Commit a710bcc721baf6ed9af4ff3a2e235d3d68f179c0
Committed by
Rodrigo Souto
Rodrigo Souto
1 parent
9360f04a
Exists in
master
and in
29 other branches
Change logic for showing public articles in private communities
Signed-off-by: Alvaro Fernando <alvarofernandoms@gmail.com> Signed-off-by: Arthur Del Esposte <arthurmde@gmail.com> Signed-off-by: David Carlos <ddavidcarlos1392@gmail.com> Signed-off-by: Eduardo Vital <vitaldu@gmail.com> Signed-off-by: Fabio Teixeira <fabio1079@gmail.com> Signed-off-by: Gabriela Navarro <navarro1703@gmail.com> Signed-off-by: Luciano Prestes <lucianopcbr@gmail.com> Signed-off-by: Tallys Martins <tallysmartins@gmail.com>
Showing
13 changed files
with
67 additions
and
53 deletions
Show diff stats
app/controllers/my_profile/cms_controller.rb
| @@ -143,6 +143,7 @@ class CmsController < MyProfileController | @@ -143,6 +143,7 @@ class CmsController < MyProfileController | ||
| 143 | klass = @type.constantize | 143 | klass = @type.constantize |
| 144 | article_data = environment.enabled?('articles_dont_accept_comments_by_default') ? { :accept_comments => false } : {} | 144 | article_data = environment.enabled?('articles_dont_accept_comments_by_default') ? { :accept_comments => false } : {} |
| 145 | article_data.merge!(params[:article]) if params[:article] | 145 | article_data.merge!(params[:article]) if params[:article] |
| 146 | + article_data.merge!(:profile => profile) if profile | ||
| 146 | @article = klass.new(article_data) | 147 | @article = klass.new(article_data) |
| 147 | 148 | ||
| 148 | parent = check_parent(params[:parent_id]) | 149 | parent = check_parent(params[:parent_id]) |
| @@ -220,7 +221,7 @@ class CmsController < MyProfileController | @@ -220,7 +221,7 @@ class CmsController < MyProfileController | ||
| 220 | if @errors.any? | 221 | if @errors.any? |
| 221 | render :action => 'upload_files', :parent_id => @parent_id | 222 | render :action => 'upload_files', :parent_id => @parent_id |
| 222 | else | 223 | else |
| 223 | - session[:notice] = _('File(s) successfully uploaded') | 224 | + session[:notice] = _('File(s) successfully uploaded') |
| 224 | if @back_to | 225 | if @back_to |
| 225 | redirect_to @back_to | 226 | redirect_to @back_to |
| 226 | elsif @parent | 227 | elsif @parent |
app/controllers/public/content_viewer_controller.rb
| @@ -13,7 +13,7 @@ class ContentViewerController < ApplicationController | @@ -13,7 +13,7 @@ class ContentViewerController < ApplicationController | ||
| 13 | @version = params[:version].to_i | 13 | @version = params[:version].to_i |
| 14 | 14 | ||
| 15 | if path.blank? | 15 | if path.blank? |
| 16 | - @page = profile.home_page | 16 | + @page = profile.home_page |
| 17 | return if redirected_to_profile_index | 17 | return if redirected_to_profile_index |
| 18 | else | 18 | else |
| 19 | @page = profile.articles.find_by_path(path) | 19 | @page = profile.articles.find_by_path(path) |
| @@ -121,21 +121,23 @@ class ContentViewerController < ApplicationController | @@ -121,21 +121,23 @@ class ContentViewerController < ApplicationController | ||
| 121 | helper_method :pass_without_comment_captcha? | 121 | helper_method :pass_without_comment_captcha? |
| 122 | 122 | ||
| 123 | def allow_access_to_page(path) | 123 | def allow_access_to_page(path) |
| 124 | - allowed = true | ||
| 125 | if @page.nil? # page not found, give error | 124 | if @page.nil? # page not found, give error |
| 126 | render_not_found(path) | 125 | render_not_found(path) |
| 127 | - allowed = false | ||
| 128 | - elsif !@page.display_to?(user) | ||
| 129 | - if !profile.public? | 126 | + return false |
| 127 | + end | ||
| 128 | + | ||
| 129 | + unless @page.display_to?(user) | ||
| 130 | + if !profile.visible? || profile.secret? || (user && user.follows?(profile)) | ||
| 131 | + render_access_denied | ||
| 132 | + else #!profile.public? | ||
| 130 | private_profile_partial_parameters | 133 | private_profile_partial_parameters |
| 131 | render :template => 'profile/_private_profile', :status => 403, :formats => [:html] | 134 | render :template => 'profile/_private_profile', :status => 403, :formats => [:html] |
