Commit 6ca0d5631f7d386dd8ff6f3f50e944adb1fd65d2
Committed by
Joenio Costa
1 parent
a5267bac
Exists in
master
and in
29 other branches
Only environment admin can unblock enterprises
(ActionItem1516)
Showing
2 changed files
with
31 additions
and
3 deletions
Show diff stats
app/controllers/public/profile_controller.rb
@@ -3,7 +3,7 @@ class ProfileController < PublicController | @@ -3,7 +3,7 @@ class ProfileController < PublicController | ||
3 | needs_profile | 3 | needs_profile |
4 | before_filter :check_access_to_profile, :except => [:join, :refuse_join, :refuse_for_now, :index] | 4 | before_filter :check_access_to_profile, :except => [:join, :refuse_join, :refuse_for_now, :index] |
5 | before_filter :store_before_join, :only => [:join] | 5 | before_filter :store_before_join, :only => [:join] |
6 | - before_filter :login_required, :only => [:join, :refuse_join, :leave] | 6 | + before_filter :login_required, :only => [:join, :refuse_join, :leave, :unblock] |
7 | 7 | ||
8 | helper TagsHelper | 8 | helper TagsHelper |
9 | 9 | ||
@@ -114,8 +114,14 @@ class ProfileController < PublicController | @@ -114,8 +114,14 @@ class ProfileController < PublicController | ||
114 | end | 114 | end |
115 | 115 | ||
116 | def unblock | 116 | def unblock |
117 | - profile.unblock | ||
118 | - redirect_to :controller => 'profile', :action => 'index' | 117 | + if current_user.person.is_admin?(profile.environment) |
118 | + profile.unblock | ||
119 | + flash[:notice] = _("You have unblocked %s successfully. ") % profile.name | ||
120 | + redirect_to :controller => 'profile', :action => 'index' | ||
121 | + else | ||
122 | + message = _('You are not allowed to unblock enterprises in this environment.') | ||
123 | + render_access_denied(message) | ||
124 | + end | ||
119 | end | 125 | end |
120 | 126 | ||
121 | protected | 127 | protected |
test/functional/profile_controller_test.rb
@@ -665,4 +665,26 @@ class ProfileControllerTest < Test::Unit::TestCase | @@ -665,4 +665,26 @@ class ProfileControllerTest < Test::Unit::TestCase | ||
665 | get :index, :profile => profile.identifier | 665 | get :index, :profile => profile.identifier |
666 | assert_tag :tag => 'a', :content => 'One picture', :attributes => { :href => /\/testuser\/gallery/ } | 666 | assert_tag :tag => 'a', :content => 'One picture', :attributes => { :href => /\/testuser\/gallery/ } |
667 | end | 667 | end |
668 | + | ||
669 | + should 'ask for login if user not logged' do | ||
670 | + enterprise = fast_create(Enterprise) | ||
671 | + get :unblock, :profile => enterprise.identifier | ||
672 | + assert_redirected_to "asdf" | ||
673 | + end | ||
674 | + | ||
675 | + should ' not allow ordinary users to unblock enterprises' do | ||
676 | + login_as(profile.identifier) | ||
677 | + enterprise = fast_create(Enterprise) | ||
678 | + get :unblock, :profile => enterprise.identifier | ||
679 | + assert_response 403 | ||
680 | + end | ||
681 | + | ||
682 | + should 'allow environment admin to unblock enteprises' do | ||
683 | + login_as(profile.identifier) | ||
684 | + enterprise = fast_create(Enterprise) | ||
685 | + enterprise.environment.add_admin(profile) | ||
686 | + get :unblock, :profile => enterprise.identifier | ||
687 | + assert_response 302 | ||
688 | + end | ||
689 | + | ||
668 | end | 690 | end |