Done

Caio Almeida · Daniela Feitosa
1 parent cd4a0e06
Showing 14 changed files with 211 additions and 14 deletions Show diff stats
app/controllers/my_profile/profile_editor_controller.rb
app/helpers/application_helper.rb
app/helpers/profile_editor_helper.rb
app/helpers/profile_helper.rb
app/models/person.rb
app/models/profile.rb
app/views/profile/_person_profile.rhtml
app/views/profile_editor/_person.rhtml
app/views/profile_editor/edit.rhtml
public/stylesheets/application.css
test/functional/profile_controller_test.rb
test/functional/profile_editor_controller_test.rb
test/unit/person_test.rb
test/unit/profile_test.rb
@@ -14,6 +14,7 @@ class ProfileEditorController &lt; MyProfileController
     @profile_data = profile
     @possible_domains = profile.possible_domains
     if request.post?
+      params[:profile_data][:fields_privacy] ||= {} if profile.person? && params[:profile_data].is_a?(Hash)
       begin
         Profile.transaction do
         Image.transaction do
@@ -866,7 +866,7 @@ module ApplicationHelper
       end
     else
       if profile.active_fields.include?(name)
-        result = field_html
+        result = content_tag('div', field_html + profile_field_privacy_selector(profile, name), :class => 'field-with-privacy-selector')
       end
     end
  
@@ -881,6 +881,10 @@ module ApplicationHelper
     result
   end
  
+  def profile_field_privacy_selector(profile, name)
+    profile.public? ? content_tag('div', check_box_tag('profile_data[fields_privacy][' + name + ']', 'public', profile.public_fields.include?(name)) + label_tag('profile_data_fields_privacy_' + name, _('Public')), :class => 'field-privacy-selector') : ''
+  end
+
   def template_stylesheet_path
     if profile.nil?
       "/designs/templates/#{environment.layout_template}/stylesheets/style.css"
@@ -145,4 +145,12 @@ module ProfileEditorHelper
     link_to title, url, :class => 'control-panel-%s' % icon
   end
  
+  def unchangeable_privacy_field(profile)
+    if profile.public?    
+      check_box_tag('', '', true, :disabled => true) + ' ' + _('Public')
+    else
+      ''
+    end
+  end
+
 end
 module ProfileHelper
  
   def display_field(title, profile, field, force = false)
-    if !force && !profile.active_fields.include?(field.to_s)
+    if (!force && field.to_s != 'email' && !profile.active_fields.include?(field.to_s)) ||
+       ((profile.active_fields.include?(field.to_s) || field.to_s == 'email') && !profile.public_fields.include?(field.to_s) && (!user || (user != profile && !user.is_a_friend?(profile))))
       return ''
     end
     value = profile.send(field)
@@ -456,6 +456,10 @@ class Person &lt; Profile
     Scrap.find_by_sql("SELECT id, updated_at, '#{Scrap.to_s}' AS klass FROM #{Scrap.table_name} WHERE scraps.receiver_id = #{self.id} AND scraps.scrap_id IS NULL UNION SELECT id, updated_at, '#{ActionTracker::Record.to_s}' AS klass FROM #{ActionTracker::Record.table_name} WHERE action_tracker.user_id = #{self.id} and action_tracker.verb != 'leave_scrap_to_self' and action_tracker.verb != 'add_member_in_community' ORDER BY updated_at DESC")
   end
  
+  def public_fields
+    self.fields_privacy.nil? ? self.active_fields : self.fields_privacy.reject{ |k, v| v != 'public' }.keys.map(&:to_s)
+  end
+
   protected
  
   def followed_by?(profile)
@@ -144,6 +144,7 @@ class Profile &lt; ActiveRecord::Base
   settings_items :redirect_l10n, :type => :boolean, :default => false
   settings_items :public_content, :type => :boolean, :default => true
   settings_items :description
+  settings_items :fields_privacy, :type => :hash, :default => {}
  
   validates_length_of :description, :maximum => 550, :allow_nil => true
  
@@ -876,6 +877,15 @@ private :generate_url, :url_options
     []
   end
  
+  # field => privacy (e.g.: "address" => "public")
+  def fields_privacy
+    self.data[:fields_privacy]
+  end
+
+  def public_fields
+    self.active_fields
+  end
+
   private
   def self.f_categories_label_proc(environment)
     ids = environment.top_level_category_as_facet_ids
@@ -13,15 +13,13 @@
     <td><%= show_date(profile.created_at) %></td>
   </tr>
  
