Commit 5e18de25246adb7e2ebca561d9a8945b0d6018f8

Authored by MoisesMachado
1 parent 365278f4

ActionItem114: controllers atualized for new interface of access control plugin an more tested

git-svn-id: https://svn.colivre.coop.br/svn/noosfero/trunk@854 3f533792-8f58-4932-b0fe-aaf55b0a4547
app/controllers/application.rb
... ... @@ -9,7 +9,7 @@ class ApplicationController < ActionController::Base
9 9  
10 10 # Be sure to include AuthenticationSystem in Application Controller instead
11 11 include AuthenticatedSystem
12   - extend PermissionCheck
  12 + include PermissionCheck
13 13 init_gettext 'noosfero'
14 14  
15 15 include NeedsProfile
... ... @@ -42,11 +42,19 @@ class ApplicationController < ActionController::Base
42 42  
43 43 def render_not_found(path)
44 44 @path = path
45   - render :file => File.join(RAILS_ROOT, 'app', 'views', 'shared', 'not_found.rhtml'), :layout => 'not_found', :status => 404
  45 + render(:file => File.join(RAILS_ROOT, 'app', 'views', 'shared', 'not_found.rhtml'), :layout => 'not_found', :status => 404) && false
46 46 end
47 47  
48 48 def load_admin_controller
49 49 # TODO: check access control
50 50 end
51 51  
  52 + def load_profile
  53 + @profile = Profile.find_by_identifier(params[:profile])
  54 + end
  55 +
  56 + def user
  57 + current_user.person if logged_in?
  58 + end
  59 +
52 60 end
... ...
app/controllers/environment_admin/admin_panel_controller.rb
1 1 class AdminPanelController < EnvironmentAdminController
2 2  
3   - protect [:index], 'view_environment_admin_panel', :environment
  3 + protect 'view_environment_admin_panel', :environment
4 4  
5 5 #FIXME This is not necessary because the application controller define the envrioment
6 6 # as the default holder
... ... @@ -8,8 +8,9 @@ class AdminPanelController &lt; EnvironmentAdminController
8 8  
9 9 design :holder => 'environment'
10 10  
  11 + protected
  12 +
11 13 def load_default_enviroment
12 14 @environment = Environment.default
13 15 end
14   -
15 16 end
... ...
app/controllers/environment_admin/categories_controller.rb
1 1 class CategoriesController < EnvironmentAdminController
2 2  
3   - protect [:index, :new, :edit, :remove], 'manage_environment_categories', :environment
  3 + protect 'manage_environment_categories', :environment
4 4  
5 5 helper :categories
6 6  
... ...
app/controllers/environment_admin/environment_role_manager_controller.rb
1 1 class EnvironmentRoleManagerController < ApplicationController
2   - protect [:index, :change_roles, :update_roles, :change_role, :add_role, :remove_role, :unassociate, :make_admin], 'manage_environment_roles', :environment
  2 + protect 'manage_environment_roles', :environment
3 3  
4 4 def index
5 5 @admins = Person.find(:all, :conditions => ['role_assignments.resource_type = ?', 'Environment'], :include => :role_assignments )
... ...
app/controllers/environment_admin/features_controller.rb
1 1 class FeaturesController < EnvironmentAdminController
2   - protect [:index, :update], 'edit_environment_features', :environment
  2 + protect 'edit_environment_features', :environment
3 3  
4 4 acts_as_environment_admin_controller
5 5  
... ...
app/controllers/environment_admin/region_validators_controller.rb
... ... @@ -2,7 +2,7 @@ class RegionValidatorsController &lt; ApplicationController
2 2  
3 3 before_filter :load_region_and_search, :except => 'index'
4 4  
5   -# protect [:index, :region, :search, :add, :remove], 'manage_environment_validators', :environment
  5 +# protect 'manage_environment_validators', :environment
6 6  
7 7 def index
8 8 @regions = Region.top_level_for(environment)
... ...
app/controllers/environment_admin/role_controller.rb
1 1 class RoleController < EnvironmentAdminController
2   - protect [:index, :show, :new, :create, :edit, :update, :destroy], 'manage_environment_roles', :environment
  2 + protect 'manage_environment_roles', :environment
3 3  
4 4 def index
5 5 @roles = Role.find(:all)
... ...
