we5-browsercms 3.0.2 → 3.0.5

data/test/unit/models/group_test.rb

@@ -4,4 +4,10 @@ class GroupTest < ActiveSupport::TestCase
   def test_valid
     assert Factory.build(:group).valid?
   end
+
+  test "Find guest group via method" do
+    expected = Group.find_by_code(Group::GUEST_CODE)
+    assert_not_nil expected, "Validates that our fixture code is loading a guest user into the database."
+    assert_equal expected, Group.guest
+  end
 end

data/test/unit/models/user_test.rb

@@ -16,7 +16,6 @@ class UserTest < ActiveSupport::TestCase
     @user.disable!
     assert_nil User.authenticate(@user.login, @user.password)
   end
-  
   def test_expiration
     @user = Factory.build(:user)
     assert_nil @user.expires_at
@@ -32,7 +31,6 @@ class UserTest < ActiveSupport::TestCase
     @user.expires_at = 1.day.ago
     assert @user.expired?
   end  
-
   def test_disable_enable
     @user = Factory(:user)
 
@@ -52,12 +50,29 @@ class UserTest < ActiveSupport::TestCase
     assert !@user.expired?
     assert User.active.all.include?(@user)
   end
+  test "email validation" do 
+    @user = Factory(:user)
+    assert @user.valid?
+    
+    valid_emails = ['t@test.com', 'T@test.com', 'test@somewhere.mobi', 'test@somewhere.tv', 'joe_blow@somewhere.co.nz', 'joe_blow@somewhere.com.au', 't@t-t.co']
+    valid_emails.each do |email|
+      @user.email = email
+      assert @user.valid?
+    end
+
+    invalid_emails = ['', '@test.com', '@test', 'test@test', 'test@somewhere', 'test@somewhere.', 'test@somewhere.x', 'test@somewhere..']
+    invalid_emails.each do |email|
+      @user.email = email
+      assert !@user.valid?
+    end
+  end
+
 end
 
-class UserPermssionsTest < ActiveSupport::TestCase
+class UserPermissionsTest < ActiveSupport::TestCase
   def setup
     @user = Factory(:user)
-    @guest_group = Group.first(:conditions => {:code => "guest"})    
+    @guest_group = Group.guest
   end
   
   def test_user_permissions
@@ -75,36 +90,119 @@ class UserPermssionsTest < ActiveSupport::TestCase
     assert !@user.able_to?("do something the group does not have permission to do")
   end
   
-  def test_cms_user_permissions
+  test "cms user access to nodes" do
+    @group = Factory(:group, :name => "Test", :group_type => Factory(:group_type, :name => "CMS User", :cms_access => true))
+    @user.groups << @group
+    
+    @modifiable_section = Factory(:section, :parent => root_section, :name => "Modifiable")
+    @non_modifiable_section = Factory(:section, :parent => root_section, :name => "Not Modifiable")
+    
+    @group.sections << @modifiable_section
+    
+    @modifiable_page = Factory(:page, :section => @modifiable_section)
+    @non_modifiable_page = Factory(:page, :section => @non_modifiable_section)
+    
+    @modifiable_link = Factory(:link, :section => @modifiable_section)
+    @non_modifiable_link = Factory(:link, :section => @non_modifiable_section)
+    
+    assert @user.able_to_modify?(@modifiable_section)
+    assert !@user.able_to_modify?(@non_modifiable_section)
+    
+    assert @user.able_to_modify?(@modifiable_page)
+    assert !@user.able_to_modify?(@non_modifiable_page)
+    
+    assert @user.able_to_modify?(@modifiable_link)
+    assert !@user.able_to_modify?(@non_modifiable_link)
+  end
+  
+  test "cms user access to connectables" do
     @group = Factory(:group, :name => "Test", :group_type => Factory(:group_type, :name => "CMS User", :cms_access => true))
-    @group.permissions << create_or_find_permission_named("edit_content")
-    @group.permissions << create_or_find_permission_named("publish_content")
     @user.groups << @group
-    @editable_section = Factory(:section, :parent => root_section, :name => "Editable")
-    @group.sections << @editable_section
-    @noneditable_section = Factory(:section, :parent => root_section, :name => "Not Editable")
-    @editable_page = Factory(:page, :section => @editable_section)
-    @noneditable_page = Factory(:page, :section => @noneditable_section)
-    
-    assert @user.able_to_edit?(@editable_section)
-    assert !@user.able_to_edit?(@noneditable_section)
-    assert @user.able_to_view?(@editable_page)
-    assert @user.able_to_view?(@noneditable_page)
+    
+    @modifiable_section = Factory(:section, :parent => root_section, :name => "Modifiable")
+    @non_modifiable_section = Factory(:section, :parent => root_section, :name => "Not Modifiable")
+    
+    @group.sections << @modifiable_section
+    
+    @modifiable_page = Factory(:page, :section => @modifiable_section)
+    @non_modifiable_page = Factory(:page, :section => @non_modifiable_section)
+    
+    @all_modifiable_connectable = stub(
+      :class => stub(:content_block? => true, :connectable? => true),
+      :connected_pages => [@modifiable_page])
+    @some_modifiable_connectable = stub(
+      :class => stub(:content_block? => true, :connectable? => true),
+      :connected_pages => [@modifiable_page, @non_modifiable_page])
+    @none_modifiable_connectable = stub(
+      :class => stub(:content_block? => true, :connectable? => true),
+      :connected_pages => [@non_modifiable_page])
+    
+    assert @user.able_to_modify?(@all_modifiable_connectable)
+    assert !@user.able_to_modify?(@some_modifiable_connectable)
+    assert !@user.able_to_modify?(@none_modifiable_connectable)
+  end
+  
+  test "cms user access to non-connectable content blocks" do
+    @content_block = stub(:class => stub(:content_block? => true))
+    assert @user.able_to_modify?(@content_block)
   end
   