-  <% if profile == user || profile.friends.include?(user) %>
-    <tr>
-      <th colspan='2'><%= _('Contact')%></th>
-    </tr>
-    <%= display_field(_('Address:'), profile, :address) %>
-    <%= display_field(_('ZIP code:'), profile, :zip_code) %>
-    <%= display_field(_('Contact phone:'), profile, :contact_phone) %>
-    <%= display_field(_('e-Mail:'), profile, :email, true) { |email| link_to_email(email) } %>
-  <% end %>
+  <tr>
+    <th colspan='2'><%= _('Contact')%></th>
+  </tr>
+  <%= display_field(_('Address:'), profile, :address) %>
+  <%= display_field(_('ZIP code:'), profile, :zip_code) %>
+  <%= display_field(_('Contact phone:'), profile, :contact_phone) %>
+  <%= display_field(_('e-Mail:'), profile, :email) { |email| link_to_email(email) } %>
  
   <% cache_timeout(profile.relationships_cache_key, 4.hours) do %>
     <% if !(profile.organization.blank? && profile.organization_website.blank?) && (profile.active_fields.include?('organization') || profile.active_fields.include?('organization_website')) %>
@@ -2,9 +2,19 @@
  
   <%= required_fields_message %>
  
-  <%= required f.text_field(:name) %>
+  <div class="field-with-privacy-selector">
+    <%= required f.text_field(:name) %>
+    <div class="field-privacy-selector">
+      <%= unchangeable_privacy_field @profile %>
+    </div>
+  </div>
  
-  <%= required f.text_field(:email) %>
+  <div class="field-with-privacy-selector">
+    <%= required f.text_field(:email) %>
+    <div class="field-privacy-selector">
+      <%= profile_field_privacy_selector @profile, 'email' %>
+    </div>
+  </div>
  
   <%= @plugins.dispatch(:profile_info_extra_contents).collect { |content| instance_eval(&content) }.join("") %>
  
@@ -13,8 +13,11 @@
   <%= render :partial => partial_for_class(@profile.class), :locals => { :f => f } %>
  
   <% unless @profile.person? && @environment.active_person_fields.include?('image') %>
-  <div id="profile_change_picture">
+  <div id="profile_change_picture_title">
     <h2><%= _('Change picture') %></h2>
+    <span><%= unchangeable_privacy_field @profile %></span>
+  </div>
+  <div id="profile_change_picture">
     <% f.fields_for :image_builder, @profile.image do |i| %>
       <%= file_field_or_thumbnail(_('Image:'), @profile.image, i) %><%= _("Max size: %s (.jpg, .gif, .png)")% Image.max_size.to_humanreadable %>
     <% end %>
@@ -6097,3 +6097,49 @@ li.profile-activity-item.upload_image .activity-gallery-images-count-1 img {
      margin: .8em 0 .2em;
      line-height: 1.5;
 }
+
+.controller-profile_editor #profile-data {
+  display: table;
+  width: auto;
+}
+
+.field-with-privacy-selector {
+  display: table-row;
+}
+
+.controller-profile_editor #profile-data .field-with-privacy-selector .formfieldline {
+  display: table-cell;
+  width: auto;
+}
+
+.field-privacy-selector {
+  display: table-cell;
+  vertical-align: bottom;
+  text-align: center;
+  width: 100px;
+}
+
+#profile_change_picture {
+  clear: both;
+  margin-top: 20px;
+}
+
+#profile_change_picture_title {
+  display: table-row;
+  width: 100%;
+}
+
+#profile_change_picture_title h2,
+#profile_change_picture_title span {
+  display: table-cell;
+}
+
+#profile_change_picture_title h2 {
+  padding-top: 20px;
+  width: auto;
+}
+
+#profile_change_picture_title span {
+  width: 100px;
+  text-align: center;
+}
@@ -1371,4 +1371,80 @@ class ProfileControllerTest &lt; ActionController::TestCase
     assert_redirected_to :action => 'members'
   end
  
