Commit c9b33c17f779d4f94212875f40ff3ab0eef530e2
1 parent
cbed32d2
Exists in
staging
and in
42 other branches
Refactoring Work Assignment Plugin
- Changed methods and variable names. - Created work_assignment_plugin_myprofile_controller and undone the cms_controller extension - Fixed the tests to fit the new structure Signed-off-by: Gabriela Navarro <navarro1703@gmail.com>
Showing
14 changed files
with
262 additions
and
273 deletions
Show diff stats
app/controllers/my_profile/cms_controller.rb
| @@ -30,10 +30,6 @@ class CmsController < MyProfileController | @@ -30,10 +30,6 @@ class CmsController < MyProfileController | ||
| 30 | (user && (user.has_permission?('post_content', profile) || user.has_permission?('publish_content', profile))) | 30 | (user && (user.has_permission?('post_content', profile) || user.has_permission?('publish_content', profile))) |
| 31 | end | 31 | end |
| 32 | 32 | ||
| 33 | - def self.add_as_exception?(action) | ||
| 34 | - false | ||
| 35 | - end | ||
| 36 | - | ||
| 37 | protect_if :except => [:suggest_an_article, :set_home_page, :edit, :destroy, :publish, :upload_files, :new] do |c, user, profile| | 33 | protect_if :except => [:suggest_an_article, :set_home_page, :edit, :destroy, :publish, :upload_files, :new] do |c, user, profile| |
| 38 | user && (user.has_permission?('post_content', profile) || user.has_permission?('publish_content', profile)) | 34 | user && (user.has_permission?('post_content', profile) || user.has_permission?('publish_content', profile)) |
| 39 | end | 35 | end |
app/helpers/application_helper.rb
| @@ -866,13 +866,11 @@ module ApplicationHelper | @@ -866,13 +866,11 @@ module ApplicationHelper | ||
| 866 | end | 866 | end |
| 867 | 867 | ||
| 868 | def helper_for_article(article) | 868 | def helper_for_article(article) |
| 869 | - puts "teste "*20 | ||
| 870 | article_helper = ActionView::Base.new | 869 | article_helper = ActionView::Base.new |
| 871 | article_helper.controller = controller | 870 | article_helper.controller = controller |
| 872 | article_helper.extend ArticleHelper | 871 | article_helper.extend ArticleHelper |
| 873 | article_helper.extend Rails.application.routes.url_helpers | 872 | article_helper.extend Rails.application.routes.url_helpers |
| 874 | begin | 873 | begin |
| 875 | - puts "erro "*20 | ||
| 876 | class_name = article.class.name + 'Helper' | 874 | class_name = article.class.name + 'Helper' |
| 877 | klass = class_name.constantize | 875 | klass = class_name.constantize |
| 878 | article_helper.extend klass | 876 | article_helper.extend klass |
plugins/work_assignment/controllers/work_assignment_plugin_myprofile_controller.rb
| 1 | class WorkAssignmentPluginMyprofileController < MyProfileController | 1 | class WorkAssignmentPluginMyprofileController < MyProfileController |
| 2 | 2 | ||
| 3 | -include ArticleHelper | ||
| 4 | -include CmsHelper | 3 | +helper ArticleHelper |
| 4 | +helper CmsHelper | ||
| 5 | 5 | ||
| 6 | before_filter :protect_if, :only => [:edit_visibility] | 6 | before_filter :protect_if, :only => [:edit_visibility] |
| 7 | 7 | ||
| 8 | - | ||
| 9 | def protect_if | 8 | def protect_if |
| 10 | - article = c.environment.articles.find_by_id(c.params[:article_id]) | ||
| 11 | - (user && !article.nil? && (user.is_member_of? article.profile) && | ||
| 12 | - article.parent.allow_privacy_edition && article.folder? && | 9 | + article = environment.articles.find_by_id(params[:article_id]) |
| 10 | + render_access_denied unless (user && !article.nil? && (user.is_member_of? article.profile) && | ||
| 11 | + article.parent.allow_visibility_edition && article.folder? && | ||
| 13 | (article.author == user || user.has_permission?('view_private_content', profile))) | 12 | (article.author == user || user.has_permission?('view_private_content', profile))) |
| 14 | end | 13 | end |
| 15 | 14 | ||
| 16 | -def edit_privacy | 15 | +def edit_visibility |
| 17 | unless params[:article_id].blank? | 16 | unless params[:article_id].blank? |
| 18 | folder = profile.environment.articles.find_by_id(params[:article_id]) | 17 | folder = profile.environment.articles.find_by_id(params[:article_id]) |
| 19 | @back_to = url_for(folder.parent.url) | 18 | @back_to = url_for(folder.parent.url) |
| @@ -27,4 +26,10 @@ def edit_privacy | @@ -27,4 +26,10 @@ def edit_privacy | ||
| 27 | end | 26 | end |
| 28 | end | 27 | end |
| 29 | end | 28 | end |
| 30 | -end | ||
| 31 | \ No newline at end of file | 29 | \ No newline at end of file |
| 30 | + | ||
| 31 | + def search_article_privacy_exceptions | ||
| 32 | + arg = params[:q].downcase | ||
| 33 | + result = profile.members.find(:all, :conditions => ['LOWER(name) LIKE ?', "%#{arg}%"]) | ||
| 34 | + render :text => prepare_to_token_input(result).to_json | ||
| 35 | + end | ||
| 36 | +end |
plugins/work_assignment/lib/ext/cms_controller.rb
| @@ -1,36 +0,0 @@ | @@ -1,36 +0,0 @@ | ||
| 1 | -require_dependency 'cms_controller' | ||
| 2 | - | ||
| 3 | -class CmsController | ||
| 4 | - | ||
| 5 | -protect_if :only => :edit_visibility do |c, user, profile| | ||
| 6 | - article = c.environment.articles.find_by_id(c.params[:article_id]) | ||
