browsercms 3.4.2 → 3.5.0.rc1
Sign up to get free protection for your applications and to get access to all the features.
- data/README.markdown +1 -0
- data/app/assets/images/cms/file-uploading.gif +0 -0
- data/app/assets/javascripts/cms/application.js +1 -0
- data/app/assets/javascripts/cms/attachment_manager.js.erb +87 -0
- data/app/assets/javascripts/cms/core_library.js.erb +38 -25
- data/app/assets/stylesheets/cms/application.css.erb +1 -0
- data/app/assets/stylesheets/cms/attachment_manager.css.scss +28 -0
- data/app/controllers/cms/application_controller.rb +1 -1
- data/app/controllers/cms/attachments_controller.rb +45 -10
- data/app/controllers/cms/cache_controller.rb +1 -1
- data/app/controllers/cms/content_block_controller.rb +134 -122
- data/app/controllers/cms/content_controller.rb +143 -155
- data/app/controllers/cms/dashboard_controller.rb +11 -9
- data/app/controllers/cms/error_handling.rb +19 -7
- data/app/controllers/cms/file_blocks_controller.rb +2 -2
- data/app/controllers/cms/home_controller.rb +3 -0
- data/app/controllers/cms/section_nodes_controller.rb +52 -44
- data/app/controllers/cms/sections_controller.rb +4 -2
- data/app/controllers/cms/toolbar_controller.rb +14 -10
- data/app/helpers/cms/application_helper.rb +23 -19
- data/app/helpers/cms/form_builder.rb +65 -18
- data/app/helpers/cms/mobile_helper.rb +19 -0
- data/app/helpers/cms/path_helper.rb +30 -4
- data/app/helpers/cms/rendering_helper.rb +9 -1
- data/app/models/cms/abstract_file_block.rb +6 -6
- data/app/models/cms/attachment.rb +196 -107
- data/app/models/cms/category.rb +3 -0
- data/app/models/cms/category_type.rb +2 -0
- data/app/models/cms/connector.rb +3 -0
- data/app/models/cms/content_type.rb +3 -0
- data/app/models/cms/content_type_group.rb +2 -0
- data/app/models/cms/dynamic_view.rb +4 -0
- data/app/models/cms/email_message.rb +2 -0
- data/app/models/cms/file_block.rb +9 -2
- data/app/models/cms/group.rb +5 -2
- data/app/models/cms/group_permission.rb +2 -0
- data/app/models/cms/group_section.rb +3 -0
- data/app/models/cms/group_type.rb +2 -0
- data/app/models/cms/group_type_permission.rb +2 -0
- data/app/models/cms/html_block.rb +3 -2
- data/app/models/cms/image_block.rb +13 -2
- data/app/models/cms/page.rb +14 -3
- data/app/models/cms/page_route.rb +4 -0
- data/app/models/cms/page_route_condition.rb +1 -0
- data/app/models/cms/page_route_option.rb +2 -0
- data/app/models/cms/page_route_requirement.rb +1 -0
- data/app/models/cms/permission.rb +3 -0
- data/app/models/cms/portlet.rb +2 -2
- data/app/models/cms/redirect.rb +2 -0
- data/app/models/cms/section.rb +15 -1
- data/app/models/cms/section_node.rb +1 -0
- data/app/models/cms/site.rb +3 -0
- data/app/models/cms/tag.rb +2 -0
- data/app/models/cms/tagging.rb +3 -0
- data/app/models/cms/task.rb +5 -1
- data/app/models/cms/user.rb +1 -1
- data/app/models/cms/user_group_membership.rb +3 -0
- data/app/views/cms/attachments/_attachment.html.erb +14 -0
- data/app/views/cms/attachments/_attachment_table.html.erb +17 -0
- data/app/views/cms/attachments/_attachment_wrapper.html.erb +4 -0
- data/app/views/cms/blocks/index.html.erb +2 -3
- data/app/views/cms/blocks/show.html.erb +1 -1
- data/app/views/cms/dynamic_views/index.html.erb +1 -1
- data/app/views/cms/email_messages/index.html.erb +1 -1
- data/app/views/cms/file_blocks/_form.html.erb +1 -27
- data/app/views/cms/file_blocks/_section_selector.html.erb +13 -0
- data/app/views/cms/file_blocks/render.html.erb +3 -3
- data/app/views/cms/form_builder/_cms_attachment_manager.html.erb +26 -0
- data/app/views/cms/form_builder/_cms_file_field.html.erb +27 -35
- data/app/views/cms/groups/index.html.erb +1 -1
- data/app/views/cms/image_blocks/_form.html.erb +1 -27
- data/app/views/cms/image_blocks/render.html.erb +4 -1
- data/app/views/cms/page_routes/index.html.erb +3 -0
- data/app/views/cms/shared/error.xml.erb +8 -0
- data/app/views/cms/tags/render.html.erb +1 -1
- data/app/views/cms/toolbar/_mobile_toggle.html.erb +33 -0
- data/app/views/cms/users/index.html.erb +1 -1
- data/app/views/layouts/_page_toolbar.html.erb +2 -1
- data/bin/bcms +21 -26
- data/config/routes.rb +3 -2
- data/db/browsercms.seeds.rb +2 -1
- data/db/migrate/20111130221145_browsercms340.rb +5 -4
- data/db/migrate/20120329144406_browsercms350.rb +32 -0
- data/{test/dummy/db → db}/schema.rb +97 -128
- data/{performance_tuning_notes.md → doc/performance_tuning_notes.md} +0 -0
- data/doc/release_notes.md +74 -0
- data/lib/browsercms.rb +3 -0
- data/lib/cms/acts/content_block.rb +10 -2
- data/lib/cms/addressable.rb +8 -0
- data/lib/cms/attachments/attachment_serving.rb +59 -0
- data/lib/cms/attachments/configuration.rb +88 -0
- data/lib/cms/behaviors/attaching.rb +305 -136
- data/lib/cms/behaviors/connecting.rb +3 -4
- data/lib/cms/behaviors/dynamic_attributes.rb +121 -118
- data/lib/cms/behaviors/flush_cache_on_change.rb +1 -3
- data/lib/cms/behaviors/naming.rb +16 -0
- data/lib/cms/behaviors/pagination.rb +4 -1
- data/lib/cms/behaviors/publishing.rb +9 -3
- data/lib/cms/behaviors/searching.rb +3 -8
