browsercms 3.0.2 → 3.0.3
Sign up to get free protection for your applications and to get access to all the features.
- data/app/controllers/cms/content_block_controller.rb +25 -2
- data/app/controllers/cms/content_controller.rb +31 -2
- data/app/controllers/cms/dashboard_controller.rb +2 -1
- data/app/controllers/cms/error_handling.rb +9 -2
- data/app/controllers/cms/links_controller.rb +2 -0
- data/app/controllers/cms/pages_controller.rb +22 -18
- data/app/controllers/cms/section_nodes_controller.rb +1 -1
- data/app/controllers/cms/sections_controller.rb +12 -7
- data/app/controllers/cms/sessions_controller.rb +17 -10
- data/app/controllers/cms/users_controller.rb +8 -6
- data/app/helpers/cms/application_helper.rb +2 -6
- data/app/helpers/cms/menu_helper.rb +118 -146
- data/app/helpers/cms/page_helper.rb +2 -2
- data/app/models/attachment.rb +2 -2
- data/app/models/group.rb +13 -2
- data/app/models/guest_user.rb +9 -3
- data/app/models/link.rb +2 -2
- data/app/models/page.rb +1 -1
- data/app/models/section.rb +7 -2
- data/app/models/user.rb +35 -17
- data/app/views/cms/blocks/_toolbar_for_member.html.erb +3 -3
- data/app/views/cms/blocks/index.html.erb +11 -6
- data/app/views/cms/content/show.html.erb +3 -3
- data/app/views/cms/menus/_menu.html.erb +9 -0
- data/app/views/cms/menus/_menu_item.html.erb +11 -0
- data/app/views/cms/pages/_edit_connector.html.erb +1 -1
- data/app/views/cms/pages/_edit_container.html.erb +1 -1
- data/app/views/cms/section_nodes/_node.html.erb +1 -1
- data/app/views/cms/sections/_form.html.erb +36 -34
- data/app/views/cms/shared/access_denied.html.erb +3 -0
- data/app/views/cms/users/change_password.html.erb +8 -6
- data/app/views/cms/users/index.html.erb +1 -1
- data/app/views/cms/users/show.html.erb +50 -0
- data/app/views/layouts/_cms_toolbar.html.erb +1 -1
- data/app/views/layouts/_page_toolbar.html.erb +7 -7
- data/app/views/layouts/cms/administration.html.erb +24 -7
- data/browsercms.gemspec +13 -7
- data/lib/acts_as_list.rb +8 -4
- data/lib/cms/acts/content_block.rb +1 -1
- data/lib/cms/authentication/controller.rb +26 -7
- data/lib/cms/behaviors/attaching.rb +3 -3
- data/lib/cms/behaviors/publishing.rb +12 -1
- data/lib/cms/behaviors/rendering.rb +17 -4
- data/lib/cms/behaviors/versioning.rb +2 -2
- data/lib/cms/routes.rb +4 -0
- data/lib/tasks/cms.rake +0 -18
- data/public/javascripts/cms/content_library.js +36 -0
- data/public/javascripts/cms/sitemap.js +21 -9
- data/public/stylesheets/cms/form_layout.css +16 -2
- data/public/stylesheets/cms/nav.css +4 -3
- data/test/functional/cms/content_block_controller_test.rb +120 -0
- data/test/functional/cms/content_controller_test.rb +135 -80
- data/test/functional/cms/links_controller_test.rb +89 -1
- data/test/functional/cms/pages_controller_test.rb +138 -0
- data/test/functional/cms/section_nodes_controller_test.rb +45 -5
- data/test/functional/cms/sections_controller_test.rb +148 -1
- data/test/functional/cms/sessions_controller_test.rb +26 -2
- data/test/functional/cms/users_controller_test.rb +49 -2
- data/test/test_helper.rb +3 -1
- data/test/unit/behaviors/attaching_test.rb +26 -0
- data/test/unit/helpers/menu_helper_test.rb +118 -278
- data/test/unit/models/group_test.rb +6 -0
- data/test/unit/models/user_test.rb +127 -29
- metadata +12 -4
@@ -2,26 +2,26 @@ require File.join(File.dirname(__FILE__), '/../../test_helper')
|
|
2
2
|
|
3
3
|
class Cms::ContentControllerTest < ActionController::TestCase
|
4
4
|
include Cms::ControllerTestHelper
|
5
|
-
|
5
|
+
|
6
6
|
def test_show_home_page
|
7
7
|
get :show
|
8
8
|
assert_response :success
|
9
9
|
assert_select "title", "Home"
|
10
10
|
end
|
11
|
-
|
11
|
+
|
12
12
|
def test_show_another_page
|
13
13
|
@page = Factory(:page, :section => root_section, :path => "/about", :name => "Test About", :template_file_name => "default.html.erb", :publish_on_save => true)
