Commit c9b33c17f779d4f94212875f40ff3ab0eef530e2
1 parent
cbed32d2
Exists in
master
and in
29 other branches
Refactoring Work Assignment Plugin
- Changed methods and variable names. - Created work_assignment_plugin_myprofile_controller and undone the cms_controller extension - Fixed the tests to fit the new structure Signed-off-by: Gabriela Navarro <navarro1703@gmail.com>
Showing
14 changed files
with
262 additions
and
273 deletions
Show diff stats
app/controllers/my_profile/cms_controller.rb
| ... | ... | @@ -30,10 +30,6 @@ class CmsController < MyProfileController |
| 30 | 30 | (user && (user.has_permission?('post_content', profile) || user.has_permission?('publish_content', profile))) |
| 31 | 31 | end |
| 32 | 32 | |
| 33 | - def self.add_as_exception?(action) | |
| 34 | - false | |
| 35 | - end | |
| 36 | - | |
| 37 | 33 | protect_if :except => [:suggest_an_article, :set_home_page, :edit, :destroy, :publish, :upload_files, :new] do |c, user, profile| |
| 38 | 34 | user && (user.has_permission?('post_content', profile) || user.has_permission?('publish_content', profile)) |
| 39 | 35 | end | ... | ... |
app/helpers/application_helper.rb
| ... | ... | @@ -866,13 +866,11 @@ module ApplicationHelper |
| 866 | 866 | end |
| 867 | 867 | |
| 868 | 868 | def helper_for_article(article) |
| 869 | - puts "teste "*20 | |
| 870 | 869 | article_helper = ActionView::Base.new |
| 871 | 870 | article_helper.controller = controller |
| 872 | 871 | article_helper.extend ArticleHelper |
| 873 | 872 | article_helper.extend Rails.application.routes.url_helpers |
| 874 | 873 | begin |
| 875 | - puts "erro "*20 | |
| 876 | 874 | class_name = article.class.name + 'Helper' |
| 877 | 875 | klass = class_name.constantize |
| 878 | 876 | article_helper.extend klass | ... | ... |
plugins/work_assignment/controllers/work_assignment_plugin_myprofile_controller.rb
| 1 | 1 | class WorkAssignmentPluginMyprofileController < MyProfileController |
| 2 | 2 | |
| 3 | -include ArticleHelper | |
| 4 | -include CmsHelper | |
| 3 | +helper ArticleHelper | |
| 4 | +helper CmsHelper | |
| 5 | 5 | |
| 6 | 6 | before_filter :protect_if, :only => [:edit_visibility] |
| 7 | 7 | |
| 8 | - | |
| 9 | 8 | def protect_if |
| 10 | - article = c.environment.articles.find_by_id(c.params[:article_id]) | |
| 11 | - (user && !article.nil? && (user.is_member_of? article.profile) && | |
| 12 | - article.parent.allow_privacy_edition && article.folder? && | |
| 9 | + article = environment.articles.find_by_id(params[:article_id]) | |
| 10 | + render_access_denied unless (user && !article.nil? && (user.is_member_of? article.profile) && | |
| 11 | + article.parent.allow_visibility_edition && article.folder? && | |
| 13 | 12 | (article.author == user || user.has_permission?('view_private_content', profile))) |
| 14 | 13 | end |
| 15 | 14 | |
| 16 | -def edit_privacy | |
| 15 | +def edit_visibility | |
| 17 | 16 | unless params[:article_id].blank? |
| 18 | 17 | folder = profile.environment.articles.find_by_id(params[:article_id]) |
| 19 | 18 | @back_to = url_for(folder.parent.url) |
| ... | ... | @@ -27,4 +26,10 @@ def edit_privacy |
| 27 | 26 | end |
| 28 | 27 | end |
| 29 | 28 | end |
| 30 | -end | |
| 31 | 29 | \ No newline at end of file |
| 30 | + | |
| 31 | + def search_article_privacy_exceptions | |
| 32 | + arg = params[:q].downcase | |
| 33 | + result = profile.members.find(:all, :conditions => ['LOWER(name) LIKE ?', "%#{arg}%"]) | |
| 34 | + render :text => prepare_to_token_input(result).to_json | |
| 35 | + end | |
| 36 | +end | ... | ... |
plugins/work_assignment/lib/ext/cms_controller.rb
| ... | ... | @@ -1,36 +0,0 @@ |
| 1 | -require_dependency 'cms_controller' | |
| 2 | - | |
| 3 | -class CmsController | |
| 4 | - | |
| 5 | -protect_if :only => :edit_visibility do |c, user, profile| | |
| 6 | - article = c.environment.articles.find_by_id(c.params[:article_id]) | |
| 7 | - (user && !article.nil? && (user.is_member_of? article.profile) && | |
| 8 | - article.parent.allow_privacy_edition && article.folder? && | |
| 9 | - (article.author == user || user.has_permission?('view_private_content', profile))) | |
| 10 | -end | |
| 11 | - | |
| 12 | -def edit_visibility | |
| 13 | - unless params[:article_id].blank? | |
| 14 | - folder = profile.environment.articles.find_by_id(params[:article_id]) | |
| 15 | - @back_to = url_for(folder.parent.url) | |
| 16 | - unless params[:article].blank? | |
| 17 | - folder.published = params[:article][:published] | |
