Commit d0994a39cf0aaa6fcb924df07f765e8c5ef3c74c
Exists in
staging
and in
1 other branch
Merge branch 'master' into staging
Showing
17 changed files
with
119 additions
and
45 deletions
Show diff stats
app/api/v1/comments.rb
| ... | ... | @@ -34,6 +34,7 @@ module Api |
| 34 | 34 | post ":id/comments" do |
| 35 | 35 | authenticate! |
| 36 | 36 | article = find_article(environment.articles, params[:id]) |
| 37 | + return forbidden! unless article.accept_comments? | |
| 37 | 38 | options = params.select { |key,v| !['id','private_token'].include?(key) }.merge(:author => current_person, :source => article) |
| 38 | 39 | begin |
| 39 | 40 | comment = Comment.create!(options) |
| ... | ... | @@ -42,6 +43,19 @@ module Api |
| 42 | 43 | end |
| 43 | 44 | present comment, :with => Entities::Comment, :current_person => current_person |
| 44 | 45 | end |
| 46 | + | |
| 47 | + delete ":id/comments/:comment_id" do | |
| 48 | + article = find_article(environment.articles, params[:id]) | |
| 49 | + comment = article.comments.find_by_id(params[:comment_id]) | |
| 50 | + return not_found! if comment.nil? | |
| 51 | + return forbidden! unless comment.can_be_destroyed_by?(current_person) | |
| 52 | + begin | |
| 53 | + comment.destroy | |
| 54 | + present comment, with: Entities::Comment, :current_person => current_person | |
| 55 | + rescue => e | |
| 56 | + render_api_error!(e.message, 500) | |
| 57 | + end | |
| 58 | + end | |
| 45 | 59 | end |
| 46 | 60 | |
| 47 | 61 | end | ... | ... |
plugins/display_content/views/blocks/_document.slim
| ... | ... | @@ -1,4 +0,0 @@ |
| 1 | -li | |
| 2 | - - unless item.folder? || item.class == RssFeed | |
| 3 | - = render partial: 'blocks/section', collection: block.sections, locals: { block: block, item: item } | |
| 4 | - = render partial: 'blocks/read_more', locals: { item: item, abstract_section: block.sections.bsearch { |section| section[:value] == 'abstract' }, block: block } | |
| 5 | 0 | \ No newline at end of file |
plugins/display_content/views/blocks/_read_more.slim
plugins/display_content/views/blocks/_section.slim
| ... | ... | @@ -1,22 +0,0 @@ |
| 1 | -- if block.display_section?(section) | |
| 2 | - - case section[:value] | |
| 3 | - - when 'publish_date' | |
| 4 | - div class='published-at' | |
| 5 | - = show_date(item.published_at, false) | |
| 6 | - - when 'title' | |
| 7 | - div class='title' | |
| 8 | - = link_to(h(item.title), item.url) | |
| 9 | - - when 'abstract' | |
| 10 | - div class='lead' | |
| 11 | - = item.abstract | |
| 12 | - - when 'body' | |
| 13 | - div class='body' | |
| 14 | - = item.body | |
| 15 | - - when 'image' | |
| 16 | - - unless item.image || item.image.public_filename | |
| 17 | - div class='image' | |
| 18 | - = link_to(image_tag(item.image.public_filename), item.url) | |
| 19 | - - when 'tags' | |
| 20 | - - unless item.tags.empty? | |
| 21 | - div class='tags' | |
| 22 | - = render partial: 'blocks/tag', collection: item.tags |
plugins/display_content/views/blocks/_tag.slim
plugins/display_content/views/blocks/display_content.slim
plugins/display_content/views/blocks/display_content/_document.slim
0 → 100644
| ... | ... | @@ -0,0 +1,4 @@ |
| 1 | +li | |
| 2 | + - unless item.folder? || item.class == RssFeed | |
| 3 | + = render partial: 'blocks/display_content/section', collection: block.sections, locals: { block: block, item: item } | |
| 4 | + = render partial: 'blocks/display_content/read_more', locals: { item: item, abstract_section: block.sections.bsearch { |section| section[:value] == 'abstract' }, block: block } | |
| 0 | 5 | \ No newline at end of file | ... | ... |
plugins/display_content/views/blocks/display_content/_read_more.slim
0 → 100644
plugins/display_content/views/blocks/display_content/_section.slim
0 → 100644
| ... | ... | @@ -0,0 +1,22 @@ |
| 1 | +- if block.display_section?(section) | |
| 2 | + - case section[:value] | |
| 3 | + - when 'publish_date' | |
