From c1cdaf45ae654275295d99c7e56e9f796fc83680 Mon Sep 17 00:00:00 2001 From: Victor Costa Date: Thu, 11 Aug 2016 18:47:29 -0300 Subject: [PATCH] Not allow a regular person to choose raw html editor --- app/helpers/profile_editor_helper.rb | 2 +- app/models/person.rb | 11 +++++++++++ test/unit/person_test.rb | 33 +++++++++++++++++++++++++++++++++ 3 files changed, 45 insertions(+), 1 deletion(-) diff --git a/app/helpers/profile_editor_helper.rb b/app/helpers/profile_editor_helper.rb index ea249d0..25deadd 100644 --- a/app/helpers/profile_editor_helper.rb +++ b/app/helpers/profile_editor_helper.rb @@ -159,7 +159,7 @@ module ProfileEditorHelper end def select_editor(title, object, method, options) - labelled_form_field(title, select(object, method,[[_('TinyMCE'), Article::Editor::TINY_MCE], [_('Textile'), Article::Editor::TEXTILE], [_('Raw HTML'), Article::Editor::RAW_HTML]])) + labelled_form_field(title, select(object, method, current_person.available_editors.map { |k,v| [v, k] })) end end diff --git a/app/models/person.rb b/app/models/person.rb index d343a3c..53ee506 100644 --- a/app/models/person.rb +++ b/app/models/person.rb @@ -341,6 +341,8 @@ class Person < Profile validates_associated :user + validates :editor, inclusion: { in: lambda { |p| p.available_editors } } + def email self.user.nil? ? nil : self.user.email end @@ -621,4 +623,13 @@ class Person < Profile self.is_a_friend?(person) || super end + def available_editors + available_editors = { + Article::Editor::TINY_MCE => _('TinyMCE'), + Article::Editor::TEXTILE => _('Textile') + } + available_editors.merge!({Article::Editor::RAW_HTML => _('Raw HTML')}) if self.is_admin? + available_editors + end + end diff --git a/test/unit/person_test.rb b/test/unit/person_test.rb index e55a7e0..ae2acd7 100644 --- a/test/unit/person_test.rb +++ b/test/unit/person_test.rb @@ -2006,4 +2006,37 @@ class PersonTest < ActiveSupport::TestCase assert_equivalent [circle2], ProfileFollower.with_profile(community).with_follower(person).map(&:circle) end + should 'list available editors for a regular person' do + person = Person.new + person.expects(:is_admin?).returns(false) + assert_equivalent [Article::Editor::TINY_MCE, Article::Editor::TEXTILE], person.available_editors.keys + end + + should 'list available editors for an admin' do + person = Person.new + person.expects(:is_admin?).returns(true) + assert_equivalent [Article::Editor::TINY_MCE, Article::Editor::TEXTILE, Article::Editor::RAW_HTML], person.available_editors.keys + end + + should 'not save a person with an inexistent editor' do + person = create_user('testuser').person + person.editor = "bli" + assert !person.save + assert person.errors['editor'].present? + end + + should 'not allow a regular person to change to raw_html editor' do + person = create_user('testuser').person + person.editor = Article::Editor::RAW_HTML + assert !person.save + assert person.errors['editor'].present? + end + + should 'allow admin to change to raw_html editor' do + person = create_user('testuser').person + person.environment.add_admin(person) + person.editor = Article::Editor::RAW_HTML + assert person.save + end + end -- libgit2 0.21.2