Commit 3d111ca77eb9cc0e74d6b0f0ef82c1ffa747d1ca
Committed by
Rodrigo Souto
Rodrigo Souto
1 parent
47e5f189
Exists in
master
and in
29 other branches
Add option to block appearence edit
- Add before_filter for check permission for open edit header and footer page - Change environment feature name of disable_appearance to enable_appearance - Update cucumber test change_appearance.feature Signed-off-by: DylanGuedes <djmgguedes@gmail.com> Signed-off-by: Luciano Prestes Cavalcanti <lucianopcbr@gmail.com> Signed-off-by: Omar Junior <omarroinuj@gmail.com> Signed-off-by: vitorbaraujo <vitornga15@gmail.com> Signed-off-by: Victor Matias Navarro <victor.matias.navarro@gmail.com>
Showing
7 changed files
with
77 additions
and
5 deletions
Show diff stats
app/controllers/my_profile/profile_editor_controller.rb
| @@ -6,10 +6,13 @@ class ProfileEditorController < MyProfileController | @@ -6,10 +6,13 @@ class ProfileEditorController < MyProfileController | ||
| 6 | before_filter :access_welcome_page, :only => [:welcome_page] | 6 | before_filter :access_welcome_page, :only => [:welcome_page] |
| 7 | before_filter :back_to | 7 | before_filter :back_to |
| 8 | before_filter :forbid_destroy_profile, :only => [:destroy_profile] | 8 | before_filter :forbid_destroy_profile, :only => [:destroy_profile] |
| 9 | + before_filter :check_user_can_edit_header_footer, :only => [:header_footer] | ||
| 9 | helper_method :has_welcome_page | 10 | helper_method :has_welcome_page |
| 10 | 11 | ||
| 11 | def index | 12 | def index |
| 12 | @pending_tasks = Task.to(profile).pending.without_spam.select{|i| user.has_permission?(i.permission, profile)} | 13 | @pending_tasks = Task.to(profile).pending.without_spam.select{|i| user.has_permission?(i.permission, profile)} |
| 14 | + @show_appearance_option = user.is_admin?(environment) || environment.enabled?('enable_appearance') | ||
| 15 | + @show_header_footer_option = user.is_admin?(environment) || (!profile.enterprise? && !environment.enabled?('disable_header_and_footer')) | ||
| 13 | end | 16 | end |
| 14 | 17 | ||
| 15 | helper :profile | 18 | helper :profile |
| @@ -169,4 +172,9 @@ class ProfileEditorController < MyProfileController | @@ -169,4 +172,9 @@ class ProfileEditorController < MyProfileController | ||
| 169 | redirect_to_previous_location | 172 | redirect_to_previous_location |
| 170 | end | 173 | end |
| 171 | end | 174 | end |
| 175 | + | ||
| 176 | + def check_user_can_edit_header_footer | ||
| 177 | + user_can_not_edit_header_footer = !user.is_admin?(environment) && environment.enabled?('disable_header_and_footer') | ||
| 178 | + redirect_to back_to if user_can_not_edit_header_footer | ||
| 179 | + end | ||
| 172 | end | 180 | end |
app/controllers/themes_controller.rb
| 1 | class ThemesController < ApplicationController | 1 | class ThemesController < ApplicationController |
| 2 | 2 | ||
| 3 | before_filter :login_required | 3 | before_filter :login_required |
| 4 | + before_filter :check_user_can_edit_appearance, :only => [:index] | ||
| 4 | 5 | ||
| 5 | no_design_blocks | 6 | no_design_blocks |
| 6 | 7 | ||
| @@ -39,4 +40,11 @@ class ThemesController < ApplicationController | @@ -39,4 +40,11 @@ class ThemesController < ApplicationController | ||
| 39 | redirect_to :action => 'index' | 40 | redirect_to :action => 'index' |
| 40 | end | 41 | end |
| 41 | 42 | ||
| 43 | + private | ||
| 44 | + | ||
| 45 | + def check_user_can_edit_appearance | ||
| 46 | + user_can_edit_appearance = user.is_admin?(environment) || environment.enabled?('enable_appearance') | ||
| 47 | + redirect_to request.referer || "/" unless user_can_edit_appearance | ||
| 48 | + end | ||
| 49 | + | ||
| 42 | end | 50 | end |
app/models/environment.rb
| @@ -158,7 +158,9 @@ class Environment < ActiveRecord::Base | @@ -158,7 +158,9 @@ class Environment < ActiveRecord::Base | ||
| 158 | 'allow_change_of_redirection_after_login' => _('Allow users to set the page to redirect after login'), | 158 | 'allow_change_of_redirection_after_login' => _('Allow users to set the page to redirect after login'), |
