Commit d6d98372d6f771cef8ce67e2d8960641a9d57041
Committed by
Gabriel Silva
1 parent
82498934
Exists in
staging
and in
31 other branches
API unlocked for visitor
Showing
9 changed files
with
29 additions
and
68 deletions
Show diff stats
app/models/organization.rb
... | ... | @@ -17,8 +17,6 @@ class Organization < Profile |
17 | 17 | # 4) The user is not a member of the organization but the organization is |
18 | 18 | # visible, public and enabled. |
19 | 19 | def self.visible_for_person(person) |
20 | - # Visitor if person.nil? | |
21 | - person_id = person.nil? ? nil : person.id | |
22 | 20 | joins('LEFT JOIN "role_assignments" ON ("role_assignments"."resource_id" = "profiles"."id" |
23 | 21 | AND "role_assignments"."resource_type" = \'Profile\') OR ( |
24 | 22 | "role_assignments"."resource_id" = "profiles"."environment_id" AND |
... | ... | @@ -30,8 +28,8 @@ class Organization < Profile |
30 | 28 | ( ( ( role_assignments.accessor_type = ? AND role_assignments.accessor_id = ? ) OR |
31 | 29 | ( profiles.public_profile = ? AND profiles.enabled = ? ) ) AND |
32 | 30 | ( profiles.visible = ? ) )', |
33 | - 'profile_admin', 'environment_administrator', Profile.name, person_id, | |
34 | - Profile.name, person_id, true, true, true] | |
31 | + 'profile_admin', 'environment_administrator', Profile.name, person.id, | |
32 | + Profile.name, person.id, true, true, true] | |
35 | 33 | ).uniq |
36 | 34 | end |
37 | 35 | ... | ... |
app/models/person.rb
... | ... | @@ -42,8 +42,6 @@ class Person < Profile |
42 | 42 | } |
43 | 43 | |
44 | 44 | scope :visible_for_person, lambda { |person| |
45 | - # Visitor if person.nil? | |
46 | - person_id = person.nil? ? nil : person.id | |
47 | 45 | joins('LEFT JOIN "role_assignments" ON |
48 | 46 | "role_assignments"."resource_id" = "profiles"."environment_id" AND |
49 | 47 | "role_assignments"."resource_type" = \'Environment\'') |
... | ... | @@ -52,7 +50,7 @@ class Person < Profile |
52 | 50 | .where( |
53 | 51 | ['( roles.key = ? AND role_assignments.accessor_type = ? AND role_assignments.accessor_id = ? ) OR ( |
54 | 52 | ( ( friendships.person_id = ? ) OR (profiles.public_profile = ?)) AND (profiles.visible = ?) )', |
55 | - 'environment_administrator', Profile.name, person_id, person_id, true, true] | |
53 | + 'environment_administrator', Profile.name, person.id, person.id, true, true] | |
56 | 54 | ).uniq |
57 | 55 | } |
58 | 56 | ... | ... |
test/api/categories_test.rb
... | ... | @@ -2,8 +2,7 @@ require_relative 'test_helper' |
2 | 2 | |
3 | 3 | class CategoriesTest < ActiveSupport::TestCase |
4 | 4 | |
5 | - | |
6 | - should 'logged user list categories' do | |
5 | + should 'list categories to logged user' do | |
7 | 6 | login_api |
8 | 7 | category = fast_create(Category, :environment_id => environment.id) |
9 | 8 | get "/api/v1/categories/?#{params.to_query}" |
... | ... | @@ -11,7 +10,7 @@ class CategoriesTest < ActiveSupport::TestCase |
11 | 10 | assert_includes json["categories"].map { |c| c["name"] }, category.name |
12 | 11 | end |
13 | 12 | |
14 | - should 'logged user get category by id' do | |
13 | + should 'get category by id to logged user' do | |
15 | 14 | login_api |
16 | 15 | category = fast_create(Category, :environment_id => environment.id) |
17 | 16 | get "/api/v1/categories/#{category.id}/?#{params.to_query}" |
... | ... | @@ -19,7 +18,7 @@ class CategoriesTest < ActiveSupport::TestCase |
19 | 18 | assert_equal category.name, json["category"]["name"] |
20 | 19 | end |
21 | 20 | |
22 | - should 'logged user list parent and children when get category by id' do | |