| 7 | - (user && !article.nil? && (user.is_member_of? article.profile) && | ||
| 8 | - article.parent.allow_privacy_edition && article.folder? && | ||
| 9 | - (article.author == user || user.has_permission?('view_private_content', profile))) | ||
| 10 | -end | ||
| 11 | - | ||
| 12 | -def edit_visibility | ||
| 13 | - unless params[:article_id].blank? | ||
| 14 | - folder = profile.environment.articles.find_by_id(params[:article_id]) | ||
| 15 | - @back_to = url_for(folder.parent.url) | ||
| 16 | - unless params[:article].blank? | ||
| 17 | - folder.published = params[:article][:published] | ||
| 18 | - unless params[:q].nil? | ||
| 19 | - folder.article_privacy_exceptions = params[:q].split(/,/).map{|n| environment.people.find n.to_i} | ||
| 20 | - end | ||
| 21 | - folder.save! | ||
| 22 | - redirect_to @back_to | ||
| 23 | - end | ||
| 24 | - end | ||
| 25 | - end | ||
| 26 | - | ||
| 27 | -def self.add_as_exception?(action) | ||
| 28 | - actions = "edit_visibility, search_article_privacy_exceptions" | ||
| 29 | - if actions.include? action | ||
| 30 | - true | ||
| 31 | - else | ||
| 32 | - false | ||
| 33 | - end | ||
| 34 | - end | ||
| 35 | - | ||
| 36 | -end |
plugins/work_assignment/lib/ext/email_contact.rb
| @@ -52,8 +52,7 @@ class EmailContact | @@ -52,8 +52,7 @@ class EmailContact | ||
| 52 | def build_mail_message!(environment, uploaded_files, parent_id) | 52 | def build_mail_message!(environment, uploaded_files, parent_id) |
| 53 | article = environment.articles.find_by_id(parent_id) | 53 | article = environment.articles.find_by_id(parent_id) |
| 54 | message = "" | 54 | message = "" |
| 55 | - #kind_of? | ||
| 56 | - if !article.nil? && article.type == "WorkAssignmentPlugin::WorkAssignment" | 55 | + if !article.nil? && article.kind_of?(WorkAssignmentPlugin::WorkAssignment) |
| 57 | message = article.default_email + "<br>" | 56 | message = article.default_email + "<br>" |
| 58 | end | 57 | end |
| 59 | uploaded_files.each do |file| | 58 | uploaded_files.each do |file| |
plugins/work_assignment/lib/ext/folder.rb
plugins/work_assignment/lib/work_assignment_plugin/helper.rb
| 1 | module WorkAssignmentPlugin::Helper | 1 | module WorkAssignmentPlugin::Helper |
| 2 | include CmsHelper | 2 | include CmsHelper |
| 3 | - include ArticleHelper | 3 | + |
| 4 | def display_submissions(work_assignment, user) | 4 | def display_submissions(work_assignment, user) |
| 5 | return if work_assignment.submissions.empty? | 5 | return if work_assignment.submissions.empty? |
| 6 | content_tag('table', | 6 | content_tag('table', |
| @@ -73,41 +73,21 @@ module WorkAssignmentPlugin::Helper | @@ -73,41 +73,21 @@ module WorkAssignmentPlugin::Helper | ||
| 73 | end | 73 | end |
| 74 | 74 | ||
| 75 | def display_privacy_button(author_folder, user) | 75 | def display_privacy_button(author_folder, user) |
| 76 | - #ver if | ||
| 77 | - if author_folder | ||
| 78 | - folder = environment.articles.find_by_id(author_folder.id) | ||
| 79 | - work_assignment = folder.parent | ||
| 80 | - @back_to = url_for(folder.parent.url) | ||
| 81 | - if(user && work_assignment.allow_privacy_edition && | ||
| 82 | - ((author_folder.author_id == user.id && (user.is_member_of? work_assignment.profile)) || | ||
| 83 | - user.has_permission?('view_private_content', work_assignment.profile)))#@profile? | 76 | + folder = environment.articles.find_by_id(author_folder.id) |
| 77 | + work_assignment = folder.parent | ||
| 78 | + @back_to = url_for(work_assignment.url) | ||
| 84 | 79 | ||
| 85 | - @tokenized_children = prepare_to_token_input( | ||
| 86 | - profile.members.includes(:articles_with_access).find_all{ |m| | ||
| 87 | - m.articles_with_access.include?(folder) | ||
| 88 | - }) | ||
| 89 | - button :edit, _('Edit'), { :controller => 'work_assignment_plugin_myprofile', | ||
| 90 | - :action => 'edit_privacy', :article_id => folder.id, | ||
| 91 | - :tokenized_children => @tokenized_children, :back_to => @back_to}, :method => :post | ||
| 92 | - end | ||
| 93 | - end | ||
| 94 | - end | 80 | + if(user && work_assignment.allow_visibility_edition && |
| 81 | + ((author_folder.author_id == user.id && (user.is_member_of? profile)) || | ||
| 82 | + user.has_permission?('view_private_content', profile))) | ||
| 95 | 83 | ||
| 96 | - def visibility_options(article, tokenized_children) | ||
| 97 | - content_tag('h4', _('Visibility')) + | ||
| 98 | - content_tag('div', | ||
| 99 | - content_tag('div', | ||
| 100 | - radio_button(:article, :published, true) + | ||
| 101 | - content_tag('label', _('Public (visible to other people)'), :for => 'article_published_true') | ||
| 102 | - ) + | ||
| 103 | - content_tag('div', | ||
| 104 | - radio_button(:article, :published, false) + | ||
| 105 | - content_tag('label', _('Private'), :for => 'article_published_false', :id => "label_private") | ||
| 106 | - ) + | ||
| 107 | - (article.profile.community? ? content_tag('div', | ||
| 108 | - content_tag('label', _('Fill in the search field to add the exception users to see this content'), :id => "text-input-search-exception-users") + | ||