+  should 'show all fields to anonymous user' do
+    viewed = create_user('person_1').person
+    Environment.any_instance.stubs(:active_person_fields).returns(['sex', 'birth_date'])
+    Environment.any_instance.stubs(:required_person_fields).returns([])
+    viewed.birth_date = Time.now.ago(22.years)
+    viewed.data = { :sex => 'male', :fields_privacy => { 'sex' => 'public', 'birth_date' => 'public' } }
+    viewed.save!
+    get :index, :profile => viewed.identifier
+    assert_tag :tag => 'td', :content => 'Sex:'
+    assert_tag :tag => 'td', :content => 'Male'
+    assert_tag :tag => 'td', :content => 'Date of birth:'
+    assert_tag :tag => 'td', :content => 'August 26, 1990'
+  end
+
+  should 'show some fields to anonymous user' do
+    viewed = create_user('person_1').person
+    Environment.any_instance.stubs(:active_person_fields).returns(['sex', 'birth_date'])
+    Environment.any_instance.stubs(:required_person_fields).returns([])
+    viewed.birth_date = Time.now.ago(22.years)
+    viewed.data = { :sex => 'male', :fields_privacy => { 'sex' => 'public' } }
+    viewed.save!
+    get :index, :profile => viewed.identifier
+    assert_tag :tag => 'td', :content => 'Sex:'
+    assert_tag :tag => 'td', :content => 'Male'
+    assert_no_tag :tag => 'td', :content => 'Date of birth:'
+    assert_no_tag :tag => 'td', :content => 'August 26, 1990'
+  end
+
+  should 'show some fields to non friend' do
+    viewed = create_user('person_1').person
+    Environment.any_instance.stubs(:active_person_fields).returns(['sex', 'birth_date'])
+    Environment.any_instance.stubs(:required_person_fields).returns([])
+    viewed.birth_date = Time.now.ago(22.years)
+    viewed.data = { :sex => 'male', :fields_privacy => { 'sex' => 'public' } }
+    viewed.save!
+    strange = create_user('person_2').person
+    login_as(strange.identifier)
+    get :index, :profile => viewed.identifier
+    assert_tag :tag => 'td', :content => 'Sex:'
+    assert_tag :tag => 'td', :content => 'Male'
+    assert_no_tag :tag => 'td', :content => 'Date of birth:'
+    assert_no_tag :tag => 'td', :content => 'August 26, 1990'
+  end
+
+  should 'show all fields to friend' do
+    viewed = create_user('person_1').person
+    friend = create_user('person_2').person
+    Environment.any_instance.stubs(:active_person_fields).returns(['sex', 'birth_date'])
+    Environment.any_instance.stubs(:required_person_fields).returns([])
+    viewed.birth_date = Time.now.ago(22.years)
+    viewed.data = { :sex => 'male', :fields_privacy => { 'sex' => 'public' } }
+    viewed.save!
+    Person.any_instance.stubs(:is_a_friend?).returns(true)
+    login_as(friend.identifier)
+    get :index, :profile => viewed.identifier
+    assert_tag :tag => 'td', :content => 'Sex:'
+    assert_tag :tag => 'td', :content => 'Male'
+    assert_tag :tag => 'td', :content => 'Date of birth:'
+    assert_tag :tag => 'td', :content => 'August 26, 1990'
+  end
+
+  should 'show all fields to self' do
+    viewed = create_user('person_1').person
+    Environment.any_instance.stubs(:active_person_fields).returns(['sex', 'birth_date'])
+    Environment.any_instance.stubs(:required_person_fields).returns([])
+    viewed.birth_date = Time.now.ago(22.years)
+    viewed.data = { :sex => 'male', :fields_privacy => { 'sex' => 'public' } }
+    viewed.save!
+    login_as(viewed.identifier)
+    get :index, :profile => viewed.identifier
+    assert_tag :tag => 'td', :content => 'Sex:'
+    assert_tag :tag => 'td', :content => 'Male'
+    assert_tag :tag => 'td', :content => 'Date of birth:'
+    assert_tag :tag => 'td', :content => 'August 26, 1990'
+  end
+
 end
@@ -979,4 +979,12 @@ class ProfileEditorControllerTest &lt; ActionController::TestCase
     get :edit, :profile => profile.identifier
     assert_no_tag :tag => 'select', :attributes => {:id => 'profile_data_redirection_after_login'}
   end
+
+  should 'uncheck all field privacy fields' do
+    person = profile
+    assert_nil person.fields_privacy
+    post :edit, :profile => profile.identifier, :profile_data => {}
+    assert_equal({}, person.reload.fields_privacy)
+  end
+
 end
@@ -1262,4 +1262,18 @@ class PersonTest &lt; ActiveSupport::TestCase
  