- data/lib/cms/behaviors/soft_deleting.rb +1 -0
- data/lib/cms/behaviors/taggable.rb +2 -0
- data/lib/cms/behaviors/versioning.rb +73 -120
- data/lib/cms/caching.rb +53 -11
- data/lib/cms/commands/actions.rb +19 -2
- data/lib/cms/configuration.rb +44 -0
- data/lib/cms/content_rendering_support.rb +9 -6
- data/lib/cms/default_accessible.rb +13 -0
- data/lib/cms/domain_support.rb +22 -0
- data/lib/cms/engine.rb +40 -19
- data/lib/cms/engine_helper.rb +54 -0
- data/lib/cms/extensions/active_record/connection_adapters/abstract/schema_statements.rb +14 -2
- data/lib/cms/mobile_aware.rb +67 -0
- data/lib/cms/route_extensions.rb +3 -0
- data/lib/cms/upgrades/v3_5_0.rb +155 -0
- data/lib/cms/version.rb +6 -1
- data/lib/generators/cms/content_block/content_block_generator.rb +14 -9
- data/lib/generators/cms/content_block/templates/_form.html.erb +17 -6
- data/lib/generators/cms/content_block/templates/render.html.erb +12 -5
- data/lib/generators/cms/template/template_generator.rb +11 -2
- data/lib/tasks/cms.rake +23 -0
- data/lib/templates/active_record/model/model.rb +6 -0
- metadata +127 -517
- data/.gitignore +0 -24
- data/.rvmrc +0 -2
- data/Gemfile +0 -29
- data/Gemfile.lock +0 -196
- data/Rakefile +0 -97
- data/app/assets/images/browsercms/.gitkeep +0 -0
- data/app/controllers/browsercms/application_controller.rb +0 -4
- data/browsercms.gemspec +0 -35
- data/config/cucumber.yml +0 -8
- data/config/database.jdbcmysql.yml +0 -30
- data/config/database.mysql.yml +0 -27
- data/config/database.postgres.yml +0 -25
- data/config/database.sqlite3.yml +0 -11
- data/config/environment.rb +0 -6
- data/config/initializers/query_reviewer_patch.rb +0 -12
- data/config/initializers/rack_1_2_1_patch.rb +0 -12
- data/config/locales/en.yml +0 -5
- data/features/acts_as_content_page.feature +0 -62
- data/features/add_content_to_pages.feature +0 -45
- data/features/caching.feature +0 -13
- data/features/ckeditor.feature +0 -11
- data/features/commands/confirm_aruba_works.feature +0 -24
- data/features/commands/generate_module.feature +0 -54
- data/features/commands/install_browsercms.feature +0 -21
- data/features/commands/new_demo_project.feature +0 -30
- data/features/commands/new_projects.feature +0 -50
- data/features/commands/upgrade_modules_to_3_4_0_from_3_1_x.feature +0 -19
- data/features/commands/upgrade_project_to_3_4_0_from_3_3_x.feature +0 -52
- data/features/commands/upgrading_modules.feature +0 -67
- data/features/content_blocks/manage_custom_blocks.feature +0 -67
- data/features/content_blocks/manage_html_blocks.feature +0 -48
- data/features/content_blocks/manage_image_blocks.feature +0 -41
- data/features/content_files.feature +0 -37
- data/features/content_pages.feature +0 -21
- data/features/generators/content_blocks_for_modules.feature +0 -58
- data/features/generators/content_blocks_for_projects.feature +0 -109
- data/features/install_content.feature +0 -25
- data/features/jquery-testplan.txt +0 -12
- data/features/manage_groups.feature +0 -33
- data/features/manage_page_routes.feature +0 -72
- data/features/manage_redirects.feature +0 -20
- data/features/manage_sections.feature +0 -12
- data/features/manage_tasks.feature +0 -25
- data/features/manage_users.feature +0 -38
- data/features/page_templates.feature +0 -49
- data/features/portlets/email_friend_portlet.feature +0 -29
- data/features/portlets/portlets.feature +0 -100
- data/features/portlets/tag_cloud_portlet.feature +0 -28
- data/features/sitemap/create_pages.feature +0 -15
- data/features/sitemap/manage_links.feature +0 -29
- data/features/sitemap/sitemap.feature +0 -18
- data/features/step_definitions/acts_as_content_page_steps.rb.rb +0 -3
- data/features/step_definitions/ckeditor_steps.rb +0 -13
- data/features/step_definitions/command_line_steps.rb +0 -212
- data/features/step_definitions/content_pages_steps.rb +0 -170
- data/features/step_definitions/data_steps.rb +0 -48
- data/features/step_definitions/edit_page_templates_steps.rb +0 -21
- data/features/step_definitions/html_blocks_steps.rb +0 -9
- data/features/step_definitions/install_content_steps.rb +0 -4
- data/features/step_definitions/manage_content_blocks_steps.rb +0 -26
- data/features/step_definitions/manage_image_blocks_steps.rb +0 -31
- data/features/step_definitions/manage_sections_steps.rb +0 -18
- data/features/step_definitions/manage_user_steps.rb +0 -22
- data/features/step_definitions/more_custom_block_steps.rb +0 -34
- data/features/step_definitions/page_route_steps.rb +0 -65
- data/features/step_definitions/page_template_steps.rb +0 -5
- data/features/step_definitions/permissions_steps.rb +0 -13
- data/features/step_definitions/portlets_steps.rb +0 -64
- data/features/step_definitions/redirect_steps.rb +0 -12
- data/features/step_definitions/sitemap_steps.rb +0 -18
- data/features/step_definitions/tag_cloud_steps.rb +0 -11
- data/features/step_definitions/task_steps.rb +0 -4
- data/features/step_definitions/taxonomy_steps.rb +0 -16
- data/features/step_definitions/upgrade_module_steps.rb +0 -76
- data/features/step_definitions/web_steps.rb +0 -211
