Download as
Browse Code »

Commit e46d23ce9ab2d42db5119253b039f871e1dbef19

Authored by Rodrigo Souto
1 parent ed0554c6
Exists in api_private_token and in 2 other branches add_fields_in_api, api_pagination

proper validations for approve_article task

Showing 2 changed files with 62 additions and 6 deletions   Show diff stats
app/models/approve_article.rb
  Diff comments   View file @e46d23c
@@ -2,8 +2,18 @@ class ApproveArticle < Task @@ -2,8 +2,18 @@ class ApproveArticle < Task
2 validates_presence_of :requestor_id, :target_id 2 validates_presence_of :requestor_id, :target_id
3 3
4 validates :requestor, kind_of: {kind: Person} 4 validates :requestor, kind_of: {kind: Person}
5 - #validates :target, kind_of: {kind: Organization}  
6 - #validate :request_is_member_of_target 5 + validate :allowed_requestor
  6 +
  7 + def allowed_requestor
  8 + if target
  9 + if target.person? && requestor != target
  10 + self.errors.add(:requestor, _('You can not post articles to other users.'))
  11 + end
  12 + if target.organization? && !target.members.include?(requestor) && target.environment.portal_community != target
  13 + self.errors.add(:requestor, _('Only members can post articles on communities.'))
  14 + end
  15 + end
  16 + end
7 17
8 def article_title 18 def article_title
9 article ? article.title : _('(The original text was removed)') 19 article ? article.title : _('(The original text was removed)')
test/unit/approve_article_test.rb
  Diff comments   View file @e46d23c
@@ -9,6 +9,7 @@ class ApproveArticleTest < ActiveSupport::TestCase @@ -9,6 +9,7 @@ class ApproveArticleTest < ActiveSupport::TestCase
9 @profile = create_user('test_user').person 9 @profile = create_user('test_user').person
10 @article = fast_create(TextileArticle, :profile_id => @profile.id, :name => 'test name', :abstract => 'Lead of article', :body => 'This is my article') 10 @article = fast_create(TextileArticle, :profile_id => @profile.id, :name => 'test name', :abstract => 'Lead of article', :body => 'This is my article')
11 @community = fast_create(Community) 11 @community = fast_create(Community)
  12 + @community.add_member(@profile)
12 end 13 end
13 attr_reader :profile, :article, :community 14 attr_reader :profile, :article, :community
14 15
@@ -251,6 +252,8 @@ class ApproveArticleTest < ActiveSupport::TestCase @@ -251,6 +252,8 @@ class ApproveArticleTest < ActiveSupport::TestCase
251 end 252 end
252 253
253 should 'not group trackers activity of article\'s creation' do 254 should 'not group trackers activity of article\'s creation' do
  255 + other_community = fast_create(Community)
  256 + other_community.add_member(profile)
254 ActionTracker::Record.delete_all 257 ActionTracker::Record.delete_all
255 258
256 article = fast_create(TextileArticle) 259 article = fast_create(TextileArticle)
@@ -262,20 +265,20 @@ class ApproveArticleTest < ActiveSupport::TestCase @@ -262,20 +265,20 @@ class ApproveArticleTest < ActiveSupport::TestCase
262 a.finish 265 a.finish
263 266
264 article = fast_create(TextileArticle) 267 article = fast_create(TextileArticle)
265 - other_community = fast_create(Community)  
266 a = create(ApproveArticle, :name => 'another bar', :article => article, :target => other_community, :requestor => profile) 268 a = create(ApproveArticle, :name => 'another bar', :article => article, :target => other_community, :requestor => profile)
267 a.finish 269 a.finish
268 assert_equal 3, ActionTracker::Record.count 270 assert_equal 3, ActionTracker::Record.count
269 end 271 end
270 272
271 should 'not create trackers activity when updating articles' do 273 should 'not create trackers activity when updating articles' do
  274 + other_community = fast_create(Community)
  275 + other_community.add_member(profile)
272 ActionTracker::Record.delete_all 276 ActionTracker::Record.delete_all
273 article1 = fast_create(TextileArticle) 277 article1 = fast_create(TextileArticle)