app/controllers/profile_admin/cms_controller.rb
1 1 class CmsController < Comatose::AdminController
2   - extend PermissionCheck
  2 + include PermissionCheck
3 3  
4 4  
5 5  
6 6 define_option :page_class, Article
7 7  
8   - protect [:edit, :new, :reorder, :delete], 'post_content', :profile
  8 + protect 'post_content', :profile, :only => [:edit, :new, :reorder, :delete]
9 9  
10 10 protected
11 11  
... ...
app/controllers/profile_admin/enterprise_editor_controller.rb
1 1 class EnterpriseEditorController < ProfileAdminController
  2 + needs_profile
  3 + protect 'edit_profile', :profile, :exept => :destroy
  4 + protect 'destroy_profile', :profile, :only => :destroy
2 5  
3   - before_filter :login_required, :check_enterprise
4   -
5   - protect [:edit, :update], 'edit_profile', :profile
6   - protect [:destroy], 'destroy_profile', :profile
7   -
8   -
  6 + before_filter :check_enterprise
9 7  
10 8 # Show details about an enterprise
11 9 def index
12   - @enterprise = @profile
13 10 end
14 11  
15 12 # Provides an interface to editing the enterprise details
... ... @@ -30,7 +27,7 @@ class EnterpriseEditorController &lt; ProfileAdminController
30 27  
31 28 # Elimitates the enterprise of the system
32 29 def destroy
33   - raise "bli"
  30 + #raise "bli"
34 31 if @enterprise.destroy!
35 32 flash[:notice] = _('Enterprise sucessfully erased from the system')
36 33 redirect_to :controller => 'profile_editor', :action => 'index', :profile => current_user.login
... ... @@ -41,7 +38,7 @@ class EnterpriseEditorController &lt; ProfileAdminController
41 38  
42 39 # Activate a validated enterprise
43 40 def activate
44   - if @enterprise.activate
  41 + if @enterprise.activatepermission.nil?
45 42 flash[:notice] = _('Enterprise successfuly activacted')
46 43 else
47 44 flash[:notice] = _('Failed to activate the enterprise')
... ... @@ -51,8 +48,17 @@ class EnterpriseEditorController &lt; ProfileAdminController
51 48  
52 49 protected
53 50  
  51 + def permission
  52 + 'bli'
  53 + end
  54 + def permission=(perm)
  55 + @p = perm
  56 + end
54 57 def check_enterprise
55   - redirect_to :controller => 'profile_editor', :profile => current_user.login unless @profile.is_a?(Enterprise)
56   - @enterprise = @profile
  58 + if profile.is_a?(Enterprise)
  59 + @enterprise = profile
  60 + else
  61 + redirect_to :controller => 'account' #:controller => 'profile_editor', :profile => current_user.login and return
  62 + end
57 63 end
58 64 end
... ...
app/controllers/profile_admin/membership_editor_controller.rb
... ... @@ -2,9 +2,11 @@ class MembershipEditorController &lt; ProfileAdminController
2 2  
3 3 before_filter :login_required
4 4  
5   -
6   -
7   - protect [:index, :new_enterprise, :create_enterprise ], 'edit_profile', :profile
  5 + def target
  6 + environment
  7 + end
  8 +
  9 + protect 'edit_profile', :profile, :only => [:index, :new_enterprise, :create_enterprise ]
8 10  
9 11 def index
10 12 @memberships = current_user.person.enterprise_memberships
... ...
app/controllers/profile_admin/profile_editor_controller.rb
1 1 class ProfileEditorController < ProfileAdminController
2 2  
3   - #protect [:index, :edit], 'edit_profile', :profile
  3 + #protect 'edit_profile', :profile, only => [:index, :edit]
4 4  
5 5 helper :profile
6 6  
... ... @@ -12,7 +12,7 @@ class ProfileEditorController &lt; ProfileAdminController
12 12 def block_types
13 13 %w[
14 14 FavouriteLinks
15   - ]
  15 + ]
16 16 end
17 17  
18 18 # FIXME Put other Blocks to works
... ...