| 132 | - allowed = false | ||
| 133 | - else #if !profile.visible? | ||
| 134 | - render_access_denied | ||
| 135 | - allowed = false | ||
| 136 | end | 135 | end |
| 136 | + | ||
| 137 | + return false | ||
| 137 | end | 138 | end |
| 138 | - allowed | 139 | + |
| 140 | + return true | ||
| 139 | end | 141 | end |
| 140 | 142 | ||
| 141 | def user_is_a_bot? | 143 | def user_is_a_bot? |
| @@ -180,7 +182,7 @@ class ContentViewerController < ApplicationController | @@ -180,7 +182,7 @@ class ContentViewerController < ApplicationController | ||
| 180 | if @page.forum? && @page.has_terms_of_use && terms_accepted == "true" | 182 | if @page.forum? && @page.has_terms_of_use && terms_accepted == "true" |
| 181 | @page.add_agreed_user(user) | 183 | @page.add_agreed_user(user) |
| 182 | end | 184 | end |
| 183 | - end | 185 | + end |
| 184 | 186 | ||
| 185 | def is_a_forum_topic? (page) | 187 | def is_a_forum_topic? (page) |
| 186 | return (!@page.parent.nil? && @page.parent.forum?) | 188 | return (!@page.parent.nil? && @page.parent.forum?) |
app/controllers/public_controller.rb
| @@ -3,7 +3,7 @@ class PublicController < ApplicationController | @@ -3,7 +3,7 @@ class PublicController < ApplicationController | ||
| 3 | 3 | ||
| 4 | def allow_access_to_page | 4 | def allow_access_to_page |
| 5 | unless profile.display_info_to?(user) | 5 | unless profile.display_info_to?(user) |
| 6 | - if profile.visible? | 6 | + if profile.visible? && !profile.secret |
| 7 | private_profile | 7 | private_profile |
| 8 | else | 8 | else |
| 9 | invisible_profile | 9 | invisible_profile |
app/models/article.rb
| @@ -25,6 +25,16 @@ class Article < ActiveRecord::Base | @@ -25,6 +25,16 @@ class Article < ActiveRecord::Base | ||
| 25 | :display => %w[full] | 25 | :display => %w[full] |
| 26 | } | 26 | } |
| 27 | 27 | ||
| 28 | + def initialize(*params) | ||
| 29 | + super | ||
| 30 | + | ||
| 31 | + if !params.blank? && params.first.has_key?(:profile) | ||
| 32 | + profile = params.first[:profile] | ||
| 33 | + self.published = false unless profile.public? | ||
| 34 | + end | ||
| 35 | + | ||
| 36 | + end | ||
| 37 | + | ||
| 28 | def self.default_search_display | 38 | def self.default_search_display |
| 29 | 'full' | 39 | 'full' |
| 30 | end | 40 | end |
| @@ -488,14 +498,14 @@ class Article < ActiveRecord::Base | @@ -488,14 +498,14 @@ class Article < ActiveRecord::Base | ||
| 488 | 498 | ||
| 489 | scope :display_filter, lambda {|user, profile| | 499 | scope :display_filter, lambda {|user, profile| |
| 490 | return published if (user.nil? && profile && profile.public?) | 500 | return published if (user.nil? && profile && profile.public?) |
| 491 | - return [] if user.nil? || (profile && !profile.public? && !user.follows?(profile)) | 501 | + return [] if user.nil? || profile.nil? || (profile && !profile.public? && !user.follows?(profile)) |
| 492 | where( | 502 | where( |
| 493 | [ | 503 | [ |
| 494 | - "published = ? OR last_changed_by_id = ? OR profile_id = ? OR ? | ||
| 495 | - OR (show_to_followers = ? AND ?)", true, user.id, user.id, | 504 | + "published = ? OR last_changed_by_id = ? OR profile_id = ? OR ? |
| 505 | + OR (show_to_followers = ? AND ? AND profile_id = ?)", true, user.id, user.id, | ||
| 496 | profile.nil? ? false : user.has_permission?(:view_private_content, profile), | 506 | profile.nil? ? false : user.has_permission?(:view_private_content, profile), |
| 497 | - true, user.follows?(profile) | ||
| 498 | - ] | 507 | + true, user.follows?(profile), profile.id |
| 508 | + ] | ||
| 499 | ) | 509 | ) |
| 500 | } | 510 | } |
| 501 | 511 | ||
| @@ -509,7 +519,7 @@ class Article < ActiveRecord::Base | @@ -509,7 +519,7 @@ class Article < ActiveRecord::Base | ||
| 509 | 519 | ||
| 510 | def display_to?(user = nil) | 520 | def display_to?(user = nil) |
| 511 | if published? | 521 | if published? |
| 512 | - profile.display_info_to?(user) | 522 | + (profile.secret? || !profile.visible?) ? profile.display_info_to?(user) : true |
