ActionItem93: reactivated permissions and made tests pass

git-svn-id: https://svn.colivre.coop.br/svn/noosfero/trunk@1062 3f533792-8f58-4932-b0fe-aaf55b0a4547

ActionItem93: reactivated permissions and made tests pass
git-svn-id: https://svn.colivre.coop.br/svn/noosfero/trunk@1062 3f533792-8f58-4932-b0fe-aaf55b0a4547
MoisesMachado
1 parent bac820e8
Showing 10 changed files with 19 additions and 20 deletions Show diff stats
app/controllers/my_profile/cms_controller.rb
app/controllers/my_profile/consumed_products_controller.rb
app/controllers/my_profile/enterprise_editor_controller.rb
app/controllers/my_profile/manage_products_controller.rb
app/controllers/my_profile/profile_editor_controller.rb
app/controllers/my_profile/profile_members_controller.rb
app/models/profile.rb
test/functional/cms_controller_test.rb
test/functional/enterprise_editor_controller_test.rb
test/test_helper.rb
 class CmsController < MyProfileController
-  # FIXME add the access control again
-  # protect 'post_content', :profile, :only => [:edit, :new, :reorder, :delete]
+  protect 'post_content', :profile, :only => [:edit, :new, :reorder, :delete]
   design :holder => :profile
 class ConsumedProductsController < ApplicationController
   needs_profile
-#  protect 'manage_products', :profile
+  protect 'manage_products', :profile
   def index
     @consumptions = @profile.consumptions
@@ -2,8 +2,9 @@ class EnterpriseEditorController &lt; MyProfileController
   protect 'edit_profile', :profile, :user, :except => :destroy
   protect 'destroy_profile', :profile, :only => :destroy
-  before_filter :check_enterprise
-
+  requires_profile_class(Enterprise)
+  before_filter :enterprise
+  
   # Show details about an enterprise  
   def index
   end
@@ -35,13 +36,9 @@ class EnterpriseEditorController &lt; MyProfileController
     end
   end
-  protected
+ protected
-  def check_enterprise
-    if profile.is_a?(Enterprise)
-      @enterprise = profile
-    else 
-      redirect_to :controller => 'account'  #:controller => 'profile_editor', :profile => current_user.login and return
-    end
+  def enterprise
+    @enterprise = @profile
   end
 end
 class ManageProductsController < ApplicationController
   needs_profile
-#  protect 'manage_products', :profile
+  protect 'manage_products', :profile
   def index
     @products = @profile.products
 class ProfileEditorController < MyProfileController
-  #protect 'edit_profile', :profile, only => [:index, :edit]
+  protect 'edit_profile', :profile, :only => [:index, :edit]
   helper :profile
 class ProfileMembersController < MyProfileController
-#  protect 'manage_memberships', :profile
+  protect 'manage_memberships', :profile
   def index
     @members = profile.members
@@ -9,6 +9,7 @@ class Profile &lt; ActiveRecord::Base
     'manage_memberships' => N_('Manage memberships'),
     'post_content' => N_('Post content'),
     'edit_profile_design' => N_('Edit profile design'),
+    'manage_products' => N_('Manage products'),
   }
   acts_as_accessible
@@ -13,7 +13,8 @@ class CmsControllerTest &lt; Test::Unit::TestCase
     @request    = ActionController::TestRequest.new
     @response   = ActionController::TestResponse.new
-    @profile = create_user('testinguser').person
+    @profile = create_user_with_permission('testinguser', 'post_content')
+    login_as :testinguser
   end
   attr_reader :profile
@@ -67,12 +67,12 @@ class EnterpriseEditorControllerTest &lt; Test::Unit::TestCase
     user = create_user_with_permission('test_user', 'edit_profile', ent)
     login_as :test_user
-    post 'update', :profile => 'test_enterprise', :enterprise => {:name => 'test_name'}
+    post 'update', :profile => 'test_enterprise', :organization_info => {:acronym => 'bla'}
     assert_response :redirect
     assert_redirected_to :action => 'index'
     ent.reload
-    assert_equal 'test_name',  ent.name
+    assert_equal 'bla',  ent.organization_info.acronym
   end
   should 'destroy' do
@@ -63,15 +63,16 @@ class Test::Unit::TestCase
                  :password_confirmation => name.underscore)
