Merge branch 'staging' into production

Leandro Santos
2 parents 251748c7 be1c36a4
Showing 13 changed files with 63 additions and 27 deletions Show diff stats
app/api/helpers.rb
app/api/v1/profiles.rb
app/models/organization.rb
plugins/community_track/views/blocks/_track.html.erb
plugins/community_track/views/content_viewer/_step_item.html.erb
plugins/community_track/views/content_viewer/step.html.erb
plugins/community_track/views/content_viewer/track.html.erb
plugins/organization_ratings/views/shared/_user_rating_container.html.erb
plugins/pairwise
spec/fixtures
spec/spec_helper.rb
spec/support
test/api/profiles_test.rb
@@ -447,12 +447,12 @@ module Api
     end
  
     def asset_with_image params
-      if params.has_key? :image_builder
+      if !params.nil? && params.has_key?(:image_builder)
         asset_api_params = params
         asset_api_params[:image_builder] = base64_to_uploadedfile(asset_api_params[:image_builder])
         return asset_api_params
       end
-        params
+      params
     end
  
     def base64_to_uploadedfile(base64_image)
@@ -28,7 +28,7 @@ module Api
           authenticate!
           profile = environment.profiles.find_by(id: params[:id])
           return forbidden! unless profile.allow_edit?(current_person)
-          profile.update_attributes!(params[:profile])
+          profile.update_attributes!(asset_with_image(params[:profile]))
           present profile, :with => Entities::Profile, :current_person => current_person
         end
  
@@ -20,33 +20,28 @@ class Organization &lt; Profile
   #   visible.
   #   4) The user is not a member of the organization but the organization is
   #   visible, public and enabled.
-  def self.listed_for_person(person)
+  scope :listed_for_person, lambda { |person|
+
     joins('LEFT JOIN "role_assignments" ON ("role_assignments"."resource_id" = "profiles"."id"
           AND "role_assignments"."resource_type" = \'Profile\') OR (
           "role_assignments"."resource_id" = "profiles"."environment_id" AND
           "role_assignments"."resource_type" = \'Environment\' )')
     .joins('LEFT JOIN "roles" ON "role_assignments"."role_id" = "roles"."id"')
     .where(
-      ['( (roles.key = ? OR roles.key = ?) AND role_assignments.accessor_type = ? AND role_assignments.accessor_id = ? )
-        OR
-        ( ( ( role_assignments.accessor_type = ? AND role_assignments.accessor_id = ? ) OR
-            ( profiles.enabled = ? ) ) AND
-          ( profiles.visible = ? ) )',
-      'profile_admin', 'environment_administrator', Profile.name, person.id,
-      Profile.name, person.id, true, true]
-    ).uniq
-  end
-
-  def self.visible_for_person(person)
-    listed_for_person(person).where(
-      ['( (roles.key = ? OR roles.key = ?) AND role_assignments.accessor_type = ? AND role_assignments.accessor_id = ? )
-        OR
+      ['( (roles.key = ? OR roles.key = ?) AND role_assignments.accessor_type = ? AND role_assignments.accessor_id = ? ) OR (
+        ( ( role_assignments.accessor_type = ? AND role_assignments.accessor_id = ? ) OR ( profiles.enabled = ?)) AND (profiles.visible = ?) )',
+         'profile_admin', 'environment_administrator', Profile.name, person.id, Profile.name, person.id,  true, true]
+     ).uniq
+  }
+
+  scope :visible_for_person, lambda { |person|
+	    listed_for_person(person).where( ['
         ( ( role_assignments.accessor_type = ? AND role_assignments.accessor_id = ? ) OR
-          ( profiles.enabled = ? AND profiles.public_profile = ? ) )',
-      'profile_admin', 'environment_administrator', Profile.name, person.id,
+          ( profiles.enabled = ? AND profiles.public_profile = ? ) )',      
       Profile.name, person.id,  true, true]
     )
-  end
+  }
+
  
   settings_items :closed, :type => :boolean, :default => false
   def closed?
@@ -5,7 +5,7 @@
     <div class="lead">
       <h3><%= link_to track.name, track.url %></h3>
       <div class="content">
-        <%= track.lead %>
+        <%= track.lead.html_safe %>
       </div>
     </div>
     <div class="steps">
@@ -10,7 +10,7 @@
         <%= status_description(step_item) %>
       </div>
       <div class="name"><span class="tool_icon button with-text icon-new icon-new<%= step_item.tool_class.icon_name if step_item.tool_class %>"></span>  <%= step_item.name %></div>
-      <div class="lead"><%= step_item.body %></div>
+      <div class="lead"><%= step_item.body.html_safe %></div>
       <div class="tools">
         <% if step_item.tool %>
           <%= _('Tool: ') %>
@@ -7,7 +7,7 @@
     </ul>
   </div>
   <div>
-    <%= step.body %>
+    <%= step.body.html_safe %>
   </div>
   <% if step.allow_create?(user) && !step.tool && step.tool_class %>
     <h3><%= _("Tool") %></h3>
@@ -3,7 +3,7 @@
 <%= form_tag({:controller => 'community_track_plugin_myprofile', :action => 'save_order', :track => track}) do %>
 <div id="track">
   <div>
-    <%= track.body %>
+    <%= track.body.html_safe %>
   </div>
  