| 513 | else | 523 | else |
| 514 | if !user | 524 | if !user |
| 515 | false | 525 | false |
features/article_versioning.feature
| @@ -80,8 +80,8 @@ Feature: article versioning | @@ -80,8 +80,8 @@ Feature: article versioning | ||
| 80 | 80 | ||
| 81 | Scenario: deny access to specific version when disabled, private and not logged | 81 | Scenario: deny access to specific version when disabled, private and not logged |
| 82 | Given the article "Edited Article" is updated with | 82 | Given the article "Edited Article" is updated with |
| 83 | - | display_versions | published | | ||
| 84 | - | false | false | | 83 | + | display_versions | published | show_to_followers | |
| 84 | + | false | false | false | | ||
| 85 | And I am not logged in | 85 | And I am not logged in |
| 86 | And I go to /joaosilva/edited-article?version=1 | 86 | And I go to /joaosilva/edited-article?version=1 |
| 87 | Then I should see "Access denied" | 87 | Then I should see "Access denied" |
features/edit_article.feature
| @@ -41,6 +41,7 @@ Feature: edit article | @@ -41,6 +41,7 @@ Feature: edit article | ||
| 41 | When I follow "Folder" | 41 | When I follow "Folder" |
| 42 | And I fill in "Title" with "My Folder" | 42 | And I fill in "Title" with "My Folder" |
| 43 | And I choose "article_published_false" | 43 | And I choose "article_published_false" |
| 44 | + And I uncheck "article_show_to_followers" | ||
| 44 | And I press "Save" | 45 | And I press "Save" |
| 45 | And I log off | 46 | And I log off |
| 46 | And I go to /freesoftware/my-folder | 47 | And I go to /freesoftware/my-folder |
| @@ -87,6 +88,7 @@ Feature: edit article | @@ -87,6 +88,7 @@ Feature: edit article | ||
| 87 | When I follow "Folder" | 88 | When I follow "Folder" |
| 88 | And I fill in "Title" with "My Folder" | 89 | And I fill in "Title" with "My Folder" |
| 89 | And I choose "article_published_false" | 90 | And I choose "article_published_false" |
| 91 | + And I uncheck "article_show_to_followers" | ||
| 90 | Then I should see "Fill in the search field to add the exception users to see this content" | 92 | Then I should see "Fill in the search field to add the exception users to see this content" |
| 91 | 93 | ||
| 92 | @selenium | 94 | @selenium |
features/secret_community.feature
| @@ -33,7 +33,7 @@ Feature: Use a secret community | @@ -33,7 +33,7 @@ Feature: Use a secret community | ||
| 33 | Scenario: Non members shouldn't see secret communit's content | 33 | Scenario: Non members shouldn't see secret communit's content |
| 34 | Given I am logged in as "maria" | 34 | Given I am logged in as "maria" |
| 35 | And I go to mycommunity's homepage | 35 | And I go to mycommunity's homepage |
| 36 | - And I should see "Access denied" | 36 | + And I should see "Oops ... you cannot go ahead here" |
| 37 | And I follow "Communities" | 37 | And I follow "Communities" |
| 38 | Then I should not see "My Community" | 38 | Then I should not see "My Community" |
| 39 | 39 |
test/functional/contact_controller_test.rb
| @@ -131,7 +131,7 @@ class ContactControllerTest < ActionController::TestCase | @@ -131,7 +131,7 @@ class ContactControllerTest < ActionController::TestCase | ||
| 131 | post :new, :profile => community.identifier | 131 | post :new, :profile => community.identifier |
| 132 | 132 | ||
| 133 | assert_response :forbidden | 133 | assert_response :forbidden |
| 134 | - assert_template :private_profile | 134 | + assert_template "profile/_private_profile" |
| 135 | end | 135 | end |
| 136 | 136 | ||
| 137 | should 'not show send e-mail page to non members of invisible community' do | 137 | should 'not show send e-mail page to non members of invisible community' do |
test/functional/content_viewer_controller_test.rb
| @@ -257,22 +257,22 @@ class ContentViewerControllerTest < ActionController::TestCase | @@ -257,22 +257,22 @@ class ContentViewerControllerTest < ActionController::TestCase | ||
| 257 | end | 257 | end |
| 258 | 258 | ||