21 | + should 'list parent and children when get category by id to logged user' do | |
23 | 22 | login_api |
24 | 23 | parent = fast_create(Category, :environment_id => environment.id) |
25 | 24 | child_1 = fast_create(Category, :environment_id => environment.id) |
... | ... | @@ -37,7 +36,7 @@ class CategoriesTest < ActiveSupport::TestCase |
37 | 36 | assert_equivalent [child_1.id, child_2.id], json['category']['children'].map { |c| c['id'] } |
38 | 37 | end |
39 | 38 | |
40 | - should 'logged user include parent in categories list if params is true' do | |
39 | + should 'include parent in categories list if params is true to logged_user' do | |
41 | 40 | login_api |
42 | 41 | parent_1 = fast_create(Category, :environment_id => environment.id) # parent_1 has no parent category |
43 | 42 | child_1 = fast_create(Category, :environment_id => environment.id) |
... | ... | @@ -60,7 +59,7 @@ class CategoriesTest < ActiveSupport::TestCase |
60 | 59 | json["categories"].map { |c| c['parent'] && c['parent']['id'] } |
61 | 60 | end |
62 | 61 | |
63 | - should 'logged user include children in categories list if params is true' do | |
62 | + should 'include children in categories list if params is true to logged user' do | |
64 | 63 | login_api |
65 | 64 | category = fast_create(Category, :environment_id => environment.id) |
66 | 65 | child_1 = fast_create(Category, :environment_id => environment.id) |
... | ... | @@ -88,7 +87,7 @@ class CategoriesTest < ActiveSupport::TestCase |
88 | 87 | expose_attributes = %w(id name full_name image display_color) |
89 | 88 | |
90 | 89 | expose_attributes.each do |attr| |
91 | - should "logged user expose category #{attr} attribute by default" do | |
90 | + should "expose category #{attr} attribute by default to logged user" do | |
92 | 91 | login_api |
93 | 92 | category = fast_create(Category, :environment_id => environment.id) |
94 | 93 | get "/api/v1/categories/?#{params.to_query}" |
... | ... | @@ -97,24 +96,21 @@ class CategoriesTest < ActiveSupport::TestCase |
97 | 96 | end |
98 | 97 | end |
99 | 98 | |
100 | - should 'anonymous list categories' do | |
101 | - anonymous_setup | |
99 | + should 'list categories to anonymous' do | |
102 | 100 | category = fast_create(Category, :environment_id => environment.id) |
103 | 101 | get "/api/v1/categories/?#{params.to_query}" |
104 | 102 | json = JSON.parse(last_response.body) |
105 | 103 | assert_includes json["categories"].map { |c| c["name"] }, category.name |
106 | 104 | end |
107 | 105 | |
108 | - should 'anonymous get category by id' do | |
109 | - anonymous_setup | |
106 | + should 'get category by id to anonymous' do | |
110 | 107 | category = fast_create(Category, :environment_id => environment.id) |
111 | 108 | get "/api/v1/categories/#{category.id}/?#{params.to_query}" |
112 | 109 | json = JSON.parse(last_response.body) |
113 | 110 | assert_equal category.name, json["category"]["name"] |
114 | 111 | end |
115 | 112 | |
116 | - should 'anonymous list parent and children when get category by id' do | |
117 | - anonymous_setup | |
113 | + should 'list parent and children when get category by id to anonymous' do | |
118 | 114 | parent = fast_create(Category, :environment_id => environment.id) |
119 | 115 | child_1 = fast_create(Category, :environment_id => environment.id) |
120 | 116 | child_2 = fast_create(Category, :environment_id => environment.id) |
... | ... | @@ -132,7 +128,6 @@ class CategoriesTest < ActiveSupport::TestCase |
132 | 128 | end |
133 | 129 | |
134 | 130 | should 'anonymous include parent in categories list if params is true' do |