- data/features/support/async_support.rb +0 -17
- data/features/support/command_line_helpers.rb +0 -63
- data/features/support/debug_formatter.rb +0 -7
- data/features/support/debugging.rb +0 -28
- data/features/support/env.rb +0 -73
- data/features/support/git_api.rb +0 -9
- data/features/support/open_on_first_failure.rb +0 -25
- data/features/support/paths.rb +0 -32
- data/features/support/rails_api.rb +0 -8
- data/features/support/selectors.rb +0 -39
- data/features/support/transforms.rb +0 -7
- data/features/taxonomy/add_content_with_category.feature +0 -30
- data/features/taxonomy/manage_categories.feature +0 -20
- data/features/taxonomy/manage_category_types.feature +0 -16
- data/lib/cms/init.rb +0 -105
- data/lib/tasks/data.rake +0 -43
- data/lib/tasks/db.rake +0 -82
- data/public/styled_file_field/index.html +0 -72
- data/script/cucumber +0 -10
- data/script/rails +0 -6
- data/test/console_helper.rb +0 -5
- data/test/custom_assertions.rb +0 -84
- data/test/dummy/Rakefile +0 -7
- data/test/dummy/app/assets/javascripts/application.js +0 -9
- data/test/dummy/app/assets/javascripts/content_page.js +0 -2
- data/test/dummy/app/assets/stylesheets/application.css +0 -7
- data/test/dummy/app/assets/stylesheets/content_page.css +0 -4
- data/test/dummy/app/controllers/application_controller.rb +0 -3
- data/test/dummy/app/controllers/cms/products_controller.rb +0 -2
- data/test/dummy/app/controllers/cms/sample_blocks_controller.rb +0 -3
- data/test/dummy/app/controllers/content_page_controller.rb +0 -13
- data/test/dummy/app/helpers/application_helper.rb +0 -2
- data/test/dummy/app/helpers/content_page_helper.rb +0 -2
- data/test/dummy/app/mailers/.gitkeep +0 -0
- data/test/dummy/app/models/.gitkeep +0 -0
- data/test/dummy/app/models/cms/sample_block.rb +0 -22
- data/test/dummy/app/models/product.rb +0 -5
- data/test/dummy/app/views/cms/products/_form.html.erb +0 -7
- data/test/dummy/app/views/cms/products/render.html.erb +0 -3
- data/test/dummy/app/views/content_page/custom_page.html.erb +0 -3
- data/test/dummy/app/views/content_page/index.html.erb +0 -2
- data/test/dummy/app/views/layouts/application.html.erb +0 -14
- data/test/dummy/app/views/layouts/templates/default.html.erb +0 -17
- data/test/dummy/app/views/layouts/templates/subpage.html.erb +0 -16
- data/test/dummy/app/views/test_route/index.html.erb +0 -14
- data/test/dummy/config.ru +0 -4
- data/test/dummy/config/application.rb +0 -45
- data/test/dummy/config/boot.rb +0 -10
- data/test/dummy/config/database.yml +0 -27
- data/test/dummy/config/environment.rb +0 -5
- data/test/dummy/config/environments/development.rb +0 -32
- data/test/dummy/config/environments/production.rb +0 -60
- data/test/dummy/config/environments/test.rb +0 -46
- data/test/dummy/config/initializers/backtrace_silencers.rb +0 -7
- data/test/dummy/config/initializers/browsercms.rb +0 -7
- data/test/dummy/config/initializers/inflections.rb +0 -10
- data/test/dummy/config/initializers/mime_types.rb +0 -5
- data/test/dummy/config/initializers/quiet_sprocket_assets.rb +0 -13
- data/test/dummy/config/initializers/secret_token.rb +0 -7
- data/test/dummy/config/initializers/session_store.rb +0 -8
- data/test/dummy/config/initializers/wrap_parameters.rb +0 -14
- data/test/dummy/config/locales/en.yml +0 -5
- data/test/dummy/config/routes.rb +0 -23
- data/test/dummy/db/migrate/20111228141250_create_products.rb +0 -16
- data/test/dummy/db/seeds.rb +0 -1
- data/test/dummy/lib/assets/.gitkeep +0 -0
- data/test/dummy/public/404.html +0 -26
- data/test/dummy/public/422.html +0 -26
- data/test/dummy/public/500.html +0 -26
- data/test/dummy/public/favicon.ico +0 -0
- data/test/dummy/script/rails +0 -6
- data/test/dummy/test/functional/content_page_controller_test.rb +0 -9
- data/test/dummy/test/unit/helpers/content_page_helper_test.rb +0 -4
- data/test/factories.rb +0 -235
- data/test/fixtures/multipart/foo.jpg +0 -0
- data/test/fixtures/multipart/sample_upload.txt +0 -1
- data/test/fixtures/multipart/second_upload.txt +0 -1
- data/test/fixtures/multipart/test.jpg +0 -0
- data/test/fixtures/multipart/version1.txt +0 -1
- data/test/fixtures/multipart/version2.txt +0 -1
- data/test/functional/cms/cache_controller_test.rb +0 -16
- data/test/functional/cms/categories_controller_test.rb +0 -28
- data/test/functional/cms/connectors_controller_test.rb +0 -64
- data/test/functional/cms/content_block_controller_test.rb +0 -127
- data/test/functional/cms/content_controller_test.rb +0 -351
- data/test/functional/cms/dashboard_controller_test.rb +0 -20
- data/test/functional/cms/file_blocks_controller_test.rb +0 -55
- data/test/functional/cms/home_controller_test.rb +0 -160
- data/test/functional/cms/html_blocks_controller_test.rb +0 -159
- data/test/functional/cms/image_blocks_controller_test.rb +0 -78
- data/test/functional/cms/links_controller_test.rb +0 -92
- data/test/functional/cms/log/test.log +0 -0
- data/test/functional/cms/pages_controller_test.rb +0 -233
- data/test/functional/cms/portlets_controller_test.rb +0 -57