-  def test_non_cms_user_permissions
+  test "non cms user access to nodes" do
     @group = Factory(:group, :name => "Test", :group_type => Factory(:group_type, :name => "Registered User"))
     @user.groups << @group
-    @editable_section = Factory(:section, :parent => root_section, :name => "Editable")
-    @group.sections << @editable_section
-    @noneditable_section = Factory(:section, :parent => root_section, :name => "Not Editable")
-    @editable_page = Factory(:page, :section => @editable_section)
-    @noneditable_page = Factory(:page, :section => @noneditable_section)
+    
+    @modifiable_section = Factory(:section, :parent => root_section, :name => "Modifiable")
+    @group.sections << @modifiable_section
+    @non_modifiable_section = Factory(:section, :parent => root_section, :name => "Not Modifiable")
+    
+    @modifiable_page = Factory(:page, :section => @modifiable_section)
+    @non_modifiable_page = Factory(:page, :section => @non_modifiable_section)
 
-    assert !@user.able_to_edit?(@editable_section)
-    assert !@user.able_to_edit?(@noneditable_section)
-    assert @user.able_to_view?(@editable_page)
-    assert !@user.able_to_view?(@noneditable_page)
+    assert !@user.able_to_modify?(@modifiable_section)
+    assert !@user.able_to_modify?(@non_modifiable_section)
+    
+    assert @user.able_to_view?(@modifiable_page)
+    assert !@user.able_to_view?(@non_modifiable_page)
+  end
+  
+  test "cms user with no permissions should still be able to view pages" do
+    @group = Factory(:group, :name => "Test", :group_type => Factory(:group_type, :name => "CMS User", :cms_access => true))
+    @user.groups << @group
+    
+    @page = Factory(:page)
+    assert @user.able_to_view?(@page)
+  end
+  
+  test "cms user who can edit content" do
+    @group = Factory(:group, :name => "Test", :group_type => Factory(:group_type, :name => "CMS User", :cms_access => true))
+    @group.permissions << create_or_find_permission_named("edit_content")
+    @user.groups << @group
+    
+    node = stub
+    
+    @user.stubs(:able_to_modify?).with(node).returns(true)
+    assert @user.able_to_edit?(node)
+    assert !@user.able_to_publish?(node)
+    
+    @user.stubs(:able_to_modify?).with(node).returns(false)
+    assert !@user.able_to_edit?(node)
+    assert !@user.able_to_publish?(node)
+  end
+  
+  test "cms user who can publish content" do
+    @group = Factory(:group, :name => "Test", :group_type => Factory(:group_type, :name => "CMS User", :cms_access => true))
+    @group.permissions << create_or_find_permission_named("publish_content")
+    @user.groups << @group
+    
+    node = stub
+    
+    @user.stubs(:able_to_modify?).with(node).returns(true)
+    assert !@user.able_to_edit?(node)
+    assert @user.able_to_publish?(node)
+    
+    @user.stubs(:able_to_modify?).with(node).returns(false)
+    assert !@user.able_to_edit?(node)
+    assert !@user.able_to_publish?(node)
   end
   
 end
@@ -112,7 +210,7 @@ end
 class GuestUserTest < ActiveSupport::TestCase
   def setup
     @user = User.guest
-    @guest_group = Group.with_code("guest").first
+    @guest_group = Group.guest
     @public_page = Factory(:page, :section => root_section)
     @protected_section = Factory(:section, :parent => root_section)
     @protected_page = Factory(:page, :section => @protected_section)
@@ -127,4 +225,4 @@ class GuestUserTest < ActiveSupport::TestCase
     assert !@user.able_to_view?(@protected_page)
   end
   
-end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: we5-browsercms
 version: !ruby/object:Gem::Version 
-  version: 3.0.2
+  version: 3.0.5
 platform: ruby
 authors: 
 - BrowserMedia
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-10-14 00:00:00 +02:00
+date: 2009-11-19 00:00:00 +01:00
 default_executable: 
 dependencies: []
 