| 259 | should 'not give access to private articles if logged off' do | 259 | should 'not give access to private articles if logged off' do |
| 260 | - profile = Profile.create!(:name => 'test profile', :identifier => 'test_profile') | 260 | + profile = Community.create!(:name => 'test profile', :identifier => 'test_profile') |
| 261 | intranet = Folder.create!(:name => 'my_intranet', :profile => profile, :published => false) | 261 | intranet = Folder.create!(:name => 'my_intranet', :profile => profile, :published => false) |
| 262 | 262 | ||
| 263 | get :view_page, :profile => 'test_profile', :page => [ 'my-intranet' ] | 263 | get :view_page, :profile => 'test_profile', :page => [ 'my-intranet' ] |
| 264 | 264 | ||
| 265 | - assert_template 'access_denied' | 265 | + assert_template "profile/_private_profile" |
| 266 | end | 266 | end |
| 267 | 267 | ||
| 268 | should 'not give access to private articles if logged in but not member' do | 268 | should 'not give access to private articles if logged in but not member' do |
| 269 | login_as('testinguser') | 269 | login_as('testinguser') |
| 270 | - profile = Profile.create!(:name => 'test profile', :identifier => 'test_profile') | 270 | + profile = Community.create!(:name => 'test profile', :identifier => 'test_profile') |
| 271 | intranet = Folder.create!(:name => 'my_intranet', :profile => profile, :published => false) | 271 | intranet = Folder.create!(:name => 'my_intranet', :profile => profile, :published => false) |
| 272 | 272 | ||
| 273 | get :view_page, :profile => 'test_profile', :page => [ 'my-intranet' ] | 273 | get :view_page, :profile => 'test_profile', :page => [ 'my-intranet' ] |
| 274 | 274 | ||
| 275 | - assert_template 'access_denied' | 275 | + assert_template "profile/_private_profile" |
| 276 | end | 276 | end |
| 277 | 277 | ||
| 278 | should 'not give access to private articles if logged in and only member' do | 278 | should 'not give access to private articles if logged in and only member' do |
| @@ -1428,7 +1428,7 @@ class ContentViewerControllerTest < ActionController::TestCase | @@ -1428,7 +1428,7 @@ class ContentViewerControllerTest < ActionController::TestCase | ||
| 1428 | 1428 | ||
| 1429 | article = TinyMceArticle.create(:name => 'Article to be shared with images', | 1429 | article = TinyMceArticle.create(:name => 'Article to be shared with images', |
| 1430 | :body => 'This article should be shared with all social networks', | 1430 | :body => 'This article should be shared with all social networks', |
| 1431 | - :profile => @profile, | 1431 | + :profile => community, |
| 1432 | :published => false, | 1432 | :published => false, |
| 1433 | :show_to_followers => true) | 1433 | :show_to_followers => true) |
| 1434 | article.parent = blog | 1434 | article.parent = blog |
test/functional/events_controller_test.rb
| @@ -60,7 +60,7 @@ class EventsControllerTest < ActionController::TestCase | @@ -60,7 +60,7 @@ class EventsControllerTest < ActionController::TestCase | ||
| 60 | post :events, :profile => community.identifier | 60 | post :events, :profile => community.identifier |
| 61 | 61 | ||
| 62 | assert_response :forbidden | 62 | assert_response :forbidden |
| 63 | - assert_template :private_profile | 63 | + assert_template "profile/_private_profile" |
| 64 | end | 64 | end |
| 65 | 65 | ||
| 66 | should 'not show events page to non members of invisible community' do | 66 | should 'not show events page to non members of invisible community' do |
test/integration/http_caching_test.rb
| @@ -85,7 +85,7 @@ class HttpCachingTest < ActionController::IntegrationTest | @@ -85,7 +85,7 @@ class HttpCachingTest < ActionController::IntegrationTest | ||
| 85 | 85 | ||
| 86 | test 'private community content should not return cache headers' do | 86 | test 'private community content should not return cache headers' do |
| 87 | community = create_private_community('the-community') | 87 | community = create_private_community('the-community') |
| 88 | - create(Article, profile_id: community.id, name: 'Test page') | 88 | + create(Article, profile_id: community.id, name: 'Test page', published: false) |