   end
-  def create_user_with_permission(name, permission, target)
+  def create_user_with_permission(name, permission, target= nil)
     user = create_user(name).person
+    target ||= user
     i = 0
     while Role.find_by_name('test_role' + i.to_s)
       i+=1
     end
     role = Role.create!(:name => 'test_role' + i.to_s, :permissions => [permission])
-    assert user.add_role(role, target)
+    assert user.add_role(role, target) 
     assert user.has_permission?(permission, target)
     user
   end
1	class CmsController < MyProfileController	1	class CmsController < MyProfileController
2		2
3	- # FIXME add the access control again
4	- # protect 'post_content', :profile, :only => [:edit, :new, :reorder, :delete]	3	+ protect 'post_content', :profile, :only => [:edit, :new, :reorder, :delete]
5		4
6	design :holder => :profile	5	design :holder => :profile
7		6
1	class ConsumedProductsController < ApplicationController	1	class ConsumedProductsController < ApplicationController
2	needs_profile	2	needs_profile
3		3
4	-# protect 'manage_products', :profile	4	+ protect 'manage_products', :profile
5		5
6	def index	6	def index
7	@consumptions = @profile.consumptions	7	@consumptions = @profile.consumptions
1	class ManageProductsController < ApplicationController	1	class ManageProductsController < ApplicationController
2	needs_profile	2	needs_profile
3		3
4	-# protect 'manage_products', :profile	4	+ protect 'manage_products', :profile
5		5
6	def index	6	def index
7	@products = @profile.products	7	@products = @profile.products
1	class ProfileEditorController < MyProfileController	1	class ProfileEditorController < MyProfileController
2		2
3	- #protect 'edit_profile', :profile, only => [:index, :edit]	3	+ protect 'edit_profile', :profile, :only => [:index, :edit]
4		4
5	helper :profile	5	helper :profile
6		6
1	class ProfileMembersController < MyProfileController	1	class ProfileMembersController < MyProfileController
2	-# protect 'manage_memberships', :profile	2	+ protect 'manage_memberships', :profile
3		3
4	def index	4	def index
5	@members = profile.members	5	@members = profile.members
	@@ -9,6 +9,7 @@ class Profile < ActiveRecord::Base		@@ -9,6 +9,7 @@ class Profile < ActiveRecord::Base
9	'manage_memberships' => N_('Manage memberships'),	9	'manage_memberships' => N_('Manage memberships'),
10	'post_content' => N_('Post content'),	10	'post_content' => N_('Post content'),
11	'edit_profile_design' => N_('Edit profile design'),	11	'edit_profile_design' => N_('Edit profile design'),
		12	+ 'manage_products' => N_('Manage products'),
12	}	13	}
13		14
14	acts_as_accessible	15	acts_as_accessible
	@@ -13,7 +13,8 @@ class CmsControllerTest < Test::Unit::TestCase		@@ -13,7 +13,8 @@ class CmsControllerTest < Test::Unit::TestCase
13	@request = ActionController::TestRequest.new	13	@request = ActionController::TestRequest.new
14	@response = ActionController::TestResponse.new	14	@response = ActionController::TestResponse.new
15		15
16	- @profile = create_user('testinguser').person	16	+ @profile = create_user_with_permission('testinguser', 'post_content')
		17	+ login_as :testinguser
17	end	18	end
18		19
19	attr_reader :profile	20	attr_reader :profile
	@@ -67,12 +67,12 @@ class EnterpriseEditorControllerTest < Test::Unit::TestCase		@@ -67,12 +67,12 @@ class EnterpriseEditorControllerTest < Test::Unit::TestCase
67	user = create_user_with_permission('test_user', 'edit_profile', ent)	67	user = create_user_with_permission('test_user', 'edit_profile', ent)
68	login_as :test_user	68	login_as :test_user
69		69
70	- post 'update', :profile => 'test_enterprise', :enterprise => {:name => 'test_name'}	70	+ post 'update', :profile => 'test_enterprise', :organization_info => {:acronym => 'bla'}
71		71
72	assert_response :redirect	72	assert_response :redirect
73	assert_redirected_to :action => 'index'	73	assert_redirected_to :action => 'index'
74	ent.reload	74	ent.reload
75	- assert_equal 'test_name', ent.name	75	+ assert_equal 'bla', ent.organization_info.acronym
76	end	76	end
77		77
78	should 'destroy' do	78	should 'destroy' do