From 0541cc4a14da751d744dcfd132ee4bbef0db4266 Mon Sep 17 00:00:00 2001
From: Daniela Soares Feitosa <danielafeitosa@colivre.coop.br>
Date: Sun, 7 Oct 2012 12:55:35 -0300
Subject: [PATCH] Searching comments on page before editing it

---
 app/controllers/public/content_viewer_controller.rb             | 29 +++++++++++++++++++----------
 app/views/content_viewer/_comment_form.rhtml                    | 20 +++++++++++---------
 plugins/tolerance_time/lib/tolerance_time_plugin.rb             |  4 ++--
 plugins/tolerance_time/lib/tolerance_time_plugin/publication.rb |  2 +-
 test/functional/content_viewer_controller_test.rb               | 38 ++++++++++++++++++++++++++++++++++++++
 5 files changed, 71 insertions(+), 22 deletions(-)

diff --git a/app/controllers/public/content_viewer_controller.rb b/app/controllers/public/content_viewer_controller.rb
index 7dce933..92c90aa 100644
--- a/app/controllers/public/content_viewer_controller.rb
+++ b/app/controllers/public/content_viewer_controller.rb
@@ -127,15 +127,20 @@ class ContentViewerController < ApplicationController
     path = params[:page].join('/')
     @page = profile.articles.find_by_path(path)
     @form_div = 'opened'
-    @comment = Comment.find(params[:id])
-    if request.post?
-      begin
-        @comment.update_attributes(params[:comment])
-        session[:notice] = _('Comment updated.')
-        redirect_to :action => 'view_page', :profile => profile.identifier, :page => @comment.article.explode_path
-      rescue
-        session[:notice] = _('Comment could not be updated.')
+    @comment = @page.comments.find_by_id(params[:id])
+    if @comment
+      if request.post?
+        begin
+          @comment.update_attributes(params[:comment])
+          session[:notice] = _('Comment succesfully updated')
+          redirect_to :action => 'view_page', :profile => profile.identifier, :page => @comment.article.explode_path
+        rescue
+          session[:notice] = _('Comment could not be updated')
+        end
       end
+    else
+      redirect_to @page.view_url
+      session[:notice] = _('Could not find the comment in the article')
     end
   end
 
@@ -217,8 +222,12 @@ class ContentViewerController < ApplicationController
   end
 
   def comment_author
-    comment = Comment.find(params[:id])
-    render_access_denied if comment.author.blank? || comment.author != user
+    comment = Comment.find_by_id(params[:id])
+    if comment
+      render_access_denied if comment.author.blank? || comment.author != user
+    else
+      render_not_found
+    end
   end
 
 end
diff --git a/app/views/content_viewer/_comment_form.rhtml b/app/views/content_viewer/_comment_form.rhtml
index 2bc4e36..c19a877 100644
--- a/app/views/content_viewer/_comment_form.rhtml
+++ b/app/views/content_viewer/_comment_form.rhtml
@@ -32,15 +32,17 @@ function submit_comment_form(button) {
 
 <div class="post_comment_box <%= @form_div %>">
 
-<h4 onclick="var d = jQuery(this).parent('.post_comment_box');
-             if (d.hasClass('closed')) {
-               d.removeClass('closed');
-               d.addClass('opened');
-               d.find('input[name=comment[title]], textarea').val('');
-               d.find('.comment_form input[name=comment[<%= focus_on %>]]').focus();
-             }">
-  <%= content_tag('a', '', :name => 'comment_form') + _('Post a comment') if display_link %>
-</h4>
+<% if display_link %>
+  <h4 onclick="var d = jQuery(this).parent('.post_comment_box');
+               if (d.hasClass('closed')) {
+                 d.removeClass('closed');
+                 d.addClass('opened');
+                 d.find('input[name=comment[title]], textarea').val('');
+                 d.find('.comment_form input[name=comment[<%= focus_on %>]]').focus();
+               }">
+    <%= content_tag('a', '', :name => 'comment_form') + _('Post a comment') %>
+  </h4>
+<% end %>
 