| 18 | - unless params[:q].nil? | |
| 19 | - folder.article_privacy_exceptions = params[:q].split(/,/).map{|n| environment.people.find n.to_i} | |
| 20 | - end | |
| 21 | - folder.save! | |
| 22 | - redirect_to @back_to | |
| 23 | - end | |
| 24 | - end | |
| 25 | - end | |
| 26 | - | |
| 27 | -def self.add_as_exception?(action) | |
| 28 | - actions = "edit_visibility, search_article_privacy_exceptions" | |
| 29 | - if actions.include? action | |
| 30 | - true | |
| 31 | - else | |
| 32 | - false | |
| 33 | - end | |
| 34 | - end | |
| 35 | - | |
| 36 | -end |
plugins/work_assignment/lib/ext/email_contact.rb
| ... | ... | @@ -52,8 +52,7 @@ class EmailContact |
| 52 | 52 | def build_mail_message!(environment, uploaded_files, parent_id) |
| 53 | 53 | article = environment.articles.find_by_id(parent_id) |
| 54 | 54 | message = "" |
| 55 | - #kind_of? | |
| 56 | - if !article.nil? && article.type == "WorkAssignmentPlugin::WorkAssignment" | |
| 55 | + if !article.nil? && article.kind_of?(WorkAssignmentPlugin::WorkAssignment) | |
| 57 | 56 | message = article.default_email + "<br>" |
| 58 | 57 | end |
| 59 | 58 | uploaded_files.each do |file| | ... | ... |
plugins/work_assignment/lib/ext/folder.rb
plugins/work_assignment/lib/work_assignment_plugin/helper.rb
| 1 | 1 | module WorkAssignmentPlugin::Helper |
| 2 | 2 | include CmsHelper |
| 3 | - include ArticleHelper | |
| 3 | + | |
| 4 | 4 | def display_submissions(work_assignment, user) |
| 5 | 5 | return if work_assignment.submissions.empty? |
| 6 | 6 | content_tag('table', |
| ... | ... | @@ -73,41 +73,21 @@ module WorkAssignmentPlugin::Helper |
| 73 | 73 | end |
| 74 | 74 | |
| 75 | 75 | def display_privacy_button(author_folder, user) |
| 76 | - #ver if | |
| 77 | - if author_folder | |
| 78 | - folder = environment.articles.find_by_id(author_folder.id) | |
| 79 | - work_assignment = folder.parent | |
| 80 | - @back_to = url_for(folder.parent.url) | |
| 81 | - if(user && work_assignment.allow_privacy_edition && | |
| 82 | - ((author_folder.author_id == user.id && (user.is_member_of? work_assignment.profile)) || | |
| 83 | - user.has_permission?('view_private_content', work_assignment.profile)))#@profile? | |
| 76 | + folder = environment.articles.find_by_id(author_folder.id) | |
| 77 | + work_assignment = folder.parent | |
| 78 | + @back_to = url_for(work_assignment.url) | |
| 84 | 79 | |
| 85 | - @tokenized_children = prepare_to_token_input( | |
| 86 | - profile.members.includes(:articles_with_access).find_all{ |m| | |
| 87 | - m.articles_with_access.include?(folder) | |
| 88 | - }) | |
| 89 | - button :edit, _('Edit'), { :controller => 'work_assignment_plugin_myprofile', | |
| 90 | - :action => 'edit_privacy', :article_id => folder.id, | |
| 91 | - :tokenized_children => @tokenized_children, :back_to => @back_to}, :method => :post | |
| 92 | - end | |
| 93 | - end | |
| 94 | - end | |
| 80 | + if(user && work_assignment.allow_visibility_edition && | |
| 81 | + ((author_folder.author_id == user.id && (user.is_member_of? profile)) || | |
| 82 | + user.has_permission?('view_private_content', profile))) | |
| 95 | 83 | |
| 96 | - def visibility_options(article, tokenized_children) | |
| 97 | - content_tag('h4', _('Visibility')) + | |
| 98 | - content_tag('div', | |
| 99 | - content_tag('div', | |
| 100 | - radio_button(:article, :published, true) + | |
| 101 | - content_tag('label', _('Public (visible to other people)'), :for => 'article_published_true') | |
| 102 | - ) + | |
| 103 | - content_tag('div', | |
| 104 | - radio_button(:article, :published, false) + | |
| 105 | - content_tag('label', _('Private'), :for => 'article_published_false', :id => "label_private") | |
| 106 | - ) + | |
| 107 | - (article.profile.community? ? content_tag('div', | |
| 108 | - content_tag('label', _('Fill in the search field to add the exception users to see this content'), :id => "text-input-search-exception-users") + | |
| 109 | - token_input_field_tag(:q, 'search-article-privacy-exceptions', {:action => 'search_article_privacy_exceptions'}, | |
| 110 | - {:focus => false, :hint_text => _('Type in a search term for a user'), :pre_populate => tokenized_children})) : | |
| 111 | - '')) | |
| 84 | + @tokenized_children = prepare_to_token_input( | |
| 85 | + profile.members.includes(:articles_with_access).find_all{ |m| | |
| 86 | + m.articles_with_access.include?(folder) | |
| 87 | + }) | |
| 88 | + button :edit, _('Edit'), { :controller => 'work_assignment_plugin_myprofile', | |