|
14
14
|
get :show, :path => ["about"]
|
15
15
|
assert_select "title", "Test About"
|
16
16
|
end
|
17
|
-
|
17
|
+
|
18
18
|
def test_page_not_found_to_guest
|
19
19
|
get :show, :path => ["foo"]
|
20
20
|
assert_response :not_found
|
21
21
|
assert_select "title", "Not Found"
|
22
22
|
assert_select "h1", "Page Not Found"
|
23
23
|
end
|
24
|
-
|
24
|
+
|
25
25
|
def test_page_not_found_to_cms_admin
|
26
26
|
login_as_cms_admin
|
27
27
|
get :show, :path => ["foo"]
|
@@ -29,25 +29,25 @@ class Cms::ContentControllerTest < ActionController::TestCase
|
|
29
29
|
assert_select "title", "Page Not Found"
|
30
30
|
assert_select "h2", "There is no page at /foo"
|
31
31
|
end
|
32
|
-
|
32
|
+
|
33
33
|
def test_show_protected_page_to_guest
|
34
34
|
create_protected_page
|
35
|
-
|
35
|
+
|
36
36
|
get :show, :path => ["secret"]
|
37
37
|
assert_response :forbidden
|
38
38
|
assert_select "title", "Access Denied"
|
39
39
|
end
|
40
|
-
|
40
|
+
|
41
41
|
def test_show_protected_page_to_privileged_user
|
42
42
|
create_protected_page
|
43
|
-
|
43
|
+
|
44
44
|
login_as @privileged_user
|
45
|
-
|
45
|
+
|
46
46
|
get :show, :path => ["secret"]
|
47
47
|
assert_response :success
|
48
48
|
assert_select "title", "Shhh... It's a Secret"
|
49
49
|
end
|
50
|
-
|
50
|
+
|
51
51
|
def test_show_archived_page_to_guest
|
52
52
|
create_archived_page
|
53
53
|
|
@@ -67,14 +67,14 @@ class Cms::ContentControllerTest < ActionController::TestCase
|
|
67
67
|
|
68
68
|
def test_show_file
|
69
69
|
create_file
|
70
|
-
|
70
|
+
|
71
71
|
get :show, :path => ["test.txt"]
|
72
|
-
|
72
|
+
|
73
73
|
assert_response :success
|
74
74
|
assert_equal "text/plain", @response.content_type
|
75
75
|
assert_equal "This is a test", streaming_file_contents
|
76
76
|
end
|
77
|
-
|
77
|
+
|
78
78
|
def test_show_archived_file
|
79
79
|
create_file
|
80
80
|
|
@@ -82,46 +82,46 @@ class Cms::ContentControllerTest < ActionController::TestCase
|
|
82
82
|
@file_block.update_attributes(:archived => true, :publish_on_save => true)
|
83
83
|
reset(:file_block)
|
84
84
|
assert @file_block.attachment.archived?
|
85
|
-
|
85
|
+
|
86
86
|
get :show, :path => ["test.txt"]
|
87
|
-
|
87
|
+
|
88
88
|
assert_response :not_found
|
89
89
|
assert_select "title", "Not Found"
|
90
90
|
end
|
91
|
-
|
91
|
+
|
92
92
|
def test_show_protected_file_to_guest
|
93
93
|
create_protected_file
|
94
|
-
|
94
|
+
|
95
95
|
get :show, :path => ["test.txt"]
|
96
|
-
|
96
|
+
|
97
97
|
assert_response :forbidden
|
98
98
|
assert_select "title", "Access Denied"
|
99
99
|
end
|
100
|
-
|
100
|
+
|
101
101
|
def test_show_protected_file_to_privileged_user
|
102
102
|
create_protected_file
|
103
103
|
login_as @privileged_user
|
104
|
-
|
104
|
+
|
105
105
|
get :show, :path => ["test.txt"]
|
106
|
-
|
106
|
+
|
107
107
|
assert_response :success
|
108
108
|
assert_equal "text/plain", @response.content_type
|
109
109
|
assert_equal "This is a test", streaming_file_contents
|
110
110
|
end
|
111
|
-
|
111
|
+
|
112
112
|
def test_show_page_route
|
113
113
|
@page_template = Factory(:page_template, :name => "test_show_page_route")
|
114
|
-
@page = Factory(:page,
|
115
|
-
:section => root_section,
|
114
|
+
@page = Factory(:page,
|
115
|
+
:section => root_section,
|
116
116
|
:template_file_name => "test_show_page_route.html.erb")
|
117
|
-
@portlet = DynamicPortlet.create!(:name => "Test",
|
117
|
+
@portlet = DynamicPortlet.create!(:name => "Test",
|
118
118
|
:template => "<h1><%= @foo %></h1>",
|
119
119
|
:connect_to_page_id => @page.id, :connect_to_container => "main")
|
120
120
|
@page_route = @page.page_routes.create(:pattern => "/foo", :code => "@foo = params[:foo]")
|
121
121
|
|
122
122
|
reset(:page)
|
123
123
|
@page.publish!