274 a = create(ApproveArticle, :name => 'bar', :article => article1, :target => community, :requestor => profile) 278 a = create(ApproveArticle, :name => 'bar', :article => article1, :target => community, :requestor => profile)
275 a.finish 279 a.finish
276 280
277 article2 = fast_create(TinyMceArticle) 281 article2 = fast_create(TinyMceArticle)
278 - other_community = fast_create(Community)  
279 a = create(ApproveArticle, :name => 'another bar', :article => article2, :target => other_community, :requestor => profile) 282 a = create(ApproveArticle, :name => 'another bar', :article => article2, :target => other_community, :requestor => profile)
280 a.finish 283 a.finish
281 assert_equal 2, ActionTracker::Record.count 284 assert_equal 2, ActionTracker::Record.count
@@ -283,7 +286,7 @@ class ApproveArticleTest < ActiveSupport::TestCase @@ -283,7 +286,7 @@ class ApproveArticleTest < ActiveSupport::TestCase
283 assert_no_difference 'ActionTracker::Record.count' do 286 assert_no_difference 'ActionTracker::Record.count' do
284 published = article1.class.last 287 published = article1.class.last
285 published.name = 'foo';published.save! 288 published.name = 'foo';published.save!
286 - 289 +
287 published = article2.class.last 290 published = article2.class.last
288 published.name = 'another foo';published.save! 291 published.name = 'another foo';published.save!
289 end 292 end
@@ -307,7 +310,7 @@ class ApproveArticleTest < ActiveSupport::TestCase @@ -307,7 +310,7 @@ class ApproveArticleTest < ActiveSupport::TestCase
307 person = fast_create(Person) 310 person = fast_create(Person)
308 person.stubs(:notification_emails).returns(['target@example.org']) 311 person.stubs(:notification_emails).returns(['target@example.org'])
309 312
310 - a = create(ApproveArticle, :article => article, :target => person, :requestor => profile) 313 + a = create(ApproveArticle, :article => article, :target => person, :requestor => person)
311 a.finish 314 a.finish
312 315
313 approved_article = person.articles.find_by_name(article.name) 316 approved_article = person.articles.find_by_name(article.name)
@@ -440,4 +443,47 @@ class ApproveArticleTest < ActiveSupport::TestCase @@ -440,4 +443,47 @@ class ApproveArticleTest < ActiveSupport::TestCase
440 assert_equal article, LinkArticle.last.reference_article 443 assert_equal article, LinkArticle.last.reference_article
441 end 444 end
442 445
  446 + should 'not allow non-person requestor' do
  447 + task = ApproveArticle.new(:requestor => Community.new)
  448 + task.valid?
  449 + assert task.invalid?(:requestor)
  450 + end
  451 +
  452 + should 'allow only self requestors when the target is a person' do
  453 + person = fast_create(Person)
  454 + another_person = fast_create(Person)
  455 +
  456 + t1 = ApproveArticle.new(:requestor => person, :target => person)
  457 + t2 = ApproveArticle.new(:requestor => another_person, :target => person)
  458 +
  459 + assert t1.valid?
  460 + assert !t2.valid?
  461 + assert t2.invalid?(:requestor)
  462 + end
  463 +
  464 + should 'allow only members to be requestors when target is a community' do
  465 + community = fast_create(Community)
  466 + member = fast_create(Person)
  467 + community.add_member(member)
  468 + non_member = fast_create(Person)
  469 +
  470 + t1 = ApproveArticle.new(:requestor => member, :target => community)
  471 + t2 = ApproveArticle.new(:requestor => non_member, :target => community)
  472 +
  473 + assert t1.valid?
  474 + assert !t2.valid?
  475 + assert t2.invalid?(:requestor)
  476 + end
  477 +
  478 + should 'allow any user to be requestor whe the target is the portal community' do
  479 + community = fast_create(Community)
  480 + environment = community.environment
  481 + environment.portal_community = community
  482 + environment.save!
  483 + person = fast_create(Person)
  484 +
  485 + task = ApproveArticle.new(:requestor => person, :target => community)
  486 +
  487 + assert task.valid?
  488 + end
443 end 489 end