From 5d28b4b38df71b4d73a14cb8ba166a8a00cdb886 Mon Sep 17 00:00:00 2001
From: Fabio Teixeira <fabio1079@gmail.com>
Date: Mon, 17 Nov 2014 14:14:38 -0200
Subject: [PATCH] Add ability to mark blocks as fixed

---
 app/controllers/my_profile/profile_design_controller.rb | 11 ++++++++++-
 app/helpers/boxes_helper.rb                             | 65 ++++++++++++++++++++++++++++++++++++-----------------------------
 app/models/block.rb                                     |  5 ++++-
 app/views/box_organizer/edit.html.erb                   |  6 ++++++
 test/functional/profile_design_controller_test.rb       | 18 ++++++++++++++++++
 test/unit/boxes_helper_test.rb                          | 28 ++++++++++++++++++++++++++++
 6 files changed, 102 insertions(+), 31 deletions(-)

diff --git a/app/controllers/my_profile/profile_design_controller.rb b/app/controllers/my_profile/profile_design_controller.rb
index 97a4953..fc93c7f 100644
--- a/app/controllers/my_profile/profile_design_controller.rb
+++ b/app/controllers/my_profile/profile_design_controller.rb
@@ -3,7 +3,16 @@ class ProfileDesignController < BoxOrganizerController
   needs_profile
 
   protect 'edit_profile_design', :profile
-  
+
+  before_filter :protect_fixed_block, :only => [:save, :move_block]
+
+  def protect_fixed_block
+    block = boxes_holder.blocks.find(params[:id].gsub(/^block-/, ''))
+    if block.fixed && !current_person.is_admin?
+      render_access_denied
+    end
+  end
+
   def available_blocks
     blocks = [ ArticleBlock, TagsBlock, RecentDocumentsBlock, ProfileInfoBlock, LinkListBlock, MyNetworkBlock, FeedReaderBlock, ProfileImageBlock, LocationBlock, SlideshowBlock, ProfileSearchBlock, HighlightsBlock ]
 
diff --git a/app/helpers/boxes_helper.rb b/app/helpers/boxes_helper.rb
index 02863be..a35cf7d 100644
--- a/app/helpers/boxes_helper.rb
+++ b/app/helpers/boxes_helper.rb
@@ -170,49 +170,54 @@ module BoxesHelper
       else
         "before-block-#{block.id}"
       end
-
-    content_tag('div', '&nbsp;', :id => id, :class => 'block-target' ) + drop_receiving_element(id, :url => { :action => 'move_block', :target => id }, :accept => box.acceptable_blocks, :hoverclass => 'block-target-hover')
+    if block.nil? or modifiable?(block)
+      content_tag('div', '&nbsp;', :id => id, :class => 'block-target' ) + drop_receiving_element(id, :url => { :action => 'move_block', :target => id }, :accept => box.acceptable_blocks, :hoverclass => 'block-target-hover')
+    else
+      ""
+    end
   end
 
   # makes the given block draggable so it can be moved away.
   def block_handle(block)
-    draggable_element("block-#{block.id}", :revert => true)
+    modifiable?(block) ? draggable_element("block-#{block.id}", :revert => true) : ""
   end
 
   def block_edit_buttons(block)
     buttons = []
     nowhere = 'javascript: return false;'
 
-    if block.first?
-      buttons << icon_button('up-disabled', _("Can't move up anymore."), nowhere)
-    else
-      buttons << icon_button('up', _('Move block up'), { :action => 'move_block_up', :id => block.id }, { :method => 'post' })
-    end
+    if modifiable?(block)
+      if block.first?
+        buttons << icon_button('up-disabled', _("Can't move up anymore."), nowhere)
+      else
+        buttons << icon_button('up', _('Move block up'), { :action => 'move_block_up', :id => block.id }, { :method => 'post' })
+      end
 
-    if block.last?
-      buttons << icon_button('down-disabled', _("Can't move down anymore."), nowhere)
-    else
-      buttons << icon_button(:down, _('Move block down'), { :action => 'move_block_down' ,:id => block.id }, { :method => 'post'})
-    end
+      if block.last?
+        buttons << icon_button('down-disabled', _("Can't move down anymore."), nowhere)
+      else
+        buttons << icon_button(:down, _('Move block down'), { :action => 'move_block_down' ,:id => block.id }, { :method => 'post'})
+      end
 
-    holder = block.owner
-    # move to opposite side
-    # FIXME too much hardcoded stuff
-    if holder.layout_template == 'default'
-      if block.box.position == 2 # area 2, left side => move to right side
-        buttons << icon_button('right', _('Move to the opposite side'), { :action => 'move_block', :target => 'end-of-box-' + holder.boxes[2].id.to_s, :id => block.id }, :method => 'post' )
-      elsif block.box.position == 3 # area 3, right side => move to left side
-        buttons << icon_button('left', _('Move to the opposite side'), { :action => 'move_block', :target => 'end-of-box-' + holder.boxes[1].id.to_s, :id => block.id }, :method => 'post' )
+      holder = block.owner
+      # move to opposite side
+      # FIXME too much hardcoded stuff
+      if holder.layout_template == 'default'
+        if block.box.position == 2 # area 2, left side => move to right side
+          buttons << icon_button('right', _('Move to the opposite side'), { :action => 'move_block', :target => 'end-of-box-' + holder.boxes[2].id.to_s, :id => block.id }, :method => 'post' )
+        elsif block.box.position == 3 # area 3, right side => move to left side
+          buttons << icon_button('left', _('Move to the opposite side'), { :action => 'move_block', :target => 'end-of-box-' + holder.boxes[1].id.to_s, :id => block.id }, :method => 'post' )
+        end
       end
-    end
 
