Download as
Browse Code »

Commit 6ca0d5631f7d386dd8ff6f3f50e944adb1fd65d2

Authored by Rodrigo Souto
Committed by Joenio Costa
1 parent a5267bac
Exists in staging and in 42 other branches all_pending_tasks_api, api-articles-period, api_roles, caching-rails4, captcha_serpro_plugin, comments_permissions, content-manager-hostspot, elasticsearch, elasticsearch_api, elasticsearch_categories, elasticsearch_filter, elasticsearch_sort, elasticsearch_to_merge, elasticsearch_view, environment-exposes-api, export-comment-api, export-comment-paragraph, export_data, external_followers, federation-webfinger, federation_followers, federation_followers_backend, federation_oauth_provider, federation_webfinger, fix_event_date_issue, fix_notification_email, fix_string_downcase_and_upcase, follower_permition, json_cookie_serializer, login-captcha, master, master_profile_followers, oauth_external_login, oauth_login, private-scraps, private-scraps-rebase, production, production-vendorized, profile_api_improvements, tasks_keep_filter_params, user_mention, webfinger_server

Only environment admin can unblock enterprises 

(ActionItem1516)
Showing 2 changed files with 31 additions and 3 deletions   Show diff stats
app/controllers/public/profile_controller.rb
  Diff comments   View file @6ca0d56
... ... @@ -3,7 +3,7 @@ class ProfileController < PublicController
3 3 needs_profile
4 4 before_filter :check_access_to_profile, :except => [:join, :refuse_join, :refuse_for_now, :index]
5 5 before_filter :store_before_join, :only => [:join]
6   - before_filter :login_required, :only => [:join, :refuse_join, :leave]
  6 + before_filter :login_required, :only => [:join, :refuse_join, :leave, :unblock]
7 7  
8 8 helper TagsHelper
9 9  
... ... @@ -114,8 +114,14 @@ class ProfileController < PublicController
114 114 end
115 115  
116 116 def unblock
117   - profile.unblock
118   - redirect_to :controller => 'profile', :action => 'index'
  117 + if current_user.person.is_admin?(profile.environment)
  118 + profile.unblock
  119 + flash[:notice] = _("You have unblocked %s successfully. ") % profile.name
  120 + redirect_to :controller => 'profile', :action => 'index'
  121 + else
  122 + message = _('You are not allowed to unblock enterprises in this environment.')
  123 + render_access_denied(message)
  124 + end
119 125 end
120 126  
121 127 protected
... ...
test/functional/profile_controller_test.rb
  Diff comments   View file @6ca0d56
... ... @@ -665,4 +665,26 @@ class ProfileControllerTest < Test::Unit::TestCase
665 665 get :index, :profile => profile.identifier
666 666 assert_tag :tag => 'a', :content => 'One picture', :attributes => { :href => /\/testuser\/gallery/ }
667 667 end
  668 +
  669 + should 'ask for login if user not logged' do
  670 + enterprise = fast_create(Enterprise)
  671 + get :unblock, :profile => enterprise.identifier
  672 + assert_redirected_to "asdf"
  673 + end
  674 +
  675 + should ' not allow ordinary users to unblock enterprises' do
  676 + login_as(profile.identifier)
  677 + enterprise = fast_create(Enterprise)
  678 + get :unblock, :profile => enterprise.identifier
  679 + assert_response 403
  680 + end
  681 +
  682 + should 'allow environment admin to unblock enteprises' do
  683 + login_as(profile.identifier)
  684 + enterprise = fast_create(Enterprise)
  685 + enterprise.environment.add_admin(profile)
  686 + get :unblock, :profile => enterprise.identifier
  687 + assert_response 302
  688 + end
  689 +
668 690 end
... ...