Commit c3964d52b7b31078610c90ba237a7b97e3b7dd55
Exists in
theme-brasil-digital-from-staging
and in
9 other branches
Merge branch 'AI3191-private_environment' into rails3_stable
Conflicts: app/models/environment.rb
Showing
9 changed files
with
103 additions
and
6 deletions
Show diff stats
Gemfile.lock
| @@ -61,7 +61,7 @@ GEM | @@ -61,7 +61,7 @@ GEM | ||
| 61 | database_cleaner (1.2.0) | 61 | database_cleaner (1.2.0) |
| 62 | diff-lcs (1.1.3) | 62 | diff-lcs (1.1.3) |
| 63 | erubis (2.7.0) | 63 | erubis (2.7.0) |
| 64 | - eventmachine (1.0.3) | 64 | + eventmachine (0.12.11) |
| 65 | fast_gettext (0.6.8) | 65 | fast_gettext (0.6.8) |
| 66 | ffi (1.0.11) | 66 | ffi (1.0.11) |
| 67 | gherkin (2.4.21) | 67 | gherkin (2.4.21) |
| @@ -75,7 +75,7 @@ GEM | @@ -75,7 +75,7 @@ GEM | ||
| 75 | i18n (>= 0.4.0) | 75 | i18n (>= 0.4.0) |
| 76 | mime-types (~> 1.16) | 76 | mime-types (~> 1.16) |
| 77 | treetop (~> 1.4.8) | 77 | treetop (~> 1.4.8) |
| 78 | - metaclass (0.0.4) | 78 | + metaclass (0.0.1) |
| 79 | mime-types (1.19) | 79 | mime-types (1.19) |
| 80 | mocha (0.11.3) | 80 | mocha (0.11.3) |
| 81 | metaclass (~> 0.0.1) | 81 | metaclass (~> 0.0.1) |
app/controllers/admin/features_controller.rb
| @@ -91,4 +91,10 @@ class FeaturesController < AdminController | @@ -91,4 +91,10 @@ class FeaturesController < AdminController | ||
| 91 | redirect_to :action => 'manage_fields' | 91 | redirect_to :action => 'manage_fields' |
| 92 | end | 92 | end |
| 93 | 93 | ||
| 94 | + def search_members | ||
| 95 | + arg = params[:q].downcase | ||
| 96 | + result = environment.people.find(:all, :conditions => ['LOWER(name) LIKE ?', "%#{arg}%"]) | ||
| 97 | + render :text => prepare_to_token_input(result).to_json | ||
| 98 | + end | ||
| 99 | + | ||
| 94 | end | 100 | end |
app/controllers/application_controller.rb
| @@ -7,6 +7,12 @@ class ApplicationController < ActionController::Base | @@ -7,6 +7,12 @@ class ApplicationController < ActionController::Base | ||
| 7 | before_filter :detect_stuff_by_domain | 7 | before_filter :detect_stuff_by_domain |
| 8 | before_filter :init_noosfero_plugins | 8 | before_filter :init_noosfero_plugins |
| 9 | before_filter :allow_cross_domain_access | 9 | before_filter :allow_cross_domain_access |
| 10 | + before_filter :login_required, :if => :private_environment? | ||
| 11 | + before_filter :verify_members_whitelist, :if => :user | ||
| 12 | + | ||
| 13 | + def verify_members_whitelist | ||
| 14 | + render_access_denied unless user.is_admin? || environment.in_whitelist?(user) | ||
| 15 | + end | ||
| 10 | 16 | ||
| 11 | after_filter :set_csrf_cookie | 17 | after_filter :set_csrf_cookie |
| 12 | 18 | ||
| @@ -187,4 +193,8 @@ class ApplicationController < ActionController::Base | @@ -187,4 +193,8 @@ class ApplicationController < ActionController::Base | ||
| 187 | {:results => scope.paginate(paginate_options)} | 193 | {:results => scope.paginate(paginate_options)} |
| 188 | end | 194 | end |
| 189 | 195 | ||
| 196 | + def private_environment? | ||
| 197 | + @environment.enabled?(:restrict_to_members) | ||
| 198 | + end | ||
| 199 | + | ||
| 190 | end | 200 | end |
app/helpers/token_helper.rb
| @@ -18,6 +18,7 @@ module TokenHelper | @@ -18,6 +18,7 @@ module TokenHelper | ||
| 18 | options[:on_add] ||= 'null' | 18 | options[:on_add] ||= 'null' |
| 19 | options[:on_delete] ||= 'null' | 19 | options[:on_delete] ||= 'null' |
| 20 | options[:on_ready] ||= 'null' | 20 | options[:on_ready] ||= 'null' |