|
124
|
-
|
124
|
+
|
125
125
|
get :show_page_route, :foo => "42", :_page_route_id => @page_route.id
|
126
126
|
assert_response :success
|
127
127
|
assert_select "h1", "42"
|
@@ -137,10 +137,10 @@ class Cms::ContentControllerTest < ActionController::TestCase
|
|
137
137
|
def test_show_draft_page_with_content_as_editor
|
138
138
|
login_as_cms_admin
|
139
139
|
create_page_with_content
|
140
|
-
|
140
|
+
|
141
141
|
@block.update_attributes(:content => "<h3>I've been edited</h3>")
|
142
142
|
reset(:page, :block)
|
143
|
-
|
143
|
+
|
144
144
|
get :show, :path => ["page_with_content"]
|
145
145
|
assert_response :success
|
146
146
|
assert_select "h3", "I've been edited"
|
@@ -154,42 +154,42 @@ class Cms::ContentControllerTest < ActionController::TestCase
|
|
154
154
|
@secret_group = Factory(:group, :name => "Secret")
|
155
155
|
@secret_group.sections << @protected_section
|
156
156
|
@privileged_user = Factory(:user, :login => "privileged")
|
157
|
-
@privileged_user.groups << @secret_group
|
157
|
+
@privileged_user.groups << @secret_group
|
158
158
|
end
|
159
|
-
|
159
|
+
|
160
160
|
def create_protected_page
|
161
|
-
create_protected_user_section_group
|
162
|
-
@page = Factory(:page,
|
163
|
-
:section => @protected_section,
|
164
|
-
:path => "/secret",
|
165
|
-
:name => "Shhh... It's a Secret",
|
166
|
-
:template_file_name => "default.html.erb",
|
161
|
+
create_protected_user_section_group
|
162
|
+
@page = Factory(:page,
|
163
|
+
:section => @protected_section,
|
164
|
+
:path => "/secret",
|
165
|
+
:name => "Shhh... It's a Secret",
|
166
|
+
:template_file_name => "default.html.erb",
|
167
167
|
:publish_on_save => true)
|
168
168
|
end
|
169
|
-
|
169
|
+
|
170
170
|
def create_file
|
171
171
|
@file = mock_file(:read => "This is a test", :content_type => "text/plain")
|
172
|
-
@file_block = Factory(:file_block, :attachment_section => root_section, :attachment_file => @file, :attachment_file_path => "/test.txt", :publish_on_save => true)
|
172
|
+
@file_block = Factory(:file_block, :attachment_section => root_section, :attachment_file => @file, :attachment_file_path => "/test.txt", :publish_on_save => true)
|
173
173
|
end
|
174
|
-
|
174
|
+
|
175
175
|
def create_protected_file
|
176
|
-
create_protected_user_section_group
|
176
|
+
create_protected_user_section_group
|
177
177
|
create_file
|
178
178
|
reset(:file_block)
|
179
179
|
@file_block.update_attributes(:attachment_section => @protected_section)
|
180
180
|
reset(:file_block)
|
181
181
|
end
|
182
|
-
|
182
|
+
|
183
183
|
def create_archived_page
|
184
|
-
@page = Factory(:page,
|
185
|
-
:section => root_section,
|
186
|
-
:path => "/archived",
|
187
|
-
:name => "Archived",
|
188
|
-
:archived => true,
|
189
|
-
:template_file_name => "default.html.erb",
|
184
|
+
@page = Factory(:page,
|
185
|
+
:section => root_section,
|
186
|
+
:path => "/archived",
|
187
|
+
:name => "Archived",
|
188
|
+
:archived => true,
|
189
|
+
:template_file_name => "default.html.erb",
|
190
190
|
:publish_on_save => true)
|
191
191
|
end
|
192
|
-
|
192
|
+
|
193
193
|
def create_page_with_content
|
194
194
|
@page_template = Factory(:page_template, :name => "testing_editting_content")
|
195
195
|
|
@@ -200,14 +200,14 @@ class Cms::ContentControllerTest < ActionController::TestCase
|
|
200
200
|
|
201
201
|
@block = HtmlBlock.create!(:name => "Test",
|
202
202
|
:content => "<h3>TEST</h3>",
|
203
|
-
:connect_to_page_id => @page.id,
|
203
|
+
:connect_to_page_id => @page.id,
|
204
204
|
:connect_to_container => "main")
|
205
205
|
|
206
206
|
reset(:page)
|
207
207
|
@page.publish!