| 89 | 89 | ||
| 90 | get "/the-community/test-page" | 90 | get "/the-community/test-page" |
| 91 | assert_response 403 | 91 | assert_response 403 |
| @@ -139,4 +139,3 @@ class HttpCachingTest < ActionController::IntegrationTest | @@ -139,4 +139,3 @@ class HttpCachingTest < ActionController::IntegrationTest | ||
| 139 | end | 139 | end |
| 140 | 140 | ||
| 141 | end | 141 | end |
| 142 | - |
test/unit/article_test.rb
| @@ -484,7 +484,7 @@ class ArticleTest < ActiveSupport::TestCase | @@ -484,7 +484,7 @@ class ArticleTest < ActiveSupport::TestCase | ||
| 484 | 484 | ||
| 485 | should 'say that member user can not see private article' do | 485 | should 'say that member user can not see private article' do |
| 486 | profile = fast_create(Profile, :name => 'test profile', :identifier => 'test_profile') | 486 | profile = fast_create(Profile, :name => 'test profile', :identifier => 'test_profile') |
| 487 | - article = fast_create(Article, :name => 'test article', :profile_id => profile.id, :published => false) | 487 | + article = fast_create(Article, :name => 'test article', :profile_id => profile.id, :published => false, :show_to_followers => false) |
| 488 | person = create_user('test_user').person | 488 | person = create_user('test_user').person |
| 489 | profile.affiliate(person, Profile::Roles.member(profile.environment.id)) | 489 | profile.affiliate(person, Profile::Roles.member(profile.environment.id)) |
| 490 | 490 | ||
| @@ -509,15 +509,15 @@ class ArticleTest < ActiveSupport::TestCase | @@ -509,15 +509,15 @@ class ArticleTest < ActiveSupport::TestCase | ||
| 509 | assert article.display_to?(person) | 509 | assert article.display_to?(person) |
| 510 | end | 510 | end |
| 511 | 511 | ||
| 512 | - should 'not show article to non member if article public but profile private' do | 512 | + should 'show article to non member if article public but profile private' do |
| 513 | profile = fast_create(Profile, :name => 'test profile', :identifier => 'test_profile', :public_profile => false) | 513 | profile = fast_create(Profile, :name => 'test profile', :identifier => 'test_profile', :public_profile => false) |
| 514 | article = fast_create(Article, :name => 'test article', :profile_id => profile.id, :published => true) | 514 | article = fast_create(Article, :name => 'test article', :profile_id => profile.id, :published => true) |
| 515 | person1 = create_user('test_user1').person | 515 | person1 = create_user('test_user1').person |
| 516 | profile.affiliate(person1, Profile::Roles.member(profile.environment.id)) | 516 | profile.affiliate(person1, Profile::Roles.member(profile.environment.id)) |
| 517 | person2 = create_user('test_user2').person | 517 | person2 = create_user('test_user2').person |
| 518 | 518 | ||
| 519 | - assert !article.display_to?(nil) | ||
| 520 | - assert !article.display_to?(person2) | 519 | + assert article.display_to?(nil) |
| 520 | + assert article.display_to?(person2) | ||
| 521 | assert article.display_to?(person1) | 521 | assert article.display_to?(person1) |
| 522 | end | 522 | end |
| 523 | 523 | ||
| @@ -543,7 +543,7 @@ class ArticleTest < ActiveSupport::TestCase | @@ -543,7 +543,7 @@ class ArticleTest < ActiveSupport::TestCase | ||
| 543 | 543 | ||
| 544 | should 'not allow friends of private person see the article' do | 544 | should 'not allow friends of private person see the article' do |
| 545 | person = create_user('test_user').person | 545 | person = create_user('test_user').person |
| 546 | - article = create(Article, :name => 'test article', :profile => person, :published => false) | 546 | + article = create(Article, :name => 'test article', :profile => person, :published => false, :show_to_followers => false) |
| 547 | friend = create_user('test_friend').person | 547 | friend = create_user('test_friend').person |
| 548 | person.add_friend(friend) | 548 | person.add_friend(friend) |
| 549 | person.save! | 549 | person.save! |
| @@ -1686,7 +1686,7 @@ class ArticleTest < ActiveSupport::TestCase | @@ -1686,7 +1686,7 @@ class ArticleTest < ActiveSupport::TestCase | ||