-    if block.editable?
-      buttons << colorbox_icon_button(:edit, _('Edit'), { :action => 'edit', :id => block.id })
-    end
+      if block.editable?
+        buttons << colorbox_icon_button(:edit, _('Edit'), { :action => 'edit', :id => block.id })
+      end
 
-    if !block.main?
-      buttons << icon_button(:delete, _('Remove block'), { :action => 'remove', :id => block.id }, { :method => 'post', :confirm => _('Are you sure you want to remove this block?')})
-      buttons << icon_button(:clone, _('Clone'), { :action => 'clone_block', :id => block.id }, { :method => 'post' })
+      if !block.main?
+        buttons << icon_button(:delete, _('Remove block'), { :action => 'remove', :id => block.id }, { :method => 'post', :confirm => _('Are you sure you want to remove this block?')})
+        buttons << icon_button(:clone, _('Clone'), { :action => 'clone_block', :id => block.id }, { :method => 'post' })
+      end
     end
 
     if block.respond_to?(:help)
@@ -248,5 +253,7 @@ module BoxesHelper
     classes
   end
 
-
+  def modifiable?(block)
+    return !block.fixed || environment.admins.include?(user)
+  end
 end
diff --git a/app/models/block.rb b/app/models/block.rb
index 197c40d..a3ba731 100644
--- a/app/models/block.rb
+++ b/app/models/block.rb
@@ -1,6 +1,6 @@
 class Block < ActiveRecord::Base
 
-  attr_accessible :title, :display, :limit, :box_id, :posts_per_page, :visualization_format, :language, :display_user, :box
+  attr_accessible :title, :display, :limit, :box_id, :posts_per_page, :visualization_format, :language, :display_user, :box, :fixed
 
   # to be able to generate HTML
   include ActionView::Helpers::UrlHelper
@@ -110,6 +110,9 @@ class Block < ActiveRecord::Base
   # * <tt>'all'</tt>: the block is always displayed
   settings_items :language, :type => :string, :default => 'all'
 
+  # The block can be configured to be fixed. Only can be edited by environment admins
+  settings_items :fixed, :type => :boolean, :default => false
+
   # returns the description of the block, used when the user sees a list of
   # blocks to choose one to include in the design.
   #
diff --git a/app/views/box_organizer/edit.html.erb b/app/views/box_organizer/edit.html.erb
index f2a95ac..0f545f4 100644
--- a/app/views/box_organizer/edit.html.erb
+++ b/app/views/box_organizer/edit.html.erb
@@ -5,6 +5,12 @@
 
     <%= labelled_form_field(_('Custom title for this block: '), text_field(:block, :title, :maxlength => 20)) %>
 
+    <% if environment.admins.include?(user) %>
+      <div class="fixed_block">
+        <%= labelled_check_box(_("Fixed"), "block[fixed]", value = "1", checked = @block.fixed) %>
+      </div>
+    <% end %>
+
     <%= render :partial => partial_for_class(@block.class) %>
 
     <div class="display">
diff --git a/test/functional/profile_design_controller_test.rb b/test/functional/profile_design_controller_test.rb
index 010aaa9..0d9c6c3 100644
--- a/test/functional/profile_design_controller_test.rb
+++ b/test/functional/profile_design_controller_test.rb
@@ -737,4 +737,22 @@ class ProfileDesignControllerTest < ActionController::TestCase
     end
   end
 
+  test 'should forbid POST to save for fixed blocks' do
+    block = profile.blocks.last
+    block.fixed = true
+    block.save!
+
+    post :save, id: block.id, profile: profile.identifier
+    assert_response :forbidden
+  end
+
+  test 'should forbid POST to move_block for fixed blocks' do
+    block = profile.blocks.last
+    block.fixed = true
+    block.save!
+
+    post :move_block, id: block.id, profile: profile.identifier, target: "end-of-box-#{@box3.id}"
+    assert_response :forbidden
+  end
+
 end
diff --git a/test/unit/boxes_helper_test.rb b/test/unit/boxes_helper_test.rb
index a6c83c5..32c63ed 100644
--- a/test/unit/boxes_helper_test.rb
+++ b/test/unit/boxes_helper_test.rb
@@ -1,4 +1,5 @@
 require File.dirname(__FILE__) + '/../test_helper'
+require File.dirname(__FILE__) + '/../../app/helpers/boxes_helper'
 
 class BoxesHelperTest < ActionView::TestCase
 
@@ -119,4 +120,31 @@ class BoxesHelperTest < ActionView::TestCase
     display_box_content(box, '')
   end
 
+  should 'not show move options on block when block is fixed' do
+    p = create_user_with_blocks
+
+    b = p.blocks.select{|bk| !bk.kind_of?(MainBlock) }[0]
+    b.fixed = true
+    b.save!
+
+    stubs(:environment).returns(p.environment)
+    stubs(:user).returns(p)
+
+    assert_equal false, modifiable?(b)
+  end
+
+  should 'show move options on block when block is fixed and user is admin' do
+    p = create_user_with_blocks
+
+    b = p.blocks.select{|bk| !bk.kind_of?(MainBlock) }[0]
+    b.fixed = true
+    b.save!
+
+    p.environment.add_admin(p)
+
+    stubs(:environment).returns(p.environment)
+    stubs(:user).returns(p)
+
+    assert_equal true, modifiable?(b)
+  end
 end
--
libgit2 0.21.2