From ef44b634a1d429ab15c587d0aaf1a00401f9693c Mon Sep 17 00:00:00 2001 From: JoenioCosta Date: Thu, 5 Jun 2008 20:10:24 +0000 Subject: [PATCH] ActionItem378: only show 'Manage Members' if user has permission --- app/models/profile.rb | 8 ++++++++ app/views/profile_editor/index.rhtml | 4 ++-- db/migrate/013_access_control_migration.rb | 4 +++- test/functional/profile_editor_controller_test.rb | 20 ++++++++++++++++++++ test/unit/organization_test.rb | 13 ++++++++++++- test/unit/profile_test.rb | 10 +++++++++- 6 files changed, 54 insertions(+), 5 deletions(-) diff --git a/app/models/profile.rb b/app/models/profile.rb index ca607e7..412839c 100644 --- a/app/models/profile.rb +++ b/app/models/profile.rb @@ -295,6 +295,14 @@ class Profile < ActiveRecord::Base self.affiliate(person, Profile::Roles.admin) end + def add_moderator(person) + if self.has_members? + self.affiliate(person, Profile::Roles.moderator) + else + raise _("%s can't has moderators") % self.class.name + end + end + def self.recent(limit = nil) self.find(:all, :order => 'id desc', :limit => limit) end diff --git a/app/views/profile_editor/index.rhtml b/app/views/profile_editor/index.rhtml index dbce520..1b61637 100644 --- a/app/views/profile_editor/index.rhtml +++ b/app/views/profile_editor/index.rhtml @@ -1,7 +1,7 @@

<%= _('My profile') %>

- + <%= render :partial => 'pending_tasks' %> <% file_manager do %> @@ -18,7 +18,7 @@ <%= file_manager_button(_('Manage friends'), 'icons-app/friends.png', :controller => 'friends', :action => 'index') if profile.person? %> - <%= file_manager_button(_('Manage Members'), 'icons-app/members.png', :controller => 'profile_members') if profile.organization? %> + <%= file_manager_button(_('Manage Members'), 'icons-app/members.png', :controller => 'profile_members') if profile.organization? && user.has_permission?(:manage_memberships, profile) %> <%= file_manager_button(_('Consumed Products'), 'icons-app/consumed_product.png', :controller => 'consumed_products') if profile.enterprise? %> diff --git a/db/migrate/013_access_control_migration.rb b/db/migrate/013_access_control_migration.rb index 0b24a76..ecc4b8d 100644 --- a/db/migrate/013_access_control_migration.rb +++ b/db/migrate/013_access_control_migration.rb @@ -37,7 +37,9 @@ class AccessControlMigration < ActiveRecord::Migration ]) # moderators for enterprises, communities etc - Role.create!(:key => 'profile_moderator', :name => N_('Moderator'), :permissions => [ 'manage_memberships', 'edit_profile_design', 'manage_products' ]) + Role.create!(:key => 'profile_moderator', :name => N_('Moderator'), :permissions => [ + 'manage_memberships', 'edit_profile_design', 'manage_products' + ]) end end diff --git a/test/functional/profile_editor_controller_test.rb b/test/functional/profile_editor_controller_test.rb index 60a2fa6..c9e2fac 100644 --- a/test/functional/profile_editor_controller_test.rb +++ b/test/functional/profile_editor_controller_test.rb @@ -284,4 +284,24 @@ class ProfileEditorControllerTest < Test::Unit::TestCase assert_tag :tag => 'input', :attributes => { :type => 'checkbox', :name => 'profile_data[closed]' } end + should 'display manage members options if has permission' do + profile = Profile['ze'] + community = Community.create!(:name => 'test org', :identifier => 'testorg', :contact_person => 'my contact') + @controller.stubs(:user).returns(profile) + @controller.stubs(:profile).returns(community) + profile.stubs(:has_permission?).returns(true) + get :index, :profile => 'testorg' + assert_tag :tag => 'a', :content => 'Manage Members' + end + + should 'not display manage members options if has no permission' do + profile = Profile['ze'] + community = Community.create!(:name => 'test org', :identifier => 'testorg', :contact_person => 'my contact') + @controller.stubs(:user).returns(profile) + @controller.stubs(:profile).returns(community) + profile.stubs(:has_permission?).returns(false) + get :index, :profile => 'testorg' + assert_no_tag :tag => 'a', :content => 'Manage Members' + end + end diff --git a/test/unit/organization_test.rb b/test/unit/organization_test.rb index ba0c5cf..5929e64 100644 --- a/test/unit/organization_test.rb +++ b/test/unit/organization_test.rb @@ -162,7 +162,7 @@ class OrganizationTest < Test::Unit::TestCase assert_respond_to org, :closed? end - should 'allow to add new members' do + should 'allow to add new member' do o = Organization.create!(:name => 'my test profile', :identifier => 'mytestprofile') p = create_user('mytestuser').person @@ -182,4 +182,15 @@ class OrganizationTest < Test::Unit::TestCase assert_not_includes c.members, p end + # FIXME why members dont return moderators??? + should 'allow to add new moderator' do + o = Organization.create!(:name => 'my test profile', :identifier => 'mytestprofile') + p = create_user('myanothertestuser').person + + o.add_moderator(p) + o.reload + + assert o.members.include?(p), "Organization should add the new moderator" + end + end diff --git a/test/unit/profile_test.rb b/test/unit/profile_test.rb index 6bdf08b..18c4c27 100644 --- a/test/unit/profile_test.rb +++ b/test/unit/profile_test.rb @@ -326,7 +326,7 @@ class ProfileTest < Test::Unit::TestCase assert_kind_of RssFeed, profile.articles.find_by_path('feed') end - should 'raises when add members' do + should 'not allow to add members' do c = Profile.create!(:name => 'my test profile', :identifier => 'mytestprofile') p = create_user('mytestuser').person assert_raise RuntimeError do @@ -343,6 +343,14 @@ class ProfileTest < Test::Unit::TestCase assert c.members.include?(p), "Profile should add the new admin" end + should 'not allow to add moderators' do + c = Profile.create!(:name => 'my test profile', :identifier => 'mytestprofile') + p = create_user('mytestuser').person + assert_raise RuntimeError do + c.add_moderator(p) + end + end + should 'have tasks' do c = Profile.create!(:name => 'my test profile', :identifier => 'mytestprofile') t1 = c.tasks.build -- libgit2 0.21.2