| 109 | - token_input_field_tag(:q, 'search-article-privacy-exceptions', {:action => 'search_article_privacy_exceptions'}, | ||
| 110 | - {:focus => false, :hint_text => _('Type in a search term for a user'), :pre_populate => tokenized_children})) : | ||
| 111 | - '')) | 84 | + @tokenized_children = prepare_to_token_input( |
| 85 | + profile.members.includes(:articles_with_access).find_all{ |m| | ||
| 86 | + m.articles_with_access.include?(folder) | ||
| 87 | + }) | ||
| 88 | + button :edit, _('Edit'), { :controller => 'work_assignment_plugin_myprofile', | ||
| 89 | + :action => 'edit_visibility', :article_id => folder.id, | ||
| 90 | + :tokenized_children => @tokenized_children, :back_to => @back_to}, :method => :post | ||
| 91 | + end | ||
| 112 | end | 92 | end |
| 113 | end | 93 | end |
plugins/work_assignment/lib/work_assignment_plugin/work_assignment.rb
| @@ -2,11 +2,11 @@ class WorkAssignmentPlugin::WorkAssignment < Folder | @@ -2,11 +2,11 @@ class WorkAssignmentPlugin::WorkAssignment < Folder | ||
| 2 | 2 | ||
| 3 | settings_items :publish_submissions, :type => :boolean, :default => false | 3 | settings_items :publish_submissions, :type => :boolean, :default => false |
| 4 | settings_items :default_email, :type => :string, :default => "" | 4 | settings_items :default_email, :type => :string, :default => "" |
| 5 | - settings_items :allow_privacy_edition, :type => :boolean, :default => false | 5 | + settings_items :allow_visibility_edition, :type => :boolean, :default => false |
| 6 | 6 | ||
| 7 | attr_accessible :publish_submissions | 7 | attr_accessible :publish_submissions |
| 8 | attr_accessible :default_email | 8 | attr_accessible :default_email |
| 9 | - attr_accessible :allow_privacy_edition | 9 | + attr_accessible :allow_visibility_edition |
| 10 | 10 | ||
| 11 | def self.icon_name(article = nil) | 11 | def self.icon_name(article = nil) |
| 12 | 'work-assignment' | 12 | 'work-assignment' |
plugins/work_assignment/test/functional/cms_controller_test.rb
| @@ -6,14 +6,6 @@ class CmsController; def rescue_action(e) raise e end; end | @@ -6,14 +6,6 @@ class CmsController; def rescue_action(e) raise e end; end | ||
| 6 | 6 | ||
| 7 | class CmsControllerTest < ActionController::TestCase | 7 | class CmsControllerTest < ActionController::TestCase |
| 8 | 8 | ||
| 9 | - include NoosferoTestHelper | ||
| 10 | - #necessario? | ||
| 11 | - fixtures :environments | ||
| 12 | - | ||
| 13 | - | ||
| 14 | - attr_reader :profile | ||
| 15 | - attr_accessor :person | ||
| 16 | - | ||
| 17 | def setup | 9 | def setup |
| 18 | @controller = CmsController.new | 10 | @controller = CmsController.new |
| 19 | @request = ActionController::TestRequest.new | 11 | @request = ActionController::TestRequest.new |
| @@ -34,7 +26,7 @@ class CmsControllerTest < ActionController::TestCase | @@ -34,7 +26,7 @@ class CmsControllerTest < ActionController::TestCase | ||
| 34 | end | 26 | end |
| 35 | 27 | ||
| 36 | should 'allow members to upload submissions on work_assignment' do | 28 | should 'allow members to upload submissions on work_assignment' do |
| 37 | - @organization.add_member(person) | 29 | + @organization.add_member(@person) |
| 38 | # then he trys to upload new stuff | 30 | # then he trys to upload new stuff |
| 39 | work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil) | 31 | work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil) |
| 40 | get :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id | 32 | get :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id |
| @@ -42,7 +34,7 @@ class CmsControllerTest < ActionController::TestCase | @@ -42,7 +34,7 @@ class CmsControllerTest < ActionController::TestCase | ||
| 42 | end | 34 | end |
| 43 | 35 | ||
| 44 | should 'redirect to Work Assignment view page after upload submission' do | 36 | should 'redirect to Work Assignment view page after upload submission' do |
| 45 | - @organization.add_member(person) | 37 | + @organization.add_member(@person) |
| 46 | work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil) | 38 | work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil) |
| 47 | post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] , :back_to => @work_assignment.url | 39 | post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] , :back_to => @work_assignment.url |
| 48 | assert_redirected_to work_assignment.url | 40 | assert_redirected_to work_assignment.url |
| @@ -50,20 +42,20 @@ class CmsControllerTest < ActionController::TestCase | @@ -50,20 +42,20 @@ class CmsControllerTest < ActionController::TestCase | ||
| 50 | 42 | ||
| 51 | should 'upload submission and automatically move it to the author folder' do | 43 | should 'upload submission and automatically move it to the author folder' do |
| 52 | work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil) | 44 | work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil) |
| 53 | - @organization.add_member(person) | 45 | + @organization.add_member(@person) |
| 54 | post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] | 46 | post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] |
| 55 | submission = UploadedFile.last | 47 | submission = UploadedFile.last |
