diff --git a/app/controllers/public/content_viewer_controller.rb b/app/controllers/public/content_viewer_controller.rb index ce88259..9102ebc 100644 --- a/app/controllers/public/content_viewer_controller.rb +++ b/app/controllers/public/content_viewer_controller.rb @@ -33,14 +33,33 @@ class ContentViewerController < PublicController end if request.post? && params[:comment] - @comment = Comment.new(params[:comment]) - @comment.author = user if logged_in? - @comment.article = @page - if @comment.save! - @comment = nil # clear the comment form - end + add_comment + end + + if request.post? && params[:remove_comment] + remove_comment end + @comments = @page.comments(true) end + protected + + def add_comment + @comment = Comment.new(params[:comment]) + @comment.author = user if logged_in? + @comment.article = @page + if @comment.save! + @comment = nil # clear the comment form + end + end + + def remove_comment + @comment = @page.comments.find(params[:remove_comment]) + if (user == @comment.author) || (user == @page.profile) + @comment.destroy + end + redirect_to :action => 'view_page' + end + end diff --git a/app/helpers/cms_helper.rb b/app/helpers/cms_helper.rb index 4068e85..5cf42cf 100644 --- a/app/helpers/cms_helper.rb +++ b/app/helpers/cms_helper.rb @@ -33,7 +33,8 @@ module CmsHelper if cat.top_level? result << content_tag('h5', toplevel.name) else - result << content_tag('div', check_box_tag("#{object_name}[category_ids][]", cat.id, object.category_ids.include?(cat.id)) + cat.full_name_without_leading(1)) + checkbox_id = "#{object_name}_#{cat.full_name.downcase.gsub(/\s+|\//, '_')}" + result << content_tag('label', check_box_tag("#{object_name}[category_ids][]", cat.id, object.category_ids.include?(cat.id), :id => checkbox_id) + cat.full_name_without_leading(1), :for => checkbox_id) end end end diff --git a/app/views/content_viewer/_comment.rhtml b/app/views/content_viewer/_comment.rhtml index 85a2b2a..f5f7012 100644 --- a/app/views/content_viewer/_comment.rhtml +++ b/app/views/content_viewer/_comment.rhtml @@ -1,4 +1,10 @@
+ <% if user == @page.profile || user == comment.author %> + <% button_bar(:style => 'float: right; margin-top: 0;') do %> + <%= button(:delete, 'Delete', { :remove_comment => comment.id }, :method => :post, :confirm => _('Are you sure you want to remove this comment?')) %> + <% end %> + <% end %> + <% if comment.author %> <%= link_to content_tag( 'span', comment.author.name() ), comment.author.url, :class => 'comment-picture', diff --git a/script/populate b/script/populate deleted file mode 100755 index e675699..0000000 --- a/script/populate +++ /dev/null @@ -1,24 +0,0 @@ -#!/usr/bin/env ruby -require File.dirname(__FILE__) + '/../config/environment' - -Profile.destroy_all - -User.destroy_all -User.create!(:login => 'testprofile', :email => 'admin@localhost.localdomain', :password => 'test', :password_confirmation => 'test') -User.create!(:login => 'user', :email => 'user@localhost.localdomain', :password => 'user', :password_confirmation => 'user') -User.create!(:login => 'usuario', :email => 'usuario@localhost.localdomain', :password => 'usuario', :password_confirmation => 'usuario') -ze = User.create!(:login => 'ze', :email => 'ze@localhost.localdomain', :password => 'test', :password_confirmation => 'test').person -root = User.create!(:login => 'root', :email => 'root@noosfero.org', :password => 'root', :password_confirmation => 'root').person - -Role.destroy_all -admin_role = Role.create!(:name => 'admin', :permissions => ['edit_environment_features', 'edit_environment_design', 'manage_environment_categories', 'manage_environment_roles', 'manage_environment_validators']) - -RoleAssignment.create!(:accessor => root, :role => admin_role, :resource => nil) - -empa = Enterprise.create!(:name => 'Empreendimento A', :identifier => 'empreendimento_a') - -owner_role = Role.create!(:name => 'owner', :permissions => ['edit_profile', 'destroy_profile', 'manage_memberships', 'post_content', 'edit_profile_design']) - -RoleAssignment.create!(:accessor => ze, :role => owner_role, :resource => empa) -RoleAssignment.create!(:accessor => root, :role => owner_role, :resource => Environmnet.default) if Environmnet.default - diff --git a/test/functional/content_viewer_controller_test.rb b/test/functional/content_viewer_controller_test.rb index 8182507..355fd3c 100644 --- a/test/functional/content_viewer_controller_test.rb +++ b/test/functional/content_viewer_controller_test.rb @@ -90,7 +90,7 @@ class ContentViewerControllerTest < Test::Unit::TestCase # for example, RSS feeds profile = create_user('someone').person page = profile.articles.build(:name => 'myarticle', :body => 'the body of the text') - page.save! +page.save! feed = RssFeed.new(:name => 'testfeed') feed.profile = profile @@ -104,5 +104,54 @@ class ContentViewerControllerTest < Test::Unit::TestCase assert_equal feed.data, @response.body end + should 'be able to remove comment' do + profile = create_user('testuser').person + article = profile.articles.build(:name => 'test') + article.save! + comment = article.comments.build(:author => profile, :title => 'a comment', :body => 'lalala') + comment.save! + + login_as 'testuser' + assert_difference Comment, :count, -1 do + post :view_page, :profile => profile.identifier, :page => [ 'test' ], :remove_comment => comment.id + assert_response :redirect + end + + end + + should "not be able to remove other people's comments" do + profile = create_user('testuser').person + article = profile.articles.build(:name => 'test') + article.save! + + commenter = create_user('otheruser').person + comment = article.comments.build(:author => commenter, :title => 'a comment', :body => 'lalala') + comment.save! + + login_as 'ze' # ze cannot remove other people's comments + assert_no_difference Comment, :count do + post :view_page, :profile => profile.identifier, :page => [ 'test' ], :remove_comment => comment.id + assert_response :redirect + end + + end + + should 'be able to remove comments on their articles' do + profile = create_user('testuser').person + article = profile.articles.build(:name => 'test') + article.save! + + commenter = create_user('otheruser').person + comment = article.comments.build(:author => commenter, :title => 'a comment', :body => 'lalala') + comment.save! + + login_as 'testuser' # testuser must be able to remove comments in his articles + assert_difference Comment, :count, -1 do + post :view_page, :profile => profile.identifier, :page => [ 'test' ], :remove_comment => comment.id + assert_response :redirect + end + + end + end -- libgit2 0.21.2