135 | - anonymous_setup | |
136 | 131 | parent_1 = fast_create(Category, :environment_id => environment.id) # parent_1 has no parent category |
137 | 132 | child_1 = fast_create(Category, :environment_id => environment.id) |
138 | 133 | child_2 = fast_create(Category, :environment_id => environment.id) |
... | ... | @@ -155,7 +150,6 @@ class CategoriesTest < ActiveSupport::TestCase |
155 | 150 | end |
156 | 151 | |
157 | 152 | should 'anonymous include children in categories list if params is true' do |
158 | - anonymous_setup | |
159 | 153 | category = fast_create(Category, :environment_id => environment.id) |
160 | 154 | child_1 = fast_create(Category, :environment_id => environment.id) |
161 | 155 | child_2 = fast_create(Category, :environment_id => environment.id) |
... | ... | @@ -180,8 +174,7 @@ class CategoriesTest < ActiveSupport::TestCase |
180 | 174 | end |
181 | 175 | |
182 | 176 | expose_attributes.each do |attr| |
183 | - should "anonymous expose category #{attr} attribute by default" do | |
184 | - anonymous_setup | |
177 | + should "expose category #{attr} attribute by default to anonymous" do | |
185 | 178 | category = fast_create(Category, :environment_id => environment.id) |
186 | 179 | get "/api/v1/categories/?#{params.to_query}" |
187 | 180 | json = JSON.parse(last_response.body) |
... | ... | @@ -189,6 +182,4 @@ class CategoriesTest < ActiveSupport::TestCase |
189 | 182 | end |
190 | 183 | end |
191 | 184 | |
192 | - | |
193 | - | |
194 | 185 | end | ... | ... |
test/api/comments_test.rb
... | ... | @@ -4,7 +4,6 @@ class CommentsTest < ActiveSupport::TestCase |
4 | 4 | |
5 | 5 | def setup |
6 | 6 | @local_person = fast_create(Person) |
7 | - anonymous_setup | |
8 | 7 | end |
9 | 8 | attr_reader :local_person |
10 | 9 | |
... | ... | @@ -82,16 +81,16 @@ class CommentsTest < ActiveSupport::TestCase |
82 | 81 | end |
83 | 82 | |
84 | 83 | should 'logged user comment creation define the source' do |
85 | - login_api | |
86 | - amount = Comment.count | |
87 | - article = fast_create(Article, :profile_id => local_person.id, :name => "Some thing") | |
88 | - body = 'My comment' | |
89 | - params.merge!({:body => body}) | |
84 | + login_api | |
85 | + amount = Comment.count | |
86 | + article = fast_create(Article, :profile_id => local_person.id, :name => "Some thing") | |
87 | + body = 'My comment' | |
88 | + params.merge!({:body => body}) | |
90 | 89 | |
91 | - post "/api/v1/articles/#{article.id}/comments?#{params.to_query}" | |
92 | - assert_equal amount + 1, Comment.count | |
93 | - comment = Comment.last | |
94 | - assert_not_nil comment.source | |
90 | + post "/api/v1/articles/#{article.id}/comments?#{params.to_query}" | |
91 | + assert_equal amount + 1, Comment.count | |
92 | + comment = Comment.last | |
93 | + assert_not_nil comment.source | |
95 | 94 | end |
96 | 95 | |
97 | 96 | should 'call plugin hotspot to filter unavailable comments' do |
... | ... | @@ -124,26 +123,26 @@ class CommentsTest < ActiveSupport::TestCase |
124 | 123 | should 'not, anonymous list comments if has no permission to view the source article' do |
125 | 124 | article = fast_create(Article, :profile_id => local_person.id, :name => "Some thing", :published => false) |
126 | 125 | assert !article.published? |
127 | - | |
126 | + | |
128 | 127 | get "/api/v1/articles/#{article.id}/comments?#{params.to_query}" |
129 | 128 | assert_equal 403, last_response.status |
130 | 129 | end |
131 | - | |
130 | + | |
132 | 131 | should 'anonymous return comments of an article' do |
