Commit 1308d7fa36b937aab0caf9930345df04c362b614
1 parent
ae016525
Exists in
master
and in
29 other branches
Writing functional tests to Work Assignment Plugin
Showing
2 changed files
with
31 additions
and
10 deletions
Show diff stats
plugins/work_assignment/lib/ext/cms_controller.rb
@@ -4,7 +4,8 @@ class CmsController | @@ -4,7 +4,8 @@ class CmsController | ||
4 | 4 | ||
5 | protect_if :only => :edit_visibility do |c, user, profile| | 5 | protect_if :only => :edit_visibility do |c, user, profile| |
6 | article = c.environment.articles.find_by_id(c.params[:article_id]) | 6 | article = c.environment.articles.find_by_id(c.params[:article_id]) |
7 | - (user && !article.nil? && article.folder? && article.parent.allow_privacy_edition && | 7 | + (user && !article.nil? && (user.is_member_of? article.profile) && |
8 | + article.parent.allow_privacy_edition && article.folder? && | ||
8 | (article.author == user || user.has_permission?('view_private_content', profile))) | 9 | (article.author == user || user.has_permission?('view_private_content', profile))) |
9 | end | 10 | end |
10 | 11 |
plugins/work_assignment/test/functional/cms_controller_test.rb
@@ -27,7 +27,7 @@ class CmsControllerTest < ActionController::TestCase | @@ -27,7 +27,7 @@ class CmsControllerTest < ActionController::TestCase | ||
27 | end | 27 | end |
28 | 28 | ||
29 | should 'not allow non-members to upload submissions on work_assignment' do | 29 | should 'not allow non-members to upload submissions on work_assignment' do |
30 | - work_assignment = create_work_assignment('Another Work Assignment', @organization, nil, nil) | 30 | + work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil) |
31 | get :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id | 31 | get :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id |
32 | assert_response :forbidden | 32 | assert_response :forbidden |
33 | assert_template 'access_denied' | 33 | assert_template 'access_denied' |
@@ -36,20 +36,20 @@ class CmsControllerTest < ActionController::TestCase | @@ -36,20 +36,20 @@ class CmsControllerTest < ActionController::TestCase | ||
36 | should 'allow members to upload submissions on work_assignment' do | 36 | should 'allow members to upload submissions on work_assignment' do |
37 | @organization.add_member(person) | 37 | @organization.add_member(person) |
38 | # then he trys to upload new stuff | 38 | # then he trys to upload new stuff |
39 | - work_assignment = create_work_assignment('Another Work Assignment', @organization, nil, nil) | 39 | + work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil) |
40 | get :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id | 40 | get :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id |
41 | assert_response :success | 41 | assert_response :success |
42 | end | 42 | end |
43 | 43 | ||
44 | should 'redirect to Work Assignment view page after upload submission' do | 44 | should 'redirect to Work Assignment view page after upload submission' do |
45 | @organization.add_member(person) | 45 | @organization.add_member(person) |
46 | - work_assignment = create_work_assignment('Another Work Assignment', @organization, nil, nil) | 46 | + work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil) |
47 | post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] , :back_to => @work_assignment.url | 47 | post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] , :back_to => @work_assignment.url |
48 | assert_redirected_to work_assignment.url | 48 | assert_redirected_to work_assignment.url |
49 | end | 49 | end |
50 | 50 | ||
51 | should 'upload submission and automatically move it to the author folder' do | 51 | should 'upload submission and automatically move it to the author folder' do |
52 | - work_assignment = create_work_assignment('Another Work Assignment', @organization, nil, nil) | 52 | + work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil) |
53 | @organization.add_member(person) | 53 | @organization.add_member(person) |
54 | post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] | 54 | post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] |
55 | submission = UploadedFile.last | 55 | submission = UploadedFile.last |
@@ -57,21 +57,21 @@ class CmsControllerTest < ActionController::TestCase | @@ -57,21 +57,21 @@ class CmsControllerTest < ActionController::TestCase | ||
57 | end | 57 | end |
58 | 58 | ||
59 | should 'work_assignment attribute allow_privacy_edition is true when set a new work_assignment' do | 59 | should 'work_assignment attribute allow_privacy_edition is true when set a new work_assignment' do |
60 | - work_assignment = create_work_assignment('Another Work Assignment', @organization, nil, true) | 60 | + work_assignment = create_work_assignment('Work Assignment', @organization, nil, true) |
61 | @organization.add_member(person) | 61 | @organization.add_member(person) |
62 | assert_equal true, work_assignment.allow_privacy_edition | 62 | assert_equal true, work_assignment.allow_privacy_edition |
63 | end | 63 | end |
64 | 64 | ||
65 | should 'a submission and parent attribute "published" be equal to Work Assignment attribute publish submissions' do | 65 | should 'a submission and parent attribute "published" be equal to Work Assignment attribute publish submissions' do |
66 | @organization.add_member(person) | 66 | @organization.add_member(person) |
67 | - work_assignment = create_work_assignment('Another Work Assignment', @organization, true, nil) | 67 | + work_assignment = create_work_assignment('Work Assignment', @organization, true, nil) |
