Commit cafedbe4be321a423747af020b1f4451497c1259
1 parent
053bed47
Exists in
master
and in
28 other branches
ActionItem177: access control applied on the my_profile controllers
git-svn-id: https://svn.colivre.coop.br/svn/noosfero/trunk@1518 3f533792-8f58-4932-b0fe-aaf55b0a4547
Showing
19 changed files
with
79 additions
and
10 deletions
Show diff stats
app/controllers/my_profile/cms_controller.rb
| 1 | 1 | class CmsController < MyProfileController |
| 2 | 2 | |
| 3 | - protect 'post_content', :profile, :only => [:edit, :new, :reorder, :delete] | |
| 3 | + protect 'post_content', :profile, :except => [:set_home_page] | |
| 4 | + protect 'edit_profile', :profile, :only => [:set_home_page] | |
| 4 | 5 | |
| 5 | 6 | def boxes_holder |
| 6 | 7 | profile | ... | ... |
app/controllers/my_profile/enterprise_validation_controller.rb
app/controllers/my_profile/friends_controller.rb
app/controllers/my_profile/memberships_controller.rb
app/controllers/my_profile/profile_design_controller.rb
app/controllers/my_profile/profile_editor_controller.rb
app/controllers/my_profile/tasks_controller.rb
app/models/profile.rb
| ... | ... | @@ -16,12 +16,15 @@ class Profile < ActiveRecord::Base |
| 16 | 16 | end |
| 17 | 17 | |
| 18 | 18 | PERMISSIONS[:profile] = { |
| 19 | - 'edit_profile' => N_('Edit profile'), | |
| 20 | - 'destroy_profile' => N_('Destroy profile'), | |
| 21 | - 'manage_memberships' => N_('Manage memberships'), | |
| 22 | - 'post_content' => N_('Post content'), | |
| 19 | + 'edit_profile' => N_('Edit profile'), | |
| 20 | + 'destroy_profile' => N_('Destroy profile'), | |
| 21 | + 'manage_memberships' => N_('Manage memberships'), | |
| 22 | + 'post_content' => N_('Post content'), | |
| 23 | 23 | 'edit_profile_design' => N_('Edit profile design'), |
| 24 | - 'manage_products' => N_('Manage products'), | |
| 24 | + 'manage_products' => N_('Manage products'), | |
| 25 | + 'manage_friends' => N_('Manage friends'), | |
| 26 | + 'validate_enterprise' => N_('Validate enterprise'), | |
| 27 | + 'peform_task' => N_('Peform task'), | |
| 25 | 28 | } |
| 26 | 29 | |
| 27 | 30 | acts_as_accessible | ... | ... |
lib/authenticated_test_helper.rb
script/anhetegua
| ... | ... | @@ -10,6 +10,7 @@ Profile.destroy_all |
| 10 | 10 | Role.destroy_all |
| 11 | 11 | RoleAssignment.destroy_all |
| 12 | 12 | Category.destroy_all |
| 13 | +Product.destroy_all | |
| 13 | 14 | Article.destroy_all |
| 14 | 15 | |
| 15 | 16 | def new_category(parent, name, color = nil) |
| ... | ... | @@ -108,6 +109,36 @@ colivre.affiliate(ze, owner_role) |
| 108 | 109 | member_role = Profile::Roles.member |
| 109 | 110 | moderator_role = Profile::Roles.moderator |
| 110 | 111 | |
| 112 | +# product categories | |
| 113 | +produtos = ProductCategory.create!(:name => 'Produtos', :environment => Environment.default, :display_color => 4) | |
| 114 | + | |
| 115 | +alimentacao = ProductCategory.create!(:name => 'Alimentação', :environment => Environment.default, :parent => produtos) | |
| 116 | +vegetais = ProductCategory.create!(:name => 'Vegetais', :environment => Environment.default, :parent => alimentacao) | |
| 117 | + | |
| 118 | +feijao = ProductCategory.create!(:name => 'Feijão', :environment => Environment.default, :parent => vegetais) | |
| 119 | + | |
| 120 | +arroz = ProductCategory.create!(:name => 'Arroz', :environment => Environment.default, :parent => vegetais) | |
| 121 | + | |
| 122 | +batata = ProductCategory.create!(:name => 'Batata', :environment => Environment.default, :parent => vegetais) | |
| 123 | + | |
| 124 | +carnes = ProductCategory.create!(:name => 'Carnes', :environment => Environment.default, :parent => alimentacao) | |
| 125 | + | |
| 126 | +boi = ProductCategory.create!(:name => 'Boi', :environment => Environment.default, :parent => carnes) | |
| 127 | + | |
| 128 | +frango = ProductCategory.create!(:name => 'Frango', :environment => Environment.default, :parent => carnes) | |
| 129 | + | |
| 130 | +vestuario = ProductCategory.create!(:name => 'Vestuário', :environment => Environment.default, :parent => produtos) | |
| 131 | + | |