133 | 132 | article = fast_create(Article, :profile_id => local_person.id, :name => "Some thing") |
134 | 133 | article.comments.create!(:body => "some comment", :author => local_person) |
135 | 134 | article.comments.create!(:body => "another comment", :author => local_person) |
136 | - | |
135 | + | |
137 | 136 | get "/api/v1/articles/#{article.id}/comments?#{params.to_query}" |
138 | 137 | json = JSON.parse(last_response.body) |
139 | 138 | assert_equal 200, last_response.status |
140 | 139 | assert_equal 2, json["comments"].length |
141 | 140 | end |
142 | - | |
141 | + | |
143 | 142 | should 'anonymous return comment of an article' do |
144 | 143 | article = fast_create(Article, :profile_id => local_person.id, :name => "Some thing") |
145 | 144 | comment = article.comments.create!(:body => "another comment", :author => local_person) |
146 | - | |
145 | + | |
147 | 146 | get "/api/v1/articles/#{article.id}/comments/#{comment.id}?#{params.to_query}" |
148 | 147 | json = JSON.parse(last_response.body) |
149 | 148 | assert_equal 200, last_response.status | ... | ... |
test/api/communities_test.rb
... | ... | @@ -147,7 +147,6 @@ class CommunitiesTest < ActiveSupport::TestCase |
147 | 147 | get "/api/v1/communities?#{params.to_query}" |
148 | 148 | json_page_one = JSON.parse(last_response.body) |
149 | 149 | |
150 | - | |
151 | 150 | assert_includes json_page_one["communities"].map { |a| a["id"] }, community1.id |
152 | 151 | assert_not_includes json_page_one["communities"].map { |a| a["id"] }, community2.id |
153 | 152 | |
... | ... | @@ -172,7 +171,6 @@ class CommunitiesTest < ActiveSupport::TestCase |
172 | 171 | end |
173 | 172 | |
174 | 173 | should 'anonymous list only communities' do |
175 | - anonymous_setup | |
176 | 174 | community = fast_create(Community, :environment_id => environment.id) |
177 | 175 | enterprise = fast_create(Enterprise, :environment_id => environment.id) # should not list this enterprise |
178 | 176 | get "/api/v1/communities?#{params.to_query}" |
... | ... | @@ -182,7 +180,6 @@ class CommunitiesTest < ActiveSupport::TestCase |
182 | 180 | end |
183 | 181 | |
184 | 182 | should 'anonymous list all communities' do |
185 | - anonymous_setup | |
186 | 183 | community1 = fast_create(Community, :environment_id => environment.id, :public_profile => true) |
187 | 184 | community2 = fast_create(Community, :environment_id => environment.id) |
188 | 185 | get "/api/v1/communities?#{params.to_query}" |
... | ... | @@ -191,7 +188,6 @@ class CommunitiesTest < ActiveSupport::TestCase |
191 | 188 | end |
192 | 189 | |
193 | 190 | should 'not, anonymous list invisible communities' do |
194 | - anonymous_setup | |
195 | 191 | community1 = fast_create(Community, :environment_id => environment.id) |
196 | 192 | fast_create(Community, :environment_id => environment.id, :visible => false) |
197 | 193 | |
... | ... | @@ -201,7 +197,6 @@ class CommunitiesTest < ActiveSupport::TestCase |
201 | 197 | end |
202 | 198 | |
203 | 199 | should 'anonymous list private communities' do |
204 | - anonymous_setup | |
205 | 200 | community1 = fast_create(Community, :environment_id => environment.id) |
206 | 201 | community2 = fast_create(Community, :environment_id => environment.id, :public_profile => false) |
207 | 202 | |
... | ... | @@ -211,7 +206,6 @@ class CommunitiesTest < ActiveSupport::TestCase |
211 | 206 | end |
212 | 207 | |
213 | 208 | should 'not, anonymous create a community' do |
214 | - anonymous_setup | |
215 | 209 | params[:community] = {:name => 'some'} |
216 | 210 | post "/api/v1/communities?#{params.to_query}" |
