Commit 32400274693cd67d161fb6df6813c5461a04533e
Committed by
Tallys Martins
1 parent
bb9c5971
Exists in
stable-spb-1.4
and in
8 other branches
Add option to block appearence edit
- Add before_filter for check permission for open edit header and footer page - Change environment feature name of disable_appearance to enable_appearance - Update cucumber test change_appearance.feature Signed-off-by: DylanGuedes <djmgguedes@gmail.com> Signed-off-by: Luciano Prestes Cavalcanti <lucianopcbr@gmail.com> Signed-off-by: Omar Junior <omarroinuj@gmail.com> Signed-off-by: vitorbaraujo <vitornga15@gmail.com> Signed-off-by: Victor Matias Navarro <victor.matias.navarro@gmail.com>
Showing
7 changed files
with
77 additions
and
5 deletions
Show diff stats
app/controllers/my_profile/profile_editor_controller.rb
... | ... | @@ -6,10 +6,13 @@ class ProfileEditorController < MyProfileController |
6 | 6 | before_filter :access_welcome_page, :only => [:welcome_page] |
7 | 7 | before_filter :back_to |
8 | 8 | before_filter :forbid_destroy_profile, :only => [:destroy_profile] |
9 | + before_filter :check_user_can_edit_header_footer, :only => [:header_footer] | |
9 | 10 | helper_method :has_welcome_page |
10 | 11 | |
11 | 12 | def index |
12 | 13 | @pending_tasks = Task.to(profile).pending.without_spam.select{|i| user.has_permission?(i.permission, profile)} |
14 | + @show_appearance_option = user.is_admin?(environment) || environment.enabled?('enable_appearance') | |
15 | + @show_header_footer_option = user.is_admin?(environment) || (!profile.enterprise? && !environment.enabled?('disable_header_and_footer')) | |
13 | 16 | end |
14 | 17 | |
15 | 18 | helper :profile |
... | ... | @@ -169,4 +172,9 @@ class ProfileEditorController < MyProfileController |
169 | 172 | redirect_to_previous_location |
170 | 173 | end |
171 | 174 | end |
175 | + | |
176 | + def check_user_can_edit_header_footer | |
177 | + user_can_not_edit_header_footer = !user.is_admin?(environment) && environment.enabled?('disable_header_and_footer') | |
178 | + redirect_to back_to if user_can_not_edit_header_footer | |
179 | + end | |
172 | 180 | end | ... | ... |
app/controllers/themes_controller.rb
1 | 1 | class ThemesController < ApplicationController |
2 | 2 | |
3 | 3 | before_filter :login_required |
4 | + before_filter :check_user_can_edit_appearance, :only => [:index] | |
4 | 5 | |
5 | 6 | no_design_blocks |
6 | 7 | |
... | ... | @@ -39,4 +40,11 @@ class ThemesController < ApplicationController |
39 | 40 | redirect_to :action => 'index' |
40 | 41 | end |
41 | 42 | |
43 | + private | |
44 | + | |
45 | + def check_user_can_edit_appearance | |
46 | + user_can_edit_appearance = user.is_admin?(environment) || environment.enabled?('enable_appearance') | |
47 | + redirect_to request.referer || "/" unless user_can_edit_appearance | |
48 | + end | |
49 | + | |
42 | 50 | end | ... | ... |
app/models/environment.rb
... | ... | @@ -158,7 +158,9 @@ class Environment < ActiveRecord::Base |
158 | 158 | 'allow_change_of_redirection_after_login' => _('Allow users to set the page to redirect after login'), |
159 | 159 | 'display_my_communities_on_user_menu' => _('Display on menu the list of communities the user can manage'), |
160 | 160 | 'display_my_enterprises_on_user_menu' => _('Display on menu the list of enterprises the user can manage'), |
161 | - 'restrict_to_members' => _('Show content only to members') | |
161 | + 'restrict_to_members' => _('Show content only to members'), | |
162 | + | |
163 | + 'enable_appearance' => _('Enable appearance editing by users'), | |
162 | 164 | } |
163 | 165 | end |
164 | 166 | |
... | ... | @@ -438,6 +440,7 @@ class Environment < ActiveRecord::Base |
438 | 440 | show_balloon_with_profile_links_when_clicked |
439 | 441 | show_zoom_button_on_article_images |
440 | 442 | use_portal_community |
443 | + enable_appearance | |
441 | 444 | ) |
442 | 445 | |
443 | 446 | before_create :enable_default_features | ... | ... |
app/views/profile_editor/index.html.erb
... | ... | @@ -22,9 +22,9 @@ |
22 | 22 | |
23 | 23 | <%= control_panel_button(_('Edit sideboxes'), 'blocks', :controller => 'profile_design', :action => 'index') %> |
24 | 24 | |
25 | - <%= control_panel_button(_('Edit Appearance'), 'design-editor', :controller => 'profile_themes', :action => 'index') %> | |
25 | + <%= control_panel_button(_('Edit Appearance'), 'design-editor', :controller => 'profile_themes', :action => 'index') if @show_appearance_option %> | |
26 | 26 | |