app/controllers/profile_admin/profile_members_controller.rb
1 1 class ProfileMembersController < ProfileAdminController
2 2  
3   - protect [:index, :change_roles, :update_roles, :change_role, :add_role, :remove_role, :unassociate], 'manage_memberships', :profile
  3 + protect 'manage_memberships', :profile
4 4  
5 5 def index
6 6 @members = profile.people.uniq
... ...
app/controllers/public/account_controller.rb
... ... @@ -4,10 +4,6 @@ class AccountController &lt; PublicController
4 4  
5 5 design :holder => 'environment'
6 6  
7   - def load_default_environment
8   - @environment = Environment.default
9   - end
10   -
11 7 # say something nice, you goof! something sweet.
12 8 def index
13 9 unless logged_in?
... ... @@ -127,5 +123,7 @@ class AccountController &lt; PublicController
127 123 @profile = current_user.person
128 124 end
129 125  
130   -
  126 + def load_default_environment
  127 + @environment = Environment.default
  128 + end
131 129 end
... ...
app/models/environment.rb
... ... @@ -11,7 +11,7 @@ class Environment &lt; ActiveRecord::Base
11 11 'manage_environment_roles' => N_('Manage environment roles'),
12 12 'manage_environment_validators' => N_('Manage environment validators'),
13 13 }
14   -
  14 +
15 15 # returns the available features for a Environment, in the form of a
16 16 # hash, with pairs in the form <tt>'feature_name' => 'Feature name'</tt>.
17 17 def self.available_features
... ...
app/views/enterprise_editor/index.rhtml
1   -<h3> <%= @profile.name %> </h3>
  1 +<h3> <%= @enterprise.name %> </h3>
2 2  
3 3 <%= error_messages_for 'profile' %>
4 4  
5   -<p> <%= _('Identifier: ') %> <%= @profile.identifier %> </p>
6   -<p> <%= _('Address: ') %> <%= @profile.address %> </p>
7   -<p> <%= _('Contact phone: ') %> <%= @profile.contact_phone %> </p>
8   -<p> <%= _('Contact person: ') %> <%= @profile.organization_info.contact_person %> </p>
9   -<p> <%= _('Acronym: ') %> <%= @profile.organization_info.acronym %> </p>
10   -<p> <%= _('Foundation year: ') %> <%= @profile.organization_info.foundation_year %> </p>
11   -<p> <%= _('Legal Form: ') %> <%= @profile.organization_info.legal_form %> </p>
12   -<p> <%= _('Economic activity: ') %> <%= @profile.organization_info.economic_activity %> </p>
13   -<p> <%= _('Management infomation: ') %> <%= @profile.organization_info.management_information %> </p>
14   -<p> <%= _('Tags:') %> <%= @profile.tag_list %> </p>
  5 +<p> <%= _('Identifier: ') %> <%= @enterprise.identifier %> </p>
  6 +<p> <%= _('Address: ') %> <%= @enterprise.address %> </p>
  7 +<p> <%= _('Contact phone: ') %> <%= @enterprise.contact_phone %> </p>
  8 +<p> <%= _('Contact person: ') %> <%= @enterprise.organization_info.contact_person %> </p>
  9 +<p> <%= _('Acronym: ') %> <%= @enterprise.organization_info.acronym %> </p>
  10 +<p> <%= _('Foundation year: ') %> <%= @enterprise.organization_info.foundation_year %> </p>
  11 +<p> <%= _('Legal Form: ') %> <%= @enterprise.organization_info.legal_form %> </p>
  12 +<p> <%= _('Economic activity: ') %> <%= @enterprise.organization_info.economic_activity %> </p>
  13 +<p> <%= _('Management infomation: ') %> <%= @enterprise.organization_info.management_information %> </p>
  14 +<p> <%= _('Tags:') %> <%= @enterprise.tag_list %> </p>
15 15  
16   -<%= link_to _('Edit enterprise'), :action => 'edit', :id => @profile %>
  16 +<%= link_to _('Edit enterprise'), :action => 'edit', :id => @enterprise %>
17 17 <%= help _('Change the information about the enterprise') %>
18   -<%= link_to _('Delete enterprise'), :action => 'destroy', :id => @profile %>
  18 +<%= link_to _('Delete enterprise'), :action => 'destroy', :id => @enterprise %>
19 19 <%= help _('Remove the enterprise from the system') %>
20   -<%= link_to _('Activate'), :action => 'activate', :id => @profile unless @profile.active? %>
21   -<%= help _('Activate an approved enterprise') unless @profile.active? %>
  20 +<%= link_to _('Activate'), :action => 'activate', :id => @enterprise unless @enterprise.active? %>
  21 +<%= help _('Activate an approved enterprise') unless @enterprise.active? %>
22 22  
23 23 <%= link_to _('Back'), :controller => :profile_editor %>
... ...