| 4 | + div class='published-at' | |
| 5 | + = show_date(item.published_at, false) | |
| 6 | + - when 'title' | |
| 7 | + div class='title' | |
| 8 | + = link_to(h(item.title), item.url) | |
| 9 | + - when 'abstract' | |
| 10 | + div class='lead' | |
| 11 | + = item.abstract | |
| 12 | + - when 'body' | |
| 13 | + div class='body' | |
| 14 | + = item.body | |
| 15 | + - when 'image' | |
| 16 | + - unless item.image || item.image.public_filename | |
| 17 | + div class='image' | |
| 18 | + = link_to(image_tag(item.image.public_filename), item.url) | |
| 19 | + - when 'tags' | |
| 20 | + - unless item.tags.empty? | |
| 21 | + div class='tags' | |
| 22 | + = render partial: 'blocks/display_content/tag', collection: item.tags | ... | ... |
plugins/display_content/views/blocks/display_content/_tag.slim
0 → 100644
plugins/relevant_content/views/blocks/_doc.slim
plugins/relevant_content/views/blocks/_subcontent.slim
plugins/relevant_content/views/blocks/relevant_content.slim
| 1 | 1 | = block_title(block.title, block.subtitle) |
| 2 | 2 | |
| 3 | 3 | - if block.show_most_read |
| 4 | - = render partial: 'blocks/subcontent', locals: {docs: Article.most_accessed(block.owner, block.limit), title: _("Most read articles"), html_class: 'mread'} | |
| 4 | + = render partial: 'blocks/relevant_content/subcontent', locals: {docs: Article.most_accessed(block.owner, block.limit), title: _("Most read articles"), html_class: 'mread'} | |
| 5 | 5 | - if block.show_most_commented |
| 6 | - = render partial: 'blocks/subcontent', locals: {docs: Article.most_commented_relevant_content(block.owner, block.limit), title: _("Most commented articles"), html_class: 'mcommented'} | |
| 6 | + = render partial: 'blocks/relevant_content/subcontent', locals: {docs: Article.most_commented_relevant_content(block.owner, block.limit), title: _("Most commented articles"), html_class: 'mcommented'} | |
| 7 | 7 | |
| 8 | 8 | - if block.env.plugin_enabled?('VotePlugin') |
| 9 | 9 | - if block.show_most_liked |
| 10 | - = render partial: 'blocks/subcontent', locals: {docs: Article.more_positive_votes(block.owner, block.limit), title: _("Most liked articles"), html_class: 'mliked'} | |
| 10 | + = render partial: 'blocks/relevant_content/subcontent', locals: {docs: Article.more_positive_votes(block.owner, block.limit), title: _("Most liked articles"), html_class: 'mliked'} | |
| 11 | 11 | - if block.show_most_disliked |
| 12 | - = render partial: 'blocks/subcontent', locals: {docs: Article.more_negative_votes(block.owner, block.limit), title: _("Most disliked articles"), html_class: 'mdisliked'} | |
| 12 | + = render partial: 'blocks/relevant_content/subcontent', locals: {docs: Article.more_negative_votes(block.owner, block.limit), title: _("Most disliked articles"), html_class: 'mdisliked'} | |
| 13 | 13 | - if block.show_most_voted |
| 14 | - = render partial: 'blocks/subcontent', locals: {docs: Article.most_voted(block.owner, block.limit), title: _("Most voted articles"), html_class: 'mvoted'} | |
| 14 | + = render partial: 'blocks/relevant_content/subcontent', locals: {docs: Article.most_voted(block.owner, block.limit), title: _("Most voted articles"), html_class: 'mvoted'} | ... | ... |
plugins/relevant_content/views/blocks/relevant_content/_doc.slim
0 → 100644
plugins/relevant_content/views/blocks/relevant_content/_subcontent.slim
0 → 100644
plugins/statistics/lib/statistics_block.rb
| ... | ... | @@ -93,6 +93,7 @@ class StatisticsBlock < Block |
| 93 | 93 | end |
| 94 | 94 | |
| 95 | 95 | def products |
| 96 | + return [] unless environment.plugin_enabled?('ProductsPlugin') | |
| 96 | 97 | if owner.kind_of?(Environment) |
| 97 | 98 | owner.products.where("profiles.enabled = true and profiles.visible = true").count |
| 98 | 99 | elsif owner.kind_of?(Enterprise) | ... | ... |
test/api/comments_test.rb
| ... | ... | @@ -70,6 +70,16 @@ class CommentsTest < ActiveSupport::TestCase |