68 | assert_equal true, work_assignment.publish_submissions | 68 | assert_equal true, work_assignment.publish_submissions |
69 | post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] | 69 | post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] |
70 | submission = UploadedFile.last | 70 | submission = UploadedFile.last |
71 | assert_equal work_assignment.publish_submissions, submission.published | 71 | assert_equal work_assignment.publish_submissions, submission.published |
72 | assert_equal work_assignment.publish_submissions, submission.parent.published | 72 | assert_equal work_assignment.publish_submissions, submission.parent.published |
73 | 73 | ||
74 | - other_work_assignment = create_work_assignment('Another Other Work Assigment', @organization, false, nil) | 74 | + other_work_assignment = create_work_assignment('Other Work Assigment', @organization, false, nil) |
75 | assert_equal false, other_work_assignment.publish_submissions | 75 | assert_equal false, other_work_assignment.publish_submissions |
76 | post :upload_files, :profile => @organization.identifier, :parent_id => other_work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] | 76 | post :upload_files, :profile => @organization.identifier, :parent_id => other_work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] |
77 | submission = UploadedFile.last | 77 | submission = UploadedFile.last |
@@ -82,7 +82,7 @@ class CmsControllerTest < ActionController::TestCase | @@ -82,7 +82,7 @@ class CmsControllerTest < ActionController::TestCase | ||
82 | should 'submission edit visibility deny access to users and admin when Work Assignment allow_privacy_edition is false' do | 82 | should 'submission edit visibility deny access to users and admin when Work Assignment allow_privacy_edition is false' do |
83 | @organization.add_member(person) | 83 | @organization.add_member(person) |
84 | ##### Testing with normal user | 84 | ##### Testing with normal user |
85 | - work_assignment = create_work_assignment('Another Work Assignment', @organization, nil, nil) | 85 | + work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil) |
86 | post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] | 86 | post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] |
87 | submission = UploadedFile.last | 87 | submission = UploadedFile.last |
88 | assert_equal false, submission.published | 88 | assert_equal false, submission.published |
@@ -115,7 +115,7 @@ class CmsControllerTest < ActionController::TestCase | @@ -115,7 +115,7 @@ class CmsControllerTest < ActionController::TestCase | ||
115 | 115 | ||
116 | should 'redirect an unlogged user to the login page if he tryes to access the edit visibility page and work_assignment allow_privacy_edition is true' do | 116 | should 'redirect an unlogged user to the login page if he tryes to access the edit visibility page and work_assignment allow_privacy_edition is true' do |
117 | @organization.add_member(person) | 117 | @organization.add_member(person) |
118 | - work_assignment = create_work_assignment('Another Work Assignment', @organization, nil, nil) | 118 | + work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil) |
119 | work_assignment.allow_privacy_edition = true # the user can edit the privacy | 119 | work_assignment.allow_privacy_edition = true # the user can edit the privacy |
120 | assert_equal true, work_assignment.allow_privacy_edition | 120 | assert_equal true, work_assignment.allow_privacy_edition |
121 | work_assignment.save! | 121 | work_assignment.save! |
@@ -194,6 +194,26 @@ class CmsControllerTest < ActionController::TestCase | @@ -194,6 +194,26 @@ class CmsControllerTest < ActionController::TestCase | ||
194 | assert_equal true, submission.display_unpublished_article_to?(other_person) | 194 | assert_equal true, submission.display_unpublished_article_to?(other_person) |
195 | end | 195 | end |
196 | 196 | ||
197 | + should 'submission edit_visibility deny access to owner if not organization member' do | ||
198 | + @organization.add_member(person) # current_user is a member | ||
199 | + work_assignment = create_work_assignment('Work Assignment', @organization, nil, true) | ||
200 | + post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] | ||
201 | + @organization.remove_member(person) | ||
202 | + submission = UploadedFile.last | ||
203 | + | ||
204 | + assert_equal false, (person.is_member_of? submission.profile) | ||
205 | + | ||
206 | + post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id | ||
207 | + assert_template 'access_denied' | ||
208 | + | ||
209 | + post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id, :article => { :published => true } | ||
210 | + assert_template 'access_denied' | ||
211 | + | ||
212 | + submission.reload | ||
213 | + assert_equal false, submission.parent.published | ||
214 | + assert_equal false, submission.published | ||
215 | + end | ||
216 | + | ||
197 | private | 217 | private |
198 | def create_work_assignment(name = nil, profile = nil, publish_submissions = nil, allow_privacy_edition = nil) | 218 | def create_work_assignment(name = nil, profile = nil, publish_submissions = nil, allow_privacy_edition = nil) |
199 | @work_assignment = WorkAssignmentPlugin::WorkAssignment.create!(:name => name, :profile => profile, :publish_submissions => publish_submissions, :allow_privacy_edition => allow_privacy_edition) | 219 | @work_assignment = WorkAssignmentPlugin::WorkAssignment.create!(:name => name, :profile => profile, :publish_submissions => publish_submissions, :allow_privacy_edition => allow_privacy_edition) |