- data/test/functional/cms/sections_controller_test.rb +0 -234
- data/test/functional/cms/sessions_controller_test.rb +0 -80
- data/test/functional/cms/tasks_controller_test.rb +0 -64
- data/test/functional/cms/toolbar_controller_test.rb +0 -76
- data/test/functional/cms/users_controller_test.rb +0 -218
- data/test/integration/cms/password_management_test.rb +0 -66
- data/test/integration/sitemap_performance_test.rb +0 -26
- data/test/mock_file.rb +0 -33
- data/test/performance/browsing_test.rb +0 -9
- data/test/support/engine_controller_hacks.rb +0 -34
- data/test/support/factory_helpers.rb +0 -57
- data/test/support/rails_3_1_routes_hack.rb +0 -70
- data/test/test_helper.rb +0 -199
- data/test/test_logging.rb +0 -67
- data/test/unit/active_record_callbacks.rb +0 -50
- data/test/unit/behaviors/attaching_test.rb +0 -370
- data/test/unit/behaviors/cms_user_test.rb +0 -67
- data/test/unit/behaviors/connectable_test.rb +0 -32
- data/test/unit/behaviors/connecting_test.rb +0 -56
- data/test/unit/behaviors/dynamic_attributes_test.rb +0 -74
- data/test/unit/behaviors/namespacing_test.rb +0 -76
- data/test/unit/behaviors/publishable_test.rb +0 -83
- data/test/unit/behaviors/rendering_test.rb +0 -68
- data/test/unit/behaviors/searching_test.rb +0 -102
- data/test/unit/behaviors/taggable_test.rb +0 -110
- data/test/unit/behaviors/userstamping_test.rb +0 -27
- data/test/unit/behaviors/versioning_test.rb +0 -102
- data/test/unit/extensions/active_record/base_test.rb +0 -25
- data/test/unit/extensions/hash_test.rb +0 -26
- data/test/unit/extensions/integer_test.rb +0 -10
- data/test/unit/extensions/string_test.rb +0 -14
- data/test/unit/factories_test.rb +0 -50
- data/test/unit/generators/install_generator_test.rb +0 -15
- data/test/unit/helpers/application_helper_test.rb +0 -104
- data/test/unit/helpers/date_picker_test.rb +0 -17
- data/test/unit/helpers/menu_helper_test.rb +0 -240
- data/test/unit/helpers/page_helper_test.rb +0 -69
- data/test/unit/helpers/path_helper_test.rb +0 -38
- data/test/unit/helpers/rendering_helper_test.rb +0 -8
- data/test/unit/lib/acts_as_content_page_test.rb +0 -72
- data/test/unit/lib/cms/authentication/controller_test.rb +0 -20
- data/test/unit/lib/cms/engine_helper_test.rb +0 -119
- data/test/unit/lib/cms/sitemap_test.rb +0 -210
- data/test/unit/lib/cms_domain_support_test.rb +0 -44
- data/test/unit/lib/command_line_test.rb +0 -70
- data/test/unit/lib/content_block_test.rb +0 -304
- data/test/unit/lib/content_rendering_support_test.rb +0 -40
- data/test/unit/lib/generators_test.rb +0 -40
- data/test/unit/lib/routes_test.rb +0 -98
- data/test/unit/mock_file_test.rb +0 -19
- data/test/unit/models/attachment_test.rb +0 -160
- data/test/unit/models/category_test.rb +0 -40
- data/test/unit/models/category_type_test.rb +0 -8
- data/test/unit/models/connector_test.rb +0 -152
- data/test/unit/models/content_type_group_test.rb +0 -26
- data/test/unit/models/content_type_test.rb +0 -177
- data/test/unit/models/dynamic_views_test.rb +0 -36
- data/test/unit/models/email_page_portlet_test.rb +0 -20
- data/test/unit/models/file_block_test.rb +0 -246
- data/test/unit/models/group_test.rb +0 -29
- data/test/unit/models/html_block_test.rb +0 -121
- data/test/unit/models/image_block_test.rb +0 -35
- data/test/unit/models/link_test.rb +0 -52
- data/test/unit/models/namespaces_test.rb +0 -57
- data/test/unit/models/page_partial_test.rb +0 -37
- data/test/unit/models/page_route_test.rb +0 -113
- data/test/unit/models/page_template_test.rb +0 -50
- data/test/unit/models/page_test.rb +0 -879
- data/test/unit/models/permission_test.rb +0 -10
- data/test/unit/models/portlet_test.rb +0 -99
- data/test/unit/models/sections_test.rb +0 -278
- data/test/unit/models/site_test.rb +0 -50
- data/test/unit/models/task_test.rb +0 -150
- data/test/unit/models/user_test.rb +0 -358
- data/test/unit/schema_statements_test.rb +0 -137
- data/todo_list.markdown +0 -50
@@ -1,92 +0,0 @@
|
|
1
|
-
require 'test_helper'
|
2
|
-
|
3
|
-
module Cms
|
4
|
-
|
5
|
-
class LinksControllerPermissionsTest < ActionController::TestCase
|
6
|
-
tests Cms::LinksController
|
7
|
-
include Cms::ControllerTestHelper
|
8
|
-
|
9
|
-
def setup
|
10
|
-
# DRYME copypaste from UserPermissionTest
|
11
|
-
@user = Factory(:user)
|
12
|
-
@group = Factory(:group, :name => "Test", :group_type => Factory(:group_type, :name => "CMS User", :cms_access => true))
|
13
|
-
@group.permissions << create_or_find_permission_named("edit_content")
|
14
|
-
@group.permissions << create_or_find_permission_named("publish_content")
|
15
|
-
@user.groups << @group
|
16
|
-
|
17
|
-
@editable_section = Factory(:section, :parent => root_section, :name => "Editable")
|
18
|
-
@editable_subsection = Factory(:section, :parent => @editable_section, :name => "Editable Subsection")
|
19
|
-
@group.sections << @editable_section
|
20
|
-
@editable_page = Factory(:page, :section => @editable_section, :name => "Editable Page")
|
21
|
-
@editable_subpage = Factory(:page, :section => @editable_subsection, :name => "Editable SubPage")