| 56 | - assert_equal work_assignment.find_or_create_author_folder(person), submission.parent | 48 | + assert_equal work_assignment.find_or_create_author_folder(@person), submission.parent |
| 57 | end | 49 | end |
| 58 | 50 | ||
| 59 | - should 'work_assignment attribute allow_privacy_edition is true when set a new work_assignment' do | 51 | + should 'work_assignment attribute allow_visibility_edition is true when set a new work_assignment' do |
| 60 | work_assignment = create_work_assignment('Work Assignment', @organization, nil, true) | 52 | work_assignment = create_work_assignment('Work Assignment', @organization, nil, true) |
| 61 | - @organization.add_member(person) | ||
| 62 | - assert_equal true, work_assignment.allow_privacy_edition | 53 | + @organization.add_member(@person) |
| 54 | + assert_equal true, work_assignment.allow_visibility_edition | ||
| 63 | end | 55 | end |
| 64 | 56 | ||
| 65 | should 'a submission and parent attribute "published" be equal to Work Assignment attribute publish submissions' do | 57 | should 'a submission and parent attribute "published" be equal to Work Assignment attribute publish submissions' do |
| 66 | - @organization.add_member(person) | 58 | + @organization.add_member(@person) |
| 67 | work_assignment = create_work_assignment('Work Assignment', @organization, true, nil) | 59 | work_assignment = create_work_assignment('Work Assignment', @organization, true, nil) |
| 68 | assert_equal true, work_assignment.publish_submissions | 60 | assert_equal true, work_assignment.publish_submissions |
| 69 | post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] | 61 | post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] |
| @@ -79,143 +71,8 @@ class CmsControllerTest < ActionController::TestCase | @@ -79,143 +71,8 @@ class CmsControllerTest < ActionController::TestCase | ||
| 79 | assert_equal other_work_assignment.publish_submissions, submission.parent.published | 71 | assert_equal other_work_assignment.publish_submissions, submission.parent.published |
| 80 | end | 72 | end |
| 81 | 73 | ||
| 82 | - should 'submission edit visibility deny access to users and admin when Work Assignment allow_privacy_edition is false' do | ||
| 83 | - @organization.add_member(person) | ||
| 84 | - ##### Testing with normal user | ||
| 85 | - work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil) | ||
| 86 | - post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] | ||
| 87 | - submission = UploadedFile.last | ||
| 88 | - assert_equal false, submission.published | ||
| 89 | - assert_equal false, submission.parent.published | ||
| 90 | - | ||
| 91 | - post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id | ||
| 92 | - assert_template 'access_denied' | ||
| 93 | - post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id, :article => { :published => true } | ||
| 94 | - assert_template 'access_denied' | ||
| 95 | - | ||
| 96 | - submission.reload | ||
| 97 | - assert_equal false, submission.published | ||
| 98 | - assert_equal false, submission.parent.published | ||
| 99 | - | ||
| 100 | - #### Even with admin user | ||
| 101 | - e = Environment.default | ||
| 102 | - assert_equal false, person.is_admin? | ||
| 103 | - e.add_admin(person) | ||
| 104 | - e.save! | ||
| 105 | - assert_equal true, person.is_admin? | ||
| 106 | - | ||
| 107 | - post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id | ||
| 108 | - assert_template 'access_denied' | ||
| 109 | - post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id, :article => { :published => true } | ||
| 110 | - assert_template 'access_denied' | ||
| 111 | - | ||
| 112 | - submission.reload | ||
| 113 | - assert_equal false, submission.published | ||
| 114 | - end | ||
| 115 | - | ||
| 116 | - should 'redirect an unlogged user to the login page if he tryes to access the edit visibility page and work_assignment allow_privacy_edition is true' do | ||
| 117 | - @organization.add_member(person) | ||
| 118 | - work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil) | ||
| 119 | - work_assignment.allow_privacy_edition = true # the user can edit the privacy | ||
| 120 | - assert_equal true, work_assignment.allow_privacy_edition | ||
| 121 | - work_assignment.save! | ||
| 122 | - parent = work_assignment.find_or_create_author_folder(person) | ||
| 123 | - UploadedFile.create( | ||
| 124 | - { | ||
| 125 | - :uploaded_data => fixture_file_upload('/files/test.txt', 'text/plain'), | ||
| 126 | - :profile => @organization, | ||
| 127 | - :parent => parent, | ||
| 128 | - :last_changed_by => person, | ||
| 129 | - :author => person, | ||
| 130 | - }, | ||
| 131 | - :without_protection => true | ||
| 132 | - ) | ||
| 133 | - logout | ||
| 134 | - submission = UploadedFile.last | ||
| 135 | - assert_equal false, submission.parent.published | ||
| 136 | - assert_equal false, submission.published | ||
| 137 | - | ||
| 138 | - post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id | ||
| 139 | - assert_redirected_to '/account/login' | ||
| 140 | - post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id, :article => { :published => true } | ||