| 159 | 'display_my_communities_on_user_menu' => _('Display on menu the list of communities the user can manage'), | 159 | 'display_my_communities_on_user_menu' => _('Display on menu the list of communities the user can manage'), |
| 160 | 'display_my_enterprises_on_user_menu' => _('Display on menu the list of enterprises the user can manage'), | 160 | 'display_my_enterprises_on_user_menu' => _('Display on menu the list of enterprises the user can manage'), |
| 161 | - 'restrict_to_members' => _('Show content only to members') | 161 | + 'restrict_to_members' => _('Show content only to members'), |
| 162 | + | ||
| 163 | + 'enable_appearance' => _('Enable appearance editing by users'), | ||
| 162 | } | 164 | } |
| 163 | end | 165 | end |
| 164 | 166 | ||
| @@ -438,6 +440,7 @@ class Environment < ActiveRecord::Base | @@ -438,6 +440,7 @@ class Environment < ActiveRecord::Base | ||
| 438 | show_balloon_with_profile_links_when_clicked | 440 | show_balloon_with_profile_links_when_clicked |
| 439 | show_zoom_button_on_article_images | 441 | show_zoom_button_on_article_images |
| 440 | use_portal_community | 442 | use_portal_community |
| 443 | + enable_appearance | ||
| 441 | ) | 444 | ) |
| 442 | 445 | ||
| 443 | before_create :enable_default_features | 446 | before_create :enable_default_features |
app/views/profile_editor/index.html.erb
| @@ -22,9 +22,9 @@ | @@ -22,9 +22,9 @@ | ||
| 22 | 22 | ||
| 23 | <%= control_panel_button(_('Edit sideboxes'), 'blocks', :controller => 'profile_design', :action => 'index') %> | 23 | <%= control_panel_button(_('Edit sideboxes'), 'blocks', :controller => 'profile_design', :action => 'index') %> |
| 24 | 24 | ||
| 25 | - <%= control_panel_button(_('Edit Appearance'), 'design-editor', :controller => 'profile_themes', :action => 'index') %> | 25 | + <%= control_panel_button(_('Edit Appearance'), 'design-editor', :controller => 'profile_themes', :action => 'index') if @show_appearance_option %> |
| 26 | 26 | ||
| 27 | - <%= control_panel_button(_('Edit Header and Footer'), 'header-and-footer', :controller => 'profile_editor', :action => 'header_footer') if user.is_admin?(environment) || (!profile.enterprise? && !environment.enabled?('disable_header_and_footer')) %> | 27 | + <%= control_panel_button(_('Edit Header and Footer'), 'header-and-footer', :controller => 'profile_editor', :action => 'header_footer') if @show_header_footer_option %> |
| 28 | 28 | ||
| 29 | <%= control_panel_button(_('Manage Content'), 'cms', :controller => 'cms') %> | 29 | <%= control_panel_button(_('Manage Content'), 'cms', :controller => 'cms') %> |
| 30 | 30 |
features/change_appearance.feature
| @@ -6,6 +6,7 @@ Feature: Change appearance | @@ -6,6 +6,7 @@ Feature: Change appearance | ||
| 6 | Given the following users | 6 | Given the following users |
| 7 | | login | name | | 7 | | login | name | |
| 8 | | joaosilva | Joao Silva | | 8 | | joaosilva | Joao Silva | |
| 9 | + And feature "enable_appearance" is enabled on environment | ||
| 9 | 10 | ||
| 10 | Scenario: Change appearance from default(3 boxes) to Left Top and Right(4 boxes) | 11 | Scenario: Change appearance from default(3 boxes) to Left Top and Right(4 boxes) |
| 11 | Given I am logged in as "joaosilva" | 12 | Given I am logged in as "joaosilva" |
test/functional/profile_editor_controller_test.rb
| @@ -1184,4 +1184,30 @@ class ProfileEditorControllerTest < ActionController::TestCase | @@ -1184,4 +1184,30 @@ class ProfileEditorControllerTest < ActionController::TestCase | ||
| 1184 | get :index, :profile => user.identifier | 1184 | get :index, :profile => user.identifier |
| 1185 | assert_tag :tag => 'div', :descendant => { :tag => 'a', :content => 'Edit Header and Footer' } | 1185 | assert_tag :tag => 'div', :descendant => { :tag => 'a', :content => 'Edit Header and Footer' } |
| 1186 | end | 1186 | end |
| 1187 | + | ||
| 1188 | + should 'user cant edit header and footer if environment dont permit' do | ||
| 1189 | + environment = Environment.default | ||
| 1190 | + environment.settings[:disable_header_and_footer_enabled] = true | ||
| 1191 | + environment.save! | ||
| 1192 | + | ||
| 1193 | + user = create_user('user').person | ||