|
22
|
-
@editable_link = Factory(:link, :section => @editable_section, :name => "Editable Link")
|
23
|
-
@editable_sublink = Factory(:link, :section => @editable_subsection, :name => "Editable SubLink")
|
24
|
-
|
25
|
-
@noneditable_section = Factory(:section, :parent => root_section, :name => "Not Editable")
|
26
|
-
@noneditable_page = Factory(:page, :section => @noneditable_section, :name => "Non-Editable Page")
|
27
|
-
@noneditable_link = Factory(:link, :section => @noneditable_section, :name => "Non-Editable Link")
|
28
|
-
|
29
|
-
@noneditables = [@noneditable_section, @noneditable_page, @noneditable_link]
|
30
|
-
@editables = [@editable_section, @editable_subsection,
|
31
|
-
@editable_page, @editable_subpage,
|
32
|
-
@editable_link, @editable_sublink]
|
33
|
-
end
|
34
|
-
|
35
|
-
def test_new_permissions
|
36
|
-
login_as(@user)
|
37
|
-
|
38
|
-
get :new, :section_id => @editable_section
|
39
|
-
assert_response :success
|
40
|
-
|
41
|
-
get :new, :section_id => @noneditable_section
|
42
|
-
assert_response 403
|
43
|
-
assert_template "cms/shared/access_denied"
|
44
|
-
end
|
45
|
-
|
46
|
-
def test_create_permissions
|
47
|
-
login_as(@user)
|
48
|
-
|
49
|
-
post :create, :section_id => @editable_section, :name => "Another editable link"
|
50
|
-
assert_response :success
|
51
|
-
|
52
|
-
post :create, :section_id => @noneditable_section, :name => "Another non-editable link"
|
53
|
-
assert_response 403
|
54
|
-
assert_template "cms/shared/access_denied"
|
55
|
-
end
|
56
|
-
|
57
|
-
def test_edit_permissions
|
58
|
-
login_as(@user)
|
59
|
-
|
60
|
-
get :edit, :id => @editable_link
|
61
|
-
assert_response :success
|
62
|
-
|
63
|
-
get :edit, :id => @noneditable_link
|
64
|
-
assert_response 403
|
65
|
-
assert_template "cms/shared/access_denied"
|
66
|
-
end
|
67
|
-
|
68
|
-
def test_update_permissions
|
69
|
-
login_as(@user)
|
70
|
-
|
71
|
-
put :update, :id => @editable_link, :name => "Modified editable link"
|
72
|
-
assert_response :redirect
|
73
|
-
|
74
|
-
put :update, :id => @noneditable_link, :name => "Modified non-editable link"
|
75
|
-
assert_response 403
|
76
|
-
assert_template "cms/shared/access_denied"
|
77
|
-
end
|
78
|
-
|
79
|
-
def test_destroy_permissions
|
80
|
-
login_as(@user)
|
81
|
-
|
82
|
-
delete :destroy, :id => @editable_link
|
83
|
-
assert_response :redirect
|
84
|
-
|
85
|
-
delete :destroy, :id => @noneditable_link
|
86
|
-
assert_response 403
|
87
|
-
assert_template "cms/shared/access_denied"
|
88
|
-
end
|
89
|
-
end
|
90
|
-
|
91
|
-
|
92
|
-
end
|
File without changes
|
@@ -1,233 +0,0 @@
|
|
1
|
-
require 'test_helper'
|
2
|
-
|
3
|
-
module Cms
|
4
|
-
|
5
|
-
|
6
|
-
class PagesControllerTest < ActionController::TestCase
|
7
|
-
include Cms::ControllerTestHelper
|
8
|
-
|
9
|
-
def setup
|
10
|
-
given_there_is_a_cmsadmin
|
11
|
-
given_there_is_a_sitemap
|
12
|
-
login_as_cms_admin
|
13
|
-
end
|
14
|
-
|
15
|
-
def test_new
|
16
|
-
get :new, :section_id => root_section.id
|
17
|
-
assert_response :success
|
18
|
-
assert_equal root_section, assigns(:page).section
|
19
|
-
end
|
20
|
-
|
21
|
-
def test_edit
|
22
|
-
create_page
|
23
|
-
|
24
|
-
# Make a change to the page, unpublished
|
25
|
-
@page.update_attributes(:name => "V2")
|
26
|
-
|
27
|
-
get :edit, :id => @page.id
|
28
|
-
assert_response :success
|
29
|
-
assert_select "#page_name[value=?]", "V2"
|
30
|
-
end
|
31
|
-
|
32
|
-
def test_unhide
|
33
|
-
|
34
|
-
create_page
|
35
|
-
|
36
|
-
@page.update_attributes(:hidden => true)
|
37
|
-
reset(:page)
|
38
|
-
|
39
|
-
assert @page.draft.hidden?
|
40
|
-
|
41
|
-
put :update, :id => @page.id, :page => {:hidden => false}
|
42
|
-
assert_redirected_to @page
|
43
|
-
|
44
|
-
reset(:page)
|
45
|
-
assert !@page.draft.hidden?
|
46
|
-
end
|
47
|
-
|
48
|
-
def test_publish
|
49
|
-
create_page
|
50
|
-
|
51
|
-
assert !@page.published?
|
52
|
-
|
53
|
-
put :publish, :id => @page.to_param
|
54
|
-
reset(:page)
|
55
|
-
|
56
|
-
assert @page.published?
|
57
|
-
assert_equal "Page 'Test' was published", flash[:notice]
|
58
|
-
|
59
|
-
assert_redirected_to @page.path
|
60
|
-
end
|
61
|
-
|
62
|
-
def test_versions
|
63
|
-
create_page
|
64
|
-
@page.update_attributes(:name => "V2")
|
65
|
-
@page.update_attributes(:name => "V3")
|
66
|
-
|
67
|
-
get :versions, :id => @page.to_param
|
68
|
-
#log @response.body
|
69
|
-
(1..3).each do |n|
|
70
|
-
assert_select "tr[id=?]", "revision_#{n}"
|
71
|
-
end
|
72
|
-
end
|
73
|
-
|
74
|
-
def test_version
|
75
|
-
create_page
|
76
|
-
@page.update_attributes(:name => "V2")
|
77
|
-
get :version, :id => @page.to_param, :version => 1
|
78
|
-
assert_response :success
|
79
|
-
end
|
80
|
-
|
81
|
-
def test_revert_to
|
82
|
-
create_page
|
83
|
-
@page.update_attributes(:name => "V2")
|
84
|
-
@page.update_attributes(:name => "V3")
|
85
|
-
reset(:page)
|
86
|
-
|
87
|
-
put :revert_to, :id => @page.to_param, :version => 1
|
88
|
-
reset(:page)
|
89
|
-
|
90
|
-
assert_redirected_to @page.path
|
91
|
-
assert !@page.published?