| 21 | + options[:query_param] ||= 'q' | ||
| 21 | 22 | ||
| 22 | result = text_field_tag(name, nil, text_field_options.merge(html_options.merge({:id => element_id}))) | 23 | result = text_field_tag(name, nil, text_field_options.merge(html_options.merge({:id => element_id}))) |
| 23 | result += javascript_tag("jQuery('##{element_id}') | 24 | result += javascript_tag("jQuery('##{element_id}') |
| @@ -30,7 +31,7 @@ module TokenHelper | @@ -30,7 +31,7 @@ module TokenHelper | ||
| 30 | searchDelay: #{options[:search_delay].to_json}, | 31 | searchDelay: #{options[:search_delay].to_json}, |
| 31 | preventDuplicates: #{options[:prevent_duplicates].to_json}, | 32 | preventDuplicates: #{options[:prevent_duplicates].to_json}, |
| 32 | backspaceDeleteItem: #{options[:backspace_delete_item].to_json}, | 33 | backspaceDeleteItem: #{options[:backspace_delete_item].to_json}, |
| 33 | - queryParam: #{name.to_json}, | 34 | + queryParam: #{options[:query_param].to_json}, |
| 34 | tokenLimit: #{options[:token_limit].to_json}, | 35 | tokenLimit: #{options[:token_limit].to_json}, |
| 35 | onResult: #{options[:on_result]}, | 36 | onResult: #{options[:on_result]}, |
| 36 | onAdd: #{options[:on_add]}, | 37 | onAdd: #{options[:on_add]}, |
| @@ -48,4 +49,4 @@ module TokenHelper | @@ -48,4 +49,4 @@ module TokenHelper | ||
| 48 | result | 49 | result |
| 49 | end | 50 | end |
| 50 | 51 | ||
| 51 | -end | ||
| 52 | \ No newline at end of file | 52 | \ No newline at end of file |
| 53 | +end |
app/models/environment.rb
| @@ -3,7 +3,7 @@ | @@ -3,7 +3,7 @@ | ||
| 3 | # domains. | 3 | # domains. |
| 4 | class Environment < ActiveRecord::Base | 4 | class Environment < ActiveRecord::Base |
| 5 | 5 | ||
| 6 | - attr_accessible :name, :is_default, :signup_welcome_text_subject, :signup_welcome_text_body, :terms_of_use, :message_for_disabled_enterprise, :news_amount_by_folder, :default_language, :languages, :description, :organization_approval_method, :enabled_plugins, :enabled_features, :disabled_blocks, :redirection_after_login, :redirection_after_signup, :contact_email, :theme, :reports_lower_bound, :noreply_email, :signup_welcome_screen_body | 6 | + attr_accessible :name, :is_default, :signup_welcome_text_subject, :signup_welcome_text_body, :terms_of_use, :message_for_disabled_enterprise, :news_amount_by_folder, :default_language, :languages, :description, :organization_approval_method, :enabled_plugins, :enabled_features, :disabled_blocks, :redirection_after_login, :redirection_after_signup, :contact_email, :theme, :reports_lower_bound, :noreply_email, :signup_welcome_screen_body, :members_whitelist_enabled, :members_whitelist |
| 7 | 7 | ||
| 8 | has_many :users | 8 | has_many :users |
| 9 | 9 | ||
| @@ -132,7 +132,8 @@ class Environment < ActiveRecord::Base | @@ -132,7 +132,8 @@ class Environment < ActiveRecord::Base | ||
| 132 | 'send_welcome_email_to_new_users' => _('Send welcome e-mail to new users'), | 132 | 'send_welcome_email_to_new_users' => _('Send welcome e-mail to new users'), |
| 133 | 'allow_change_of_redirection_after_login' => _('Allow users to set the page to redirect after login'), | 133 | 'allow_change_of_redirection_after_login' => _('Allow users to set the page to redirect after login'), |
| 134 | 'display_my_communities_on_user_menu' => _('Display on menu the list of communities the user can manage'), | 134 | 'display_my_communities_on_user_menu' => _('Display on menu the list of communities the user can manage'), |