     assert person.has_permission?('bli', Profile.new)
   end
+
+  should 'active fields are public if fields privacy is nil' do
+    p = fast_create(Person)
+    p.expects(:fields_privacy).returns(nil)
+    f = %w(sex birth_date)
+    p.expects(:active_fields).returns(f)
+    assert_equal f, p.public_fields
+  end
+
+  should 'return public fields' do
+    p = fast_create(Person)
+    p.stubs(:fields_privacy).returns({ 'sex' => 'public', 'birth_date' => 'private' })
+    assert_equal ['sex'], p.public_fields
+  end
 end
@@ -1945,4 +1945,18 @@ class ProfileTest &lt; ActiveSupport::TestCase
     end
   end
  
+  should 'public fields are active fields' do
+    p = fast_create(Profile)
+    f = %w(sex birth_date)
+    p.expects(:active_fields).returns(f)
+    assert_equal f, p.public_fields
+  end
+
+  should 'return fields privacy' do
+    p = fast_create(Profile)
+    f = { 'sex' => 'public' }
+    p.data[:fields_privacy] = f
+    assert_equal f, p.fields_privacy
+  end
+
 end
...	...	@@ -14,6 +14,7 @@ class ProfileEditorController < MyProfileController
14	14	@profile_data = profile
15	15	@possible_domains = profile.possible_domains
16	16	if request.post?
	17	+ params[:profile_data][:fields_privacy] \|\|= {} if profile.person? && params[:profile_data].is_a?(Hash)
17	18	begin
18	19	Profile.transaction do
19	20	Image.transaction do
...	...
...	...	@@ -866,7 +866,7 @@ module ApplicationHelper
866	866	end
867	867	else
868	868	if profile.active_fields.include?(name)
869		- result = field_html
	869	+ result = content_tag('div', field_html + profile_field_privacy_selector(profile, name), :class => 'field-with-privacy-selector')
870	870	end
871	871	end
872	872
...	...	@@ -881,6 +881,10 @@ module ApplicationHelper
881	881	result
882	882	end
883	883
	884	+ def profile_field_privacy_selector(profile, name)
	885	+ profile.public? ? content_tag('div', check_box_tag('profile_data[fields_privacy][' + name + ']', 'public', profile.public_fields.include?(name)) + label_tag('profile_data_fields_privacy_' + name, _('Public')), :class => 'field-privacy-selector') : ''
	886	+ end
	887	+
884	888	def template_stylesheet_path
885	889	if profile.nil?
886	890	"/designs/templates/#{environment.layout_template}/stylesheets/style.css"
...	...
...	...	@@ -145,4 +145,12 @@ module ProfileEditorHelper
145	145	link_to title, url, :class => 'control-panel-%s' % icon
146	146	end
147	147
	148	+ def unchangeable_privacy_field(profile)
	149	+ if profile.public?
	150	+ check_box_tag('', '', true, :disabled => true) + ' ' + _('Public')
	151	+ else
	152	+ ''
	153	+ end
	154	+ end
	155	+
148	156	end
...	...
1	1	module ProfileHelper
2	2
3	3	def display_field(title, profile, field, force = false)
4		- if !force && !profile.active_fields.include?(field.to_s)
	4	+ if (!force && field.to_s != 'email' && !profile.active_fields.include?(field.to_s)) \|\|