 <% unless pass_without_comment_captcha? %>
   <div id="recaptcha-container" style="display: none">
diff --git a/plugins/tolerance_time/lib/tolerance_time_plugin.rb b/plugins/tolerance_time/lib/tolerance_time_plugin.rb
index b115cf9..23046a5 100644
--- a/plugins/tolerance_time/lib/tolerance_time_plugin.rb
+++ b/plugins/tolerance_time/lib/tolerance_time_plugin.rb
@@ -35,7 +35,7 @@ class ToleranceTimePlugin < Noosfero::Plugin
     block = lambda do
       content = Article.find(params[:id])
       if ToleranceTimePlugin.expired?(content)
-        session[:notice] = _('This content can\'t be edited anymore because it expired the tolerance time')
+        session[:notice] = _("This content can't be edited anymore because it expired the tolerance time")
         redirect_to content.url
       end
     end
@@ -51,7 +51,7 @@ class ToleranceTimePlugin < Noosfero::Plugin
     block = lambda do
       content = Comment.find(params[:id])
       if ToleranceTimePlugin.expired?(content)
-        session[:notice] = _('This content can\'t be edited anymore because it expired the tolerance time')
+        session[:notice] = _("This content can't be edited anymore because it expired the tolerance time")
         redirect_to content.article.url
       end
     end
diff --git a/plugins/tolerance_time/lib/tolerance_time_plugin/publication.rb b/plugins/tolerance_time/lib/tolerance_time_plugin/publication.rb
index 9f38b94..d2c9b2a 100644
--- a/plugins/tolerance_time/lib/tolerance_time_plugin/publication.rb
+++ b/plugins/tolerance_time/lib/tolerance_time_plugin/publication.rb
@@ -22,6 +22,6 @@ class ToleranceTimePlugin::Publication < Noosfero::Plugin::ActiveRecord
     else
       tolerance_time = 1.0/0
     end
-    created_at.to_i+tolerance_time < Time.now.to_i
+    created_at.to_f.to_i+tolerance_time < Time.now.to_i
   end
 end
diff --git a/test/functional/content_viewer_controller_test.rb b/test/functional/content_viewer_controller_test.rb
index 5521f77..2f66529 100644
--- a/test/functional/content_viewer_controller_test.rb
+++ b/test/functional/content_viewer_controller_test.rb
@@ -1464,4 +1464,42 @@ end
     assert spam.spam?
   end
 
+  should 'be able to edit a comment' do
+    login_as profile.identifier
+    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text', :accept_comments => false)
+    comment = fast_create(Comment, :body => 'Original comment', :author_id => profile.id, :source_id => page.id, :source_type => 'Article')
+
+    post :edit_comment, :id => comment.id, :profile => profile.identifier, :page => [ 'myarticle' ], :comment => { :body => 'Comment edited' }
+    assert_equal 'Comment edited', Comment.find(comment.id).body
+  end
+
+  should 'edit comment from a page' do
+    login_as profile.identifier
+    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
+    comment = fast_create(Comment, :body => 'Original comment', :author_id => profile.id, :source_id => page.id, :source_type => 'Article')
+
+    get :edit_comment, :id => comment.id, :profile => profile.identifier, :page => [ 'myarticle' ], :comment => { :body => 'Comment edited' }
+    assert_tag :tag => 'h1', :content => 'Edit comment'
+  end
+
+  should 'not edit comment from other page' do
+    login_as profile.identifier
+    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
+    comment = fast_create(Comment, :body => 'Original comment', :author_id => profile.id, :source_id => page.id, :source_type => 'Article')
+
+    other_page = profile.articles.create!(:name => 'my other article', :body => 'the body of the text')
+    comment_on_other_page = fast_create(Comment, :body => 'Comment on other article', :author_id => profile.id, :source_id => other_page.id, :source_type => 'Article')
+
+    get :edit_comment, :id => comment_on_other_page.id, :profile => profile.identifier, :page => [ 'myarticle' ], :comment => { :body => 'Comment edited' }
+    assert_redirected_to page.url
+  end
+
+  should 'not crash on edit comment if comment does not exist' do
+    login_as profile.identifier
+    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
+
+    get :edit_comment, :id => 1000, :profile => profile.identifier, :page => [ 'myarticle' ], :comment => { :body => 'Comment edited' }
+    assert_response 404
+  end
+
 end
--
libgit2 0.21.2