217 | 211 | json = JSON.parse(last_response.body) |
... | ... | @@ -219,7 +213,6 @@ class CommunitiesTest < ActiveSupport::TestCase |
219 | 213 | end |
220 | 214 | |
221 | 215 | should 'anonymous get community' do |
222 | - anonymous_setup | |
223 | 216 | community = fast_create(Community, :environment_id => environment.id) |
224 | 217 | get "/api/v1/communities/#{community.id}" |
225 | 218 | json = JSON.parse(last_response.body) |
... | ... | @@ -227,7 +220,6 @@ class CommunitiesTest < ActiveSupport::TestCase |
227 | 220 | end |
228 | 221 | |
229 | 222 | should 'not, anonymous get invisible community' do |
230 | - anonymous_setup | |
231 | 223 | community = fast_create(Community, :environment_id => environment.id, :visible => false) |
232 | 224 | get "/api/v1/communities/#{community.id}" |
233 | 225 | json = JSON.parse(last_response.body) |
... | ... | @@ -235,7 +227,6 @@ class CommunitiesTest < ActiveSupport::TestCase |
235 | 227 | end |
236 | 228 | |
237 | 229 | should 'not, anonymous get private communities' do |
238 | - anonymous_setup | |
239 | 230 | community = fast_create(Community, :environment_id => environment.id) |
240 | 231 | fast_create(Community, :environment_id => environment.id, :public_profile => false) |
241 | 232 | get "/api/v1/communities/#{community.id}" |
... | ... | @@ -244,7 +235,6 @@ class CommunitiesTest < ActiveSupport::TestCase |
244 | 235 | end |
245 | 236 | |
246 | 237 | should 'anonymous list communities with pagination' do |
247 | - anonymous_setup | |
248 | 238 | community1 = fast_create(Community, :public_profile => true, :created_at => 1.day.ago) |
249 | 239 | community2 = fast_create(Community, :created_at => 2.days.ago) |
250 | 240 | |
... | ... | @@ -266,7 +256,6 @@ class CommunitiesTest < ActiveSupport::TestCase |
266 | 256 | end |
267 | 257 | |
268 | 258 | should 'anonymous list communities with timestamp' do |
269 | - anonymous_setup | |
270 | 259 | community1 = fast_create(Community, :public_profile => true) |
271 | 260 | community2 = fast_create(Community) |
272 | 261 | |
... | ... | @@ -282,7 +271,6 @@ class CommunitiesTest < ActiveSupport::TestCase |
282 | 271 | end |
283 | 272 | |
284 | 273 | should 'display public custom fields to anonymous' do |
285 | - anonymous_setup | |
286 | 274 | CustomField.create!(:name => "Rating", :format => "string", :customized_type => "Community", :active => true, :environment => Environment.default) |
287 | 275 | some_community = fast_create(Community) |
288 | 276 | some_community.custom_values = { "Rating" => { "value" => "Five stars", "public" => "true"} } |
... | ... | @@ -295,7 +283,6 @@ class CommunitiesTest < ActiveSupport::TestCase |
295 | 283 | end |
296 | 284 | |
297 | 285 | should 'not display private custom fields to anonymous' do |
298 | - anonymous_setup | |
299 | 286 | CustomField.create!(:name => "Rating", :format => "string", :customized_type => "Community", :active => true, :environment => Environment.default) |
300 | 287 | some_community = fast_create(Community) |
301 | 288 | some_community.custom_values = { "Rating" => { "value" => "Five stars", "public" => "false"} } |
... | ... | @@ -306,5 +293,4 @@ class CommunitiesTest < ActiveSupport::TestCase |
306 | 293 | refute json['community']['additional_data'].has_key?('Rating') |
307 | 294 | end |
308 | 295 | |
309 | - | |
310 | 296 | end | ... | ... |
test/api/enterprises_test.rb
... | ... | @@ -64,14 +64,14 @@ class EnterprisesTest < ActiveSupport::TestCase |
64 | 64 | assert_equal [enterprise1.id], json['enterprises'].map {|c| c['id']} |
65 | 65 | end |
66 | 66 | |