@@ -81,6 +81,7 @@ files:
 - app/models/email_message.rb
 - app/models/email_message_mailer.rb
 - app/models/file_block.rb
+- app/models/forgot_password_mailer.rb
 - app/models/group.rb
 - app/models/group_permission.rb
 - app/models/group_section.rb
@@ -110,7 +111,9 @@ files:
 - app/models/user_group_membership.rb
 - app/portlets/dynamic_portlet.rb
 - app/portlets/email_page_portlet.rb
+- app/portlets/forgot_password_portlet.rb
 - app/portlets/login_portlet.rb
+- app/portlets/reset_password_portlet.rb
 - app/portlets/tag_cloud_portlet.rb
 - app/views/cms/blocks/_hidden_fields.html.erb
 - app/views/cms/blocks/_toolbar.html.erb
@@ -140,6 +143,8 @@ files:
 - app/views/cms/email_messages/show.html.erb
 - app/views/cms/file_blocks/_form.html.erb
 - app/views/cms/file_blocks/render.html.erb
+- app/views/cms/forgot_password_mailer/reset_password.text.html.erb
+- app/views/cms/forgot_password_mailer/reset_password.text.plain.erb
 - app/views/cms/form_builder/_cms_date_picker.html.erb
 - app/views/cms/form_builder/_cms_datetime_select.html.erb
 - app/views/cms/form_builder/_cms_drop_down.html.erb
@@ -162,6 +167,8 @@ files:
 - app/views/cms/links/destroy.js.rjs
 - app/views/cms/links/edit.html.erb
 - app/views/cms/links/new.html.erb
+- app/views/cms/menus/_menu.html.erb
+- app/views/cms/menus/_menu_item.html.erb
 - app/views/cms/page_routes/_form.html.erb
 - app/views/cms/page_routes/edit.html.erb
 - app/views/cms/page_routes/index.html.erb
@@ -198,6 +205,7 @@ files:
 - app/views/cms/shared/_pagination.html.erb
 - app/views/cms/shared/_version_conflict_diff.html.erb
 - app/views/cms/shared/_version_conflict_error.html.erb
+- app/views/cms/shared/access_denied.html.erb
 - app/views/cms/shared/error.html.erb
 - app/views/cms/tags/_form.html.erb
 - app/views/cms/tags/render.html.erb
@@ -212,6 +220,7 @@ files:
 - app/views/cms/users/edit.html.erb
 - app/views/cms/users/index.html.erb
 - app/views/cms/users/new.html.erb
+- app/views/cms/users/show.html.erb
 - app/views/layouts/_cms_toolbar.html.erb
 - app/views/layouts/_page_toolbar.html.erb
 - app/views/layouts/application.html.erb
@@ -228,11 +237,16 @@ files:
 - app/views/portlets/dynamic/_form.html.erb
 - app/views/portlets/email_page/_form.html.erb
 - app/views/portlets/email_page/render.html.erb
+- app/views/portlets/forgot_password/_form.html.erb
+- app/views/portlets/forgot_password/render.html.erb
 - app/views/portlets/login/_form.html.erb
 - app/views/portlets/login/render.html.erb
 - app/views/portlets/portlets/_form.html.erb
+- app/views/portlets/reset_password/_form.html.erb
+- app/views/portlets/reset_password/render.html.erb
 - app/views/portlets/tag_cloud/_form.html.erb
 - app/views/portlets/tag_cloud/render.html.erb
+- browsercms.gemspec
 - db/demo/data.rb
 - db/demo/page_partials/_footer.html.erb
 - db/demo/page_partials/_header.html.erb
@@ -240,6 +254,7 @@ files:
 - db/demo/page_templates/sub_page.html.erb
 - db/migrate/20080815014337_browsercms_3_0_0.rb
 - db/migrate/20081114172307_load_seed_data.rb
+- db/migrate/20091109175123_browsercms_3_0_5.rb
 - doc/app/classes/AbstractFileBlock.html
 - doc/app/classes/ActiveRecord.html
 - doc/app/classes/ActiveRecord/ConnectionAdapters/SchemaStatements.html
@@ -1174,6 +1189,7 @@ files:
 - public/images/cms/usercontrols_bg.png
 - public/images/cms/usercontrols_bg_cap.png
 - public/javascripts/cms/application.js
+- public/javascripts/cms/content_library.js
 - public/javascripts/cms/editor.js
 - public/javascripts/cms/sitemap.js
 - public/javascripts/jquery-ui.js
@@ -1233,7 +1249,6 @@ files:
 - templates/blank.rb
 - templates/demo.rb
 - templates/module.rb
-- we5-browsercms.gemspec
 - LICENSE.txt
 - README.markdown
 has_rdoc: true
@@ -1270,6 +1285,7 @@ test_files:
 - test/functional/cms/cache_controller_test.rb
 - test/functional/cms/categories_controller_test.rb
 - test/functional/cms/connectors_controller_test.rb
+- test/functional/cms/content_block_controller_test.rb
 - test/functional/cms/content_controller_test.rb
 - test/functional/cms/content_types_controller_test.rb
 - test/functional/cms/dashboard_controller_test.rb
@@ -1287,6 +1303,7 @@ test_files:
 - test/functional/cms/sessions_controller_test.rb
 - test/functional/cms/toolbar_controller_test.rb
 - test/functional/cms/users_controller_test.rb
+- test/integration/cms/password_management_test.rb
 - test/integration/login_test.rb
 - test/test_helper.rb
 - test/test_logging.rb