Download as
Browse Code »

Commit c19683992bbaebf575aea2e1a437f383570a713e

Authored by Antonio Terceiro
1 parent 694bd7e5
Exists in master and in 22 other branches angular_poc, api-article-archived, article-readonly, backup-7-jan-2016, captcha_serpro_plugin, content-manager-hostspot, export-comment-paragraph, fix_event_date_issue, login-captcha, master_rails3, new_video_plugin, pg_search_rank, production, refactor_with_role, refactor_with_role_scope, remove_profile_cat_icons, resend_confirmation_email, staging, staging_rails3, tasks_keep_filter_params, theme-brasil-digital-from-staging, travis

ActionItem901: unpublished articles can be viewed by those who can edit 

it.
Showing 2 changed files with 20 additions and 2 deletions   Show diff stats
app/controllers/public/content_viewer_controller.rb
  Diff comments   View file @c196839
@@ -28,8 +28,8 @@ class ContentViewerController < ApplicationController @@ -28,8 +28,8 @@ class ContentViewerController < ApplicationController
28 end 28 end
29 end 29 end
30 30
31 - # do not show unpublished articles  
32 - if @page && !@page.published 31 + # only show unpublished articles to those who can edit then
  32 + if @page && !@page.published && (!user || !user.has_permission?('post_content', profile))
33 @page = nil 33 @page = nil
34 end 34 end
35 35
test/functional/content_viewer_controller_test.rb
  Diff comments   View file @c196839
@@ -311,6 +311,24 @@ class ContentViewerControllerTest < Test::Unit::TestCase @@ -311,6 +311,24 @@ class ContentViewerControllerTest < Test::Unit::TestCase
311 assert_response 404 311 assert_response 404
312 end 312 end
313 313
  314 + should 'show unpublished articles to the user himself' do
  315 + profile.articles.create!(:name => 'test', :published => false)
  316 +
  317 + login_as(profile.identifier)
  318 + get :view_page, :profile => profile.identifier, :page => [ 'test' ]
  319 + assert_response :success
  320 + end
  321 +
  322 + should 'show unpublished articles to members' do
  323 + community = Community.create!(:name => 'testcomm')
  324 + community.articles.create!(:name => 'test', :published => false)
  325 + community.add_member(profile)
  326 +
  327 + login_as(profile.identifier)
  328 + get :view_page, :profile => community.identifier, :page => [ 'test' ]
  329 + assert_response :success
  330 + end
  331 +
314 should 'show message for disabled enterprises' do 332 should 'show message for disabled enterprises' do
315 login_as(@profile.identifier) 333 login_as(@profile.identifier)
316 ent = Enterprise.create!(:name => 'my test enterprise', :identifier => 'my-test-enterprise', :enabled => false) 334 ent = Enterprise.create!(:name => 'my test enterprise', :identifier => 'my-test-enterprise', :enabled => false)