '/../test_helper'
  2 +
  3 +class PluginAdminController
  4 + def index
  5 + render :text => 'ok'
  6 + end
  7 +end
  8 +
  9 +class PluginAdminControllerTest < ActionController::TestCase
  10 +
  11 + should 'allow user with the required permission to access plugin administration page' do
  12 + create_user_with_permission('testuser', 'edit_environment_features', Environment.default)
  13 + login_as('testuser')
  14 + get :index
  15 + assert_response :success
  16 + end
  17 +
  18 + should 'forbid access to users that did not have the required permission' do
  19 + create_user('testuser')
  20 + login_as('testuser')
  21 + get :index
  22 + assert_response :forbidden
  23 + end
  24 +
  25 +end
... ...