Commit d75fce5ece8bc97b8d57ffb866d51b4dd9820f9d
1 parent
1d62da97
Exists in
master
and in
29 other branches
ActionItem219: able users to delete comments in his articles
git-svn-id: https://svn.colivre.coop.br/svn/noosfero/trunk@1583 3f533792-8f58-4932-b0fe-aaf55b0a4547
Showing
5 changed files
with
83 additions
and
32 deletions
Show diff stats
app/controllers/public/content_viewer_controller.rb
| ... | ... | @@ -33,14 +33,33 @@ class ContentViewerController < PublicController |
| 33 | 33 | end |
| 34 | 34 | |
| 35 | 35 | if request.post? && params[:comment] |
| 36 | - @comment = Comment.new(params[:comment]) | |
| 37 | - @comment.author = user if logged_in? | |
| 38 | - @comment.article = @page | |
| 39 | - if @comment.save! | |
| 40 | - @comment = nil # clear the comment form | |
| 41 | - end | |
| 36 | + add_comment | |
| 37 | + end | |
| 38 | + | |
| 39 | + if request.post? && params[:remove_comment] | |
| 40 | + remove_comment | |
| 42 | 41 | end |
| 42 | + | |
| 43 | 43 | @comments = @page.comments(true) |
| 44 | 44 | end |
| 45 | 45 | |
| 46 | + protected | |
| 47 | + | |
| 48 | + def add_comment | |
| 49 | + @comment = Comment.new(params[:comment]) | |
| 50 | + @comment.author = user if logged_in? | |
| 51 | + @comment.article = @page | |
| 52 | + if @comment.save! | |
| 53 | + @comment = nil # clear the comment form | |
| 54 | + end | |
| 55 | + end | |
| 56 | + | |
| 57 | + def remove_comment | |
| 58 | + @comment = @page.comments.find(params[:remove_comment]) | |
| 59 | + if (user == @comment.author) || (user == @page.profile) | |
| 60 | + @comment.destroy | |
| 61 | + end | |
| 62 | + redirect_to :action => 'view_page' | |
| 63 | + end | |
| 64 | + | |
| 46 | 65 | end | ... | ... |
app/helpers/cms_helper.rb
| ... | ... | @@ -33,7 +33,8 @@ module CmsHelper |
| 33 | 33 | if cat.top_level? |
| 34 | 34 | result << content_tag('h5', toplevel.name) |
| 35 | 35 | else |
| 36 | - result << content_tag('div', check_box_tag("#{object_name}[category_ids][]", cat.id, object.category_ids.include?(cat.id)) + cat.full_name_without_leading(1)) | |
| 36 | + checkbox_id = "#{object_name}_#{cat.full_name.downcase.gsub(/\s+|\//, '_')}" | |
| 37 | + result << content_tag('label', check_box_tag("#{object_name}[category_ids][]", cat.id, object.category_ids.include?(cat.id), :id => checkbox_id) + cat.full_name_without_leading(1), :for => checkbox_id) | |
| 37 | 38 | end |
| 38 | 39 | end |
| 39 | 40 | end | ... | ... |
app/views/content_viewer/_comment.rhtml
| 1 | 1 | <div class="article-comment<%= ' comment-from-owner' if ( comment.author && (@page.profile.name == comment.author.name) ) %> comment-logged-<%= comment.author ? 'in' : 'out' %>"> |
| 2 | + <% if user == @page.profile || user == comment.author %> | |
| 3 | + <% button_bar(:style => 'float: right; margin-top: 0;') do %> | |
| 4 | + <%= button(:delete, 'Delete', { :remove_comment => comment.id }, :method => :post, :confirm => _('Are you sure you want to remove this comment?')) %> | |
| 5 | + <% end %> | |
| 6 | + <% end %> | |
| 7 | + | |
| 2 | 8 | <% if comment.author %> |
| 3 | 9 | <%= link_to content_tag( 'span', comment.author.name() ), comment.author.url, |
| 4 | 10 | :class => 'comment-picture', | ... | ... |
script/populate
| ... | ... | @@ -1,24 +0,0 @@ |
| 1 | -#!/usr/bin/env ruby | |
| 2 | -require File.dirname(__FILE__) + '/../config/environment' | |
| 3 | - | |
| 4 | -Profile.destroy_all | |
| 5 | - | |
| 6 | -User.destroy_all | |
| 7 | -User.create!(:login => 'testprofile', :email => 'admin@localhost.localdomain', :password => 'test', :password_confirmation => 'test') | |
| 8 | -User.create!(:login => 'user', :email => 'user@localhost.localdomain', :password => 'user', :password_confirmation => 'user') | |
| 9 | -User.create!(:login => 'usuario', :email => 'usuario@localhost.localdomain', :password => 'usuario', :password_confirmation => 'usuario') | |
| 10 | -ze = User.create!(:login => 'ze', :email => 'ze@localhost.localdomain', :password => 'test', :password_confirmation => 'test').person | |
