Download as
Browse Code »

Commit 1308d7fa36b937aab0caf9930345df04c362b614

Authored by Tallys Martins
1 parent ae016525
Exists in master and in 29 other branches add_member_task_reject_details, admin_visible_profile, article-list-template, community_notifications, contact_admin_translation, event_fixes, fix_comments_pagination, fix_rails4_organization_ratings, fix_sign_up_form, follow_step_fix, forum_topic_creation, mirror_block_improvements, multi_env_on_remote_user, new_security, noosfero_spb_ci, organization_ratings_improvements, organization_ratings_link_to_profile_stable-spb-1.3, organization_ratings_translations_fix, profile_api_improvements, ratings_minor_fixes, remote_user_fix, send_email_to_admins, stable-spb-1.3, stable-spb-1.3-fixes, stable-spb-1.4, stable-spb-1.5, suggest_rejected_value, web_steps_improvements, xss_terminate_custom_options

Writing functional tests to Work Assignment Plugin

Showing 2 changed files with 31 additions and 10 deletions   Show diff stats
plugins/work_assignment/lib/ext/cms_controller.rb
  Diff comments   View file @1308d7f
@@ -4,7 +4,8 @@ class CmsController @@ -4,7 +4,8 @@ class CmsController
4 4
5 protect_if :only => :edit_visibility do |c, user, profile| 5 protect_if :only => :edit_visibility do |c, user, profile|
6 article = c.environment.articles.find_by_id(c.params[:article_id]) 6 article = c.environment.articles.find_by_id(c.params[:article_id])
7 - (user && !article.nil? && article.folder? && article.parent.allow_privacy_edition && 7 + (user && !article.nil? && (user.is_member_of? article.profile) &&
  8 + article.parent.allow_privacy_edition && article.folder? &&
8 (article.author == user || user.has_permission?('view_private_content', profile))) 9 (article.author == user || user.has_permission?('view_private_content', profile)))
9 end 10 end
10 11
plugins/work_assignment/test/functional/cms_controller_test.rb
  Diff comments   View file @1308d7f
@@ -27,7 +27,7 @@ class CmsControllerTest < ActionController::TestCase @@ -27,7 +27,7 @@ class CmsControllerTest < ActionController::TestCase
27 end 27 end
28 28
29 should 'not allow non-members to upload submissions on work_assignment' do 29 should 'not allow non-members to upload submissions on work_assignment' do
30 - work_assignment = create_work_assignment('Another Work Assignment', @organization, nil, nil) 30 + work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil)
31 get :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id 31 get :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id
32 assert_response :forbidden 32 assert_response :forbidden
33 assert_template 'access_denied' 33 assert_template 'access_denied'
@@ -36,20 +36,20 @@ class CmsControllerTest < ActionController::TestCase @@ -36,20 +36,20 @@ class CmsControllerTest < ActionController::TestCase
36 should 'allow members to upload submissions on work_assignment' do 36 should 'allow members to upload submissions on work_assignment' do
37 @organization.add_member(person) 37 @organization.add_member(person)
38 # then he trys to upload new stuff 38 # then he trys to upload new stuff
39 - work_assignment = create_work_assignment('Another Work Assignment', @organization, nil, nil) 39 + work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil)
40 get :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id 40 get :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id
41 assert_response :success 41 assert_response :success
42 end 42 end
43 43
44 should 'redirect to Work Assignment view page after upload submission' do 44 should 'redirect to Work Assignment view page after upload submission' do
45 @organization.add_member(person) 45 @organization.add_member(person)
46 - work_assignment = create_work_assignment('Another Work Assignment', @organization, nil, nil) 46 + work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil)
47 post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] , :back_to => @work_assignment.url 47 post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] , :back_to => @work_assignment.url
48 assert_redirected_to work_assignment.url 48 assert_redirected_to work_assignment.url
49 end 49 end
50 50
51 should 'upload submission and automatically move it to the author folder' do 51 should 'upload submission and automatically move it to the author folder' do
52 - work_assignment = create_work_assignment('Another Work Assignment', @organization, nil, nil) 52 + work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil)
53 @organization.add_member(person) 53 @organization.add_member(person)
54 post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] 54 post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')]
55 submission = UploadedFile.last 55 submission = UploadedFile.last
@@ -57,21 +57,21 @@ class CmsControllerTest < ActionController::TestCase @@ -57,21 +57,21 @@ class CmsControllerTest < ActionController::TestCase
57 end 57 end
58 58
59 should 'work_assignment attribute allow_privacy_edition is true when set a new work_assignment' do 59 should 'work_assignment attribute allow_privacy_edition is true when set a new work_assignment' do
60 - work_assignment = create_work_assignment('Another Work Assignment', @organization, nil, true) 60 + work_assignment = create_work_assignment('Work Assignment', @organization, nil, true)
61 @organization.add_member(person) 61 @organization.add_member(person)
62 assert_equal true, work_assignment.allow_privacy_edition 62 assert_equal true, work_assignment.allow_privacy_edition
63 end 63 end
64 64
