diff --git a/app/controllers/public/content_viewer_controller.rb b/app/controllers/public/content_viewer_controller.rb index a1381d2..e52e358 100644 --- a/app/controllers/public/content_viewer_controller.rb +++ b/app/controllers/public/content_viewer_controller.rb @@ -72,7 +72,7 @@ class ContentViewerController < PublicController def remove_comment @comment = @page.comments.find(params[:remove_comment]) - if (user == @comment.author) || (user == @page.profile) + if (user == @comment.author || user == @page.profile || user.has_permission?(:moderate_comments, @page.profile)) @comment.destroy flash[:notice] = _('Comment succesfully deleted') end diff --git a/app/models/profile.rb b/app/models/profile.rb index 58d75f6..59cdcf5 100644 --- a/app/models/profile.rb +++ b/app/models/profile.rb @@ -34,6 +34,7 @@ class Profile < ActiveRecord::Base 'manage_friends' => N_('Manage friends'), 'validate_enterprise' => N_('Validate enterprise'), 'perform_task' => N_('Perform task'), + 'moderate_comments' => N_('Moderate comments'), } acts_as_accessible diff --git a/app/views/content_viewer/_comment.rhtml b/app/views/content_viewer/_comment.rhtml index bd5b6c2..efe0c36 100644 --- a/app/views/content_viewer/_comment.rhtml +++ b/app/views/content_viewer/_comment.rhtml @@ -1,6 +1,6 @@ <%= content_tag('a', '', :name => comment.anchor) %>
- <% if logged_in? && (user == @page.profile || user == comment.author) %> + <% if logged_in? && (user == @page.profile || user == comment.author || user.has_permission?(:moderate_comments, @page.profile)) %> <% button_bar(:style => 'float: right; margin-top: 0;') do %> <%= icon_button(:delete, _('Remove'), { :remove_comment => comment.id }, :method => :post, :confirm => _('Are you sure you want to remove this comment?')) %> <% end %> diff --git a/db/migrate/045_more_new_permissions.rb b/db/migrate/045_more_new_permissions.rb new file mode 100644 index 0000000..d8c5bba --- /dev/null +++ b/db/migrate/045_more_new_permissions.rb @@ -0,0 +1,21 @@ +class MoreNewPermissions < ActiveRecord::Migration + def self.up + admin = Profile::Roles.admin + admin.permissions += ['moderate_comments'] + admin.save + + moderator = Profile::Roles.moderator + moderator.permissions += ['moderate_comments'] + moderator.save + end + + def self.down + admin = Profile::Roles.admin + admin.permissions -= ['moderate_comments'] + admin.save + + moderator = Profile::Roles.moderator + moderator.permissions -= ['moderate_comments'] + moderator.save + end +end diff --git a/db/schema.rb b/db/schema.rb index f6e9daa..bf7e7a1 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -9,7 +9,7 @@ # # It's strongly recommended to check this file into your version control system. -ActiveRecord::Schema.define(:version => 44) do +ActiveRecord::Schema.define(:version => 45) do create_table "article_versions", :force => true do |t| t.integer "article_id" diff --git a/test/fixtures/roles.yml b/test/fixtures/roles.yml index a08be0e..ff2bb45 100644 --- a/test/fixtures/roles.yml +++ b/test/fixtures/roles.yml @@ -3,7 +3,7 @@ one: id: 1 name: 'member' permissions: - - post_content + - post_content two: id: 2 name: 'owner' @@ -16,7 +16,7 @@ three: id: 3 name: 'moderator' permissions: - - manage_memberships + - manage_memberships four: id: 4 name: 'admin' @@ -27,6 +27,7 @@ four: - manage_environment_categories - manage_environment_roles - manage_environment_validators + - moderate_comments profile_admin: id: 5 key: 'profile_admin' @@ -34,6 +35,7 @@ profile_admin: system: true permissions: - edit_profile_design + - moderate_comments profile_member: id: 6 key: 'profile_member' @@ -48,3 +50,5 @@ profile_moderator: key: 'profile_moderator' name: 'Profile Moderator' system: true + permissions: + - moderate_comments diff --git a/test/functional/content_viewer_controller_test.rb b/test/functional/content_viewer_controller_test.rb index a990964..0ce8a5c 100644 --- a/test/functional/content_viewer_controller_test.rb +++ b/test/functional/content_viewer_controller_test.rb @@ -160,7 +160,6 @@ class ContentViewerControllerTest < Test::Unit::TestCase post :view_page, :profile => profile.identifier, :page => [ 'test' ], :remove_comment => comment.id assert_response :redirect end - end should 'not be able to post comment while inverse captcha field filled' do @@ -174,6 +173,19 @@ class ContentViewerControllerTest < Test::Unit::TestCase end end + should 'be able to remove comments if is moderator' do + commenter = create_user('commenter_user').person + community = Community.create!(:name => 'Community test', :identifier => 'community-test') + article = community.articles.create!(:name => 'test') + comment = article.comments.create!(:author => commenter, :title => 'a comment', :body => 'lalala') + community.add_moderator(profile) + login_as profile.identifier + assert_difference Comment, :count, -1 do + post :view_page, :profile => community.identifier, :page => [ 'test' ], :remove_comment => comment.id + assert_response :redirect + end + end + should 'render inverse captcha field' do profile = create_user('popstar').person page = profile.articles.build(:name => 'myarticle', :body => 'the body of the text') diff --git a/test/unit/organization_test.rb b/test/unit/organization_test.rb index 9eb41fe..b5546dd 100644 --- a/test/unit/organization_test.rb +++ b/test/unit/organization_test.rb @@ -188,7 +188,6 @@ class OrganizationTest < Test::Unit::TestCase assert_not_includes c.members, p end - # FIXME why members dont return moderators??? should 'allow to add new moderator' do o = Organization.create!(:name => 'my test profile', :identifier => 'mytestprofile') p = create_user('myanothertestuser').person @@ -198,4 +197,11 @@ class OrganizationTest < Test::Unit::TestCase assert o.members.include?(p), "Organization should add the new moderator" end + should 'moderator has moderate_comments permission' do + o = Organization.create!(:name => 'my test profile', :identifier => 'mytestprofile') + p = create_user('myanothertestuser').person + o.add_moderator(p) + assert p.has_permission?(:moderate_comments, o) + end + end -- libgit2 0.21.2