Commit aad3f711d0fa63059312a005dfac490477233248
Exists in
master
and in
28 other branches
Merge branch 'stable'
Conflicts: po/pt_BR/noosfero.po
Showing
18 changed files
with
109 additions
and
20 deletions
Show diff stats
app/controllers/application.rb
| ... | ... | @@ -37,12 +37,6 @@ class ApplicationController < ActionController::Base |
| 37 | 37 | def uses_design_blocks? |
| 38 | 38 | !@no_design_blocks && self.class.uses_design_blocks? |
| 39 | 39 | end |
| 40 | - module UsesDesignBlocksHelper | |
| 41 | - def uses_design_blocks? | |
| 42 | - @controller.uses_design_blocks? | |
| 43 | - end | |
| 44 | - end | |
| 45 | - helper UsesDesignBlocksHelper | |
| 46 | 40 | |
| 47 | 41 | # Be sure to include AuthenticationSystem in Application Controller instead |
| 48 | 42 | include AuthenticatedSystem |
| ... | ... | @@ -67,6 +61,7 @@ class ApplicationController < ActionController::Base |
| 67 | 61 | def avoid_ssl |
| 68 | 62 | return true if (!request.ssl? || ENV['RAILS_ENV'] == 'development') |
| 69 | 63 | redirect_to(params.merge(:protocol => 'http://')) |
| 64 | + false | |
| 70 | 65 | end |
| 71 | 66 | |
| 72 | 67 | before_init_gettext :maybe_save_locale | ... | ... |
app/controllers/box_organizer_controller.rb
app/helpers/boxes_helper.rb
| 1 | 1 | module BoxesHelper |
| 2 | 2 | |
| 3 | 3 | def insert_boxes(content) |
| 4 | - if @controller.send(:boxes_editor?) | |
| 4 | + if @controller.send(:boxes_editor?) && @controller.send(:uses_design_blocks?) | |
| 5 | 5 | content + display_boxes_editor(@controller.boxes_holder) |
| 6 | 6 | else |
| 7 | 7 | if @controller.send(:uses_design_blocks?) | ... | ... |
app/models/invite_friend.rb
| ... | ... | @@ -22,6 +22,14 @@ class InviteFriend < Task |
| 22 | 22 | TaskMailer.deliver_invitation_notification(task) unless task.friend |
| 23 | 23 | end |
| 24 | 24 | |
| 25 | + def validate | |
| 26 | + super | |
| 27 | + friendemail = friend ? friend.user.email : friend_email | |
| 28 | + if person && friendemail && person.user.email == friendemail | |
| 29 | + self.errors.add_to_base(_("You can't invite youself")) | |
| 30 | + end | |
| 31 | + end | |
| 32 | + | |
| 25 | 33 | def perform |
| 26 | 34 | requestor.add_friend(target, group_for_person) |
| 27 | 35 | target.add_friend(requestor, group_for_friend) | ... | ... |
app/models/person.rb
app/models/profile.rb
| ... | ... | @@ -231,7 +231,7 @@ class Profile < ActiveRecord::Base |
| 231 | 231 | # instances. |
| 232 | 232 | def create_default_set_of_boxes |
| 233 | 233 | if template |
| 234 | - copy_blocks_from template | |
| 234 | + apply_template(template, :copy_articles => false) | |
| 235 | 235 | else |
| 236 | 236 | 3.times do |
| 237 | 237 | self.boxes << Box.new |
| ... | ... | @@ -264,9 +264,9 @@ class Profile < ActiveRecord::Base |
| 264 | 264 | nil |
| 265 | 265 | end |
| 266 | 266 | |
| 267 | - def apply_template(template) | |
| 267 | + def apply_template(template, options = {:copy_articles => true}) | |
| 268 | 268 | copy_blocks_from(template) |
| 269 | - copy_articles_from(template) | |
| 269 | + copy_articles_from(template) if options[:copy_articles] | |
| 270 | 270 | |
| 271 | 271 | # copy interesting attributes |
| 272 | 272 | self.layout_template = template.layout_template | ... | ... |