	5	+ ((profile.active_fields.include?(field.to_s) \|\| field.to_s == 'email') && !profile.public_fields.include?(field.to_s) && (!user \|\| (user != profile && !user.is_a_friend?(profile))))
5	6	return ''
6	7	end
7	8	value = profile.send(field)
...	...
...	...	@@ -456,6 +456,10 @@ class Person < Profile
456	456	Scrap.find_by_sql("SELECT id, updated_at, '#{Scrap.to_s}' AS klass FROM #{Scrap.table_name} WHERE scraps.receiver_id = #{self.id} AND scraps.scrap_id IS NULL UNION SELECT id, updated_at, '#{ActionTracker::Record.to_s}' AS klass FROM #{ActionTracker::Record.table_name} WHERE action_tracker.user_id = #{self.id} and action_tracker.verb != 'leave_scrap_to_self' and action_tracker.verb != 'add_member_in_community' ORDER BY updated_at DESC")
457	457	end
458	458
	459	+ def public_fields
	460	+ self.fields_privacy.nil? ? self.active_fields : self.fields_privacy.reject{ \|k, v\| v != 'public' }.keys.map(&:to_s)
	461	+ end
	462	+
459	463	protected
460	464
461	465	def followed_by?(profile)
...	...
...	...	@@ -144,6 +144,7 @@ class Profile < ActiveRecord::Base
144	144	settings_items :redirect_l10n, :type => :boolean, :default => false
145	145	settings_items :public_content, :type => :boolean, :default => true
146	146	settings_items :description
	147	+ settings_items :fields_privacy, :type => :hash, :default => {}
147	148
148	149	validates_length_of :description, :maximum => 550, :allow_nil => true
149	150
...	...	@@ -876,6 +877,15 @@ private :generate_url, :url_options
876	877	[]
877	878	end
878	879
	880	+ # field => privacy (e.g.: "address" => "public")
	881	+ def fields_privacy
	882	+ self.data[:fields_privacy]
	883	+ end
	884	+
	885	+ def public_fields
	886	+ self.active_fields
	887	+ end
	888	+
879	889	private
880	890	def self.f_categories_label_proc(environment)
881	891	ids = environment.top_level_category_as_facet_ids
...	...
...	...	@@ -13,15 +13,13 @@
13	13	<td><%= show_date(profile.created_at) %></td>
14	14	</tr>
15	15
16		- <% if profile == user \|\| profile.friends.include?(user) %>
17		- <tr>
18		- <th colspan='2'><%= _('Contact')%></th>
19		- </tr>
20		- <%= display_field(_('Address:'), profile, :address) %>
21		- <%= display_field(_('ZIP code:'), profile, :zip_code) %>
22		- <%= display_field(_('Contact phone:'), profile, :contact_phone) %>
23		- <%= display_field(_('e-Mail:'), profile, :email, true) { \|email\| link_to_email(email) } %>
24		- <% end %>
	16	+ <tr>
	17	+ <th colspan='2'><%= _('Contact')%></th>
	18	+ </tr>
	19	+ <%= display_field(_('Address:'), profile, :address) %>
	20	+ <%= display_field(_('ZIP code:'), profile, :zip_code) %>
	21	+ <%= display_field(_('Contact phone:'), profile, :contact_phone) %>
	22	+ <%= display_field(_('e-Mail:'), profile, :email) { \|email\| link_to_email(email) } %>
25	23
26	24	<% cache_timeout(profile.relationships_cache_key, 4.hours) do %>