db/migrate/013_access_control_migration.rb
... ... @@ -11,6 +11,7 @@ class AccessControlMigration &lt; ActiveRecord::Migration
11 11 t.column :resource_id, :integer
12 12 t.column :resource_type, :string
13 13 t.column :role_id, :integer
  14 + t.column :is_global, :boolean
14 15 end
15 16 end
16 17  
... ...
test/functional/admin_panel_controller_test.rb
... ... @@ -11,7 +11,7 @@ class AdminPanelControllerTest &lt; Test::Unit::TestCase
11 11 @controller = AdminPanelController.new
12 12 @request = ActionController::TestRequest.new
13 13 @response = ActionController::TestResponse.new
14   - login_as(:ze)
  14 + login_as(create_admin_user(Environment.default))
15 15 end
16 16  
17 17 def test_index
... ... @@ -21,5 +21,6 @@ class AdminPanelControllerTest &lt; Test::Unit::TestCase
21 21 assert_tag :tag => 'a', :attributes => { :href => /edit_template/ }
22 22 assert_tag :tag => 'a', :attributes => { :href => /features/ }
23 23 assert_tag :tag => 'a', :attributes => { :href => /role/ }
  24 + assert_tag :tag => 'a', :attributes => { :href => /region_validators/ }
24 25 end
25 26 end
... ...
test/functional/application_controller_test.rb
... ... @@ -5,8 +5,6 @@ require &#39;test_controller&#39;
5 5 class TestController; def rescue_action(e) raise e end; end
6 6  
7 7 class ApplicationControllerTest < Test::Unit::TestCase
8   -
9   -# all_fixtures:profiles, :environments, :domains, :design_boxes
10 8 all_fixtures
11 9 def setup
12 10 @controller = TestController.new
... ...
test/functional/enterprise_editor_controller_test.rb
... ... @@ -11,8 +11,39 @@ class EnterpriseEditorControllerTest &lt; Test::Unit::TestCase
11 11 @response = ActionController::TestResponse.new
12 12 end
13 13  
14   - # Replace this with your real tests.
15   - def test_truth
16   - assert true
  14 + should 'not see index if do not logged in' do
  15 + ent = Enterprise.create!(:identifier => 'test_enterprise', :name => 'Test enteprise')
  16 + get 'index', :profile => 'test_enterprise'
  17 +
  18 + assert_response :success
  19 + assert_template 'access_denied.rhtml'
  20 + end
  21 +
  22 + should 'not see index if do not have permission to edit profile' do
  23 + user = create_user('test_user')
  24 + ent = Enterprise.create!(:identifier => 'test_enterprise', :name => 'Test enteprise')
  25 + login_as :test_user
  26 +
  27 + get 'index', :profile => 'test_enterprise'
  28 +
  29 + assert_response :success
  30 + assert @controller.send(:profile)
  31 + assert_equal ent.identifier, @controller.send(:profile).identifier
  32 + assert_template 'access_denied.rhtml'
  33 + end
  34 +
  35 + should 'see index if have permission' do
  36 + user = create_user('test_user').person
  37 + ent = Enterprise.create!(:identifier => 'test_enterprise', :name => 'Test enterprise')
  38 + role = Role.create!(:name => 'test_role', :permissions => ['edit_profile'])
  39 + assert user.add_role(role, ent)
  40 + assert user.has_permission?('edit_profile', ent)
  41 + login_as :test_user
  42 +
  43 + get 'index', :profile => 'test_enterprise'
  44 +
  45 + assert_response :success
  46 + assert @controller.send(:profile)
  47 + assert_template 'index'
17 48 end
18 49 end
... ...