|
92
|
-
assert_equal "Test", @page.name
|
93
|
-
assert_equal 4, @page.draft.version
|
94
|
-
end
|
95
|
-
|
96
|
-
protected
|
97
|
-
def create_page
|
98
|
-
@page = Factory(:page, :section => root_section, :name => "Test", :path => "test")
|
99
|
-
end
|
100
|
-
|
101
|
-
end
|
102
|
-
|
103
|
-
class PagesControllerPermissionsTest < ActionController::TestCase
|
104
|
-
tests Cms::PagesController
|
105
|
-
include Cms::ControllerTestHelper
|
106
|
-
|
107
|
-
def setup
|
108
|
-
# DRYME copypaste from UserPermissionTest
|
109
|
-
@user = Factory(:user)
|
110
|
-
@group = Factory(:group, :name => "Test", :group_type => Factory(:group_type, :name => "CMS User", :cms_access => true))
|
111
|
-
@group.permissions << create_or_find_permission_named("edit_content")
|
112
|
-
@group.permissions << create_or_find_permission_named("publish_content")
|
113
|
-
@user.groups << @group
|
114
|
-
|
115
|
-
@editable_section = Factory(:section, :parent => root_section, :name => "Editable")
|
116
|
-
@editable_subsection = Factory(:section, :parent => @editable_section, :name => "Editable Subsection")
|
117
|
-
@group.sections << @editable_section
|
118
|
-
@editable_page = Factory(:page, :section => @editable_section, :name => "Editable Page")
|
119
|
-
@editable_subpage = Factory(:page, :section => @editable_subsection, :name => "Editable SubPage")
|
120
|
-
@editable_link = Factory(:link, :section => @editable_section, :name => "Editable Link")
|
121
|
-
@editable_sublink = Factory(:link, :section => @editable_subsection, :name => "Editable SubLink")
|
122
|
-
|
123
|
-
@noneditable_section = Factory(:section, :parent => root_section, :name => "Not Editable")
|
124
|
-
@noneditable_page = Factory(:page, :section => @noneditable_section, :name => "Non-Editable Page")
|
125
|
-
@noneditable_link = Factory(:link, :section => @noneditable_section, :name => "Non-Editable Link")
|
126
|
-
|
127
|
-
@noneditables = [@noneditable_section, @noneditable_page, @noneditable_link]
|
128
|
-
@editables = [@editable_section, @editable_subsection,
|
129
|
-
@editable_page, @editable_subpage,
|
130
|
-
@editable_link, @editable_sublink]
|
131
|
-
end
|
132
|
-
|
133
|
-
def test_new_permissions
|
134
|
-
login_as(@user)
|
135
|
-
|
136
|
-
get :new, :section_id => @editable_section
|
137
|
-
assert_response :success
|
138
|
-
|
139
|
-
get :new, :section_id => @noneditable_section
|
140
|
-
assert_response 403
|
141
|
-
assert_template "cms/shared/access_denied"
|
142
|
-
end
|
143
|
-
|
144
|
-
def test_create_permissions
|
145
|
-
login_as(@user)
|
146
|
-
|
147
|
-
post :create, :section_id => @editable_section, :name => "Another editable page"
|
148
|
-
assert_response :success
|
149
|
-
|
150
|
-
post :create, :section_id => @noneditable_section, :name => "Another non-editable page"
|
151
|
-
assert_response 403
|
152
|
-
assert_template "cms/shared/access_denied"
|
153
|
-
end
|
154
|
-
|
155
|
-
def test_edit_permissions
|
156
|
-
login_as(@user)
|
157
|
-
|
158
|
-
get :edit, :id => @editable_page
|
159
|
-
assert_response :success
|
160
|
-
|
161
|
-
get :edit, :id => @noneditable_page
|
162
|
-
assert_response 403
|
163
|
-
assert_template "cms/shared/access_denied"
|
164
|
-
end
|
165
|
-
|
166
|
-
def test_update_permissions
|
167
|
-
login_as(@user)
|
168
|
-
|
169
|
-
# Regular update
|
170
|
-
put :update, :id => @editable_page, :name => "Modified editable page"
|
171
|
-
assert_response :redirect
|
172
|
-
|
173
|
-
put :update, :id => @noneditable_page, :name => "Modified non-editable page"
|
174
|
-
assert_response 403
|
175
|
-
assert_template "cms/shared/access_denied"
|
176
|
-
|
177
|
-
# archive
|
178
|
-
put :archive, :id => @editable_page
|
179
|
-
assert_response :redirect
|
180
|
-
|
181
|
-
put :archive, :id => @noneditable_page
|
182
|
-
assert_response 403
|
183
|
-
assert_template "cms/shared/access_denied"
|
184
|
-
|
185
|
-
# hide
|
186
|
-
put :hide, :id => @editable_page
|
187
|
-
assert_response :redirect
|
188
|
-
|
189
|
-
put :hide, :id => @noneditable_page
|
190
|
-
assert_response 403
|
191
|
-
assert_template "cms/shared/access_denied"
|
192
|
-
|
193
|
-
# publish
|
194
|
-
put :publish, :id => @editable_page
|
195
|
-
assert_response :redirect
|
196
|
-
|
197
|
-
put :publish, :id => @noneditable_page
|
198
|
-
assert_response 403
|
199
|
-
assert_template "cms/shared/access_denied"
|
200
|
-
|
201
|
-
# publish many
|
202
|
-
put :publish, :page_ids => [@editable_page.id]
|
203
|
-
assert_response :redirect
|
204
|
-
|
205
|
-
put :publish, :page_ids => [@noneditable_page.id]
|
206
|
-
assert_response 403
|
207
|
-
|
208
|
-
put :publish, :page_ids => [@editable_page.id, @noneditable_page.id]
|
209
|
-
assert_response 403
|
210
|
-
|
211
|
-
# revert_to
|
212
|
-
# can't find route...
|
213
|
-
# put :revert_to, :id => @editable_page.id
|
214
|
-
# assert_response :redirect
|
215
|
-
|
216
|
-
# put :revert_to, :id => @noneditable_page.id
|
217
|
-
# assert_response :error # shouldn't it be 403?
|
218
|
-
end
|
219
|
-
|
220
|
-
def test_destroy_permissions
|
221
|
-
login_as(@user)
|
222
|
-
|
223
|
-
delete :destroy, :id => @editable_page
|
224
|
-
assert_response :redirect
|
225
|
-
|
226
|
-
delete :destroy, :id => @noneditable_page
|
227
|
-
assert_response 403
|
228
|
-
assert_template "cms/shared/access_denied"
|
229
|
-
end
|
230
|
-
end
|
231
|
-
|
232
|
-
|
233
|
-
end
|
@@ -1,57 +0,0 @@
|
|
1
|
-
require 'test_helper'
|
2
|
-
|
3
|
-
module Cms
|
4
|
-
class PortletsControllerTest < ActionController::TestCase
|
5
|
-
