zena 1.1.1 → 1.1.2
Sign up to get free protection for your applications and to get access to all the features.
- data/History.txt +15 -0
- data/app/controllers/nodes_controller.rb +13 -8
- data/app/models/acl.rb +19 -5
- data/app/models/column.rb +2 -0
- data/app/models/node.rb +3 -2
- data/app/models/site.rb +3 -0
- data/app/models/user.rb +1 -1
- data/app/views/columns/_add.html.erb +2 -2
- data/app/views/columns/_form.html.erb +8 -2
- data/app/views/columns/_li.html.erb +4 -1
- data/app/views/columns/index.html.erb +2 -2
- data/app/views/zafu/default/Node-+adminLayout.zafu +9 -1
- data/app/views/zafu/default/Node-admin.zafu +6 -3
- data/bricks/acls/lib/bricks/acls.rb +7 -7
- data/bricks/acls/zena/test/unit/acl_test.rb +33 -11
- data/bricks/math/lib/bricks/math.rb +11 -8
- data/bricks/worker/zena/worker +1 -0
- data/bricks/zena/zena/migrate/20111101103900_add_comment_to_columns.rb +9 -0
- data/config/gems.yml +7 -4
- data/lib/bricks.rb +2 -0
- data/lib/bricks/helper.rb +18 -0
- data/lib/zena.rb +1 -1
- data/lib/zena/console.rb +24 -0
- data/lib/zena/db_helper/abstract_db.rb +5 -2
- data/lib/zena/db_helper/mysql.rb +6 -3
- data/lib/zena/info.rb +1 -1
- data/lib/zena/init.rb +22 -0
- data/lib/zena/use/ajax.rb +1 -1
- data/lib/zena/use/forms.rb +6 -2
- data/lib/zena/use/i18n.rb +13 -65
- data/lib/zena/use/ml_index.rb +15 -0
- data/lib/zena/use/query_node.rb +10 -7
- data/lib/zena/use/rendering.rb +5 -0
- data/lib/zena/use/upload.rb +5 -2
- data/lib/zena/use/version_hash.rb +2 -0
- data/public/stylesheets/backend.css +6 -3
- data/public/stylesheets/zena.css +2 -2
- data/test/integration/navigation_test.rb +25 -1
- data/test/integration/query_node/basic.yml +6 -1
- data/test/integration/query_node/filters.yml +6 -1
- data/test/integration/query_node/idx_scope.yml +10 -0
- data/test/integration/zafu_compiler/ajax.yml +19 -0
- data/test/integration/zafu_compiler/display.yml +4 -0
- data/test/integration/zafu_compiler/meta.yml +8 -0
- data/test/selenium/Drop/drop1.rsel +6 -10
- data/test/selenium/Drop/drop2.rsel +6 -3
- data/test/selenium/Drop/drop3.rsel +19 -34
- data/test/selenium/Drop/drop4.rsel +25 -33
- data/test/sites/zena/columns.yml +4 -3
- data/test/unit/bricks_test.rb +24 -0
- data/test/unit/column_test.rb +5 -0
- data/test/unit/zena/use/ml_index_test.rb +26 -0
- data/test/unit/zena/use/version_hash_test.rb +0 -1
- data/zena.gemspec +28 -122
- metadata +85 -145
data/History.txt
CHANGED
@@ -1,7 +1,22 @@
|
|
1
|
+
== 1.1.2 2011-11-09
|
2
|
+
|
3
|
+
* Minor changes
|
4
|
+
* Support sorting by scope index fields.
|
5
|
+
* Fixed bug in math brick (using Open4 instead of system with redirections).
|
6
|
+
* Added 'change_prop' method in console.
|
7
|
+
* Fixed a bug with 404 pages not showing in the correct language.
|
8
|
+
* Fixed a bug with properties called 'copy' not working as expected.
|
9
|
+
* Added <r:style> tag for dynamic CSS.
|
10
|
+
* Added support for 'value' in 'date' input fields.
|
11
|
+
* Added comment on property definition.
