Download as
Browse Code »

Commit 265f85f769eddafdb1bc263146172519551369c9

Authored by AntonioTerceiro
1 parent 2b571b6d
Exists in master and in 29 other branches add_member_task_reject_details, admin_visible_profile, article-list-template, community_notifications, contact_admin_translation, event_fixes, fix_comments_pagination, fix_rails4_organization_ratings, fix_sign_up_form, follow_step_fix, forum_topic_creation, mirror_block_improvements, multi_env_on_remote_user, new_security, noosfero_spb_ci, organization_ratings_improvements, organization_ratings_link_to_profile_stable-spb-1.3, organization_ratings_translations_fix, profile_api_improvements, ratings_minor_fixes, remote_user_fix, send_email_to_admins, stable-spb-1.3, stable-spb-1.3-fixes, stable-spb-1.4, stable-spb-1.5, suggest_rejected_value, web_steps_improvements, xss_terminate_custom_options

ActionItem438: enabling "New publication" popup without SSL 

git-svn-id: https://svn.colivre.coop.br/svn/noosfero/trunk@2474 3f533792-8f58-4932-b0fe-aaf55b0a4547
Showing 2 changed files with 28 additions and 0 deletions   Show diff stats
app/controllers/my_profile/cms_controller.rb
  Diff comments   View file @265f85f
@@ -3,6 +3,16 @@ class CmsController < MyProfileController @@ -3,6 +3,16 @@ class CmsController < MyProfileController
3 protect 'post_content', :profile, :except => [:set_home_page] 3 protect 'post_content', :profile, :except => [:set_home_page]
4 protect 'edit_profile', :profile, :only => [:set_home_page] 4 protect 'edit_profile', :profile, :only => [:set_home_page]
5 5
  6 + alias :check_ssl_orig :check_ssl
  7 + # Redefines the SSL checking to avoid requiring SSL when creating the "New
  8 + # publication" button on article's public view.
  9 + def check_ssl
  10 + if ((params[:action] == 'new') && (!request.xhr?)) || (params[:action] != 'new')
  11 + #raise 'bli'
  12 + check_ssl_orig
  13 + end
  14 + end
  15 +
6 def boxes_holder 16 def boxes_holder
7 profile 17 profile
8 end 18 end
test/functional/cms_controller_test.rb
  Diff comments   View file @265f85f
@@ -592,4 +592,22 @@ class CmsControllerTest < Test::Unit::TestCase @@ -592,4 +592,22 @@ class CmsControllerTest < Test::Unit::TestCase
592 end 592 end
593 end 593 end
594 594
  595 + should 'require ssl in general' do
  596 + @request.expects(:ssl?).returns(false).at_least_once
  597 + get :index, :profile => 'testinguser'
  598 + assert_redirected_to :protocol => 'https://'
  599 + end
  600 +
  601 + should 'accept ajax connections to new action without ssl' do
  602 + @request.expects(:ssl?).returns(false).at_least_once
  603 + xml_http_request :get, :new, :profile => 'testinguser'
  604 + assert_response :success
  605 + end
  606 +
  607 + should 'not accept non-ajax connections to new action without ssl' do
  608 + @request.expects(:ssl?).returns(false).at_least_once
  609 + get :new, :profile => 'testinguser'
  610 + assert_redirected_to :protocol => 'https://'
  611 + end
  612 +
595 end 613 end