| 89 | + :action => 'edit_visibility', :article_id => folder.id, | |
| 90 | + :tokenized_children => @tokenized_children, :back_to => @back_to}, :method => :post | |
| 91 | + end | |
| 112 | 92 | end |
| 113 | 93 | end | ... | ... |
plugins/work_assignment/lib/work_assignment_plugin/work_assignment.rb
| ... | ... | @@ -2,11 +2,11 @@ class WorkAssignmentPlugin::WorkAssignment < Folder |
| 2 | 2 | |
| 3 | 3 | settings_items :publish_submissions, :type => :boolean, :default => false |
| 4 | 4 | settings_items :default_email, :type => :string, :default => "" |
| 5 | - settings_items :allow_privacy_edition, :type => :boolean, :default => false | |
| 5 | + settings_items :allow_visibility_edition, :type => :boolean, :default => false | |
| 6 | 6 | |
| 7 | 7 | attr_accessible :publish_submissions |
| 8 | 8 | attr_accessible :default_email |
| 9 | - attr_accessible :allow_privacy_edition | |
| 9 | + attr_accessible :allow_visibility_edition | |
| 10 | 10 | |
| 11 | 11 | def self.icon_name(article = nil) |
| 12 | 12 | 'work-assignment' | ... | ... |
plugins/work_assignment/test/functional/cms_controller_test.rb
| ... | ... | @@ -6,14 +6,6 @@ class CmsController; def rescue_action(e) raise e end; end |
| 6 | 6 | |
| 7 | 7 | class CmsControllerTest < ActionController::TestCase |
| 8 | 8 | |
| 9 | - include NoosferoTestHelper | |
| 10 | - #necessario? | |
| 11 | - fixtures :environments | |
| 12 | - | |
| 13 | - | |
| 14 | - attr_reader :profile | |
| 15 | - attr_accessor :person | |
| 16 | - | |
| 17 | 9 | def setup |
| 18 | 10 | @controller = CmsController.new |
| 19 | 11 | @request = ActionController::TestRequest.new |
| ... | ... | @@ -34,7 +26,7 @@ class CmsControllerTest < ActionController::TestCase |
| 34 | 26 | end |
| 35 | 27 | |
| 36 | 28 | should 'allow members to upload submissions on work_assignment' do |
| 37 | - @organization.add_member(person) | |
| 29 | + @organization.add_member(@person) | |
| 38 | 30 | # then he trys to upload new stuff |
| 39 | 31 | work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil) |
| 40 | 32 | get :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id |
| ... | ... | @@ -42,7 +34,7 @@ class CmsControllerTest < ActionController::TestCase |
| 42 | 34 | end |
| 43 | 35 | |
| 44 | 36 | should 'redirect to Work Assignment view page after upload submission' do |
| 45 | - @organization.add_member(person) | |
| 37 | + @organization.add_member(@person) | |
| 46 | 38 | work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil) |
| 47 | 39 | post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] , :back_to => @work_assignment.url |
| 48 | 40 | assert_redirected_to work_assignment.url |
| ... | ... | @@ -50,20 +42,20 @@ class CmsControllerTest < ActionController::TestCase |
| 50 | 42 | |
| 51 | 43 | should 'upload submission and automatically move it to the author folder' do |
| 52 | 44 | work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil) |
| 53 | - @organization.add_member(person) | |
| 45 | + @organization.add_member(@person) | |
| 54 | 46 | post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] |
| 55 | 47 | submission = UploadedFile.last |
| 56 | - assert_equal work_assignment.find_or_create_author_folder(person), submission.parent | |
| 48 | + assert_equal work_assignment.find_or_create_author_folder(@person), submission.parent | |
| 57 | 49 | end |
| 58 | 50 | |
| 59 | - should 'work_assignment attribute allow_privacy_edition is true when set a new work_assignment' do | |
| 51 | + should 'work_assignment attribute allow_visibility_edition is true when set a new work_assignment' do | |
| 60 | 52 | work_assignment = create_work_assignment('Work Assignment', @organization, nil, true) |
| 61 | - @organization.add_member(person) | |
| 62 | - assert_equal true, work_assignment.allow_privacy_edition | |
| 53 | + @organization.add_member(@person) | |
| 54 | + assert_equal true, work_assignment.allow_visibility_edition | |
| 63 | 55 | end |
| 64 | 56 | |
| 65 | 57 | should 'a submission and parent attribute "published" be equal to Work Assignment attribute publish submissions' do |
| 66 | - @organization.add_member(person) | |
| 58 | + @organization.add_member(@person) | |
| 67 | 59 | work_assignment = create_work_assignment('Work Assignment', @organization, true, nil) |
| 68 | 60 | assert_equal true, work_assignment.publish_submissions |
| 69 | 61 | post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] |
| ... | ... | @@ -79,143 +71,8 @@ class CmsControllerTest < ActionController::TestCase |