| 1686 | a.allow_members_to_edit = true | 1686 | a.allow_members_to_edit = true |
| 1687 | assert !a.allow_edit?(nil) | 1687 | assert !a.allow_edit?(nil) |
| 1688 | end | 1688 | end |
| 1689 | - | 1689 | + |
| 1690 | should 'allow author to edit topic' do | 1690 | should 'allow author to edit topic' do |
| 1691 | community = fast_create(Community) | 1691 | community = fast_create(Community) |
| 1692 | admin = fast_create(Person) | 1692 | admin = fast_create(Person) |
| @@ -1905,7 +1905,7 @@ class ArticleTest < ActiveSupport::TestCase | @@ -1905,7 +1905,7 @@ class ArticleTest < ActiveSupport::TestCase | ||
| 1905 | end | 1905 | end |
| 1906 | 1906 | ||
| 1907 | should 'display_filter display only public articles if there is no user' do | 1907 | should 'display_filter display only public articles if there is no user' do |
| 1908 | - p = fast_create(Person) | 1908 | + p = fast_create(Person) |
| 1909 | Article.delete_all | 1909 | Article.delete_all |
| 1910 | a = fast_create(Article, :published => true, :profile_id => p.id) | 1910 | a = fast_create(Article, :published => true, :profile_id => p.id) |
| 1911 | fast_create(Article, :published => false, :profile_id => p.id) | 1911 | fast_create(Article, :published => false, :profile_id => p.id) |
| @@ -1915,7 +1915,7 @@ class ArticleTest < ActiveSupport::TestCase | @@ -1915,7 +1915,7 @@ class ArticleTest < ActiveSupport::TestCase | ||
| 1915 | 1915 | ||
| 1916 | should 'display_filter display public articles for users' do | 1916 | should 'display_filter display public articles for users' do |
| 1917 | user = create_user('someuser').person | 1917 | user = create_user('someuser').person |
| 1918 | - p = fast_create(Person) | 1918 | + p = fast_create(Person) |
| 1919 | user.stubs(:has_permission?).with(:view_private_content, p).returns(false) | 1919 | user.stubs(:has_permission?).with(:view_private_content, p).returns(false) |
| 1920 | Article.delete_all | 1920 | Article.delete_all |
| 1921 | a = fast_create(Article, :published => true, :profile_id => p.id) | 1921 | a = fast_create(Article, :published => true, :profile_id => p.id) |
| @@ -1926,7 +1926,7 @@ class ArticleTest < ActiveSupport::TestCase | @@ -1926,7 +1926,7 @@ class ArticleTest < ActiveSupport::TestCase | ||
| 1926 | 1926 | ||
| 1927 | should 'display_filter display private article last changed by user' do | 1927 | should 'display_filter display private article last changed by user' do |
| 1928 | user = create_user('someuser').person | 1928 | user = create_user('someuser').person |
| 1929 | - p = fast_create(Person) | 1929 | + p = fast_create(Person) |
| 1930 | user.stubs(:has_permission?).with(:view_private_content, p).returns(false) | 1930 | user.stubs(:has_permission?).with(:view_private_content, p).returns(false) |
| 1931 | Article.delete_all | 1931 | Article.delete_all |
| 1932 | a = fast_create(Article, :published => false, :last_changed_by_id => user.id, :profile_id => p.id) | 1932 | a = fast_create(Article, :published => false, :last_changed_by_id => user.id, :profile_id => p.id) |
| @@ -1938,7 +1938,7 @@ class ArticleTest < ActiveSupport::TestCase | @@ -1938,7 +1938,7 @@ class ArticleTest < ActiveSupport::TestCase | ||
| 1938 | should 'display_filter display user private article of his own profile' do | 1938 | should 'display_filter display user private article of his own profile' do |
| 1939 | user = create_user('someuser').person | 1939 | user = create_user('someuser').person |
| 1940 | user.stubs(:has_permission?).with(:view_private_content, user).returns(false) | 1940 | user.stubs(:has_permission?).with(:view_private_content, user).returns(false) |
| 1941 | - p = fast_create(Person) | 1941 | + p = fast_create(Person) |
| 1942 | Article.delete_all | 1942 | Article.delete_all |
| 1943 | a = fast_create(Article, :published => false, :profile_id => user.id) | 1943 | a = fast_create(Article, :published => false, :profile_id => user.id) |
