Download as
Browse Code »

Commit 1308d7fa36b937aab0caf9930345df04c362b614

Authored by Tallys Martins
1 parent ae016525
Exists in master and in 29 other branches add_member_task_reject_details, admin_visible_profile, article-list-template, community_notifications, contact_admin_translation, event_fixes, fix_comments_pagination, fix_rails4_organization_ratings, fix_sign_up_form, follow_step_fix, forum_topic_creation, mirror_block_improvements, multi_env_on_remote_user, new_security, noosfero_spb_ci, organization_ratings_improvements, organization_ratings_link_to_profile_stable-spb-1.3, organization_ratings_translations_fix, profile_api_improvements, ratings_minor_fixes, remote_user_fix, send_email_to_admins, stable-spb-1.3, stable-spb-1.3-fixes, stable-spb-1.4, stable-spb-1.5, suggest_rejected_value, web_steps_improvements, xss_terminate_custom_options

Writing functional tests to Work Assignment Plugin

Showing 2 changed files with 31 additions and 10 deletions   Show diff stats
plugins/work_assignment/lib/ext/cms_controller.rb
  Diff comments   View file @1308d7f
... ... @@ -4,7 +4,8 @@ class CmsController
4 4  
5 5 protect_if :only => :edit_visibility do |c, user, profile|
6 6 article = c.environment.articles.find_by_id(c.params[:article_id])
7   - (user && !article.nil? && article.folder? && article.parent.allow_privacy_edition &&
  7 + (user && !article.nil? && (user.is_member_of? article.profile) &&
  8 + article.parent.allow_privacy_edition && article.folder? &&
8 9 (article.author == user || user.has_permission?('view_private_content', profile)))
9 10 end
10 11  
... ...
plugins/work_assignment/test/functional/cms_controller_test.rb
  Diff comments   View file @1308d7f
... ... @@ -27,7 +27,7 @@ class CmsControllerTest < ActionController::TestCase
27 27 end
28 28  
29 29 should 'not allow non-members to upload submissions on work_assignment' do
30   - work_assignment = create_work_assignment('Another Work Assignment', @organization, nil, nil)
  30 + work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil)
31 31 get :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id
32 32 assert_response :forbidden
33 33 assert_template 'access_denied'
... ... @@ -36,20 +36,20 @@ class CmsControllerTest < ActionController::TestCase
36 36 should 'allow members to upload submissions on work_assignment' do
37 37 @organization.add_member(person)
38 38 # then he trys to upload new stuff
39   - work_assignment = create_work_assignment('Another Work Assignment', @organization, nil, nil)
  39 + work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil)
40 40 get :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id
41 41 assert_response :success
42 42 end
43 43  
44 44 should 'redirect to Work Assignment view page after upload submission' do
45 45 @organization.add_member(person)
46   - work_assignment = create_work_assignment('Another Work Assignment', @organization, nil, nil)
  46 + work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil)
47 47 post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] , :back_to => @work_assignment.url
48 48 assert_redirected_to work_assignment.url
49 49 end
50 50  
51 51 should 'upload submission and automatically move it to the author folder' do
52   - work_assignment = create_work_assignment('Another Work Assignment', @organization, nil, nil)
  52 + work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil)
53 53 @organization.add_member(person)
54 54 post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')]
55 55 submission = UploadedFile.last
... ... @@ -57,21 +57,21 @@ class CmsControllerTest < ActionController::TestCase
57 57 end
58 58  
59 59 should 'work_assignment attribute allow_privacy_edition is true when set a new work_assignment' do
60   - work_assignment = create_work_assignment('Another Work Assignment', @organization, nil, true)
  60 + work_assignment = create_work_assignment('Work Assignment', @organization, nil, true)
61 61 @organization.add_member(person)
62 62 assert_equal true, work_assignment.allow_privacy_edition
63 63 end
64 64  
65 65 should 'a submission and parent attribute "published" be equal to Work Assignment attribute publish submissions' do
66 66 @organization.add_member(person)
67   - work_assignment = create_work_assignment('Another Work Assignment', @organization, true, nil)
  67 + work_assignment = create_work_assignment('Work Assignment', @organization, true, nil)
68 68 assert_equal true, work_assignment.publish_submissions
69 69 post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')]
70 70 submission = UploadedFile.last
71 71 assert_equal work_assignment.publish_submissions, submission.published
72 72 assert_equal work_assignment.publish_submissions, submission.parent.published
73 73  
74   - other_work_assignment = create_work_assignment('Another Other Work Assigment', @organization, false, nil)
  74 + other_work_assignment = create_work_assignment('Other Work Assigment', @organization, false, nil)
75 75 assert_equal false, other_work_assignment.publish_submissions
76 76 post :upload_files, :profile => @organization.identifier, :parent_id => other_work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')]
77 77 submission = UploadedFile.last
... ... @@ -82,7 +82,7 @@ class CmsControllerTest < ActionController::TestCase
82 82 should 'submission edit visibility deny access to users and admin when Work Assignment allow_privacy_edition is false' do
83 83 @organization.add_member(person)
84 84 ##### Testing with normal user
85   - work_assignment = create_work_assignment('Another Work Assignment', @organization, nil, nil)
  85 + work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil)
86 86 post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')]
87 87 submission = UploadedFile.last
88 88 assert_equal false, submission.published
... ... @@ -115,7 +115,7 @@ class CmsControllerTest < ActionController::TestCase
115 115  
116 116 should 'redirect an unlogged user to the login page if he tryes to access the edit visibility page and work_assignment allow_privacy_edition is true' do
117 117 @organization.add_member(person)
118   - work_assignment = create_work_assignment('Another Work Assignment', @organization, nil, nil)
  118 + work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil)
119 119 work_assignment.allow_privacy_edition = true # the user can edit the privacy
120 120 assert_equal true, work_assignment.allow_privacy_edition
121 121 work_assignment.save!
... ... @@ -194,6 +194,26 @@ class CmsControllerTest < ActionController::TestCase
194 194 assert_equal true, submission.display_unpublished_article_to?(other_person)
195 195 end
196 196  
  197 + should 'submission edit_visibility deny access to owner if not organization member' do
  198 + @organization.add_member(person) # current_user is a member
  199 + work_assignment = create_work_assignment('Work Assignment', @organization, nil, true)
  200 + post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')]
  201 + @organization.remove_member(person)
  202 + submission = UploadedFile.last
  203 +
  204 + assert_equal false, (person.is_member_of? submission.profile)
  205 +
  206 + post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id
  207 + assert_template 'access_denied'
  208 +
  209 + post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id, :article => { :published => true }
  210 + assert_template 'access_denied'
  211 +
  212 + submission.reload
  213 + assert_equal false, submission.parent.published
  214 + assert_equal false, submission.published
  215 + end
  216 +
197 217 private
198 218 def create_work_assignment(name = nil, profile = nil, publish_submissions = nil, allow_privacy_edition = nil)
199 219 @work_assignment = WorkAssignmentPlugin::WorkAssignment.create!(:name => name, :profile => profile, :publish_submissions => publish_submissions, :allow_privacy_edition => allow_privacy_edition)
... ...