| 79 | 71 | assert_equal other_work_assignment.publish_submissions, submission.parent.published |
| 80 | 72 | end |
| 81 | 73 | |
| 82 | - should 'submission edit visibility deny access to users and admin when Work Assignment allow_privacy_edition is false' do | |
| 83 | - @organization.add_member(person) | |
| 84 | - ##### Testing with normal user | |
| 85 | - work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil) | |
| 86 | - post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] | |
| 87 | - submission = UploadedFile.last | |
| 88 | - assert_equal false, submission.published | |
| 89 | - assert_equal false, submission.parent.published | |
| 90 | - | |
| 91 | - post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id | |
| 92 | - assert_template 'access_denied' | |
| 93 | - post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id, :article => { :published => true } | |
| 94 | - assert_template 'access_denied' | |
| 95 | - | |
| 96 | - submission.reload | |
| 97 | - assert_equal false, submission.published | |
| 98 | - assert_equal false, submission.parent.published | |
| 99 | - | |
| 100 | - #### Even with admin user | |
| 101 | - e = Environment.default | |
| 102 | - assert_equal false, person.is_admin? | |
| 103 | - e.add_admin(person) | |
| 104 | - e.save! | |
| 105 | - assert_equal true, person.is_admin? | |
| 106 | - | |
| 107 | - post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id | |
| 108 | - assert_template 'access_denied' | |
| 109 | - post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id, :article => { :published => true } | |
| 110 | - assert_template 'access_denied' | |
| 111 | - | |
| 112 | - submission.reload | |
| 113 | - assert_equal false, submission.published | |
| 114 | - end | |
| 115 | - | |
| 116 | - should 'redirect an unlogged user to the login page if he tryes to access the edit visibility page and work_assignment allow_privacy_edition is true' do | |
| 117 | - @organization.add_member(person) | |
| 118 | - work_assignment = create_work_assignment('Work Assignment', @organization, nil, nil) | |
| 119 | - work_assignment.allow_privacy_edition = true # the user can edit the privacy | |
| 120 | - assert_equal true, work_assignment.allow_privacy_edition | |
| 121 | - work_assignment.save! | |
| 122 | - parent = work_assignment.find_or_create_author_folder(person) | |
| 123 | - UploadedFile.create( | |
| 124 | - { | |
| 125 | - :uploaded_data => fixture_file_upload('/files/test.txt', 'text/plain'), | |
| 126 | - :profile => @organization, | |
| 127 | - :parent => parent, | |
| 128 | - :last_changed_by => person, | |
| 129 | - :author => person, | |
| 130 | - }, | |
| 131 | - :without_protection => true | |
| 132 | - ) | |
| 133 | - logout | |
| 134 | - submission = UploadedFile.last | |
| 135 | - assert_equal false, submission.parent.published | |
| 136 | - assert_equal false, submission.published | |
| 137 | - | |
| 138 | - post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id | |
| 139 | - assert_redirected_to '/account/login' | |
| 140 | - post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id, :article => { :published => true } | |
| 141 | - assert_redirected_to '/account/login' | |
| 142 | - submission.reload | |
| 143 | - assert_equal false, submission.parent.published | |
| 144 | - assert_equal false, submission.published | |
| 145 | - end | |
| 146 | - | |
| 147 | - should 'submission edit_visibility deny access to not owner when WorkAssignment edit_visibility is true' do | |
| 148 | - @organization.add_member(person) # current_user is a member | |
| 149 | - work_assignment = create_work_assignment('Another Work Assignment', @organization, nil, true) | |
| 150 | - @parent = work_assignment.find_or_create_author_folder(person) | |
| 151 | - UploadedFile.create( | |
| 152 | - { | |
| 153 | - :uploaded_data => fixture_file_upload('/files/test.txt', 'text/plain'), | |
| 154 | - :profile => @organization, | |
| 155 | - :parent => @parent, | |
| 156 | - :last_changed_by => person, | |
| 157 | - :author => person, | |
| 158 | - }, | |
| 159 | - :without_protection => true | |
| 160 | - ) | |
| 161 | - logout | |
| 162 | - | |
| 163 | - | |
| 164 | - other_person = create_user('other_user').person | |
| 165 | - @organization.add_member(other_person) | |
| 166 | - login_as :other_user | |
| 167 | - | |
| 168 | - @organization.add_member(other_person) | |
| 169 | - submission = UploadedFile.last | |