|
12
|
+
* Added 'coalesce' method in queries.
|
13
|
+
* Added 'asset_host?' in Acl queries.
|
14
|
+
|
1
15
|
== 1.1.1 2011-07-12
|
2
16
|
|
3
17
|
* Minor changes
|
4
18
|
* Fixed scoped DOM ids in saved template.
|
19
|
+
* Cosmetic changes to backend.css (menu on the left).
|
5
20
|
|
6
21
|
== 1.1.0 2011-07-11
|
7
22
|
|
@@ -35,7 +35,7 @@ class NodesController < ApplicationController
|
|
35
35
|
format.xml { render :xml => @node.to_xml }
|
36
36
|
end
|
37
37
|
elsif base_node = visitor.node_without_secure
|
38
|
-
if node = visitor.find_node(nil, base_node.zip, nil,
|
38
|
+
if node = visitor.find_node(nil, base_node.zip, nil, request)
|
39
39
|
# If the visitor is acl authorized to view his own node,
|
40
40
|
# redirect there.
|
41
41
|
redirect_to zen_path(node)
|
@@ -132,13 +132,13 @@ class NodesController < ApplicationController
|
|
132
132
|
# swap (a way to preview content by drag & drop)
|
133
133
|
@node = other
|
134
134
|
elsif params[:change] == 'receiver'
|
135
|
-
attributes[:
|
135
|
+
attributes[:_copy] = other
|
136
136
|
@node.update_attributes_with_transformation(attributes)
|
137
137
|
if !@node.errors.empty?
|
138
138
|
@errors = @node.errors
|
139
139
|
end
|
140
140
|
else
|
141
|
-
attributes[:
|
141
|
+
attributes[:_copy] = @node
|
142
142
|
other.update_attributes_with_transformation(attributes)
|
143
143
|
if !other.errors.empty?
|
144
144
|
@errors = other.errors
|
@@ -223,7 +223,7 @@ class NodesController < ApplicationController
|
|
223
223
|
|
224
224
|
begin
|
225
225
|
# Make sure we can load parent (also enables ACL to work for us here).
|
226
|
-
parent = visitor.find_node(nil, attrs.delete('parent_zip'), nil,
|
226
|
+
parent = visitor.find_node(nil, attrs.delete('parent_zip'), nil, request)
|
227
227
|
@node = parent.new_child(attrs, false)
|
228
228
|
@node.save
|
229
229
|
rescue ActiveRecord::RecordNotFound
|
@@ -542,7 +542,12 @@ class NodesController < ApplicationController
|
|
542
542
|
if request.env['REQUEST_PATH']
|
543
543
|
# request.env['REQUEST_PATH'] is not set during testing (but this is
|
544
544
|
# a temporary hack anyway)
|
545
|
-
|
545
|
+
if path = request.env['REQUEST_PATH'].split('/')[2..-1]
|
546
|
+
params[:path] = path
|
547
|
+
else
|
548
|
+
Node.logger.warn("REQUEST_PATH: #{request.env['REQUEST_PATH'].inspect}")
|
549
|
+
path = params[:path]