include Cms::ControllerTestHelper
|
6
|
-
|
7
|
-
def setup
|
8
|
-
login_as_cms_admin
|
9
|
-
@block = DynamicPortlet.create!(:name => "V1", :code => "@foo = 42", :template => "<%= @foo %>")
|
10
|
-
end
|
11
|
-
|
12
|
-
def test_index
|
13
|
-
get :index
|
14
|
-
assert_response :success
|
15
|
-
assert_select "#dynamic_portlet_#{@block.id}"
|
16
|
-
end
|
17
|
-
|
18
|
-
def test_show
|
19
|
-
get :show, :id => @block.id
|
20
|
-
assert_response :success
|
21
|
-
assert_select "a#revisions_link", false
|
22
|
-
end
|
23
|
-
|
24
|
-
def test_new
|
25
|
-
get :new
|
26
|
-
assert_response :success
|
27
|
-
assert_select "title", "Content Library / Select Portlet Type"
|
28
|
-
end
|
29
|
-
|
30
|
-
def test_edit
|
31
|
-
get :edit, :id => @block.id
|
32
|
-
assert_response :success
|
33
|
-
assert_select "title", "Content Library / Edit Portlet"
|
34
|
-
assert_select "h1", "Edit Portlet 'V1'"
|
35
|
-
end
|
36
|
-
|
37
|
-
def test_usages
|
38
|
-
@page = Factory(:page, :section => root_section, :name => "Test Page", :path => "test")
|
39
|
-
@page.create_connector(@block, "main")
|
40
|
-
@page.reload
|
41
|
-
@page.publish! # usages are only relevant when page is published
|
42
|
-
|
43
|
-
get :usages, :id => @block.id
|
44
|
-
|
45
|
-
assert_response :success
|
46
|
-
assert_select "td.page_name", "Test Page"
|
47
|
-
end
|
48
|
-
|
49
|
-
# Doesn't really belong here, but I'm not sure how else to test the behavior of the form_builders
|
50
|
-
def test_form_helpers_which_use_instructions
|
51
|
-
get :new, :type=>"login_portlet"
|
52
|
-
assert_response :success
|
53
|
-
assert_select "div.instructions", "Leave blank to send the user to the page they were trying to access"
|
54
|
-
|
55
|
-
end
|
56
|
-
end
|
57
|
-
end
|
@@ -1,234 +0,0 @@
|
|
1
|
-
require 'test_helper'
|
2
|
-
|
3
|
-
module Cms
|
4
|
-
class SectionsControllerTest < ActionController::TestCase
|
5
|
-
include Cms::ControllerTestHelper
|
6
|
-
|
7
|
-
def setup
|
8
|
-
given_a_site_exists
|
9
|
-
login_as_cms_admin
|
10
|
-
given_there_is_a_sitemap
|
11
|
-
end
|
12
|
-
|
13
|
-
def test_edit
|
14
|
-
get :edit, :id => root_section.to_param
|
15
|
-
assert_response :success
|
16
|
-
assert_select "input[name=?][value=?]", "section[name]", root_section.name
|
17
|
-
end
|
18
|
-
|
19
|
-
test "GET new should set the groups to the parent section's groups by default" do
|
20
|
-
@group = Factory(:group, :name => "Test", :group_type => Factory(:group_type, :name => "CMS User", :cms_access => true))
|
21
|
-
get :new, :section_id => root_section.to_param
|
22
|
-
|
23
|
-
assert_response :success
|
24
|
-
expected_groups = root_section.groups
|
25
|
-
assert_equal expected_groups, assigns(:section).groups
|
26
|
-
assert !assigns(:section).groups.include?(@group)
|
27
|
-
end
|
28
|
-
|
29
|
-
def test_update
|
30
|
-
@section = Factory(:section, :name => "V1", :parent => root_section, :groups => root_section.groups)
|
31
|
-
|
32
|
-
put :update, :id => @section.to_param, :section => {:name => "V2"}
|
33
|
-
reset(:section)
|
34
|
-
|
35
|
-
assert_redirected_to @section
|
36
|
-
assert_equal "V2", @section.name
|
37
|
-
assert_equal "Section 'V2' was updated", flash[:notice]
|
38
|
-
end
|
39
|
-
|
40
|
-
end
|
41
|
-
|
42
|
-
class SectionFileBrowserControllerTest < ActionController::TestCase
|
43
|
-
tests Cms::SectionsController
|
44
|
-
include Cms::ControllerTestHelper
|
45
|
-
|
46
|
-
def setup
|
47
|
-
given_a_site_exists
|
48
|
-
login_as_cms_admin
|
49
|
-
given_there_is_a_sitemap
|
50
|
-
end
|
51
|
-
|
52
|
-
def test_root_section
|
53
|
-
@foo = Factory(:section, :parent => root_section, :name => "Foo", :path => '/foo')
|
54
|
-
@bar = Factory(:section, :parent => root_section, :name => "Bar", :path => '/bar')
|
55
|
-
@home = Factory(:page, :section => root_section, :name => "Home", :path => '/home')
|
56
|
-
|
57
|
-
get :file_browser, :format => "xml", "CurrentFolder" => "/", "Command" => "GetFilesAndFolders", "Type" => "Page"
|
58
|
-
|
59
|
-
assert_response :success
|
60
|
-
assert_equal "application/xml", @response.content_type
|
61
|
-
assert_select "Connector[command=?][resourceType=?]", "GetFilesAndFolders", "Page" do
|
62
|
-
assert_select "CurrentFolder[path=?][url=?]", "/", "/"
|
63
|
-
assert_select "Folders" do
|
64
|
-
assert_select "Folder[name=?]", "Foo"
|
65
|
-
assert_select "Folder[name=?]", "Bar"
|
66
|
-
end
|
67
|
-
assert_select "Files" do
|
68
|
-
assert_select "File[name=?][url=?][size=?]", "Home", "/home", "?"
|
69
|
-
end
|
70
|
-
end
|
71
|
-
end
|
72
|
-
|
73
|
-
def test_sub_section
|
74
|
-
@foo = Factory(:section, :parent => root_section, :name => "Foo", :path => '/foo')
|
75
|
-
@bar = Factory(:section, :parent => @foo, :name => "Bar", :path => '/foo/bar')
|
76
|
-
@foo_page = Factory(:page, :section => @foo, :name => "Foo Page", :path => '/foo/page')
|
77
|
-
@home = Factory(:page, :section => root_section, :name => "Home", :path => '/home')
|
78
|
-
get :file_browser, :format => "xml", "CurrentFolder" => "/Foo/", "Command" => "GetFilesAndFolders", "Type" => "Page"
|
79
|
-
|
80
|
-
assert_response :success
|
81
|
-
assert_equal "application/xml", @response.content_type
|
82
|
-
assert_select "Connector[command=?][resourceType=?]", "GetFilesAndFolders", "Page" do
|
83
|
-
assert_select "CurrentFolder[path=?][url=?]", "/Foo/", "/Foo/"
|
84
|
-
assert_select "Folders" do
|
85
|
-
assert_select "Folder[name=?]", "Bar"
|
86
|
-
end
|
87
|
-
assert_select "Files" do
|
88
|
-
assert_select "File[name=?][url=?][size=?]", "Foo Page", "/foo/page", "?"