| 141 | - assert_redirected_to '/account/login' | ||
| 142 | - submission.reload | ||
| 143 | - assert_equal false, submission.parent.published | ||
| 144 | - assert_equal false, submission.published | ||
| 145 | - end | ||
| 146 | - | ||
| 147 | - should 'submission edit_visibility deny access to not owner when WorkAssignment edit_visibility is true' do | ||
| 148 | - @organization.add_member(person) # current_user is a member | ||
| 149 | - work_assignment = create_work_assignment('Another Work Assignment', @organization, nil, true) | ||
| 150 | - @parent = work_assignment.find_or_create_author_folder(person) | ||
| 151 | - UploadedFile.create( | ||
| 152 | - { | ||
| 153 | - :uploaded_data => fixture_file_upload('/files/test.txt', 'text/plain'), | ||
| 154 | - :profile => @organization, | ||
| 155 | - :parent => @parent, | ||
| 156 | - :last_changed_by => person, | ||
| 157 | - :author => person, | ||
| 158 | - }, | ||
| 159 | - :without_protection => true | ||
| 160 | - ) | ||
| 161 | - logout | ||
| 162 | - | ||
| 163 | - | ||
| 164 | - other_person = create_user('other_user').person | ||
| 165 | - @organization.add_member(other_person) | ||
| 166 | - login_as :other_user | ||
| 167 | - | ||
| 168 | - @organization.add_member(other_person) | ||
| 169 | - submission = UploadedFile.last | ||
| 170 | - assert_equal(submission.author, person) | ||
| 171 | - | ||
| 172 | - post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id | ||
| 173 | - assert_template 'access_denied' | ||
| 174 | - | ||
| 175 | - post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id, :article => { :published => true } | ||
| 176 | - assert_template 'access_denied' | ||
| 177 | - | ||
| 178 | - submission.reload | ||
| 179 | - assert_equal false, submission.parent.published | ||
| 180 | - assert_equal false, submission.published | ||
| 181 | - end | ||
| 182 | - | ||
| 183 | - should 'submission white list give permission to an user that has been added' do | ||
| 184 | - other_person = create_user('other_user').person | ||
| 185 | - @organization.add_member(person) | ||
| 186 | - @organization.add_member(other_person) | ||
| 187 | - work_assignment = create_work_assignment('Another Work Assignment', @organization, false, true) | ||
| 188 | - post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] | ||
| 189 | - submission = UploadedFile.last | ||
| 190 | - assert_equal false, submission.display_unpublished_article_to?(other_person) | ||
| 191 | - post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id, :article => { :published => false }, :q => other_person.id | ||
| 192 | - submission.reload | ||
| 193 | - assert_equal true, submission.parent.display_unpublished_article_to?(other_person) | ||
| 194 | - assert_equal true, submission.display_unpublished_article_to?(other_person) | ||
| 195 | - end | ||
| 196 | - | ||
| 197 | - should 'submission edit_visibility deny access to owner if not organization member' do | ||
| 198 | - @organization.add_member(person) # current_user is a member | ||
| 199 | - work_assignment = create_work_assignment('Work Assignment', @organization, nil, true) | ||
| 200 | - post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] | ||
| 201 | - @organization.remove_member(person) | ||
| 202 | - submission = UploadedFile.last | ||
| 203 | - | ||
| 204 | - assert_equal false, (person.is_member_of? submission.profile) | ||
| 205 | - | ||
| 206 | - post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id | ||
| 207 | - assert_template 'access_denied' | ||
| 208 | - | ||
| 209 | - post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id, :article => { :published => true } | ||
| 210 | - assert_template 'access_denied' | ||
| 211 | - | ||
| 212 | - submission.reload | ||
| 213 | - assert_equal false, submission.parent.published | ||
| 214 | - assert_equal false, submission.published | ||
| 215 | - end | ||
| 216 | - | ||
| 217 | private | 74 | private |
| 218 | - def create_work_assignment(name = nil, profile = nil, publish_submissions = nil, allow_privacy_edition = nil) | ||
| 219 | - @work_assignment = WorkAssignmentPlugin::WorkAssignment.create!(:name => name, :profile => profile, :publish_submissions => publish_submissions, :allow_privacy_edition => allow_privacy_edition) | 75 | + def create_work_assignment(name = nil, profile = nil, publish_submissions = nil, allow_visibility_edition = nil) |
| 76 | + @work_assignment = WorkAssignmentPlugin::WorkAssignment.create!(:name => name, :profile => profile, :publish_submissions => publish_submissions, :allow_visibility_edition => allow_visibility_edition) | ||
| 220 | end | 77 | end |
| 221 | end | 78 | end |
plugins/work_assignment/test/functional/content_viewer_controller_test.rb
| @@ -15,6 +15,7 @@ class ContentViewerControllerTest < ActionController::TestCase | @@ -15,6 +15,7 @@ class ContentViewerControllerTest < ActionController::TestCase | ||
| 15 | @organization = fast_create(Organization) | 15 | @organization = fast_create(Organization) |