   <h3><%= _("Steps") %></h3>
@@ -31,7 +31,7 @@
         <p class="comment-body"> <%= user_rate.comment.body %> </p>
       <% elsif user && user.is_admin? %>
         <% rating_task = CreateOrganizationRatingComment.with_rating(user_rate) %>
-        <p class="comment-body"> <%= rating_task.body %> </p>
+        <p class="comment-body"> <%= rating_task.body if rating_task.respond_to?(:body) %> </p>
       <% end %>
     </div>
     <%= @plugins.dispatch(:organization_ratings_plugin_container_extra_fields, user_rate).collect { |content| instance_exec(&content) }.join("") %>
-Subproject commit 3b53cb452812f0dc807a9543dd1520b2d80c675c
+Subproject commit 6450a3c2107025c6543b334a736685e3396d515e
@@ -0,0 +1 @@
+../test/fixtures
 \ No newline at end of file
@@ -0,0 +1,25 @@
+require_relative '../config/environment'
+require 'rspec/rails'
+
+require_relative 'support/factories'
+
+require 'database_cleaner'
+
+RSpec.configure do |config|
+
+  config.fixture_path = 'spec/fixtures'
+
+  config.include Noosfero::Factory
+
+  config.before(:suite) do
+    DatabaseCleaner.strategy = :truncation
+    DatabaseCleaner.clean_with :truncation
+  end
+  config.around(:each) do |example|
+    DatabaseCleaner.cleaning do
+      example.run
+    end
+  end
+
+end
+
@@ -0,0 +1 @@
+../test/support
 \ No newline at end of file
@@ -218,4 +218,18 @@ class ProfilesTest &lt; ActiveSupport::TestCase
     json = JSON.parse(last_response.body)
     assert_includes json["permissions"], 'allow_post_content'
   end
+
+  should 'update profile image' do
+    login_api
+    community = fast_create(Community)
+    community.add_member(person)
+    base64_image = create_base64_image
+    params.merge!({profile: {image_builder: base64_image}})
+    assert_nil person.image
+    post "/api/v1/profiles/#{community.id}?#{params.to_query}"
+    community.reload
+    assert_not_nil community.image
+    assert_equal community.image.filename, base64_image[:filename]
+  end
+
 end
...	...	@@ -447,12 +447,12 @@ module Api
447	447	end
448	448
449	449	def asset_with_image params
450		- if params.has_key? :image_builder
	450	+ if !params.nil? && params.has_key?(:image_builder)
451	451	asset_api_params = params
452	452	asset_api_params[:image_builder] = base64_to_uploadedfile(asset_api_params[:image_builder])
453	453	return asset_api_params
454	454	end
455		- params
	455	+ params
456	456	end
457	457
458	458	def base64_to_uploadedfile(base64_image)
...	...
...	...	@@ -28,7 +28,7 @@ module Api
28	28	authenticate!
29	29	profile = environment.profiles.find_by(id: params[:id])
30	30	return forbidden! unless profile.allow_edit?(current_person)
31		- profile.update_attributes!(params[:profile])
	31	+ profile.update_attributes!(asset_with_image(params[:profile]))
32	32	present profile, :with => Entities::Profile, :current_person => current_person
33	33	end
34	34
...	...
...	...	@@ -20,33 +20,28 @@ class Organization < Profile
20	20	# visible.
21	21	# 4) The user is not a member of the organization but the organization is
22	22	# visible, public and enabled.
23		- def self.listed_for_person(person)
	23	+ scope :listed_for_person, lambda { \|person\|
	24	+
24	25	joins('LEFT JOIN "role_assignments" ON ("role_assignments"."resource_id" = "profiles"."id"
25	26	AND "role_assignments"."resource_type" = \'Profile\') OR (
26	27	"role_assignments"."resource_id" = "profiles"."environment_id" AND
27	28	"role_assignments"."resource_type" = \'Environment\' )')
28	29	.joins('LEFT JOIN "roles" ON "role_assignments"."role_id" = "roles"."id"')
29	30	.where(