27 | - <%= control_panel_button(_('Edit Header and Footer'), 'header-and-footer', :controller => 'profile_editor', :action => 'header_footer') if user.is_admin?(environment) || (!profile.enterprise? && !environment.enabled?('disable_header_and_footer')) %> | |
27 | + <%= control_panel_button(_('Edit Header and Footer'), 'header-and-footer', :controller => 'profile_editor', :action => 'header_footer') if @show_header_footer_option %> | |
28 | 28 | |
29 | 29 | <%= control_panel_button(_('Manage Content'), 'cms', :controller => 'cms') %> |
30 | 30 | ... | ... |
features/change_appearance.feature
... | ... | @@ -6,6 +6,7 @@ Feature: Change appearance |
6 | 6 | Given the following users |
7 | 7 | | login | name | |
8 | 8 | | joaosilva | Joao Silva | |
9 | + And feature "enable_appearance" is enabled on environment | |
9 | 10 | |
10 | 11 | Scenario: Change appearance from default(3 boxes) to Left Top and Right(4 boxes) |
11 | 12 | Given I am logged in as "joaosilva" | ... | ... |
test/functional/profile_editor_controller_test.rb
... | ... | @@ -1184,4 +1184,30 @@ class ProfileEditorControllerTest < ActionController::TestCase |
1184 | 1184 | get :index, :profile => user.identifier |
1185 | 1185 | assert_tag :tag => 'div', :descendant => { :tag => 'a', :content => 'Edit Header and Footer' } |
1186 | 1186 | end |
1187 | + | |
1188 | + should 'user cant edit header and footer if environment dont permit' do | |
1189 | + environment = Environment.default | |
1190 | + environment.settings[:disable_header_and_footer_enabled] = true | |
1191 | + environment.save! | |
1192 | + | |
1193 | + user = create_user('user').person | |
1194 | + login_as('user') | |
1195 | + | |
1196 | + get :header_footer, :profile => user.identifier | |
1197 | + assert_response :redirect | |
1198 | + end | |
1199 | + | |
1200 | + should 'admin can edit header and footer if environment dont permit' do | |
1201 | + user = create_user('user').person | |
1202 | + | |
1203 | + environment = Environment.default | |
1204 | + environment.add_admin(user) | |
1205 | + environment.settings[:disable_header_and_footer_enabled] = true | |
1206 | + environment.save! | |
1207 | + | |
1208 | + login_as('user') | |
1209 | + | |
1210 | + get :header_footer, :profile => user.identifier | |
1211 | + assert_response :success | |
1212 | + end | |
1187 | 1213 | end | ... | ... |
test/functional/profile_themes_controller_test.rb
... | ... | @@ -17,6 +17,7 @@ class ProfileThemesControllerTest < ActionController::TestCase |
17 | 17 | |
18 | 18 | @env = Environment.default |
19 | 19 | @env.enable('user_themes') |
20 | + @env.enable_default_features | |
20 | 21 | @env.save! |
21 | 22 | end |
22 | 23 | attr_reader :profile, :env |
... | ... | @@ -116,7 +117,7 @@ class ProfileThemesControllerTest < ActionController::TestCase |
116 | 117 | |
117 | 118 | should 'create a new theme' do |
118 | 119 | post :new, :profile => 'testinguser', :name => 'My theme' |
119 | - | |
120 | + | |
120 | 121 | ok('theme should be created') do |
121 | 122 | profile.themes.first.id == 'my-theme' |
122 | 123 | end |
... | ... | @@ -197,7 +198,7 @@ class ProfileThemesControllerTest < ActionController::TestCase |
197 | 198 | should 'display "add image" button' do |
198 | 199 | theme = Theme.create('mytheme', :owner => profile) |
199 | 200 | get :edit, :profile => 'testinguser', :id => 'mytheme' |
200 | - | |
201 | + | |
201 | 202 | assert_tag :tag => 'a', :attributes => { :href => '/myprofile/testinguser/profile_themes/add_image/mytheme' } |
202 | 203 | end |
203 | 204 | |
... | ... | @@ -329,4 +330,29 @@ class ProfileThemesControllerTest < ActionController::TestCase |
329 | 330 | assert_equal [t2, t1], assigns(:themes) |
330 | 331 | end |
331 | 332 | |
333 | + should 'user cant edit appearance if environment dont permit' do | |
334 | + environment = Environment.default | |
335 | + environment.disable('enable_appearance') | |
336 | + environment.save! | |
337 | + | |
338 | + user = create_user('user').person | |
339 | + login_as('user') | |
340 | + | |
341 | + post :index, :profile => user.identifier | |
342 | + assert_response :redirect | |
343 | + end | |
344 | + | |
345 | + should 'admin can edit appearance if environment dont permit' do | |
346 | + user = create_user('user').person | |
347 | + | |
348 | + environment = Environment.default | |
349 | + environment.add_admin(user) | |
350 | + environment.disable('enable_appearance') | |
351 | + environment.save! | |
352 | + | |
353 | + login_as('user') | |
354 | + | |
355 | + post :index, :profile => user.identifier | |
356 | + assert_response :success | |
357 | + end | |
332 | 358 | end | ... | ... |