|
208
|
-
|
208
|
+
|
209
209
|
end
|
210
|
-
|
210
|
+
|
211
211
|
end
|
212
212
|
|
213
213
|
# CMS Page Caching Enabled (Production Mode)
|
@@ -225,18 +225,18 @@ end
|
|
225
225
|
class Cms::ContentCachingEnabledControllerTest < ActionController::TestCase
|
226
226
|
tests Cms::ContentController
|
227
227
|
include Cms::ControllerTestHelper
|
228
|
-
|
228
|
+
|
229
229
|
def setup
|
230
230
|
ActionController::Base.perform_caching = true
|
231
231
|
@page = Factory(:page, :section => root_section, :name => "Test Page", :path => "/page", :publish_on_save => true)
|
232
232
|
@registered_user = Factory(:user)
|
233
|
-
@registered_user.groups << Group.
|
233
|
+
@registered_user.groups << Group.guest
|
234
234
|
end
|
235
|
-
|
235
|
+
|
236
236
|
def teardown
|
237
237
|
ActionController::Base.perform_caching = false
|
238
238
|
end
|
239
|
-
|
239
|
+
|
240
240
|
def test_guest_user_views_page_on_public_site
|
241
241
|
@request.host = "mysite.com"
|
242
242
|
get :show, :path => ["page"]
|
@@ -253,9 +253,9 @@ class Cms::ContentCachingEnabledControllerTest < ActionController::TestCase
|
|
253
253
|
def test_registered_user_views_page_on_public_site
|
254
254
|
login_as @registered_user
|
255
255
|
@request.host = "mysite.com"
|
256
|
-
|
256
|
+
|
257
257
|
get :show, :path => ["page"]
|
258
|
-
|
258
|
+
|
259
259
|
assert_response :success
|
260
260
|
assert_select "title", "Test Page"
|
261
261
|
end
|
@@ -263,19 +263,19 @@ class Cms::ContentCachingEnabledControllerTest < ActionController::TestCase
|
|
263
263
|
def test_registered_user_views_page_on_cms_site
|
264
264
|
login_as @registered_user
|
265
265
|
@request.host = "cms.mysite.com"
|
266
|
-
|
266
|
+
|
267
267
|
get :show, :path => ["page"]
|
268
|
-
|
268
|
+
|
269
269
|
assert_redirected_to "http://mysite.com/page"
|
270
270
|
end
|
271
|
-
|
271
|
+
|
272
272
|
def test_cms_user_views_page_on_public_site
|
273
273
|
login_as_cms_admin
|
274
274
|
@request.session[:page_mode] = "edit"
|
275
275
|
@request.host = "mysite.com"
|
276
|
-
|
276
|
+
|
277
277
|
get :show, :path => ["page"]
|
278
|
-
|
278
|
+
|
279
279
|
assert_response :success
|
280
280
|
assert_select "title", "Test Page"
|
281
281
|
assert_select "iframe", {:count => 0}
|
@@ -285,14 +285,14 @@ class Cms::ContentCachingEnabledControllerTest < ActionController::TestCase
|
|
285
285
|
login_as_cms_admin
|
286
286
|
@request.session[:page_mode] = "edit"
|
287
287
|
@request.host = "cms.mysite.com"
|
288
|
-
|
288
|
+
|
289
289
|
get :show, :path => ["page"]
|
290
|
-
|
290
|
+
|
291
291
|
assert_response :success
|
292
292
|
assert_select "title", "Test Page"
|
293
293
|
assert_select "iframe"
|
294
|
-
end
|
295
|
-
|
294
|
+
end
|
295
|
+
|
296
296
|
end
|
297
297
|
|
298
298
|
# CMS Page Caching Disabled (Development Mode)
|
@@ -310,14 +310,14 @@ end
|
|
310
310
|
class Cms::ContentCachingDisabledControllerTest < ActionController::TestCase
|
311
311
|
tests Cms::ContentController
|
312
312
|
include Cms::ControllerTestHelper
|
313
|
-
|
313
|
+
|
314
314
|
def setup
|
315
315
|
ActionController::Base.perform_caching = false
|
316
316
|
@page = Factory(:page, :section => root_section, :name => "Test Page", :path => "/page", :publish_on_save => true)
|
317
317
|
@registered_user = Factory(:user)
|
318
|
-
@registered_user.groups << Group.