lib/noosfero.rb
po/pt_BR/noosfero.po
| ... | ... | @@ -13,7 +13,7 @@ msgid "" |
| 13 | 13 | msgstr "" |
| 14 | 14 | "Project-Id-Version: noosfero 0.18.4\n" |
| 15 | 15 | "POT-Creation-Date: 2009-07-17 17:55-0300\n" |
| 16 | -"PO-Revision-Date: 2009-07-17 18:47-0300\n" | |
| 16 | +"PO-Revision-Date: 2009-07-20 14:22-0300\n" | |
| 17 | 17 | "Last-Translator: Joenio Costa <joenio@colivre.coop.br>\n" |
| 18 | 18 | "Language-Team: LANGUAGE <LL@li.org>\n" |
| 19 | 19 | "MIME-Version: 1.0\n" |
| ... | ... | @@ -2383,6 +2383,10 @@ msgstr "Uma busca de empreendimentos por produtos vendidos e localização" |
| 2383 | 2383 | msgid "Sellers search block" |
| 2384 | 2384 | msgstr "Bloco de busca por vendedores" |
| 2385 | 2385 | |
| 2386 | +#: app/models/environment.rb:299 | |
| 2387 | +msgid "<user> is inviting you to participate on %{environment}." | |
| 2388 | +msgstr "<user> está te convidando a participar do %{environment}" | |
| 2389 | + | |
| 2386 | 2390 | #: app/models/sellers_search_block.rb:12 |
| 2387 | 2391 | msgid "Search for sellers" |
| 2388 | 2392 | msgstr "Buscar por vendedores:" | ... | ... |
test/functional/application_controller_test.rb
| ... | ... | @@ -412,4 +412,15 @@ class ApplicationControllerTest < Test::Unit::TestCase |
| 412 | 412 | assert_no_tag :tag => 'div', :attributes => {:id => 'block-' + b.id.to_s} |
| 413 | 413 | end |
| 414 | 414 | |
| 415 | + should 'return false when not avoid ssl' do | |
| 416 | + req = mock | |
| 417 | + req.stubs(:ssl?).returns(true) | |
| 418 | + | |
| 419 | + @controller.expects(:request).returns(req) | |
| 420 | + @controller.stubs(:params).returns({}) | |
| 421 | + @controller.stubs(:redirect_to) | |
| 422 | + | |
| 423 | + assert_equal false, @controller.avoid_ssl | |
| 424 | + end | |
| 425 | + | |
| 415 | 426 | end | ... | ... |
test/functional/friends_controller_test.rb
| ... | ... | @@ -151,4 +151,10 @@ class FriendsControllerTest < Test::Unit::TestCase |
| 151 | 151 | end |
| 152 | 152 | end |
| 153 | 153 | |
| 154 | + should 'not invite yourself' do | |
| 155 | + assert_no_difference InviteFriend, :count do | |
| 156 | + post :invite, :manual_import_addresses => "#{profile.name} <#{profile.user.email}>", :import_from => "manual", :message => "click: <url>", :confirmation => 1, :wizard => true | |
| 157 | + end | |
| 158 | + end | |
| 159 | + | |
| 154 | 160 | end | ... | ... |
test/functional/profile_design_controller_test.rb
| ... | ... | @@ -12,7 +12,7 @@ class ProfileDesignControllerTest < Test::Unit::TestCase |
| 12 | 12 | @request.stubs(:ssl?).returns(true) |
| 13 | 13 | @response = ActionController::TestResponse.new |
| 14 | 14 | |
| 15 | - @holder = create_user('designtestuser').person | |
| 15 | + @profile = @holder = create_user('designtestuser').person | |
| 16 | 16 | holder.save! |
| 17 | 17 | |
| 18 | 18 | @box1 = Box.new |
| ... | ... | @@ -65,6 +65,7 @@ class ProfileDesignControllerTest < Test::Unit::TestCase |
| 65 | 65 | @controller.stubs(:boxes_holder).returns(holder) |
| 66 | 66 | login_as 'designtestuser' |
| 67 | 67 | end |
| 68 | + attr_reader :profile | |
| 68 | 69 | |
| 69 | 70 | def test_local_files_reference |
| 70 | 71 | assert_local_files_reference :get, :index, :profile => 'designtestuser' |