|
89
|
-
end
|
90
|
-
end
|
91
|
-
end
|
92
|
-
|
93
|
-
end
|
94
|
-
|
95
|
-
class SectionsControllerPermissionsTest < ActionController::TestCase
|
96
|
-
tests Cms::SectionsController
|
97
|
-
include Cms::ControllerTestHelper
|
98
|
-
|
99
|
-
def setup
|
100
|
-
# DRYME copypaste from UserPermissionTest
|
101
|
-
@user = Factory(:user)
|
102
|
-
#@group = @user.groups.first
|
103
|
-
@group = Factory(:group, :name => "Test", :group_type => Factory(:group_type, :name => "CMS User", :cms_access => true))
|
104
|
-
@group.permissions << create_or_find_permission_named("edit_content")
|
105
|
-
@group.permissions << create_or_find_permission_named("publish_content")
|
106
|
-
@user.groups << @group
|
107
|
-
|
108
|
-
@editable_section = Factory(:section, :parent => root_section, :name => "Editable")
|
109
|
-
@editable_subsection = Factory(:section, :parent => @editable_section, :name => "Editable Subsection")
|
110
|
-
@group.sections << @editable_section
|
111
|
-
@editable_page = Factory(:page, :section => @editable_section, :name => "Editable Page")
|
112
|
-
@editable_subpage = Factory(:page, :section => @editable_subsection, :name => "Editable SubPage")
|
113
|
-
@editable_link = Factory(:link, :section => @editable_section, :name => "Editable Link")
|
114
|
-
@editable_sublink = Factory(:link, :section => @editable_subsection, :name => "Editable SubLink")
|
115
|
-
|
116
|
-
@noneditable_section = Factory(:section, :parent => root_section, :name => "Not Editable")
|
117
|
-
@noneditable_page = Factory(:page, :section => @noneditable_section, :name => "Non-Editable Page")
|
118
|
-
@noneditable_link = Factory(:link, :section => @noneditable_section, :name => "Non-Editable Link")
|
119
|
-
|
120
|
-
@noneditables = [@noneditable_section, @noneditable_page, @noneditable_link]
|
121
|
-
@editables = [@editable_section, @editable_subsection,
|
122
|
-
@editable_page, @editable_subpage,
|
123
|
-
@editable_link, @editable_sublink]
|
124
|
-
|
125
|
-
end
|
126
|
-
|
127
|
-
def test_new_permissions
|
128
|
-
login_as(@user)
|
129
|
-
|
130
|
-
get :new, :section_id => @editable_section
|
131
|
-
assert_response :success
|
132
|
-
|
133
|
-
get :new, :section_id => @noneditable_section
|
134
|
-
assert_response 403
|
135
|
-
assert_template "cms/shared/access_denied"
|
136
|
-
end
|
137
|
-
|
138
|
-
test "POST create should set the groups to the parent section's groups for non-admin user" do
|
139
|
-
@group = Factory(:group, :name => "Test", :group_type => Factory(:group_type, :name => "CMS User", :cms_access => true))
|
140
|
-
login_as(@user)
|
141
|
-
get :new, :section_id => @editable_section
|
142
|
-
assert_equal @editable_section.groups, assigns(:section).groups
|
143
|
-
assert !assigns(:section).groups.include?(@group)
|
144
|
-
end
|
145
|
-
|
146
|
-
def test_create_permissions
|
147
|
-
login_as(@user)
|
148
|
-
|
149
|
-
post :create, :section_id => @editable_section, :name => "Another editable subsection"
|
150
|
-
assert_response :success
|
151
|
-
|
152
|
-
post :create, :section_id => @noneditable_section, :name => "Another non-editable subsection"
|
153
|
-
assert_response 403
|
154
|
-
assert_template "cms/shared/access_denied"
|
155
|
-
end
|
156
|
-
|
157
|
-
def test_edit_permissions
|
158
|
-
login_as(@user)
|
159
|
-
|
160
|
-
get :edit, :id => @editable_section
|
161
|
-
assert_response :success
|
162
|
-
|
163
|
-
get :edit, :id => @noneditable_section
|
164
|
-
assert_response 403
|
165
|
-
assert_template "cms/shared/access_denied"
|
166
|
-
end
|
167
|
-
|
168
|
-
def test_update_permissions
|
169
|
-
login_as(@user)
|
170
|
-
|
171
|
-
put :update, :id => @editable_section, :name => "Modified editable subsection"
|
172
|
-
assert_response :redirect
|
173
|
-
|
174
|
-
put :update, :id => @noneditable_section, :name => "Modified non-editable subsection"
|
175
|
-
assert_response 403
|
176
|
-
assert_template "cms/shared/access_denied"
|
177
|
-
end
|
178
|
-
|
179
|
-
def test_update_permissions_of_subsection
|
180
|
-
login_as(@user)
|
181
|
-
|
182
|
-
put :update, :id => @editable_section, :name => "Modified editable subsection"
|
183
|
-
assert_response :redirect
|
184
|
-
|
185
|
-
put :update, :id => @editable_subsection, :name => "Section below editable section"
|
186
|
-
assert_response 403
|
187
|
-
assert_template "cms/shared/access_denied"
|
188
|
-
end
|
189
|
-
|
190
|
-
test "PUT update should leave groups alone for non-admin user" do
|
191
|
-
@group2 = Factory(:group, :name => "Test", :group_type => Factory(:group_type, :name => "CMS User", :cms_access => true))
|
192
|
-
expected_groups = @editable_section.groups
|
193
|
-
login_as(@user)
|
194
|
-
put :update, :id => @editable_section
|
195
|
-
assert_response :redirect
|
196
|
-
assert_equal expected_groups, assigns(:section).groups
|
197
|
-
assert !assigns(:section).groups.include?(@group2)
|
198
|
-
end
|
199
|
-
|
200
|
-
test "PUT update should leave groups alone for non-admin user even if hack url" do
|
201
|
-
@group2 = Factory(:group, :name => "Test", :group_type => Factory(:group_type, :name => "CMS User", :cms_access => true))
|
202
|
-
expected_groups = @editable_section.groups
|
203
|
-
login_as(@user)
|
204
|
-
put :update, :id => @editable_section, :section => {:name => "new name", :group_ids => [@group.id, @group2.id]}
|
205
|
-
|
206
|
-
assert_response :redirect
|
207
|
-
assert_equal expected_groups, assigns(:section).groups
|
208
|
-
assert_equal "new name", assigns(:section).name
|
209
|
-
assert !assigns(:section).groups.include?(@group2)
|
210
|
-
end
|
211
|
-
|
212
|
-
|
213
|
-
|
214
|
-
test "PUT update should add groups for admin user" do
|
215
|
-
@user.groups.first.sections << @editable_subsection
|
216
|
-
@group2 = Factory(:cms_user_group)
|
217
|
-
expected_groups = [@group, @group2]
|
218
|
-
login_as_cms_admin
|
219
|
-
put :update, :id => @editable_subsection, :cms_section => {:name => "new name", :group_ids => [@group.id, @group2.id]}
|
220
|
-
assert_response :redirect
|
221
|
-
end
|
222
|
-
|
223
|
-
def test_destroy_permissions
|
224
|
-
login_as(@user)
|
225
|
-
|
226
|
-
delete :destroy, :id => @editable_section
|
227
|
-
assert_response :redirect
|
228
|
-
|
229
|
-
delete :destroy, :id => @noneditable_section
|
230
|
-
assert_response 403
|
231
|
-
assert_template "cms/shared/access_denied"
|
232
|
-
end
|
233
|
-
end
|
234
|
-
end
|