|
550
|
+
end
|
546
551
|
end
|
547
552
|
if path.last =~ Zena::Use::Urls::ALLOWED_REGEXP
|
548
553
|
zip = $3
|
@@ -558,14 +563,14 @@ class NodesController < ApplicationController
|
|
558
563
|
|
559
564
|
# We use the visitor to find the node in order to ease implementation
|
560
565
|
# of custom access rules (Acl).
|
561
|
-
@node = visitor.find_node(path, zip, name,
|
566
|
+
@node = visitor.find_node(path, zip, name, request)
|
562
567
|
else
|
563
568
|
# bad url
|
564
569
|
Node.logger.warn "Path #{path.last.inspect} does not match #{Zena::Use::Urls::ALLOWED_REGEXP}"
|
565
570
|
raise ActiveRecord::RecordNotFound
|
566
571
|
end
|
567
572
|
elsif params[:id]
|
568
|
-
@node = visitor.find_node(nil, params[:id], nil,
|
573
|
+
@node = visitor.find_node(nil, params[:id], nil, request)
|
569
574
|
end
|
570
575
|
|
571
576
|
if params[:link_id]
|
@@ -592,7 +597,7 @@ class NodesController < ApplicationController
|
|
592
597
|
|
593
598
|
case params[:action]
|
594
599
|
when 'index'
|
595
|
-
#
|
600
|
+
# We need this redirection here to enable document caching in another lang
|
596
601
|
# bad prefix '/so', '/rx' or '/en?lang=fr'
|
597
602
|
if params[:prefix] != prefix
|
598
603
|
set_visitor_lang(params[:prefix])
|
data/app/models/acl.rb
CHANGED
@@ -15,6 +15,8 @@ class Acl < ActiveRecord::Base
|
|
15
15
|
include RubyLess
|
16
16
|
|
17
17
|
safe_method :params => Zena::Use::ZafuSafeDefinitions::ParamsDictionary
|
18
|
+
safe_method :asset_host? => Boolean
|
19
|
+
safe_method :visitor => User
|
18
20
|
|
19
21
|
def safe_method_type(signature, receiver = nil)
|
20
22
|
if type = super
|
@@ -26,8 +28,8 @@ class Acl < ActiveRecord::Base
|
|
26
28
|
end
|
27
29
|
end
|
28
30
|
|
29
|
-
def authorize?(base_node, params)
|
30
|
-
res = Node.find_by_sql(eval(make_query(base_node, params).to_s))
|
31
|
+
def authorize?(base_node, params, request)
|
32
|
+
res = Node.find_by_sql(eval(make_query(base_node, params, request).to_s))
|
31
33
|
if res.empty?
|
32
34
|
nil
|
33
35
|
else
|
@@ -43,6 +45,16 @@ class Acl < ActiveRecord::Base
|
|
43
45
|
@exec_skin ||= secure(Skin) { Skin.find(exec_skin_id) }
|
44
46
|
end
|
45
47
|
|
48
|
+
# Returns true if we are on the asset host.
|
49
|
+
def asset_host?
|
50
|
+
@asset_host
|
51
|
+
end
|
52
|
+
|
53
|
+
# Make visitor public so that we can use 'visitor' in queries.
|
54
|
+
def visitor
|
55
|
+
super
|
56
|
+
end
|
57
|
+
|
46
58
|
protected
|
47
59
|
def set_defaults
|
48
60
|
self.format = 'html' if format.blank?
|
@@ -58,12 +70,14 @@ class Acl < ActiveRecord::Base
|
|
58
70
|
end
|
59
71
|
|
60
72
|
def validate_acl
|
61
|
-
make_query(visitor.prototype
|
73
|
+
make_query(visitor.prototype)
|
62
74
|
end
|
63
75
|
|
64
|
-
def make_query(node, params)
|
76
|
+
def make_query(node, params = {}, request = nil)
|
65
77
|
@node = node
|
66
78
|
@params = params
|
79
|
+
@asset_host = request ? request.port.to_i == Zena::ASSET_PORT : false
|
80
|
+
|
67
81
|
# We add a stupid order clause to avoid the 'order by title' thing.
|
68
82
|
query = Node.build_query(:first, self.query + ' order by id asc',
|
69
83
|
:node_name => '@node',
|
@@ -84,4 +98,4 @@ class Acl < ActiveRecord::Base
|
|
84
98
|
errors.add(:query, err.message)
|
85
99
|
nil
|
86
100
|
end
|
87
|
-
end
|
101
|
+
end
|
data/app/models/column.rb
CHANGED
data/app/models/node.rb
CHANGED
@@ -846,10 +846,10 @@ class Node < ActiveRecord::Base
|
|
846
846
|
res = {}
|
847
847
|
res['parent_id'] = new_attributes[:_parent_id] if new_attributes[:_parent_id] # real id set inside zena.