| 170 | - assert_equal(submission.author, person) | |
| 171 | - | |
| 172 | - post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id | |
| 173 | - assert_template 'access_denied' | |
| 174 | - | |
| 175 | - post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id, :article => { :published => true } | |
| 176 | - assert_template 'access_denied' | |
| 177 | - | |
| 178 | - submission.reload | |
| 179 | - assert_equal false, submission.parent.published | |
| 180 | - assert_equal false, submission.published | |
| 181 | - end | |
| 182 | - | |
| 183 | - should 'submission white list give permission to an user that has been added' do | |
| 184 | - other_person = create_user('other_user').person | |
| 185 | - @organization.add_member(person) | |
| 186 | - @organization.add_member(other_person) | |
| 187 | - work_assignment = create_work_assignment('Another Work Assignment', @organization, false, true) | |
| 188 | - post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] | |
| 189 | - submission = UploadedFile.last | |
| 190 | - assert_equal false, submission.display_unpublished_article_to?(other_person) | |
| 191 | - post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id, :article => { :published => false }, :q => other_person.id | |
| 192 | - submission.reload | |
| 193 | - assert_equal true, submission.parent.display_unpublished_article_to?(other_person) | |
| 194 | - assert_equal true, submission.display_unpublished_article_to?(other_person) | |
| 195 | - end | |
| 196 | - | |
| 197 | - should 'submission edit_visibility deny access to owner if not organization member' do | |
| 198 | - @organization.add_member(person) # current_user is a member | |
| 199 | - work_assignment = create_work_assignment('Work Assignment', @organization, nil, true) | |
| 200 | - post :upload_files, :profile => @organization.identifier, :parent_id => work_assignment.id, :uploaded_files => [fixture_file_upload('/files/test.txt', 'text/plain')] | |
| 201 | - @organization.remove_member(person) | |
| 202 | - submission = UploadedFile.last | |
| 203 | - | |
| 204 | - assert_equal false, (person.is_member_of? submission.profile) | |
| 205 | - | |
| 206 | - post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id | |
| 207 | - assert_template 'access_denied' | |
| 208 | - | |
| 209 | - post :edit_visibility, :profile => @organization.identifier, :article_id => submission.parent.id, :article => { :published => true } | |
| 210 | - assert_template 'access_denied' | |
| 211 | - | |
| 212 | - submission.reload | |
| 213 | - assert_equal false, submission.parent.published | |
| 214 | - assert_equal false, submission.published | |
| 215 | - end | |
| 216 | - | |
| 217 | 74 | private |
| 218 | - def create_work_assignment(name = nil, profile = nil, publish_submissions = nil, allow_privacy_edition = nil) | |
| 219 | - @work_assignment = WorkAssignmentPlugin::WorkAssignment.create!(:name => name, :profile => profile, :publish_submissions => publish_submissions, :allow_privacy_edition => allow_privacy_edition) | |
| 75 | + def create_work_assignment(name = nil, profile = nil, publish_submissions = nil, allow_visibility_edition = nil) | |
| 76 | + @work_assignment = WorkAssignmentPlugin::WorkAssignment.create!(:name => name, :profile => profile, :publish_submissions => publish_submissions, :allow_visibility_edition => allow_visibility_edition) | |
| 220 | 77 | end |
| 221 | 78 | end | ... | ... |
plugins/work_assignment/test/functional/content_viewer_controller_test.rb
| ... | ... | @@ -15,6 +15,7 @@ class ContentViewerControllerTest < ActionController::TestCase |
| 15 | 15 | @organization = fast_create(Organization) |
| 16 | 16 | @work_assignment = WorkAssignmentPlugin::WorkAssignment.create!(:name => 'Work Assignment', :profile => @organization) |
| 17 | 17 | @person = create_user('test_user').person |
| 18 | + @organization.add_member(@person) | |
| 18 | 19 | @environment = @organization.environment |
| 19 | 20 | @environment.enable_plugin(WorkAssignmentPlugin) |
| 20 | 21 | @environment.save! |
| ... | ... | @@ -23,19 +24,17 @@ class ContentViewerControllerTest < ActionController::TestCase |
| 23 | 24 | attr_reader :organization, :person, :profile, :work_assignment |
| 24 | 25 | |
| 25 | 26 | should 'can download work_assignment' do |
| 26 | - random_member = fast_create(Person) | |
| 27 | - organization.add_member(random_member) | |
| 28 | - folder = work_assignment.find_or_create_author_folder(random_member) | |