30		- ['( (roles.key = ? OR roles.key = ?) AND role_assignments.accessor_type = ? AND role_assignments.accessor_id = ? )
31		- OR
32		- ( ( ( role_assignments.accessor_type = ? AND role_assignments.accessor_id = ? ) OR
33		- ( profiles.enabled = ? ) ) AND
34		- ( profiles.visible = ? ) )',
35		- 'profile_admin', 'environment_administrator', Profile.name, person.id,
36		- Profile.name, person.id, true, true]
37		- ).uniq
38		- end
39		-
40		- def self.visible_for_person(person)
41		- listed_for_person(person).where(
42		- ['( (roles.key = ? OR roles.key = ?) AND role_assignments.accessor_type = ? AND role_assignments.accessor_id = ? )
43		- OR
	31	+ ['( (roles.key = ? OR roles.key = ?) AND role_assignments.accessor_type = ? AND role_assignments.accessor_id = ? ) OR (
	32	+ ( ( role_assignments.accessor_type = ? AND role_assignments.accessor_id = ? ) OR ( profiles.enabled = ?)) AND (profiles.visible = ?) )',
	33	+ 'profile_admin', 'environment_administrator', Profile.name, person.id, Profile.name, person.id, true, true]
	34	+ ).uniq
	35	+ }
	36	+
	37	+ scope :visible_for_person, lambda { \|person\|
	38	+ listed_for_person(person).where( ['
44	39	( ( role_assignments.accessor_type = ? AND role_assignments.accessor_id = ? ) OR
45		- ( profiles.enabled = ? AND profiles.public_profile = ? ) )',
46		- 'profile_admin', 'environment_administrator', Profile.name, person.id,
	40	+ ( profiles.enabled = ? AND profiles.public_profile = ? ) )',
47	41	Profile.name, person.id, true, true]
48	42	)
49		- end
	43	+ }
	44	+
50	45
51	46	settings_items :closed, :type => :boolean, :default => false
52	47	def closed?
...	...
...	...	@@ -5,7 +5,7 @@
5	5	<div class="lead">
6	6	<h3><%= link_to track.name, track.url %></h3>
7	7	<div class="content">
8		- <%= track.lead %>
	8	+ <%= track.lead.html_safe %>
9	9	</div>
10	10	</div>
11	11	<div class="steps">
...	...
...	...	@@ -10,7 +10,7 @@
10	10	<%= status_description(step_item) %>
11	11	</div>
12	12	<div class="name"><span class="tool_icon button with-text icon-new icon-new<%= step_item.tool_class.icon_name if step_item.tool_class %>"></span> <%= step_item.name %></div>
13		- <div class="lead"><%= step_item.body %></div>
	13	+ <div class="lead"><%= step_item.body.html_safe %></div>
14	14	<div class="tools">
15	15	<% if step_item.tool %>
16	16	<%= _('Tool: ') %>
...	...
...	...	@@ -7,7 +7,7 @@
7	7	</ul>
8	8	</div>
9	9	<div>
10		- <%= step.body %>
	10	+ <%= step.body.html_safe %>
11	11	</div>
12	12	<% if step.allow_create?(user) && !step.tool && step.tool_class %>
13	13	<h3><%= _("Tool") %></h3>
...	...
...	...	@@ -3,7 +3,7 @@
3	3	<%= form_tag({:controller => 'community_track_plugin_myprofile', :action => 'save_order', :track => track}) do %>
4	4	<div id="track">
5	5	<div>
6		- <%= track.body %>
	6	+ <%= track.body.html_safe %>
7	7	</div>
8	8
9	9	<h3><%= _("Steps") %></h3>
...	...
...	...	@@ -31,7 +31,7 @@
31	31	<p class="comment-body"> <%= user_rate.comment.body %> </p>
32	32	<% elsif user && user.is_admin? %>
33	33	<% rating_task = CreateOrganizationRatingComment.with_rating(user_rate) %>
34		- <p class="comment-body"> <%= rating_task.body %> </p>
	34	+ <p class="comment-body"> <%= rating_task.body if rating_task.respond_to?(:body) %> </p>
35	35	<% end %>
36	36	</div>
37	37	<%= @plugins.dispatch(:organization_ratings_plugin_container_extra_fields, user_rate).collect { \|content\| instance_exec(&content) }.join("") %>
...	...
1		-Subproject commit 3b53cb452812f0dc807a9543dd1520b2d80c675c
	1	+Subproject commit 6450a3c2107025c6543b334a736685e3396d515e
...	...
...	...	@@ -0,0 +1 @@
	1	+../test/fixtures
0	2	\ No newline at end of file
...	...