67 | - should 'not, logger user list invisible enterprises' do | |
67 | + should 'not, logged user list invisible enterprises' do | |
68 | 68 | login_api |
69 | 69 | enterprise1 = fast_create(Enterprise, :environment_id => environment.id) |
70 | 70 | fast_create(Enterprise, :visible => false) |
71 | 71 | |
72 | 72 | get "/api/v1/enterprises?#{params.to_query}" |
73 | 73 | json = JSON.parse(last_response.body) |
74 | - assert_equal [enterprise1.id], json['enterprises'].map {|c| c['id']} | |
74 | + assert_equal [enterprise1.id, enterprise2.id], json['enterprises'].map {|c| c['id']} | |
75 | 75 | end |
76 | 76 | |
77 | 77 | should 'anonymous list private enterprises' do | ... | ... |
test/api/people_test.rb
... | ... | @@ -61,7 +61,6 @@ class PeopleTest < ActiveSupport::TestCase |
61 | 61 | end |
62 | 62 | |
63 | 63 | should 'annoymous not list invisible people' do |
64 | - anonymous_setup | |
65 | 64 | invisible_person = fast_create(Person, :visible => false) |
66 | 65 | |
67 | 66 | get "/api/v1/people?#{params.to_query}" |
... | ... | @@ -105,7 +104,6 @@ class PeopleTest < ActiveSupport::TestCase |
105 | 104 | end |
106 | 105 | |
107 | 106 | should 'anonymous get person' do |
108 | - anonymous_setup | |
109 | 107 | some_person = fast_create(Person) |
110 | 108 | |
111 | 109 | get "/api/v1/people/#{some_person.id}?#{params.to_query}" |
... | ... | @@ -113,7 +111,6 @@ class PeopleTest < ActiveSupport::TestCase |
113 | 111 | assert_equal some_person.id, json['person']['id'] |
114 | 112 | end |
115 | 113 | |
116 | - | |
117 | 114 | should 'people endpoint filter by fields parameter for logged user' do |
118 | 115 | login_api |
119 | 116 | get "/api/v1/people?#{params.to_query}&fields=name" |
... | ... | @@ -156,7 +153,6 @@ class PeopleTest < ActiveSupport::TestCase |
156 | 153 | end |
157 | 154 | |
158 | 155 | should 'anonymous not get invisible person' do |
159 | - anonymous_setup | |
160 | 156 | person = fast_create(Person, :visible => false) |
161 | 157 | |
162 | 158 | get "/api/v1/people/#{person.id}?#{params.to_query}" | ... | ... |
test/api/profiles_test.rb
... | ... | @@ -117,7 +117,6 @@ class ProfilesTest < ActiveSupport::TestCase |
117 | 117 | end |
118 | 118 | |
119 | 119 | should 'display public custom fields to anonymous' do |
120 | - anonymous_setup | |
121 | 120 | CustomField.create!(:name => "Rating", :format => "string", :customized_type => "Profile", :active => true, :environment => Environment.default) |
122 | 121 | some_profile = fast_create(Profile) |
123 | 122 | some_profile.custom_values = { "Rating" => { "value" => "Five stars", "public" => "true"} } |
... | ... | @@ -130,7 +129,6 @@ class ProfilesTest < ActiveSupport::TestCase |
130 | 129 | end |
131 | 130 | |
132 | 131 | should 'not display private custom fields to anonymous' do |
133 | - anonymous_setup | |
134 | 132 | CustomField.create!(:name => "Rating", :format => "string", :customized_type => "Profile", :active => true, :environment => Environment.default) |
135 | 133 | some_profile = fast_create(Profile) |
136 | 134 | some_profile.custom_values = { "Rating" => { "value" => "Five stars", "public" => "false"} } | ... | ... |
test/api/test_helper.rb
... | ... | @@ -25,11 +25,6 @@ class ActiveSupport::TestCase |
25 | 25 | @params = {:private_token => @private_token} |
26 | 26 | end |
27 | 27 | |
28 | - def anonymous_setup | |
29 | - @environment = Environment.default | |
30 | - @params = {} | |
31 | - end | |
32 | - | |
33 | 28 | attr_accessor :private_token, :user, :person, :params, :environment |
34 | 29 | |
35 | 30 | private | ... | ... |