| 27 | + folder = work_assignment.find_or_create_author_folder(@person) | |
| 29 | 28 | submission = UploadedFile.create!(:uploaded_data => fixture_file_upload('/files/rails.png', 'image/png'), :profile => organization, :parent => folder) |
| 30 | 29 | WorkAssignmentPlugin.stubs(:can_download_submission?).returns(false) |
| 31 | 30 | |
| 32 | - get :view_page, :profile => organization.identifier, :page => submission.explode_path | |
| 31 | + get :view_page, :profile => @organization.identifier, :page => submission.path | |
| 33 | 32 | assert_response :forbidden |
| 34 | 33 | assert_template 'access_denied' |
| 35 | 34 | |
| 36 | 35 | WorkAssignmentPlugin.stubs(:can_download_submission?).returns(true) |
| 37 | 36 | |
| 38 | - get :view_page, :profile => organization.identifier, :page => submission.explode_path | |
| 37 | + get :view_page, :profile => @organization.identifier, :page => submission.path | |
| 39 | 38 | assert_response :success |
| 40 | 39 | end |
| 41 | 40 | ... | ... |
plugins/work_assignment/test/functional/work_assignment_plugin_myprofile_controller_test.rb
0 → 100644
| ... | ... | @@ -0,0 +1,191 @@ |
| 1 | +require File.expand_path(File.dirname(__FILE__) + "/../../../../test/test_helper") | |
| 2 | +require 'work_assignment_plugin_myprofile_controller' | |
| 3 | + | |
| 4 | +# Re-raise errors caught by the controller. | |
| 5 | +class WorkAssignmentPluginMyprofileController; def rescue_action(e) raise e end; end | |
| 6 | + | |
| 7 | +class WorkAssignmentPluginMyprofileControllerTest < ActionController::TestCase | |
| 8 | + | |
| 9 | + def setup | |
| 10 | + @controller = WorkAssignmentPluginMyprofileController.new | |
| 11 | + @request = ActionController::TestRequest.new | |
| 12 | + @response = ActionController::TestResponse.new | |
| 13 | + @person = create_user('test_user').person | |
| 14 | + login_as :test_user | |
| 15 | + e = Environment.default | |
| 16 | + e.enabled_plugins = ['WorkAssignmentPlugin'] | |
| 17 | + e.save! | |
| 18 | + @organization = fast_create(Organization) # | |
| 19 | + end | |
| 20 | + | |
| 21 | + should 'submission edit visibility deny access to users and admin when Work Assignment allow_visibility_edition is false' do | |
| 22 | + @organization.add_member(@person) | |
| 23 | + ##### Testing with normal user | |
| 24 | + work_assignment = create_work_assignment('Work Assignment', @organization, nil, false) | |
| 25 | + work_assignment.save! | |
| 26 | + assert_equal false, work_assignment.allow_visibility_edition | |
| 27 | + parent = work_assignment.find_or_create_author_folder(@person) | |
| 28 | + UploadedFile.create( | |
| 29 | + { | |
| 30 | + :uploaded_data => fixture_file_upload('/files/test.txt', 'text/plain'), | |
| 31 | + :profile => @organization, | |
| 32 | + :parent => parent, | |
| 33 | + :last_changed_by => @person, | |
| 34 | + :author => @person, | |
| 35 | + }, | |
| 36 | + :without_protection => true | |
| 37 | + ) | |
| 38 | + submission = UploadedFile.find_by_filename("test.txt") | |
| 39 | + assert_equal false, submission.published | |
| 40 | + assert_equal false, submission.parent.published | |
| 41 | + | |
| 42 | + post :edit_visibility, :profile => @organization.identifier, :article_id => parent.id | |
| 43 | + assert_template 'access_denied' | |
| 44 | + post :edit_visibility, :profile => @organization.identifier, :article_id => parent.id, :article => { :published => true } | |
| 45 | + assert_template 'access_denied' | |
| 46 | + | |
| 47 | + submission.reload | |
| 48 | + assert_equal false, submission.published | |
| 49 | + assert_equal false, submission.parent.published | |
| 50 | + | |
| 51 | + #### Even with admin user | |
| 52 | + e = Environment.default | |
| 53 | + assert_equal false, @person.is_admin? | |
| 54 | + e.add_admin(@person) | |
| 55 | + e.save! | |
| 56 | + assert_equal true, @person.is_admin? | |
| 57 | + | |
| 58 | + post :edit_visibility, :profile => @organization.identifier, :article_id => parent.id | |
| 59 | + assert_template 'access_denied' | |
| 60 | + post :edit_visibility, :profile => @organization.identifier, :article_id => parent.id, :article => { :published => true } | |
| 61 | + assert_template 'access_denied' | |
| 62 | + | |
| 63 | + submission.reload | |
| 64 | + assert_equal false, submission.published | |
| 65 | + end | |
| 66 | + | |
| 67 | + should 'redirect an unlogged user to the login page if he tryes to access the edit visibility page and work_assignment allow_visibility_edition is true' do | |
| 68 | + @organization.add_member(@person) | |