|
318
|
+
@registered_user.groups << Group.guest
|
319
319
|
end
|
320
|
-
|
320
|
+
|
321
321
|
def test_guest_user_views_page_on_public_site
|
322
322
|
@request.host = "mysite.com"
|
323
323
|
get :show, :path => ["page"]
|
@@ -335,9 +335,9 @@ class Cms::ContentCachingDisabledControllerTest < ActionController::TestCase
|
|
335
335
|
def test_registered_user_views_page_on_public_site
|
336
336
|
login_as @registered_user
|
337
337
|
@request.host = "mysite.com"
|
338
|
-
|
338
|
+
|
339
339
|
get :show, :path => ["page"]
|
340
|
-
|
340
|
+
|
341
341
|
assert_response :success
|
342
342
|
assert_select "title", "Test Page"
|
343
343
|
end
|
@@ -345,20 +345,20 @@ class Cms::ContentCachingDisabledControllerTest < ActionController::TestCase
|
|
345
345
|
def test_registered_user_views_page_on_cms_site
|
346
346
|
login_as @registered_user
|
347
347
|
@request.host = "mysite.com"
|
348
|
-
|
348
|
+
|
349
349
|
get :show, :path => ["page"]
|
350
|
-
|
350
|
+
|
351
351
|
assert_response :success
|
352
352
|
assert_select "title", "Test Page"
|
353
353
|
end
|
354
|
-
|
354
|
+
|
355
355
|
def test_cms_user_views_page_on_public_site
|
356
356
|
login_as_cms_admin
|
357
357
|
@request.session[:page_mode] = "edit"
|
358
358
|
@request.host = "mysite.com"
|
359
|
-
|
359
|
+
|
360
360
|
get :show, :path => ["page"]
|
361
|
-
|
361
|
+
|
362
362
|
assert_response :success
|
363
363
|
assert_select "title", "Test Page"
|
364
364
|
assert_select "iframe"
|
@@ -368,12 +368,67 @@ class Cms::ContentCachingDisabledControllerTest < ActionController::TestCase
|
|
368
368
|
login_as_cms_admin
|
369
369
|
@request.session[:page_mode] = "edit"
|
370
370
|
@request.host = "cms.mysite.com"
|
371
|
-
|
371
|
+
|
372
372
|
get :show, :path => ["page"]
|
373
|
-
|
373
|
+
|
374
374
|
assert_response :success
|
375
375
|
assert_select "title", "Test Page"
|
376
376
|
assert_select "iframe"
|
377
377
|
end
|
378
|
-
|
379
|
-
|
378
|
+
|
379
|
+
def test_portlet_throw_access_denied_goes_to_access_denied_page
|
380
|
+
@page = Factory(:page, :section => root_section, :path => "/about", :name => "Test About", :template_file_name => "default.html.erb", :publish_on_save => true)
|
381
|
+
@portlet_render = DynamicPortlet.create!(:name => "Test", :connect_to_page_id => @page.id, :connect_to_container => "main", :template => '<p id="hi">hello</p>')
|
382
|
+
@portlet_raise_access_denied = DynamicPortlet.create!(:name => "Test", :connect_to_page_id => @page.id, :connect_to_container => "main", :code => 'raise Cms::Errors::AccessDenied')
|
383
|
+
reset(:page)
|
384
|
+
|
385
|
+
get :show, :path => ["about"]
|
386
|
+
assert_response :forbidden
|
387
|
+
assert_select "title", "Access Denied"
|
388
|
+
end
|
389
|
+
def test_portlet_throw_not_found_goes_to_not_found_page
|
390
|
+
@page = Factory(:page, :section => root_section, :path => "/about", :name => "Test About", :template_file_name => "default.html.erb", :publish_on_save => true)
|
391
|
+
@portlet_render = DynamicPortlet.create!(:name => "Test", :connect_to_page_id => @page.id, :connect_to_container => "main", :template => '<p id="hi">hello</p>')
|
392
|
+
@portlet_raise_not_found = DynamicPortlet.create!(:name => "Test", :connect_to_page_id => @page.id, :connect_to_container => "main", :code => 'raise ActiveRecord::RecordNotFound')
|
393
|
+
reset(:page)
|
394
|
+
|
395
|
+
get :show, :path => ["about"]
|
396
|
+
assert_response :not_found
|
397
|
+
assert_select "title", "Not Found"
|
398
|
+
end
|
399
|
+
|
400
|
+
def test_portlets_throw_multiple_goes_to_not_found
|
401
|
+
@page = Factory(:page, :section => root_section, :path => "/about", :name => "Test About", :template_file_name => "default.html.erb", :publish_on_save => true)
|
402
|
+
@portlet_render = DynamicPortlet.create!(:name => "Test", :connect_to_page_id => @page.id, :connect_to_container => "main", :template => '<p id="hi">hello</p>')
|
403
|
+