| 132 | +camisetas = ProductCategory.create!(:name => 'Camisetas', :environment => Environment.default, :parent => vestuario) | |
| 133 | + | |
| 134 | +calcas = ProductCategory.create!(:name => 'Calças', :environment => Environment.default, :parent => vestuario) | |
| 135 | + | |
| 136 | +software_livre = ProductCategory.create!(:name => 'Software Livre', :environment => Environment.default, :parent => produtos) | |
| 137 | + | |
| 138 | +desenv = ProductCategory.create!(:name => 'Desenvolvimento', :environment => Environment.default, :parent => software_livre) | |
| 139 | +capacitacao = ProductCategory.create!(:name => 'Capacitação', :environment => Environment.default, :parent => software_livre) | |
| 140 | +admin_de_sistemas = ProductCategory.create!(:name => 'Administração de sistemas', :environment => Environment.default, :parent => software_livre) | |
| 141 | +arte_digital = ProductCategory.create!(:name => 'Arte Digital', :environment => Environment.default, :parent => software_livre) | |
| 111 | 142 | |
| 112 | 143 | |
| 113 | 144 | # actual products | ... | ... |
test/functional/enterprise_editor_controller_test.rb
test/functional/enterprise_validation_test.rb
| ... | ... | @@ -12,9 +12,10 @@ class EnterpriseValidationControllerTest < Test::Unit::TestCase |
| 12 | 12 | @controller = EnterpriseValidationController.new |
| 13 | 13 | @request = ActionController::TestRequest.new |
| 14 | 14 | @response = ActionController::TestResponse.new |
| 15 | + | |
| 15 | 16 | login_as 'ze' |
| 16 | - | |
| 17 | 17 | @org = Organization.create!(:identifier => 'myorg', :name => "My Org") |
| 18 | + give_permission('ze', 'validate_enterprise', @org) | |
| 18 | 19 | Profile.expects(:find_by_identifier).with('myorg').returns(@org).at_least_once |
| 19 | 20 | end |
| 20 | 21 | ... | ... |
test/functional/friends_controller_test.rb
test/functional/memberships_controller_test.rb
test/functional/profile_design_controller_test.rb
test/functional/profile_editor_controller_test.rb
| ... | ... | @@ -67,4 +67,10 @@ class ProfileEditorControllerTest < Test::Unit::TestCase |
| 67 | 67 | assert_redirected_to :action => 'index' |
| 68 | 68 | end |
| 69 | 69 | |
| 70 | + should 'not permmit if not logged' do | |
| 71 | + logout | |
| 72 | + person = create_user('test_user') | |
| 73 | + get :index, :profile => 'test_user' | |
| 74 | + end | |
| 75 | + | |
| 70 | 76 | end | ... | ... |
test/functional/tasks_controller_test.rb
test/integration/enterprise_registration_test.rb
| ... | ... | @@ -44,6 +44,9 @@ class EnterpriseRegistrationTest < ActionController::IntegrationTest |
| 44 | 44 | code = CreateEnterprise.find(:first, :order => 'id desc').code |
| 45 | 45 | |
| 46 | 46 | # steps done by the validator |
| 47 | + validator = create_user_with_permission('validator', 'validate_enterprise', org) | |
| 48 | + login 'validator', 'validator' | |
| 49 | + | |
| 47 | 50 | get "/myprofile/myorg/enterprise_validation" |
| 48 | 51 | assert_response :success |
| 49 | 52 | assert_tag :tag => 'a', :attributes => { :href => "/myprofile/myorg/enterprise_validation/details/#{code}" } | ... | ... |
test/test_helper.rb
| ... | ... | @@ -83,8 +83,8 @@ class Test::Unit::TestCase |
| 83 | 83 | User.create!(data) |
| 84 | 84 | end |
| 85 | 85 | |
| 86 | - def create_user_with_permission(name, permission, target= nil) | |
| 87 | - user = create_user(name).person | |
| 86 | + def give_permission(user, permission, target) | |
| 87 | + user = Person.find_by_identifier(user) if user.kind_of?(String) | |
| 88 | 88 | target ||= user |
| 89 | 89 | i = 0 |
| 90 | 90 | while Role.find_by_name('test_role' + i.to_s) |
| ... | ... | @@ -97,6 +97,11 @@ class Test::Unit::TestCase |
| 97 | 97 | user |
| 98 | 98 | end |
| 99 | 99 | |
| 100 | + def create_user_with_permission(name, permission, target= nil) | |
| 101 | + user = create_user(name).person | |
| 102 | + give_permission(user, permission, target) | |
| 103 | + end | |
| 104 | + | |
| 100 | 105 | alias :ok :assert_block |
| 101 | 106 | |
| 102 | 107 | def assert_equivalent(enum1, enum2) | ... | ... |