Commit 937b283ee87ada81e07d4978fc85f650fed0e8d1
1 parent
4e35d6fc
Exists in
master
and in
29 other branches
ActionItem956: article is visible to those who can edit it
Showing
2 changed files
with
12 additions
and
1 deletions
Show diff stats
app/models/article.rb
| ... | ... | @@ -197,7 +197,7 @@ class Article < ActiveRecord::Base |
| 197 | 197 | if user.nil? |
| 198 | 198 | false |
| 199 | 199 | else |
| 200 | - (user == self.profile) || user.memberships.include?(self.profile) || (profile.kind_of?(Person) && profile.friends.include?(user)) | |
| 200 | + (user == self.profile) || user.memberships.include?(self.profile) || (profile.kind_of?(Person) && profile.friends.include?(user)) || user.has_permission?('post_content', self.profile) | |
| 201 | 201 | end |
| 202 | 202 | end |
| 203 | 203 | end | ... | ... |
test/unit/article_test.rb
| ... | ... | @@ -507,6 +507,17 @@ class ArticleTest < Test::Unit::TestCase |
| 507 | 507 | assert article.display_to?(friend) |
| 508 | 508 | end |
| 509 | 509 | |
| 510 | + | |
| 511 | + should 'display articles to people who can edit them' do | |
| 512 | + person = create_user('test_user').person | |
| 513 | + article = Article.create!(:name => 'test article', :profile => person, :public_article => false) | |
| 514 | + | |
| 515 | + admin_user = create_user('admin_user').person | |
| 516 | + admin_user.stubs(:has_permission?).with('post_content', article.profile).returns('true') | |
| 517 | + | |
| 518 | + assert article.display_to?(admin_user) | |
| 519 | + end | |
| 520 | + | |
| 510 | 521 | should 'make a copy of the article as child of it' do |
| 511 | 522 | person = create_user('test_user').person |
| 512 | 523 | a = person.articles.create!(:name => 'test article', :body => 'some text') | ... | ... |