| 1194 | + login_as('user') | ||
| 1195 | + | ||
| 1196 | + get :header_footer, :profile => user.identifier | ||
| 1197 | + assert_response :redirect | ||
| 1198 | + end | ||
| 1199 | + | ||
| 1200 | + should 'admin can edit header and footer if environment dont permit' do | ||
| 1201 | + user = create_user('user').person | ||
| 1202 | + | ||
| 1203 | + environment = Environment.default | ||
| 1204 | + environment.add_admin(user) | ||
| 1205 | + environment.settings[:disable_header_and_footer_enabled] = true | ||
| 1206 | + environment.save! | ||
| 1207 | + | ||
| 1208 | + login_as('user') | ||
| 1209 | + | ||
| 1210 | + get :header_footer, :profile => user.identifier | ||
| 1211 | + assert_response :success | ||
| 1212 | + end | ||
| 1187 | end | 1213 | end |
test/functional/profile_themes_controller_test.rb
| @@ -17,6 +17,7 @@ class ProfileThemesControllerTest < ActionController::TestCase | @@ -17,6 +17,7 @@ class ProfileThemesControllerTest < ActionController::TestCase | ||
| 17 | 17 | ||
| 18 | @env = Environment.default | 18 | @env = Environment.default |
| 19 | @env.enable('user_themes') | 19 | @env.enable('user_themes') |
| 20 | + @env.enable_default_features | ||
| 20 | @env.save! | 21 | @env.save! |
| 21 | end | 22 | end |
| 22 | attr_reader :profile, :env | 23 | attr_reader :profile, :env |
| @@ -116,7 +117,7 @@ class ProfileThemesControllerTest < ActionController::TestCase | @@ -116,7 +117,7 @@ class ProfileThemesControllerTest < ActionController::TestCase | ||
| 116 | 117 | ||
| 117 | should 'create a new theme' do | 118 | should 'create a new theme' do |
| 118 | post :new, :profile => 'testinguser', :name => 'My theme' | 119 | post :new, :profile => 'testinguser', :name => 'My theme' |
| 119 | - | 120 | + |
| 120 | ok('theme should be created') do | 121 | ok('theme should be created') do |
| 121 | profile.themes.first.id == 'my-theme' | 122 | profile.themes.first.id == 'my-theme' |
| 122 | end | 123 | end |
| @@ -197,7 +198,7 @@ class ProfileThemesControllerTest < ActionController::TestCase | @@ -197,7 +198,7 @@ class ProfileThemesControllerTest < ActionController::TestCase | ||
| 197 | should 'display "add image" button' do | 198 | should 'display "add image" button' do |
| 198 | theme = Theme.create('mytheme', :owner => profile) | 199 | theme = Theme.create('mytheme', :owner => profile) |
| 199 | get :edit, :profile => 'testinguser', :id => 'mytheme' | 200 | get :edit, :profile => 'testinguser', :id => 'mytheme' |
| 200 | - | 201 | + |
| 201 | assert_tag :tag => 'a', :attributes => { :href => '/myprofile/testinguser/profile_themes/add_image/mytheme' } | 202 | assert_tag :tag => 'a', :attributes => { :href => '/myprofile/testinguser/profile_themes/add_image/mytheme' } |
| 202 | end | 203 | end |
| 203 | 204 | ||
| @@ -329,4 +330,29 @@ class ProfileThemesControllerTest < ActionController::TestCase | @@ -329,4 +330,29 @@ class ProfileThemesControllerTest < ActionController::TestCase | ||
| 329 | assert_equal [t2, t1], assigns(:themes) | 330 | assert_equal [t2, t1], assigns(:themes) |
| 330 | end | 331 | end |
| 331 | 332 | ||
| 333 | + should 'user cant edit appearance if environment dont permit' do | ||
| 334 | + environment = Environment.default | ||
| 335 | + environment.disable('enable_appearance') | ||
| 336 | + environment.save! | ||
| 337 | + | ||
| 338 | + user = create_user('user').person | ||
| 339 | + login_as('user') | ||
| 340 | + | ||
| 341 | + post :index, :profile => user.identifier | ||
| 342 | + assert_response :redirect | ||
| 343 | + end | ||
| 344 | + | ||
| 345 | + should 'admin can edit appearance if environment dont permit' do | ||
| 346 | + user = create_user('user').person | ||
| 347 | + | ||
| 348 | + environment = Environment.default | ||
| 349 | + environment.add_admin(user) | ||
| 350 | + environment.disable('enable_appearance') | ||
| 351 | + environment.save! | ||
| 352 | + | ||
| 353 | + login_as('user') | ||
| 354 | + | ||
| 355 | + post :index, :profile => user.identifier | ||
| 356 | + assert_response :success | ||
| 357 | + end | ||
| 332 | end | 358 | end |