| 1944 | fast_create(Article, :published => false, :profile_id => p.id) | 1944 | fast_create(Article, :published => false, :profile_id => p.id) |
| @@ -1948,7 +1948,7 @@ class ArticleTest < ActiveSupport::TestCase | @@ -1948,7 +1948,7 @@ class ArticleTest < ActiveSupport::TestCase | ||
| 1948 | 1948 | ||
| 1949 | should 'display_filter show profile private content if the user has view_private_content permission' do | 1949 | should 'display_filter show profile private content if the user has view_private_content permission' do |
| 1950 | user = create_user('someuser').person | 1950 | user = create_user('someuser').person |
| 1951 | - p = fast_create(Person) | 1951 | + p = fast_create(Person) |
| 1952 | Article.delete_all | 1952 | Article.delete_all |
| 1953 | user.stubs(:has_permission?).with(:view_private_content, p).returns(false) | 1953 | user.stubs(:has_permission?).with(:view_private_content, p).returns(false) |
| 1954 | a = fast_create(Article, :published => false, :profile_id => p.id) | 1954 | a = fast_create(Article, :published => false, :profile_id => p.id) |
| @@ -1965,8 +1965,8 @@ class ArticleTest < ActiveSupport::TestCase | @@ -1965,8 +1965,8 @@ class ArticleTest < ActiveSupport::TestCase | ||
| 1965 | user.stubs(:has_permission?).with(:view_private_content, p).returns(false) | 1965 | user.stubs(:has_permission?).with(:view_private_content, p).returns(false) |
| 1966 | Article.delete_all | 1966 | Article.delete_all |
| 1967 | a = fast_create(Article, :published => false, :show_to_followers => true, :profile_id => p.id) | 1967 | a = fast_create(Article, :published => false, :show_to_followers => true, :profile_id => p.id) |
| 1968 | - fast_create(Article, :published => false, :profile_id => p.id) | ||
| 1969 | - fast_create(Article, :published => false, :profile_id => p.id) | 1968 | + fast_create(Article, :published => false, :show_to_followers => false, :profile_id => p.id) |
| 1969 | + fast_create(Article, :published => false, :show_to_followers => false, :profile_id => p.id) | ||
| 1970 | assert_equal [a], Article.display_filter(user, p) | 1970 | assert_equal [a], Article.display_filter(user, p) |
| 1971 | end | 1971 | end |
| 1972 | 1972 | ||
| @@ -1977,8 +1977,8 @@ class ArticleTest < ActiveSupport::TestCase | @@ -1977,8 +1977,8 @@ class ArticleTest < ActiveSupport::TestCase | ||
| 1977 | user.stubs(:has_permission?).with(:view_private_content, p).returns(false) | 1977 | user.stubs(:has_permission?).with(:view_private_content, p).returns(false) |
| 1978 | Article.delete_all | 1978 | Article.delete_all |
| 1979 | a = fast_create(Article, :published => false, :show_to_followers => true, :profile_id => p.id) | 1979 | a = fast_create(Article, :published => false, :show_to_followers => true, :profile_id => p.id) |
| 1980 | - fast_create(Article, :published => false, :profile_id => p.id) | ||
| 1981 | - fast_create(Article, :published => false, :profile_id => p.id) | 1980 | + fast_create(Article, :published => false, :show_to_followers => false, :profile_id => p.id) |
| 1981 | + fast_create(Article, :published => false, :show_to_followers => false, :profile_id => p.id) | ||
| 1982 | assert_equal [a], Article.display_filter(user, p) | 1982 | assert_equal [a], Article.display_filter(user, p) |
| 1983 | end | 1983 | end |
| 1984 | 1984 | ||
| @@ -2057,8 +2057,8 @@ class ArticleTest < ActiveSupport::TestCase | @@ -2057,8 +2057,8 @@ class ArticleTest < ActiveSupport::TestCase | ||
| 2057 | user.stubs(:has_permission?).with(:view_private_content, p).returns(false) | 2057 | user.stubs(:has_permission?).with(:view_private_content, p).returns(false) |
| 2058 | Article.delete_all | 2058 | Article.delete_all |
| 2059 | a = fast_create(Article, :published => true, :profile_id => p.id) | 2059 | a = fast_create(Article, :published => true, :profile_id => p.id) |
| 2060 | - fast_create(Article, :published => false, :profile_id => p.id) | ||
| 2061 | - fast_create(Article, :published => false, :profile_id => p.id) | 2060 | + fast_create(Article, :published => false, :show_to_followers => false, :profile_id => p.id) |