@portlet_raise_not_found = DynamicPortlet.create!(:name => "Test", :connect_to_page_id => @page.id, :connect_to_container => "main", :code => 'raise ActiveRecord::RecordNotFound')
|
404
|
+
@portlet_raise_access_denied = DynamicPortlet.create!(:name => "Test", :connect_to_page_id => @page.id, :connect_to_container => "main", :code => 'raise Cms::Errors::AccessDenied')
|
405
|
+
@portlet_raise_generic = DynamicPortlet.create!(:name => "Test", :connect_to_page_id => @page.id, :connect_to_container => "main", :code => 'raise')
|
406
|
+
reset(:page)
|
407
|
+
|
408
|
+
get :show, :path => ["about"]
|
409
|
+
assert_response :not_found
|
410
|
+
assert_select "title", "Not Found"
|
411
|
+
end
|
412
|
+
|
413
|
+
def test_portlets_throw_multiple_goes_to_access_denied
|
414
|
+
@page = Factory(:page, :section => root_section, :path => "/about", :name => "Test About", :template_file_name => "default.html.erb", :publish_on_save => true)
|
415
|
+
@portlet_render = DynamicPortlet.create!(:name => "Test", :connect_to_page_id => @page.id, :connect_to_container => "main", :template => '<p id="hi">hello</p>')
|
416
|
+
@portlet_raise_access_denied = DynamicPortlet.create!(:name => "Test", :connect_to_page_id => @page.id, :connect_to_container => "main", :code => 'raise Cms::Errors::AccessDenied')
|
417
|
+
@portlet_raise_generic = DynamicPortlet.create!(:name => "Test", :connect_to_page_id => @page.id, :connect_to_container => "main", :code => 'raise')
|
418
|
+
reset(:page)
|
419
|
+
|
420
|
+
get :show, :path => ["about"]
|
421
|
+
assert_response :forbidden
|
422
|
+
assert_select "title", "Access Denied"
|
423
|
+
end
|
424
|
+
def test_portlet_throw_generic_exception_still_render_page
|
425
|
+
@page = Factory(:page, :section => root_section, :path => "/about", :name => "Test About", :template_file_name => "default.html.erb", :publish_on_save => true)
|
426
|
+
@portlet_render = DynamicPortlet.create!(:name => "Test", :connect_to_page_id => @page.id, :connect_to_container => "main", :template => '<p id="hi">hello</p>')
|
427
|
+
@portlet_raise_generic = DynamicPortlet.create!(:name => "Test", :connect_to_page_id => @page.id, :connect_to_container => "main", :code => 'raise')
|
428
|
+
reset(:page)
|
429
|
+
|
430
|
+
get :show, :path => ["about"]
|
431
|
+
assert_select "#hi", "hello"
|
432
|
+
|
433
|
+
end
|
434
|
+
end
|
@@ -57,4 +57,92 @@ class Cms::LinksControllerTest < ActionController::TestCase
|
|
57
57
|
@link = Factory(:link, :section => root_section, :url => "http://v1.example.com")
|
58
58
|
end
|
59
59
|
|
60
|
-
end
|
60
|
+
end
|
61
|
+
|
62
|
+
class Cms::LinksControllerPermissionsTest < ActionController::TestCase
|
63
|
+
tests Cms::LinksController
|
64
|
+
include Cms::ControllerTestHelper
|
65
|
+
|
66
|
+
def setup
|
67
|
+
# DRYME copypaste from UserPermissionTest
|
68
|
+
@user = Factory(:user)
|
69
|
+
@group = Factory(:group, :name => "Test", :group_type => Factory(:group_type, :name => "CMS User", :cms_access => true))
|
70
|
+
@group.permissions << create_or_find_permission_named("edit_content")
|
71
|
+
@group.permissions << create_or_find_permission_named("publish_content")
|
72
|
+
@user.groups << @group
|
73
|
+
|
74
|
+
@editable_section = Factory(:section, :parent => root_section, :name => "Editable")
|
75
|
+
@editable_subsection = Factory(:section, :parent => @editable_section, :name => "Editable Subsection")
|
76
|
+
@group.sections << @editable_section
|
77
|
+
@editable_page = Factory(:page, :section => @editable_section, :name => "Editable Page")
|
78
|
+
@editable_subpage = Factory(:page, :section => @editable_subsection, :name => "Editable SubPage")
|
79
|
+
@editable_link = Factory(:link, :section => @editable_section, :name => "Editable Link")
|
80
|
+
@editable_sublink = Factory(:link, :section => @editable_subsection, :name => "Editable SubLink")
|
81
|
+
|
82
|
+
@noneditable_section = Factory(:section, :parent => root_section, :name => "Not Editable")
|
83
|
+
