Download as
Browse Code »

Commit 6ca0d5631f7d386dd8ff6f3f50e944adb1fd65d2

Authored by Rodrigo Souto
Committed by Joenio Costa
1 parent a5267bac
Exists in master and in 29 other branches add_member_task_reject_details, admin_visible_profile, article-list-template, community_notifications, contact_admin_translation, event_fixes, fix_comments_pagination, fix_rails4_organization_ratings, fix_sign_up_form, follow_step_fix, forum_topic_creation, mirror_block_improvements, multi_env_on_remote_user, new_security, noosfero_spb_ci, organization_ratings_improvements, organization_ratings_link_to_profile_stable-spb-1.3, organization_ratings_translations_fix, profile_api_improvements, ratings_minor_fixes, remote_user_fix, send_email_to_admins, stable-spb-1.3, stable-spb-1.3-fixes, stable-spb-1.4, stable-spb-1.5, suggest_rejected_value, web_steps_improvements, xss_terminate_custom_options

Only environment admin can unblock enterprises 

(ActionItem1516)
Showing 2 changed files with 31 additions and 3 deletions   Show diff stats
app/controllers/public/profile_controller.rb
  Diff comments   View file @6ca0d56
... ... @@ -3,7 +3,7 @@ class ProfileController < PublicController
3 3 needs_profile
4 4 before_filter :check_access_to_profile, :except => [:join, :refuse_join, :refuse_for_now, :index]
5 5 before_filter :store_before_join, :only => [:join]
6   - before_filter :login_required, :only => [:join, :refuse_join, :leave]
  6 + before_filter :login_required, :only => [:join, :refuse_join, :leave, :unblock]
7 7  
8 8 helper TagsHelper
9 9  
... ... @@ -114,8 +114,14 @@ class ProfileController < PublicController
114 114 end
115 115  
116 116 def unblock
117   - profile.unblock
118   - redirect_to :controller => 'profile', :action => 'index'
  117 + if current_user.person.is_admin?(profile.environment)
  118 + profile.unblock
  119 + flash[:notice] = _("You have unblocked %s successfully. ") % profile.name
  120 + redirect_to :controller => 'profile', :action => 'index'
  121 + else
  122 + message = _('You are not allowed to unblock enterprises in this environment.')
  123 + render_access_denied(message)
  124 + end
119 125 end
120 126  
121 127 protected
... ...
test/functional/profile_controller_test.rb
  Diff comments   View file @6ca0d56
... ... @@ -665,4 +665,26 @@ class ProfileControllerTest < Test::Unit::TestCase
665 665 get :index, :profile => profile.identifier
666 666 assert_tag :tag => 'a', :content => 'One picture', :attributes => { :href => /\/testuser\/gallery/ }
667 667 end
  668 +
  669 + should 'ask for login if user not logged' do
  670 + enterprise = fast_create(Enterprise)
  671 + get :unblock, :profile => enterprise.identifier
  672 + assert_redirected_to "asdf"
  673 + end
  674 +
  675 + should ' not allow ordinary users to unblock enterprises' do
  676 + login_as(profile.identifier)
  677 + enterprise = fast_create(Enterprise)
  678 + get :unblock, :profile => enterprise.identifier
  679 + assert_response 403
  680 + end
  681 +
  682 + should 'allow environment admin to unblock enteprises' do
  683 + login_as(profile.identifier)
  684 + enterprise = fast_create(Enterprise)
  685 + enterprise.environment.add_admin(profile)
  686 + get :unblock, :profile => enterprise.identifier
  687 + assert_response 302
  688 + end
  689 +
668 690 end
... ...