| 16 | @work_assignment = WorkAssignmentPlugin::WorkAssignment.create!(:name => 'Work Assignment', :profile => @organization) | 16 | @work_assignment = WorkAssignmentPlugin::WorkAssignment.create!(:name => 'Work Assignment', :profile => @organization) |
| 17 | @person = create_user('test_user').person | 17 | @person = create_user('test_user').person |
| 18 | + @organization.add_member(@person) | ||
| 18 | @environment = @organization.environment | 19 | @environment = @organization.environment |
| 19 | @environment.enable_plugin(WorkAssignmentPlugin) | 20 | @environment.enable_plugin(WorkAssignmentPlugin) |
| 20 | @environment.save! | 21 | @environment.save! |
| @@ -23,19 +24,17 @@ class ContentViewerControllerTest < ActionController::TestCase | @@ -23,19 +24,17 @@ class ContentViewerControllerTest < ActionController::TestCase | ||
| 23 | attr_reader :organization, :person, :profile, :work_assignment | 24 | attr_reader :organization, :person, :profile, :work_assignment |
| 24 | 25 | ||
| 25 | should 'can download work_assignment' do | 26 | should 'can download work_assignment' do |
| 26 | - random_member = fast_create(Person) | ||
| 27 | - organization.add_member(random_member) | ||
| 28 | - folder = work_assignment.find_or_create_author_folder(random_member) | 27 | + folder = work_assignment.find_or_create_author_folder(@person) |
| 29 | submission = UploadedFile.create!(:uploaded_data => fixture_file_upload('/files/rails.png', 'image/png'), :profile => organization, :parent => folder) | 28 | submission = UploadedFile.create!(:uploaded_data => fixture_file_upload('/files/rails.png', 'image/png'), :profile => organization, :parent => folder) |
| 30 | WorkAssignmentPlugin.stubs(:can_download_submission?).returns(false) | 29 | WorkAssignmentPlugin.stubs(:can_download_submission?).returns(false) |
| 31 | 30 | ||
| 32 | - get :view_page, :profile => organization.identifier, :page => submission.explode_path | 31 | + get :view_page, :profile => @organization.identifier, :page => submission.path |
| 33 | assert_response :forbidden | 32 | assert_response :forbidden |
| 34 | assert_template 'access_denied' | 33 | assert_template 'access_denied' |
| 35 | 34 | ||
| 36 | WorkAssignmentPlugin.stubs(:can_download_submission?).returns(true) | 35 | WorkAssignmentPlugin.stubs(:can_download_submission?).returns(true) |
| 37 | 36 | ||
| 38 | - get :view_page, :profile => organization.identifier, :page => submission.explode_path | 37 | + get :view_page, :profile => @organization.identifier, :page => submission.path |
| 39 | assert_response :success | 38 | assert_response :success |
| 40 | end | 39 | end |
| 41 | 40 |
plugins/work_assignment/test/functional/work_assignment_plugin_myprofile_controller_test.rb
0 → 100644
| @@ -0,0 +1,191 @@ | @@ -0,0 +1,191 @@ | ||
| 1 | +require File.expand_path(File.dirname(__FILE__) + "/../../../../test/test_helper") | ||
| 2 | +require 'work_assignment_plugin_myprofile_controller' | ||
| 3 | + | ||
| 4 | +# Re-raise errors caught by the controller. | ||
| 5 | +class WorkAssignmentPluginMyprofileController; def rescue_action(e) raise e end; end | ||
| 6 | + | ||
| 7 | +class WorkAssignmentPluginMyprofileControllerTest < ActionController::TestCase | ||
| 8 | + | ||
| 9 | + def setup | ||
| 10 | + @controller = WorkAssignmentPluginMyprofileController.new | ||
| 11 | + @request = ActionController::TestRequest.new | ||
| 12 | + @response = ActionController::TestResponse.new | ||
| 13 | + @person = create_user('test_user').person | ||
| 14 | + login_as :test_user | ||
| 15 | + e = Environment.default | ||
| 16 | + e.enabled_plugins = ['WorkAssignmentPlugin'] | ||
| 17 | + e.save! | ||
| 18 | + @organization = fast_create(Organization) # | ||
| 19 | + end | ||
| 20 | + | ||
| 21 | + should 'submission edit visibility deny access to users and admin when Work Assignment allow_visibility_edition is false' do | ||
| 22 | + @organization.add_member(@person) | ||
| 23 | + ##### Testing with normal user | ||
| 24 | + work_assignment = create_work_assignment('Work Assignment', @organization, nil, false) | ||
| 25 | + work_assignment.save! | ||
| 26 | + assert_equal false, work_assignment.allow_visibility_edition | ||
| 27 | + parent = work_assignment.find_or_create_author_folder(@person) | ||
| 28 | + UploadedFile.create( | ||
| 29 | + { | ||
| 30 | + :uploaded_data => fixture_file_upload('/files/test.txt', 'text/plain'), | ||
| 31 | + :profile => @organization, | ||
| 32 | + :parent => parent, | ||
| 33 | + :last_changed_by => @person, | ||
| 34 | + :author => @person, | ||
| 35 | + }, | ||
| 36 | + :without_protection => true | ||
| 37 | + ) | ||
| 38 | + submission = UploadedFile.find_by_filename("test.txt") | ||
| 39 | + assert_equal false, submission.published | ||
| 40 | + assert_equal false, submission.parent.published | ||
| 41 | + | ||
| 42 | + post :edit_visibility, :profile => @organization.identifier, :article_id => parent.id | ||
| 43 | + assert_template 'access_denied' | ||
| 44 | + post :edit_visibility, :profile => @organization.identifier, :article_id => parent.id, :article => { :published => true } | ||
| 45 | + assert_template 'access_denied' | ||
| 46 | + | ||
| 47 | + submission.reload | ||
| 48 | + assert_equal false, submission.published | ||