@noneditable_page = Factory(:page, :section => @noneditable_section, :name => "Non-Editable Page")
|
84
|
+
@noneditable_link = Factory(:link, :section => @noneditable_section, :name => "Non-Editable Link")
|
85
|
+
|
86
|
+
@noneditables = [@noneditable_section, @noneditable_page, @noneditable_link]
|
87
|
+
@editables = [@editable_section, @editable_subsection,
|
88
|
+
@editable_page, @editable_subpage,
|
89
|
+
@editable_link, @editable_sublink]
|
90
|
+
end
|
91
|
+
|
92
|
+
def test_new_permissions
|
93
|
+
login_as(@user)
|
94
|
+
|
95
|
+
get :new, :section_id => @editable_section
|
96
|
+
assert_response :success
|
97
|
+
|
98
|
+
get :new, :section_id => @noneditable_section
|
99
|
+
assert_response 403
|
100
|
+
assert_template "cms/shared/access_denied"
|
101
|
+
end
|
102
|
+
|
103
|
+
def test_create_permissions
|
104
|
+
login_as(@user)
|
105
|
+
|
106
|
+
post :create, :section_id => @editable_section, :name => "Another editable link"
|
107
|
+
assert_response :success
|
108
|
+
|
109
|
+
post :create, :section_id => @noneditable_section, :name => "Another non-editable link"
|
110
|
+
assert_response 403
|
111
|
+
assert_template "cms/shared/access_denied"
|
112
|
+
end
|
113
|
+
|
114
|
+
def test_edit_permissions
|
115
|
+
login_as(@user)
|
116
|
+
|
117
|
+
get :edit, :id => @editable_link
|
118
|
+
assert_response :success
|
119
|
+
|
120
|
+
get :edit, :id => @noneditable_link
|
121
|
+
assert_response 403
|
122
|
+
assert_template "cms/shared/access_denied"
|
123
|
+
end
|
124
|
+
|
125
|
+
def test_update_permissions
|
126
|
+
login_as(@user)
|
127
|
+
|
128
|
+
put :update, :id => @editable_link, :name => "Modified editable link"
|
129
|
+
assert_response :redirect
|
130
|
+
|
131
|
+
put :update, :id => @noneditable_link, :name => "Modified non-editable link"
|
132
|
+
assert_response 403
|
133
|
+
assert_template "cms/shared/access_denied"
|
134
|
+
end
|
135
|
+
|
136
|
+
def test_destroy_permissions
|
137
|
+
login_as(@user)
|
138
|
+
|
139
|
+
delete :destroy, :id => @editable_link
|
140
|
+
assert_response :redirect
|
141
|
+
|
142
|
+
delete :destroy, :id => @noneditable_link
|
143
|
+
assert_response 403
|
144
|
+
assert_template "cms/shared/access_denied"
|
145
|
+
end
|
146
|
+
end
|
147
|
+
|
148
|
+
|
@@ -66,6 +66,13 @@ class Cms::PagesControllerTest < ActionController::TestCase
|
|
66
66
|
end
|
67
67
|
end
|
68
68
|
|
69
|
+
def test_version
|
70
|
+
create_page
|
71
|
+
@page.update_attributes(:name => "V2")
|
72
|
+
get :version, :id => @page.to_param, :version => 1
|
73
|
+
assert_response :success
|
74
|
+
end
|
75
|
+
|
69
76
|
def test_revert_to
|
70
77
|
create_page
|
71
78
|
@page.update_attributes(:name => "V2")
|
@@ -87,3 +94,134 @@ class Cms::PagesControllerTest < ActionController::TestCase
|
|
87
94
|
end
|
88
95
|
|
89
96
|
end
|
97
|
+
|
98
|
+
class Cms::PagesControllerPermissionsTest < ActionController::TestCase
|
99
|
+
tests Cms::PagesController
|
100
|
+
include Cms::ControllerTestHelper
|
101
|
+
|
102
|
+
def setup
|
103
|
+
# DRYME copypaste from UserPermissionTest
|
104
|
+
@user = Factory(:user)
|
105
|
+
@group = Factory(:group, :name => "Test", :group_type => Factory(:group_type, :name => "CMS User", :cms_access => true))
|
106
|
+
@group.permissions << create_or_find_permission_named("edit_content")
|
107
|
+
@group.permissions << create_or_find_permission_named("publish_content")
|
108
|
+
@user.groups << @group
|
109
|
+
|
110
|
+
@editable_section = Factory(:section, :parent => root_section, :name => "Editable")
|
111
|
+
@editable_subsection = Factory(:section, :parent => @editable_section, :name => "Editable Subsection")
|
112
|
+
@group.sections << @editable_section
|
113
|
+
@editable_page = Factory(:page, :section => @editable_section, :name => "Editable Page")
|
114
|
+
@editable_subpage = Factory(:page, :section => @editable_subsection, :name => "Editable SubPage")
|
115
|
+
@editable_link = Factory(:link, :section => @editable_section, :name => "Editable Link")