| ... | ... | @@ -319,4 +320,17 @@ class ProfileDesignControllerTest < Test::Unit::TestCase |
| 319 | 320 | assert_equal 20, @box1.blocks[-1].limit |
| 320 | 321 | end |
| 321 | 322 | |
| 323 | + should 'require login' do | |
| 324 | + logout | |
| 325 | + get :index, :profile => profile.identifier | |
| 326 | + assert_redirected_to :controller => 'account', :action => 'login' | |
| 327 | + end | |
| 328 | + | |
| 329 | + should 'not show sideboxes when render access denied' do | |
| 330 | + another_profile = create_user('bobmarley').person | |
| 331 | + get :index, :profile => another_profile.identifier | |
| 332 | + assert_tag :tag => 'div', :attributes => {:class => 'no-boxes'} | |
| 333 | + assert_tag :tag => 'div', :attributes => {:id => 'access-denied'} | |
| 334 | + end | |
| 335 | + | |
| 322 | 336 | end | ... | ... |
test/unit/invite_friend_test.rb
| ... | ... | @@ -137,4 +137,14 @@ class InviteFriendTest < ActiveSupport::TestCase |
| 137 | 137 | assert_equal :manage_friends, t.permission |
| 138 | 138 | end |
| 139 | 139 | |
| 140 | + should 'not invite yourself' do | |
| 141 | + p = create_user('testuser1').person | |
| 142 | + | |
| 143 | + task1 = InviteFriend.new(:person => p, :friend => p, :message => 'click here: <url>') | |
| 144 | + assert !task1.save | |
| 145 | + | |
| 146 | + task2 = InviteFriend.new(:person => p, :friend_name => 'Myself', :friend_email => p.user.email, :message => 'click here: <url>') | |
| 147 | + assert !task2.save | |
| 148 | + end | |
| 149 | + | |
| 140 | 150 | end | ... | ... |
test/unit/noosfero_test.rb
| ... | ... | @@ -26,7 +26,6 @@ class NoosferoTest < Test::Unit::TestCase |
| 26 | 26 | should 'identifier format' do |
| 27 | 27 | assert_match /^#{Noosfero.identifier_format}$/, 'bli-bla' |
| 28 | 28 | assert_no_match /^#{Noosfero.identifier_format}$/, 'UPPER' |
| 29 | - assert_no_match /^#{Noosfero.identifier_format}$/, '129812startingwithnumber' | |
| 30 | 29 | assert_match /^#{Noosfero.identifier_format}$/, 'with~tilde' |
| 31 | 30 | assert_match /^#{Noosfero.identifier_format}$/, 'with.dot' |
| 32 | 31 | end |
| ... | ... | @@ -46,4 +45,8 @@ class NoosferoTest < Test::Unit::TestCase |
| 46 | 45 | assert_equal({:port => 9999}, Noosfero.url_options) |
| 47 | 46 | end |
| 48 | 47 | |
| 48 | + should 'allow identifier starting with number' do | |
| 49 | + assert_match /^#{Noosfero.identifier_format}$/, '129812startingwithnumber' | |
| 50 | + end | |
| 51 | + | |
| 49 | 52 | end | ... | ... |
test/unit/person_test.rb
| ... | ... | @@ -565,4 +565,13 @@ class PersonTest < Test::Unit::TestCase |
| 565 | 565 | assert !Profile['testuser1'].add_friend(p2) |
| 566 | 566 | end |
| 567 | 567 | |
| 568 | + should 'not raise exception when validates person without e-mail' do | |
| 569 | + person = create_user('testuser1').person | |
| 570 | + person.user.email = nil | |
| 571 | + | |
| 572 | + assert_nothing_raised ActiveRecord::RecordInvalid do | |
| 573 | + assert !person.save | |
| 574 | + end | |
| 575 | + end | |
| 576 | + | |
| 568 | 577 | end | ... | ... |
test/unit/profile_test.rb
| ... | ... | @@ -1359,6 +1359,17 @@ class ProfileTest < Test::Unit::TestCase |
| 1359 | 1359 | assert !profile.valid? |
| 1360 | 1360 | end |
| 1361 | 1361 | |