| 135 | - 'display_my_enterprises_on_user_menu' => _('Display on menu the list of enterprises the user can manage') | 135 | + 'display_my_enterprises_on_user_menu' => _('Display on menu the list of enterprises the user can manage'), |
| 136 | + 'restrict_to_members' => _('Show content only to members') | ||
| 136 | } | 137 | } |
| 137 | end | 138 | end |
| 138 | 139 | ||
| @@ -305,6 +306,17 @@ class Environment < ActiveRecord::Base | @@ -305,6 +306,17 @@ class Environment < ActiveRecord::Base | ||
| 305 | settings[:signup_welcome_screen_body].present? | 306 | settings[:signup_welcome_screen_body].present? |
| 306 | end | 307 | end |
| 307 | 308 | ||
| 309 | + settings_items :members_whitelist_enabled, :type => :boolean, :default => false | ||
| 310 | + settings_items :members_whitelist, :type => Array, :default => [] | ||
| 311 | + | ||
| 312 | + def in_whitelist?(person) | ||
| 313 | + !members_whitelist_enabled || members_whitelist.include?(person.id) | ||
| 314 | + end | ||
| 315 | + | ||
| 316 | + def members_whitelist=(members) | ||
| 317 | + settings[:members_whitelist] = members.split(',').map(&:to_i) | ||
| 318 | + end | ||
| 319 | + | ||
| 308 | def news_amount_by_folder=(amount) | 320 | def news_amount_by_folder=(amount) |
| 309 | settings[:news_amount_by_folder] = amount.to_i | 321 | settings[:news_amount_by_folder] = amount.to_i |
| 310 | end | 322 | end |
app/views/features/index.html.erb
| @@ -37,6 +37,18 @@ Check all the features you want to enable for your environment, uncheck all the | @@ -37,6 +37,18 @@ Check all the features you want to enable for your environment, uncheck all the | ||
| 37 | <%= select_organization_approval_method('environment', 'organization_approval_method') %> | 37 | <%= select_organization_approval_method('environment', 'organization_approval_method') %> |
| 38 | <hr/> | 38 | <hr/> |
| 39 | 39 | ||
| 40 | +<h3><%= _('Members Whitelist') %></h3> | ||
| 41 | + <div class="option"> | ||
| 42 | + <%= check_box :environment, :members_whitelist_enabled %> | ||
| 43 | + <label><%= _('Enable whitelist') %></label> | ||
| 44 | + </div> | ||
| 45 | + <div class="input"> | ||
| 46 | + <div class="info"><%= _('Allow these people to access this environment:') %></div> | ||
| 47 | + <% tokenized_members = prepare_to_token_input(environment.people.find(:all, :conditions => {:id => environment.members_whitelist})) %> | ||
| 48 | + <%= token_input_field_tag('environment[members_whitelist]', 'search-members', {:action => 'search_members'}, {:focus => false, :hint_text => _('Type in a search term for a user'), :pre_populate => tokenized_members}) %> | ||
| 49 | + </div> | ||
| 50 | +<hr/> | ||
| 51 | + | ||
| 40 | <div> | 52 | <div> |
| 41 | <% button_bar do %> | 53 | <% button_bar do %> |
| 42 | <%= submit_button('save', _('Save changes')) %> | 54 | <%= submit_button('save', _('Save changes')) %> |
script/quick-start
| @@ -52,6 +52,7 @@ else | @@ -52,6 +52,7 @@ else | ||
| 52 | # special case Debian-based systems; in others people will have to install | 52 | # special case Debian-based systems; in others people will have to install |
| 53 | # lsb-release by themselves | 53 | # lsb-release by themselves |
| 54 | if which apt-get >/dev/null 2>&1; then | 54 | if which apt-get >/dev/null 2>&1; then |
| 55 | + sudo apt-get update | ||
| 55 | sudo apt-get -y install lsb-release | 56 | sudo apt-get -y install lsb-release |
| 56 | else | 57 | else |