| 11 | -root = User.create!(:login => 'root', :email => 'root@noosfero.org', :password => 'root', :password_confirmation => 'root').person | |
| 12 | - | |
| 13 | -Role.destroy_all | |
| 14 | -admin_role = Role.create!(:name => 'admin', :permissions => ['edit_environment_features', 'edit_environment_design', 'manage_environment_categories', 'manage_environment_roles', 'manage_environment_validators']) | |
| 15 | - | |
| 16 | -RoleAssignment.create!(:accessor => root, :role => admin_role, :resource => nil) | |
| 17 | - | |
| 18 | -empa = Enterprise.create!(:name => 'Empreendimento A', :identifier => 'empreendimento_a') | |
| 19 | - | |
| 20 | -owner_role = Role.create!(:name => 'owner', :permissions => ['edit_profile', 'destroy_profile', 'manage_memberships', 'post_content', 'edit_profile_design']) | |
| 21 | - | |
| 22 | -RoleAssignment.create!(:accessor => ze, :role => owner_role, :resource => empa) | |
| 23 | -RoleAssignment.create!(:accessor => root, :role => owner_role, :resource => Environmnet.default) if Environmnet.default | |
| 24 | - |
test/functional/content_viewer_controller_test.rb
| ... | ... | @@ -90,7 +90,7 @@ class ContentViewerControllerTest < Test::Unit::TestCase |
| 90 | 90 | # for example, RSS feeds |
| 91 | 91 | profile = create_user('someone').person |
| 92 | 92 | page = profile.articles.build(:name => 'myarticle', :body => 'the body of the text') |
| 93 | - page.save! | |
| 93 | +page.save! | |
| 94 | 94 | |
| 95 | 95 | feed = RssFeed.new(:name => 'testfeed') |
| 96 | 96 | feed.profile = profile |
| ... | ... | @@ -104,5 +104,54 @@ class ContentViewerControllerTest < Test::Unit::TestCase |
| 104 | 104 | assert_equal feed.data, @response.body |
| 105 | 105 | end |
| 106 | 106 | |
| 107 | + should 'be able to remove comment' do | |
| 108 | + profile = create_user('testuser').person | |
| 109 | + article = profile.articles.build(:name => 'test') | |
| 110 | + article.save! | |
| 111 | + comment = article.comments.build(:author => profile, :title => 'a comment', :body => 'lalala') | |
| 112 | + comment.save! | |
| 113 | + | |
| 114 | + login_as 'testuser' | |
| 115 | + assert_difference Comment, :count, -1 do | |
| 116 | + post :view_page, :profile => profile.identifier, :page => [ 'test' ], :remove_comment => comment.id | |
| 117 | + assert_response :redirect | |
| 118 | + end | |
| 119 | + | |
| 120 | + end | |
| 121 | + | |
| 122 | + should "not be able to remove other people's comments" do | |
| 123 | + profile = create_user('testuser').person | |
| 124 | + article = profile.articles.build(:name => 'test') | |
| 125 | + article.save! | |
| 126 | + | |
| 127 | + commenter = create_user('otheruser').person | |
| 128 | + comment = article.comments.build(:author => commenter, :title => 'a comment', :body => 'lalala') | |
| 129 | + comment.save! | |
| 130 | + | |
| 131 | + login_as 'ze' # ze cannot remove other people's comments | |
| 132 | + assert_no_difference Comment, :count do | |
| 133 | + post :view_page, :profile => profile.identifier, :page => [ 'test' ], :remove_comment => comment.id | |
| 134 | + assert_response :redirect | |
| 135 | + end | |
| 136 | + | |
| 137 | + end | |
| 138 | + | |
| 139 | + should 'be able to remove comments on their articles' do | |
| 140 | + profile = create_user('testuser').person | |
| 141 | + article = profile.articles.build(:name => 'test') | |
| 142 | + article.save! | |
| 143 | + | |
| 144 | + commenter = create_user('otheruser').person | |
| 145 | + comment = article.comments.build(:author => commenter, :title => 'a comment', :body => 'lalala') | |
| 146 | + comment.save! | |
| 147 | + | |
| 148 | + login_as 'testuser' # testuser must be able to remove comments in his articles | |
| 149 | + assert_difference Comment, :count, -1 do | |
| 150 | + post :view_page, :profile => profile.identifier, :page => [ 'test' ], :remove_comment => comment.id | |
| 151 | + assert_response :redirect | |
| 152 | + end | |
| 153 | + | |
| 154 | + end | |
| 155 | + | |
| 107 | 156 | |
| 108 | 157 | end | ... | ... |