| 49 | + assert_equal false, submission.parent.published | ||
| 50 | + | ||
| 51 | + #### Even with admin user | ||
| 52 | + e = Environment.default | ||
| 53 | + assert_equal false, @person.is_admin? | ||
| 54 | + e.add_admin(@person) | ||
| 55 | + e.save! | ||
| 56 | + assert_equal true, @person.is_admin? | ||
| 57 | + | ||
| 58 | + post :edit_visibility, :profile => @organization.identifier, :article_id => parent.id | ||
| 59 | + assert_template 'access_denied' | ||
| 60 | + post :edit_visibility, :profile => @organization.identifier, :article_id => parent.id, :article => { :published => true } | ||
| 61 | + assert_template 'access_denied' | ||
| 62 | + | ||
| 63 | + submission.reload | ||
| 64 | + assert_equal false, submission.published | ||
| 65 | + end | ||
| 66 | + | ||
| 67 | + should 'redirect an unlogged user to the login page if he tryes to access the edit visibility page and work_assignment allow_visibility_edition is true' do | ||
| 68 | + @organization.add_member(@person) | ||
| 69 | + work_assignment = create_work_assignment('Work Assignment', @organization, nil, true) | ||
| 70 | + assert_equal true, work_assignment.allow_visibility_edition | ||
| 71 | + work_assignment.save! | ||
| 72 | + parent = work_assignment.find_or_create_author_folder(@person) | ||
| 73 | + UploadedFile.create( | ||
| 74 | + { | ||
| 75 | + :uploaded_data => fixture_file_upload('/files/test.txt', 'text/plain'), | ||
| 76 | + :profile => @organization, | ||
| 77 | + :parent => parent, | ||
| 78 | + :last_changed_by => @person, | ||
| 79 | + :author => @person, | ||
| 80 | + }, | ||
| 81 | + :without_protection => true | ||
| 82 | + ) | ||
| 83 | + logout | ||
| 84 | + submission = UploadedFile.find_by_filename("test.txt") | ||
| 85 | + assert_equal false, submission.parent.published | ||
| 86 | + assert_equal false, submission.published | ||
| 87 | + | ||
| 88 | + post :edit_visibility, :profile => @organization.identifier, :article_id => parent.id | ||
| 89 | + assert_redirected_to '/account/login' | ||
| 90 | + post :edit_visibility, :profile => @organization.identifier, :article_id => parent.id, :article => { :published => true } | ||
| 91 | + assert_redirected_to '/account/login' | ||
| 92 | + submission.reload | ||
| 93 | + assert_equal false, submission.parent.published | ||
| 94 | + assert_equal false, submission.published | ||
| 95 | + end | ||
| 96 | + | ||
| 97 | + should 'submission edit_visibility deny access to not owner when WorkAssignment edit_visibility is true' do | ||
| 98 | + @organization.add_member(@person) # current_user is a member | ||
| 99 | + work_assignment = create_work_assignment('Another Work Assignment', @organization, nil, true) | ||
| 100 | + parent = work_assignment.find_or_create_author_folder(@person) | ||
| 101 | + UploadedFile.create( | ||
| 102 | + { | ||
| 103 | + :uploaded_data => fixture_file_upload('/files/test.txt', 'text/plain'), | ||
| 104 | + :profile => @organization, | ||
| 105 | + :parent => parent, | ||
| 106 | + :last_changed_by => @person, | ||
| 107 | + :author => @person, | ||
| 108 | + }, | ||
| 109 | + :without_protection => true | ||
| 110 | + ) | ||
| 111 | + logout | ||
| 112 | + | ||
| 113 | + | ||
| 114 | + other_person = create_user('other_user').person | ||
| 115 | + @organization.add_member(other_person) | ||
| 116 | + login_as :other_user | ||
| 117 | + | ||
| 118 | + @organization.add_member(other_person) | ||
| 119 | + submission = UploadedFile.find_by_filename("test.txt") | ||
| 120 | + assert_equal(submission.author, @person) | ||
| 121 | + | ||
| 122 | + post :edit_visibility, :profile => @organization.identifier, :article_id => parent.id | ||
| 123 | + assert_template 'access_denied' | ||
| 124 | + | ||
| 125 | + post :edit_visibility, :profile => @organization.identifier, :article_id => parent.id, :article => { :published => true } | ||
| 126 | + assert_template 'access_denied' | ||
| 127 | + | ||
| 128 | + submission.reload | ||
| 129 | + assert_equal false, submission.parent.published | ||
| 130 | + assert_equal false, submission.published | ||
| 131 | + end | ||
| 132 | + | ||
| 133 | + should 'submission white list give permission to an user that has been added' do | ||
| 134 | + other_person = create_user('other_user').person | ||
| 135 | + @organization.add_member(@person) | ||
| 136 | + @organization.add_member(other_person) | ||
| 137 | + work_assignment = create_work_assignment('Another Work Assignment', @organization, false, true) | ||
| 138 | + parent = work_assignment.find_or_create_author_folder(@person) | ||
| 139 | + UploadedFile.create( | ||
| 140 | + { | ||
| 141 | + :uploaded_data => fixture_file_upload('/files/test.txt', 'text/plain'), | ||
| 142 | + :profile => @organization, | ||
| 143 | + :parent => parent, | ||
| 144 | + :last_changed_by => @person, | ||
| 145 | + :author => @person, | ||
| 146 | + }, | ||
| 147 | + :without_protection => true | ||
| 148 | + ) | ||
| 149 | + submission = UploadedFile.find_by_filename("test.txt") | ||
| 150 | + assert_equal false, submission.article_privacy_exceptions.include?(other_person) | ||