| 57 | complain "E: lsb_release not available! (Try installing the lsb-release package)" | 58 | complain "E: lsb_release not available! (Try installing the lsb-release package)" |
test/functional/application_controller_test.rb
| @@ -557,4 +557,51 @@ class ApplicationControllerTest < ActionController::TestCase | @@ -557,4 +557,51 @@ class ApplicationControllerTest < ActionController::TestCase | ||
| 557 | assert_no_tag :tag => 'meta', :attributes => { :property => 'article:published_time' } | 557 | assert_no_tag :tag => 'meta', :attributes => { :property => 'article:published_time' } |
| 558 | assert_no_tag :tag => 'meta', :attributes => { :property => 'og:image' } | 558 | assert_no_tag :tag => 'meta', :attributes => { :property => 'og:image' } |
| 559 | end | 559 | end |
| 560 | + | ||
| 561 | + should 'redirect to login if environment is restrict to members' do | ||
| 562 | + Environment.default.enable(:restrict_to_members) | ||
| 563 | + get :index | ||
| 564 | + assert_redirected_to :controller => 'account', :action => 'login' | ||
| 565 | + end | ||
| 566 | + | ||
| 567 | + should 'do not allow member not included in whitelist to access an environment' do | ||
| 568 | + user = create_user | ||
| 569 | + e = Environment.default | ||
| 570 | + e.members_whitelist_enabled = true | ||
| 571 | + e.save! | ||
| 572 | + login_as(user.login) | ||
| 573 | + get :index | ||
| 574 | + assert_response :forbidden | ||
| 575 | + end | ||
| 576 | + | ||
| 577 | + should 'allow member in whitelist to access an environment' do | ||
| 578 | + user = create_user | ||
| 579 | + e = Environment.default | ||
| 580 | + e.members_whitelist_enabled = true | ||
| 581 | + e.members_whitelist = "#{user.person.id}" | ||
| 582 | + e.save! | ||
| 583 | + login_as(user.login) | ||
| 584 | + get :index | ||
| 585 | + assert_response :success | ||
| 586 | + end | ||
| 587 | + | ||
| 588 | + should 'allow members to access an environment if whitelist is disabled' do | ||
| 589 | + user = create_user | ||
| 590 | + e = Environment.default | ||
| 591 | + e.members_whitelist_enabled = false | ||
| 592 | + e.save! | ||
| 593 | + login_as(user.login) | ||
| 594 | + get :index | ||
| 595 | + assert_response :success | ||
| 596 | + end | ||
| 597 | + | ||
| 598 | + should 'allow admin to access an environment if whitelist is enabled' do | ||
| 599 | + e = Environment.default | ||
| 600 | + e.members_whitelist_enabled = true | ||
| 601 | + e.save! | ||
| 602 | + login_as(create_admin_user(e)) | ||
| 603 | + get :index | ||
| 604 | + assert_response :success | ||
| 605 | + end | ||
| 606 | + | ||
| 560 | end | 607 | end |
test/functional/features_controller_test.rb
| @@ -146,4 +146,12 @@ class FeaturesControllerTest < ActionController::TestCase | @@ -146,4 +146,12 @@ class FeaturesControllerTest < ActionController::TestCase | ||
| 146 | assert_equal true, e.custom_community_fields['contact_person']['required'] | 146 | assert_equal true, e.custom_community_fields['contact_person']['required'] |
| 147 | end | 147 | end |
| 148 | 148 | ||
| 149 | + should 'search members' do | ||
| 150 | + uses_host 'anhetegua.net' | ||
| 151 | + person = fast_create(Person, :environment_id => Environment.find(2).id) | ||
| 152 | + xhr :get, :search_members, :q => person.name[0..2] | ||
| 153 | + json_response = ActiveSupport::JSON.decode(@response.body) | ||
| 154 | + assert_includes json_response, {"id"=>person.id, "name"=>person.name} | ||
| 155 | + end | ||
| 156 | + | ||
| 149 | end | 157 | end |