| 70 | 70 | assert_equal body, json['comment']['body'] |
| 71 | 71 | end |
| 72 | 72 | |
| 73 | + should 'not create comment when an article does not accept comments' do | |
| 74 | + login_api | |
| 75 | + article = fast_create(Article, :profile_id => @local_person.id, :name => "Some thing", accept_comments: false) | |
| 76 | + body = 'My comment' | |
| 77 | + params.merge!({:body => body}) | |
| 78 | + post "/api/v1/articles/#{article.id}/comments?#{params.to_query}" | |
| 79 | + json = JSON.parse(last_response.body) | |
| 80 | + assert_equal 403, last_response.status | |
| 81 | + end | |
| 82 | + | |
| 73 | 83 | should 'logged user not comment an archived article' do |
| 74 | 84 | login_api |
| 75 | 85 | article = fast_create(Article, :profile_id => user.person.id, :name => "Some thing", :archived => true) |
| ... | ... | @@ -186,4 +196,53 @@ class CommentsTest < ActiveSupport::TestCase |
| 186 | 196 | assert_equal [comment1.id], json["comments"].map { |c| c['id'] } |
| 187 | 197 | end |
| 188 | 198 | |
| 199 | + should 'delete comment successfully' do | |
| 200 | + login_api | |
| 201 | + article = fast_create(Article, profile_id: person.id, name: "Some thing") | |
| 202 | + comment = article.comments.create!(body: "some comment", author: person) | |
| 203 | + delete "api/v1/articles/#{article.id}/comments/#{comment.id}?#{params.to_query}" | |
| 204 | + json = JSON.parse(last_response.body) | |
| 205 | + assert_equal 200, last_response.status | |
| 206 | + assert_equal comment.id, json['comment']['id'] | |
| 207 | + assert_not_includes article.comments, comment | |
| 208 | + end | |
| 209 | + | |
| 210 | + should 'not delete a comment when user is not logged' do | |
| 211 | + article = fast_create(Article, profile_id: person.id, name: "Some thing") | |
| 212 | + comment = article.comments.create!(body: "some comment", author: person) | |
| 213 | + delete "api/v1/articles/#{article.id}/comments/#{comment.id}?#{params.to_query}" | |
| 214 | + json = JSON.parse(last_response.body) | |
| 215 | + assert_equal 403, last_response.status | |
| 216 | + assert_includes article.comments, comment | |
| 217 | + end | |
| 218 | + | |
| 219 | + should 'not delete a comment when user does not have permission' do | |
| 220 | + login_api | |
| 221 | + article = fast_create(Article, profile_id: @local_person.id, name: "Some thing") | |
| 222 | + comment = article.comments.create!(body: "some comment", author: @local_person) | |
| 223 | + delete "api/v1/articles/#{article.id}/comments/#{comment.id}?#{params.to_query}" | |
| 224 | + json = JSON.parse(last_response.body) | |
| 225 | + assert_equal 403, last_response.status | |
| 226 | + assert_includes article.comments, comment | |
| 227 | + end | |
| 228 | + | |
| 229 | + should 'return not found when delete a inexistent comment' do | |
| 230 | + article = fast_create(Article, profile_id: person.id, name: "Some thing") | |
| 231 | + comment = article.comments.create!(body: "some comment", author: person) | |
| 232 | + delete "api/v1/articles/#{article.id}/comments/0?#{params.to_query}" | |
| 233 | + json = JSON.parse(last_response.body) | |
| 234 | + assert_equal 404, last_response.status | |
| 235 | + assert_includes article.comments, comment | |
| 236 | + end | |
| 237 | + | |
| 238 | + should 'return error when failed to delete comment' do | |
| 239 | + login_api | |
| 240 | + article = fast_create(Article, profile_id: person.id, name: "Some thing") | |
| 241 | + comment = article.comments.create!(body: "some comment", author: person) | |
| 242 | + Comment.any_instance.expects(:destroy).raises(StandardError) | |
| 243 | + delete "api/v1/articles/#{article.id}/comments/#{comment.id}?#{params.to_query}" | |
| 244 | + json = JSON.parse(last_response.body) | |
| 245 | + assert_equal 500, last_response.status | |
| 246 | + assert_includes article.comments, comment | |
| 247 | + end | |
| 189 | 248 | end | ... | ... |