Commit 6ca0d5631f7d386dd8ff6f3f50e944adb1fd65d2

Authored by Rodrigo Souto
Committed by Joenio Costa
1 parent a5267bac

Only environment admin can unblock enterprises

(ActionItem1516)
app/controllers/public/profile_controller.rb
@@ -3,7 +3,7 @@ class ProfileController < PublicController @@ -3,7 +3,7 @@ class ProfileController < PublicController
3 needs_profile 3 needs_profile
4 before_filter :check_access_to_profile, :except => [:join, :refuse_join, :refuse_for_now, :index] 4 before_filter :check_access_to_profile, :except => [:join, :refuse_join, :refuse_for_now, :index]
5 before_filter :store_before_join, :only => [:join] 5 before_filter :store_before_join, :only => [:join]
6 - before_filter :login_required, :only => [:join, :refuse_join, :leave] 6 + before_filter :login_required, :only => [:join, :refuse_join, :leave, :unblock]
7 7
8 helper TagsHelper 8 helper TagsHelper
9 9
@@ -114,8 +114,14 @@ class ProfileController < PublicController @@ -114,8 +114,14 @@ class ProfileController < PublicController
114 end 114 end
115 115
116 def unblock 116 def unblock
117 - profile.unblock  
118 - redirect_to :controller => 'profile', :action => 'index' 117 + if current_user.person.is_admin?(profile.environment)
  118 + profile.unblock
  119 + flash[:notice] = _("You have unblocked %s successfully. ") % profile.name
  120 + redirect_to :controller => 'profile', :action => 'index'
  121 + else
  122 + message = _('You are not allowed to unblock enterprises in this environment.')
  123 + render_access_denied(message)
  124 + end
119 end 125 end
120 126
121 protected 127 protected
test/functional/profile_controller_test.rb
@@ -665,4 +665,26 @@ class ProfileControllerTest < Test::Unit::TestCase @@ -665,4 +665,26 @@ class ProfileControllerTest < Test::Unit::TestCase
665 get :index, :profile => profile.identifier 665 get :index, :profile => profile.identifier
666 assert_tag :tag => 'a', :content => 'One picture', :attributes => { :href => /\/testuser\/gallery/ } 666 assert_tag :tag => 'a', :content => 'One picture', :attributes => { :href => /\/testuser\/gallery/ }
667 end 667 end
  668 +
  669 + should 'ask for login if user not logged' do
  670 + enterprise = fast_create(Enterprise)
  671 + get :unblock, :profile => enterprise.identifier
  672 + assert_redirected_to "asdf"
  673 + end
  674 +
  675 + should ' not allow ordinary users to unblock enterprises' do
  676 + login_as(profile.identifier)
  677 + enterprise = fast_create(Enterprise)
  678 + get :unblock, :profile => enterprise.identifier
  679 + assert_response 403
  680 + end
  681 +
  682 + should 'allow environment admin to unblock enteprises' do
  683 + login_as(profile.identifier)
  684 + enterprise = fast_create(Enterprise)
  685 + enterprise.environment.add_admin(profile)
  686 + get :unblock, :profile => enterprise.identifier
  687 + assert_response 302
  688 + end
  689 +
668 end 690 end