| 1362 | + should 'copy header and footer after create a person' do | |
| 1363 | + template = create_user('template').person | |
| 1364 | + template.custom_footer = "footer customized" | |
| 1365 | + template.custom_header = "header customized" | |
| 1366 | + Environment.any_instance.stubs(:person_template).returns(template) | |
| 1367 | + | |
| 1368 | + person = create_user('mytestuser').person | |
| 1369 | + assert_equal "footer customized", person.custom_footer | |
| 1370 | + assert_equal "header customized", person.custom_header | |
| 1371 | + end | |
| 1372 | + | |
| 1362 | 1373 | private |
| 1363 | 1374 | |
| 1364 | 1375 | def assert_invalid_identifier(id) | ... | ... |
vendor/plugins/access_control/lib/permission_check.rb
| ... | ... | @@ -20,12 +20,19 @@ module PermissionCheck |
| 20 | 20 | target = target_method.kind_of?(Symbol) ? c.send(target_method) : target_method |
| 21 | 21 | accessor = accessor_method.kind_of?(Symbol) ? c.send(accessor_method) : accessor_method |
| 22 | 22 | unless accessor && accessor.has_permission?(permission.to_s, target) |
| 23 | -# c.instance_variable_set('@b', [accessor, permission, target]) | |
| 24 | - c.send(:render, :template => access_denied_template_path, :status => 403) && false | |
| 23 | + render_access_denied(c) && false | |
| 25 | 24 | end |
| 26 | 25 | end |
| 27 | 26 | end |
| 28 | 27 | |
| 28 | + def render_access_denied(c) | |
| 29 | + if c.respond_to?(:render_access_denied) | |
| 30 | + c.send(:render_access_denied) | |
| 31 | + else | |
| 32 | + c.send(:render, :template => access_denied_template_path, :status => 403) | |
| 33 | + end | |
| 34 | + end | |
| 35 | + | |
| 29 | 36 | def access_denied_template_path |
| 30 | 37 | if File.exists?(File.join(RAILS_ROOT, 'app', 'views', 'access_control', 'access_denied.rhtml')) |
| 31 | 38 | File.join(RAILS_ROOT, 'app', 'views', 'access_control', 'access_denied.rhtml') | ... | ... |
vendor/plugins/access_control/test/schema.rb
| ... | ... | @@ -3,10 +3,11 @@ ActiveRecord::Migration.verbose = false |
| 3 | 3 | ActiveRecord::Schema.define(:version => 0) do |
| 4 | 4 | |
| 5 | 5 | create_table :access_control_test_roles, :force => true do |t| |
| 6 | - t.column :name, :string | |
| 7 | - t.column :permissions, :string | |
| 8 | - t.column :key, :string | |
| 9 | - t.column :system, :boolean, :default => false | |
| 6 | + t.column :name, :string | |
| 7 | + t.column :permissions, :string | |
| 8 | + t.column :key, :string | |
| 9 | + t.column :system, :boolean, :default => false | |
| 10 | + t.column :environment_id, :integer | |
| 10 | 11 | end |
| 11 | 12 | |
| 12 | 13 | create_table :access_control_test_role_assignments, :force => true do |t| | ... | ... |
vendor/plugins/access_control/test/test_helper.rb
| ... | ... | @@ -18,6 +18,12 @@ RoleAssignment.set_table_name 'access_control_test_role_assignments' |
| 18 | 18 | class AccessControlTestAccessor < ActiveRecord::Base |
| 19 | 19 | set_table_name 'access_control_test_accessors' |
| 20 | 20 | acts_as_accessor |
| 21 | + def cache_keys | |
| 22 | + [] | |
| 23 | + end | |
| 24 | + def blocks_to_expire_cache | |
| 25 | + [] | |
| 26 | + end | |
| 21 | 27 | end |
| 22 | 28 | |
| 23 | 29 | # resource example class to be accessed by some accessor | ... | ... |