|
116
|
+
@editable_sublink = Factory(:link, :section => @editable_subsection, :name => "Editable SubLink")
|
117
|
+
|
118
|
+
@noneditable_section = Factory(:section, :parent => root_section, :name => "Not Editable")
|
119
|
+
@noneditable_page = Factory(:page, :section => @noneditable_section, :name => "Non-Editable Page")
|
120
|
+
@noneditable_link = Factory(:link, :section => @noneditable_section, :name => "Non-Editable Link")
|
121
|
+
|
122
|
+
@noneditables = [@noneditable_section, @noneditable_page, @noneditable_link]
|
123
|
+
@editables = [@editable_section, @editable_subsection,
|
124
|
+
@editable_page, @editable_subpage,
|
125
|
+
@editable_link, @editable_sublink]
|
126
|
+
end
|
127
|
+
|
128
|
+
def test_new_permissions
|
129
|
+
login_as(@user)
|
130
|
+
|
131
|
+
get :new, :section_id => @editable_section
|
132
|
+
assert_response :success
|
133
|
+
|
134
|
+
get :new, :section_id => @noneditable_section
|
135
|
+
assert_response 403
|
136
|
+
assert_template "cms/shared/access_denied"
|
137
|
+
end
|
138
|
+
|
139
|
+
def test_create_permissions
|
140
|
+
login_as(@user)
|
141
|
+
|
142
|
+
post :create, :section_id => @editable_section, :name => "Another editable page"
|
143
|
+
assert_response :success
|
144
|
+
|
145
|
+
post :create, :section_id => @noneditable_section, :name => "Another non-editable page"
|
146
|
+
assert_response 403
|
147
|
+
assert_template "cms/shared/access_denied"
|
148
|
+
end
|
149
|
+
|
150
|
+
def test_edit_permissions
|
151
|
+
login_as(@user)
|
152
|
+
|
153
|
+
get :edit, :id => @editable_page
|
154
|
+
assert_response :success
|
155
|
+
|
156
|
+
get :edit, :id => @noneditable_page
|
157
|
+
assert_response 403
|
158
|
+
assert_template "cms/shared/access_denied"
|
159
|
+
end
|
160
|
+
|
161
|
+
def test_update_permissions
|
162
|
+
login_as(@user)
|
163
|
+
|
164
|
+
# Regular update
|
165
|
+
put :update, :id => @editable_page, :name => "Modified editable page"
|
166
|
+
assert_response :redirect
|
167
|
+
|
168
|
+
put :update, :id => @noneditable_page, :name => "Modified non-editable page"
|
169
|
+
assert_response 403
|
170
|
+
assert_template "cms/shared/access_denied"
|
171
|
+
|
172
|
+
# archive
|
173
|
+
put :archive, :id => @editable_page
|
174
|
+
assert_response :redirect
|
175
|
+
|
176
|
+
put :archive, :id => @noneditable_page
|
177
|
+
assert_response 403
|
178
|
+
assert_template "cms/shared/access_denied"
|
179
|
+
|
180
|
+
# hide
|
181
|
+
put :hide, :id => @editable_page
|
182
|
+
assert_response :redirect
|
183
|
+
|
184
|
+
put :hide, :id => @noneditable_page
|
185
|
+
assert_response 403
|
186
|
+
assert_template "cms/shared/access_denied"
|
187
|
+
|
188
|
+
# publish
|
189
|
+
put :publish, :id => @editable_page
|
190
|
+
assert_response :redirect
|
191
|
+
|
192
|
+
put :publish, :id => @noneditable_page
|
193
|
+
assert_response 403
|
194
|
+
assert_template "cms/shared/access_denied"
|
195
|
+
|
196
|
+
# publish many
|
197
|
+
put :publish, :page_ids => [@editable_page.id]
|
198
|
+
assert_response :redirect
|
199
|
+
|
200
|
+
put :publish, :page_ids => [@noneditable_page.id]
|
201
|
+
assert_response 403
|
202
|
+
|
203
|
+
put :publish, :page_ids => [@editable_page.id, @noneditable_page.id]
|
204
|
+
assert_response 403
|
205
|
+
|
206
|
+
# revert_to
|
207
|
+
# can't find route...
|
208
|
+
# put :revert_to, :id => @editable_page.id
|
209
|
+
# assert_response :redirect
|
210
|
+
|
211
|
+
# put :revert_to, :id => @noneditable_page.id
|
212
|
+
# assert_response :error # shouldn't it be 403?
|
213
|
+
end
|
214
|
+
|
215
|
+
def test_destroy_permissions
|
216
|
+
login_as(@user)
|
217
|
+
|
218
|
+
delete :destroy, :id => @editable_page
|
219
|
+
assert_response :redirect
|
220
|
+
|
221
|
+
delete :destroy, :id => @noneditable_page
|
222
|
+
assert_response 403
|
223
|
+
assert_template "cms/shared/access_denied"
|
224
|
+
end
|
225
|
+
end
|
226
|
+
|
227
|
+
|