| 2061 | + fast_create(Article, :published => false, :show_to_followers => false, :profile_id => p.id) | ||
| 2062 | assert_equal [a], Article.display_filter(user, p) | 2062 | assert_equal [a], Article.display_filter(user, p) |
| 2063 | end | 2063 | end |
| 2064 | 2064 | ||
| @@ -2088,7 +2088,7 @@ class ArticleTest < ActiveSupport::TestCase | @@ -2088,7 +2088,7 @@ class ArticleTest < ActiveSupport::TestCase | ||
| 2088 | a1 = fast_create(Article, :published => true, :profile_id => user.id) | 2088 | a1 = fast_create(Article, :published => true, :profile_id => user.id) |
| 2089 | a2 = fast_create(Article, :published => true, :profile_id => p.id) | 2089 | a2 = fast_create(Article, :published => true, :profile_id => p.id) |
| 2090 | fast_create(Article, :published => false, :profile_id => p.id) | 2090 | fast_create(Article, :published => false, :profile_id => p.id) |
| 2091 | - assert_equivalent [a1,a2], Article.display_filter(user, nil) | 2091 | + assert_equivalent [a1,a2], Article.display_filter(nil, user) |
| 2092 | end | 2092 | end |
| 2093 | 2093 | ||
| 2094 | should 'display_filter show person public content of private person profile for user friends' do | 2094 | should 'display_filter show person public content of private person profile for user friends' do |
| @@ -2099,8 +2099,8 @@ class ArticleTest < ActiveSupport::TestCase | @@ -2099,8 +2099,8 @@ class ArticleTest < ActiveSupport::TestCase | ||
| 2099 | user.stubs(:has_permission?).with(:view_private_content, p).returns(false) | 2099 | user.stubs(:has_permission?).with(:view_private_content, p).returns(false) |
| 2100 | Article.delete_all | 2100 | Article.delete_all |
| 2101 | a = fast_create(Article, :published => true, :profile_id => p.id) | 2101 | a = fast_create(Article, :published => true, :profile_id => p.id) |
| 2102 | - fast_create(Article, :published => false, :profile_id => p.id) | ||
| 2103 | - fast_create(Article, :published => false, :profile_id => p.id) | 2102 | + fast_create(Article, :published => false, :show_to_followers => false, :profile_id => p.id) |
| 2103 | + fast_create(Article, :published => false, :show_to_followers => false, :profile_id => p.id) | ||
| 2104 | assert_equal [a], Article.display_filter(user, p) | 2104 | assert_equal [a], Article.display_filter(user, p) |
| 2105 | end | 2105 | end |
| 2106 | 2106 | ||
| @@ -2130,7 +2130,7 @@ class ArticleTest < ActiveSupport::TestCase | @@ -2130,7 +2130,7 @@ class ArticleTest < ActiveSupport::TestCase | ||
| 2130 | a1 = fast_create(Article, :published => true, :profile_id => user.id) | 2130 | a1 = fast_create(Article, :published => true, :profile_id => user.id) |
| 2131 | a2 = fast_create(Article, :published => true, :profile_id => p.id) | 2131 | a2 = fast_create(Article, :published => true, :profile_id => p.id) |
| 2132 | fast_create(Article, :published => false, :profile_id => p.id) | 2132 | fast_create(Article, :published => false, :profile_id => p.id) |
| 2133 | - assert_equivalent [a1,a2], Article.display_filter(user, nil) | 2133 | + assert_equivalent [a1,a2], Article.display_filter(nil, user) |
| 2134 | end | 2134 | end |
| 2135 | 2135 | ||
| 2136 | end | 2136 | end |
test/unit/folder_helper_test.rb
| @@ -68,7 +68,7 @@ class FolderHelperTest < ActionView::TestCase | @@ -68,7 +68,7 @@ class FolderHelperTest < ActionView::TestCase | ||
| 68 | profile.public_profile = false | 68 | profile.public_profile = false |
| 69 | profile.save! | 69 | profile.save! |
| 70 | profile2 = create_user('Folder Viwer').person | 70 | profile2 = create_user('Folder Viwer').person |
| 71 | - folder = fast_create(Folder, :profile_id => profile.id) | 71 | + folder = fast_create(Folder, :profile_id => profile.id, :published => false) |
| 72 | article = fast_create(Article, {:parent_id => folder.id, :profile_id => profile.id}) | 72 | article = fast_create(Article, {:parent_id => folder.id, :profile_id => profile.id}) |
| 73 | 73 | ||
| 74 | result = available_articles(folder.children, profile2) | 74 | result = available_articles(folder.children, profile2) |