65 should 'a submission and parent attribute "published" be equal to Work Assignment attribute publish submissions' do 65 should 'a submission and parent attribute "published" be equal to Work Assignment attribute publish submissions' do
66 @organization.add_member(person) 66 @organization.add_member(person)
67 - work_assignment = create_work_assignment('Another Work Assignment', @organization, true, nil) 67 + work_assignment = create_work_assignment('Work Assignment', @organization, true, nil)
68 assert_equal true, work_assignment.publish_submissions 68 assert_equal true, work_assignment.publish_submissions
69 post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] 69 post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')]
70 submission = UploadedFile.last 70 submission = UploadedFile.last
71 assert_equal work_assignment.publish_submissions, submission.published 71 assert_equal work_assignment.publish_submissions, submission.published
72 assert_equal work_assignment.publish_submissions, submission.parent.published 72 assert_equal work_assignment.publish_submissions, submission.parent.published
73 73
74 - other_work_assignment = create_work_assignment('Another Other Work Assigment', @organization, false, nil) 74 + other_work_assignment = create_work_assignment('Other Work Assigment', @organization, false, nil)
75 assert_equal false, other_work_assignment.publish_submissions 75 assert_equal false, other_work_assignment.publish_submissions
76 post :upload_files, :profile => @organization.identifier, :parent_id => other_work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] 76 post :upload_files, :profile => @organization.identifier, :parent_id => other_work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')]
77 submission = UploadedFile.last 77 submission = UploadedFile.last
@@ -82,7 +82,7 @@ class CmsControllerTest < ActionController::TestCase @@ -82,7 +82,7 @@ class CmsControllerTest < ActionController::TestCase
82 should 'submission edit visibility deny access to users and admin when Work Assignment allow_privacy_edition is false' do 82 should 'submission edit visibility deny access to users and admin when Work Assignment allow_privacy_edition is false' do
83 @organization.add_member(person) 83 @organization.add_member(person)
84 ##### Testing with normal user 84 ##### Testing with normal user
85 - work_assignment = create_work_assignment('Another Work Assignment', @organization, nil, nil) 85 + work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil)
86 post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] 86 post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')]
87 submission = UploadedFile.last 87 submission = UploadedFile.last
88 assert_equal false, submission.published 88 assert_equal false, submission.published
@@ -115,7 +115,7 @@ class CmsControllerTest < ActionController::TestCase @@ -115,7 +115,7 @@ class CmsControllerTest < ActionController::TestCase
115 115
116 should 'redirect an unlogged user to the login page if he tryes to access the edit visibility page and work_assignment allow_privacy_edition is true' do 116 should 'redirect an unlogged user to the login page if he tryes to access the edit visibility page and work_assignment allow_privacy_edition is true' do
117 @organization.add_member(person) 117 @organization.add_member(person)
118 - work_assignment = create_work_assignment('Another Work Assignment', @organization, nil, nil) 118 + work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil)
119 work_assignment.allow_privacy_edition = true # the user can edit the privacy 119 work_assignment.allow_privacy_edition = true # the user can edit the privacy
120 assert_equal true, work_assignment.allow_privacy_edition 120 assert_equal true, work_assignment.allow_privacy_edition
121 work_assignment.save! 121 work_assignment.save!
@@ -194,6 +194,26 @@ class CmsControllerTest < ActionController::TestCase @@ -194,6 +194,26 @@ class CmsControllerTest < ActionController::TestCase
194 assert_equal true, submission.display_unpublished_article_to?(other_person) 194 assert_equal true, submission.display_unpublished_article_to?(other_person)
195 end 195 end
196 196
  197 + should 'submission edit_visibility deny access to owner if not organization member' do
  198 + @organization.add_member(person) # current_user is a member
  199 + work_assignment = create_work_assignment('Work Assignment', @organization, nil, true)
  200 + post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')]
  201 + @organization.remove_member(person)
  202 + submission = UploadedFile.last
  203 +
  204 + assert_equal false, (person.is_member_of? submission.profile)
  205 +
  206 + post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id
  207 + assert_template 'access_denied'
  208 +
  209 + post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id, :article => { :published => true }
  210 + assert_template 'access_denied'
  211 +
  212 + submission.reload
  213 + assert_equal false, submission.parent.published
  214 + assert_equal false, submission.published
  215 + end
  216 +
197 private 217 private
198 def create_work_assignment(name = nil, profile = nil, publish_submissions = nil, allow_privacy_edition = nil) 218 def create_work_assignment(name = nil, profile = nil, publish_submissions = nil, allow_privacy_edition = nil)
199 @work_assignment = WorkAssignmentPlugin::WorkAssignment.create!(:name => name, :profile => profile, :publish_submissions => publish_submissions, :allow_privacy_edition => allow_privacy_edition) 219 @work_assignment = WorkAssignmentPlugin::WorkAssignment.create!(:name => name, :profile => profile, :publish_submissions => publish_submissions, :allow_privacy_edition => allow_privacy_edition)