27	25	<% if !(profile.organization.blank? && profile.organization_website.blank?) && (profile.active_fields.include?('organization') \|\| profile.active_fields.include?('organization_website')) %>
...	...
...	...	@@ -2,9 +2,19 @@
2	2
3	3	<%= required_fields_message %>
4	4
5		- <%= required f.text_field(:name) %>
	5	+ <div class="field-with-privacy-selector">
	6	+ <%= required f.text_field(:name) %>
	7	+ <div class="field-privacy-selector">
	8	+ <%= unchangeable_privacy_field @profile %>
	9	+ </div>
	10	+ </div>
6	11
7		- <%= required f.text_field(:email) %>
	12	+ <div class="field-with-privacy-selector">
	13	+ <%= required f.text_field(:email) %>
	14	+ <div class="field-privacy-selector">
	15	+ <%= profile_field_privacy_selector @profile, 'email' %>
	16	+ </div>
	17	+ </div>
8	18
9	19	<%= @plugins.dispatch(:profile_info_extra_contents).collect { \|content\| instance_eval(&content) }.join("") %>
10	20
...	...
...	...	@@ -13,8 +13,11 @@
13	13	<%= render :partial => partial_for_class(@profile.class), :locals => { :f => f } %>
14	14
15	15	<% unless @profile.person? && @environment.active_person_fields.include?('image') %>
16		- <div id="profile_change_picture">
	16	+ <div id="profile_change_picture_title">
17	17	<h2><%= _('Change picture') %></h2>
	18	+ <span><%= unchangeable_privacy_field @profile %></span>
	19	+ </div>
	20	+ <div id="profile_change_picture">
18	21	<% f.fields_for :image_builder, @profile.image do \|i\| %>
19	22	<%= file_field_or_thumbnail(_('Image:'), @profile.image, i) %><%= _("Max size: %s (.jpg, .gif, .png)")% Image.max_size.to_humanreadable %>
20	23	<% end %>
...	...
...	...	@@ -6097,3 +6097,49 @@ li.profile-activity-item.upload_image .activity-gallery-images-count-1 img {
6097	6097	margin: .8em 0 .2em;
6098	6098	line-height: 1.5;
6099	6099	}
	6100	+
	6101	+.controller-profile_editor #profile-data {
	6102	+ display: table;
	6103	+ width: auto;
	6104	+}
	6105	+
	6106	+.field-with-privacy-selector {
	6107	+ display: table-row;
	6108	+}
	6109	+
	6110	+.controller-profile_editor #profile-data .field-with-privacy-selector .formfieldline {
	6111	+ display: table-cell;
	6112	+ width: auto;
	6113	+}
	6114	+
	6115	+.field-privacy-selector {
	6116	+ display: table-cell;
	6117	+ vertical-align: bottom;
	6118	+ text-align: center;
	6119	+ width: 100px;
	6120	+}
	6121	+
	6122	+#profile_change_picture {
	6123	+ clear: both;
	6124	+ margin-top: 20px;
	6125	+}
	6126	+
	6127	+#profile_change_picture_title {
	6128	+ display: table-row;
	6129	+ width: 100%;
	6130	+}
	6131	+
	6132	+#profile_change_picture_title h2,
	6133	+#profile_change_picture_title span {
	6134	+ display: table-cell;
	6135	+}
	6136	+
	6137	+#profile_change_picture_title h2 {
	6138	+ padding-top: 20px;
	6139	+ width: auto;
	6140	+}
	6141	+
	6142	+#profile_change_picture_title span {
	6143	+ width: 100px;
	6144	+ text-align: center;
	6145	+}
...	...