| 151 | + post :edit_visibility, :profile => @organization.identifier, :article_id => parent.id, :article => { :published => false }, :q => other_person.id | ||
| 152 | + submission.reload | ||
| 153 | + assert_equal true, submission.parent.article_privacy_exceptions.include?(other_person) | ||
| 154 | + assert_equal true, submission.article_privacy_exceptions.include?(other_person) | ||
| 155 | + end | ||
| 156 | + | ||
| 157 | + should 'submission edit_visibility deny access to owner if not organization member' do | ||
| 158 | + @organization.add_member(@person) # current_user is a member | ||
| 159 | + work_assignment = create_work_assignment('Work Assignment', @organization, nil, true) | ||
| 160 | + parent = work_assignment.find_or_create_author_folder(@person) | ||
| 161 | + UploadedFile.create( | ||
| 162 | + { | ||
| 163 | + :uploaded_data => fixture_file_upload('/files/test.txt', 'text/plain'), | ||
| 164 | + :profile => @organization, | ||
| 165 | + :parent => parent, | ||
| 166 | + :last_changed_by => @person, | ||
| 167 | + :author => @person, | ||
| 168 | + }, | ||
| 169 | + :without_protection => true | ||
| 170 | + ) | ||
| 171 | + @organization.remove_member(@person) | ||
| 172 | + submission = UploadedFile.find_by_filename("test.txt") | ||
| 173 | + | ||
| 174 | + assert_equal false, (@person.is_member_of? submission.profile) | ||
| 175 | + | ||
| 176 | + post :edit_visibility, :profile => @organization.identifier, :article_id => parent.id | ||
| 177 | + assert_template 'access_denied' | ||
| 178 | + | ||
| 179 | + post :edit_visibility, :profile => @organization.identifier, :article_id => parent.id, :article => { :published => true } | ||
| 180 | + assert_template 'access_denied' | ||
| 181 | + | ||
| 182 | + submission.reload | ||
| 183 | + assert_equal false, submission.parent.published | ||
| 184 | + assert_equal false, submission.published | ||
| 185 | + end | ||
| 186 | + | ||
| 187 | + private | ||
| 188 | + def create_work_assignment(name = nil, profile = nil, publish_submissions = nil, allow_visibility_edition = nil) | ||
| 189 | + @work_assignment = WorkAssignmentPlugin::WorkAssignment.create!(:name => name, :profile => profile, :publish_submissions => publish_submissions, :allow_visibility_edition => allow_visibility_edition) | ||
| 190 | + end | ||
| 191 | +end |
plugins/work_assignment/views/cms/work_assignment_plugin/_work_assignment.html.erb
| @@ -4,4 +4,4 @@ | @@ -4,4 +4,4 @@ | ||
| 4 | 4 | ||
| 5 | <%=labelled_check_box(_('Publish submissions'), 'article[publish_submissions]', true, @article.publish_submissions) %> | 5 | <%=labelled_check_box(_('Publish submissions'), 'article[publish_submissions]', true, @article.publish_submissions) %> |
| 6 | 6 | ||
| 7 | -<%=labelled_check_box(_('Allow users set privacy?'), 'article[allow_privacy_edition]', true, @article.allow_privacy_edition) %> | 7 | +<%=labelled_check_box(_('Allow users change submissions privacy?'), 'article[allow_visibility_edition]', true, @article.allow_visibility_edition) %> |
plugins/work_assignment/views/work_assignment_plugin_myprofile/edit_privacy.html.erb
| @@ -1,24 +0,0 @@ | @@ -1,24 +0,0 @@ | ||
| 1 | -<div class="select-privacy-options"> | ||
| 2 | - | ||
| 3 | -<%= labelled_form_for 'article', :html => { :multipart => true, :class => @type } do |f| %> | ||
| 4 | - | ||
| 5 | - <% @article = environment.articles.find_by_id((params[:article_id]))%> | ||
| 6 | - | ||
| 7 | - <% @tokenized_children = params[:tokenized_children]%> | ||
| 8 | - | ||
| 9 | - <%= hidden_field_tag('article_id', @article.id) %> | ||
| 10 | - | ||
| 11 | - <div id='edit-article-options'> | ||
| 12 | - <%= visibility_options(@article, @tokenized_children) %> | ||
| 13 | - </div> | ||
| 14 | - | ||
| 15 | - <% button_bar do %> | ||
| 16 | - <%= submit_button :save, _('Save') %> | ||
| 17 | - <%= button :cancel, _('Cancel'), @back_to %> | ||
| 18 | - <% end %> | ||
| 19 | -<% end %> | ||
| 20 | -</div> | ||
| 21 | - | ||
| 22 | -<br style='clear: both'/> | ||
| 23 | - | ||
| 24 | -<%= javascript_include_tag "article.js" %> |
plugins/work_assignment/views/work_assignment_plugin_myprofile/edit_visibility.html.erb
0 → 100644
| @@ -0,0 +1,24 @@ | @@ -0,0 +1,24 @@ | ||
| 1 | +<div class="select-visibility-options"> | ||
| 2 | + | ||
| 3 | +<%= labelled_form_for 'article', :html => { :multipart => true, :class => @type } do |f| %> | ||
| 4 | + | ||
| 5 | + <% @article = environment.articles.find_by_id((params[:article_id]))%> | ||
| 6 | + | ||
| 7 | + <% @tokenized_children = params[:tokenized_children]%> | ||
| 8 | + | ||
| 9 | + <%= hidden_field_tag('article_id', @article.id) %> | ||
| 10 | + | ||
| 11 | + <div id='edit-article-options'> | ||
| 12 | + <%= visibility_options(@article, @tokenized_children) %> | ||
| 13 | + </div> | ||
| 14 | + | ||
| 15 | + <% button_bar do %> | ||
| 16 | + <%= submit_button :save, _('Save') %> | ||
| 17 | + <%= button :cancel, _('Cancel'), @back_to %> | ||
| 18 | + <% end %> | ||
| 19 | +<% end %> | ||
| 20 | +</div> | ||
| 21 | + | ||
| 22 | +<br style='clear: both'/> | ||
| 23 | + | ||
| 24 | +<%= javascript_include_tag "article.js" %> |