| 69 | + work_assignment = create_work_assignment('Work Assignment', @organization, nil, true) | |
| 70 | + assert_equal true, work_assignment.allow_visibility_edition | |
| 71 | + work_assignment.save! | |
| 72 | + parent = work_assignment.find_or_create_author_folder(@person) | |
| 73 | + UploadedFile.create( | |
| 74 | + { | |
| 75 | + :uploaded_data => fixture_file_upload('/files/test.txt', 'text/plain'), | |
| 76 | + :profile => @organization, | |
| 77 | + :parent => parent, | |
| 78 | + :last_changed_by => @person, | |
| 79 | + :author => @person, | |
| 80 | + }, | |
| 81 | + :without_protection => true | |
| 82 | + ) | |
| 83 | + logout | |
| 84 | + submission = UploadedFile.find_by_filename("test.txt") | |
| 85 | + assert_equal false, submission.parent.published | |
| 86 | + assert_equal false, submission.published | |
| 87 | + | |
| 88 | + post :edit_visibility, :profile => @organization.identifier, :article_id => parent.id | |
| 89 | + assert_redirected_to '/account/login' | |
| 90 | + post :edit_visibility, :profile => @organization.identifier, :article_id => parent.id, :article => { :published => true } | |
| 91 | + assert_redirected_to '/account/login' | |
| 92 | + submission.reload | |
| 93 | + assert_equal false, submission.parent.published | |
| 94 | + assert_equal false, submission.published | |
| 95 | + end | |
| 96 | + | |
| 97 | + should 'submission edit_visibility deny access to not owner when WorkAssignment edit_visibility is true' do | |
| 98 | + @organization.add_member(@person) # current_user is a member | |
| 99 | + work_assignment = create_work_assignment('Another Work Assignment', @organization, nil, true) | |
| 100 | + parent = work_assignment.find_or_create_author_folder(@person) | |
| 101 | + UploadedFile.create( | |
| 102 | + { | |
| 103 | + :uploaded_data => fixture_file_upload('/files/test.txt', 'text/plain'), | |
| 104 | + :profile => @organization, | |
| 105 | + :parent => parent, | |
| 106 | + :last_changed_by => @person, | |
| 107 | + :author => @person, | |
| 108 | + }, | |
| 109 | + :without_protection => true | |
| 110 | + ) | |
| 111 | + logout | |
| 112 | + | |
| 113 | + | |
| 114 | + other_person = create_user('other_user').person | |
| 115 | + @organization.add_member(other_person) | |
| 116 | + login_as :other_user | |
| 117 | + | |
| 118 | + @organization.add_member(other_person) | |
| 119 | + submission = UploadedFile.find_by_filename("test.txt") | |
| 120 | + assert_equal(submission.author, @person) | |
| 121 | + | |
| 122 | + post :edit_visibility, :profile => @organization.identifier, :article_id => parent.id | |
| 123 | + assert_template 'access_denied' | |
| 124 | + | |
| 125 | + post :edit_visibility, :profile => @organization.identifier, :article_id => parent.id, :article => { :published => true } | |
| 126 | + assert_template 'access_denied' | |
| 127 | + | |
| 128 | + submission.reload | |
| 129 | + assert_equal false, submission.parent.published | |
| 130 | + assert_equal false, submission.published | |
| 131 | + end | |
| 132 | + | |
| 133 | + should 'submission white list give permission to an user that has been added' do | |
| 134 | + other_person = create_user('other_user').person | |
| 135 | + @organization.add_member(@person) | |
| 136 | + @organization.add_member(other_person) | |
| 137 | + work_assignment = create_work_assignment('Another Work Assignment', @organization, false, true) | |
| 138 | + parent = work_assignment.find_or_create_author_folder(@person) | |
| 139 | + UploadedFile.create( | |
| 140 | + { | |
| 141 | + :uploaded_data => fixture_file_upload('/files/test.txt', 'text/plain'), | |
| 142 | + :profile => @organization, | |
| 143 | + :parent => parent, | |
| 144 | + :last_changed_by => @person, | |
| 145 | + :author => @person, | |
| 146 | + }, | |
| 147 | + :without_protection => true | |
| 148 | + ) | |
| 149 | + submission = UploadedFile.find_by_filename("test.txt") | |
| 150 | + assert_equal false, submission.article_privacy_exceptions.include?(other_person) | |
| 151 | + post :edit_visibility, :profile => @organization.identifier, :article_id => parent.id, :article => { :published => false }, :q => other_person.id | |
| 152 | + submission.reload | |
| 153 | + assert_equal true, submission.parent.article_privacy_exceptions.include?(other_person) | |
| 154 | + assert_equal true, submission.article_privacy_exceptions.include?(other_person) | |
| 155 | + end | |
| 156 | + | |
