Download as
Browse Code »

Commit 15720094d082994f46253c5eb0b8728bfe5c3844

Authored by Rodrigo Souto
1 parent 4d40b678
Exists in master and in 29 other branches add_member_task_reject_details, admin_visible_profile, article-list-template, community_notifications, contact_admin_translation, event_fixes, fix_comments_pagination, fix_rails4_organization_ratings, fix_sign_up_form, follow_step_fix, forum_topic_creation, mirror_block_improvements, multi_env_on_remote_user, new_security, noosfero_spb_ci, organization_ratings_improvements, organization_ratings_link_to_profile_stable-spb-1.3, organization_ratings_translations_fix, profile_api_improvements, ratings_minor_fixes, remote_user_fix, send_email_to_admins, stable-spb-1.3, stable-spb-1.3-fixes, stable-spb-1.4, stable-spb-1.5, suggest_rejected_value, web_steps_improvements, xss_terminate_custom_options

[comments-refactor-review] Checking permissions to show remove link

Showing 2 changed files with 15 additions and 1 deletions   Show diff stats
app/helpers/comment_helper.rb
  Diff comments   View file @1572009
@@ -62,7 +62,7 @@ module CommentHelper @@ -62,7 +62,7 @@ module CommentHelper
62 end 62 end
63 63
64 def link_for_remove(comment) 64 def link_for_remove(comment)
65 - if logged_in? && (user == profile || user == comment.author || user.has_permission?(:moderate_comments, profile)) 65 + if comment.can_be_destroyed_by?(user)
66 {:link => link_to_function(_('Remove'), 'remove_comment(this, %s, %s); return false ;' % [url_for(:profile => profile.identifier, :controller => 'comment', :action => :destroy, :id => comment.id).to_json, _('Are you sure you want to remove this comment and all its replies?').to_json], :class => 'comment-footer comment-footer-link comment-footer-hide remove-children')} 66 {:link => link_to_function(_('Remove'), 'remove_comment(this, %s, %s); return false ;' % [url_for(:profile => profile.identifier, :controller => 'comment', :action => :destroy, :id => comment.id).to_json, _('Are you sure you want to remove this comment and all its replies?').to_json], :class => 'comment-footer comment-footer-link comment-footer-hide remove-children')}
67 end 67 end
68 end 68 end
test/unit/comment_helper_test.rb
  Diff comments   View file @1572009
@@ -117,6 +117,20 @@ class CommentHelperTest < ActiveSupport::TestCase @@ -117,6 +117,20 @@ class CommentHelperTest < ActiveSupport::TestCase
117 assert link 117 assert link
118 end 118 end
119 119
  120 + should 'do not return link for remove comment' do
  121 + comment = Comment.new
  122 + comment.stubs(:can_be_destroyed_by?).with(user).returns(false)
  123 + link = link_for_remove(comment)
  124 + assert_nil link
  125 + end
  126 +
  127 + should 'return link for remove comment' do
  128 + comment = Comment.new
  129 + comment.stubs(:can_be_destroyed_by?).with(user).returns(true)
  130 + link = link_for_remove(comment)
  131 + assert link
  132 + end
  133 +
120 def link_to_function(content, url, options = {}) 134 def link_to_function(content, url, options = {})
121 link_to(content, url, options) 135 link_to(content, url, options)
122 end 136 end