| 157 | + should 'submission edit_visibility deny access to owner if not organization member' do | |
| 158 | + @organization.add_member(@person) # current_user is a member | |
| 159 | + work_assignment = create_work_assignment('Work Assignment', @organization, nil, true) | |
| 160 | + parent = work_assignment.find_or_create_author_folder(@person) | |
| 161 | + UploadedFile.create( | |
| 162 | + { | |
| 163 | + :uploaded_data => fixture_file_upload('/files/test.txt', 'text/plain'), | |
| 164 | + :profile => @organization, | |
| 165 | + :parent => parent, | |
| 166 | + :last_changed_by => @person, | |
| 167 | + :author => @person, | |
| 168 | + }, | |
| 169 | + :without_protection => true | |
| 170 | + ) | |
| 171 | + @organization.remove_member(@person) | |
| 172 | + submission = UploadedFile.find_by_filename("test.txt") | |
| 173 | + | |
| 174 | + assert_equal false, (@person.is_member_of? submission.profile) | |
| 175 | + | |
| 176 | + post :edit_visibility, :profile => @organization.identifier, :article_id => parent.id | |
| 177 | + assert_template 'access_denied' | |
| 178 | + | |
| 179 | + post :edit_visibility, :profile => @organization.identifier, :article_id => parent.id, :article => { :published => true } | |
| 180 | + assert_template 'access_denied' | |
| 181 | + | |
| 182 | + submission.reload | |
| 183 | + assert_equal false, submission.parent.published | |
| 184 | + assert_equal false, submission.published | |
| 185 | + end | |
| 186 | + | |
| 187 | + private | |
| 188 | + def create_work_assignment(name = nil, profile = nil, publish_submissions = nil, allow_visibility_edition = nil) | |
| 189 | + @work_assignment = WorkAssignmentPlugin::WorkAssignment.create!(:name => name, :profile => profile, :publish_submissions => publish_submissions, :allow_visibility_edition => allow_visibility_edition) | |
| 190 | + end | |
| 191 | +end | ... | ... |
plugins/work_assignment/views/cms/work_assignment_plugin/_work_assignment.html.erb
| ... | ... | @@ -4,4 +4,4 @@ |
| 4 | 4 | |
| 5 | 5 | <%=labelled_check_box(_('Publish submissions'), 'article[publish_submissions]', true, @article.publish_submissions) %> |
| 6 | 6 | |
| 7 | -<%=labelled_check_box(_('Allow users set privacy?'), 'article[allow_privacy_edition]', true, @article.allow_privacy_edition) %> | |
| 7 | +<%=labelled_check_box(_('Allow users change submissions privacy?'), 'article[allow_visibility_edition]', true, @article.allow_visibility_edition) %> | ... | ... |
plugins/work_assignment/views/work_assignment_plugin_myprofile/edit_privacy.html.erb
| ... | ... | @@ -1,24 +0,0 @@ |
| 1 | -<div class="select-privacy-options"> | |
| 2 | - | |
| 3 | -<%= labelled_form_for 'article', :html => { :multipart => true, :class => @type } do |f| %> | |
| 4 | - | |
| 5 | - <% @article = environment.articles.find_by_id((params[:article_id]))%> | |
| 6 | - | |
| 7 | - <% @tokenized_children = params[:tokenized_children]%> | |
| 8 | - | |
| 9 | - <%= hidden_field_tag('article_id', @article.id) %> | |
| 10 | - | |
| 11 | - <div id='edit-article-options'> | |
| 12 | - <%= visibility_options(@article, @tokenized_children) %> | |
| 13 | - </div> | |
| 14 | - | |
| 15 | - <% button_bar do %> | |
| 16 | - <%= submit_button :save, _('Save') %> | |
| 17 | - <%= button :cancel, _('Cancel'), @back_to %> | |
| 18 | - <% end %> | |
| 19 | -<% end %> | |
| 20 | -</div> | |
| 21 | - | |
| 22 | -<br style='clear: both'/> | |
| 23 | - | |
| 24 | -<%= javascript_include_tag "article.js" %> |
plugins/work_assignment/views/work_assignment_plugin_myprofile/edit_visibility.html.erb
0 → 100644
| ... | ... | @@ -0,0 +1,24 @@ |
| 1 | +<div class="select-visibility-options"> | |
| 2 | + | |
| 3 | +<%= labelled_form_for 'article', :html => { :multipart => true, :class => @type } do |f| %> | |
| 4 | + | |
| 5 | + <% @article = environment.articles.find_by_id((params[:article_id]))%> | |
| 6 | + | |
| 7 | + <% @tokenized_children = params[:tokenized_children]%> | |
| 8 | + | |
| 9 | + <%= hidden_field_tag('article_id', @article.id) %> | |
| 10 | + | |
| 11 | + <div id='edit-article-options'> | |
| 12 | + <%= visibility_options(@article, @tokenized_children) %> | |
| 13 | + </div> | |
| 14 | + | |
| 15 | + <% button_bar do %> | |
| 16 | + <%= submit_button :save, _('Save') %> | |
| 17 | + <%= button :cancel, _('Cancel'), @back_to %> | |
| 18 | + <% end %> | |
| 19 | +<% end %> | |
| 20 | +</div> | |
| 21 | + | |
| 22 | +<br style='clear: both'/> | |
| 23 | + | |
| 24 | +<%= javascript_include_tag "article.js" %> | ... | ... |