|
848
848
|
|
849
|
+
copy_node = new_attributes.delete(:_copy)
|
849
850
|
attributes = new_attributes.stringify_keys
|
850
851
|
|
851
|
-
if
|
852
|
-
copy_node = attributes.delete('copy')
|
852
|
+
if copy_node || attributes['copy_id']
|
853
853
|
copy_node ||= Node.find_by_zip(attributes.delete('copy_id'))
|
854
854
|
attributes = copy_node.replace_attributes_in_values(attributes)
|
855
855
|
end
|
@@ -1009,6 +1009,7 @@ class Node < ActiveRecord::Base
|
|
1009
1009
|
end
|
1010
1010
|
|
1011
1011
|
# Parse text and replace ids '!30!' by their pseudo path '!(img/bird)!'
|
1012
|
+
# key is used in TextDocument overloaded method.
|
1012
1013
|
def unparse_assets(text, helper, key)
|
1013
1014
|
ZazenParser.new(text,:helper=>helper).render(:translate_ids => :relative_path, :node=>self)
|
1014
1015
|
end
|
data/app/models/site.rb
CHANGED
@@ -33,6 +33,9 @@ class Site < ActiveRecord::Base
|
|
33
33
|
# Should be the same serialization as in Node
|
34
34
|
include Property::Serialization::JSON
|
35
35
|
|
36
|
+
# TODO: can we just use MLIndex in app.rb ?
|
37
|
+
include Zena::Use::MLIndex::SiteMethods
|
38
|
+
|
36
39
|
@@attributes_for_form = {
|
37
40
|
:bool => %w{authentication http_auth auto_publish},
|
38
41
|
:text => %w{name languages default_lang},
|
data/app/models/user.rb
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
<tr id='add_column' class='btn_add'>
|
2
2
|
<td class='add'><%= link_to_function _('btn_column_add'), "['add_column', 'add_column_form'].each(Element.toggle); $('column_name').focus();" %></td>
|
3
|
-
<td class='add_column' colspan='
|
3
|
+
<td class='add_column' colspan='3'></td>
|
4
4
|
</tr>
|
5
5
|
<tr id='add_column_form' style='display:none;'>
|
6
6
|
<%= render :partial=>'columns/form' %>
|
7
|
-
</tr>
|
7
|
+
</tr>
|
@@ -5,7 +5,7 @@
|
|
5
5
|
link_to_function _('btn_x'), "['add_column', 'add_column_form'].each(Element.toggle)"
|
6
6
|
end %>
|
7
7
|
</td>
|
8
|
-
<td class="add" colspan='
|
8
|
+
<td class="add" colspan='3'>
|
9
9
|
<div id='column_errors'><%= error_messages_for(:column, :object => @column) %></div>
|
10
10
|
<% if @column.new_record? %>
|
11
11
|
<%= form_remote_tag(:url => columns_path ) %>
|
@@ -25,6 +25,12 @@
|
|
25
25
|
<td><%= text_field('column', 'name', :size=>15 ) %></td>
|
26
26
|
<td><span class='text'><%= select_tag "column[index]", grouped_options_for_select(Column.indices_for_form, @column.index, '') %></span></td>
|
27
27
|
</tr>
|
28
|
+
<tr>
|
29
|
+
<td class='label'><%= _("comment") %></td>
|
30
|
+
<td colspan='3'>
|
31
|
+
<%= text_area('column', 'comment', :rows => 2, :cols => 50) %>
|
32
|
+
</td>
|
33
|
+
</tr>
|
28
34
|
<tr><td colspan='4'><p class='btn_validate'><input type='submit' value='<%= _('validate') %>'/></p></td></tr>
|
29
35
|
</table>
|
30
36
|
</form>
|
@@ -33,4 +39,4 @@
|
|
33
39
|
<p class='destroy'><%= _('destroy property') %> <input type='submit' value='<%= _('destroy') %>'></p>
|
34
40
|
</form>
|
35
41
|
<% end -%>
|
36
|
-
</td>
|
42
|
+
</td>
|
@@ -1,11 +1,11 @@
|
|
1
1
|
<h2 class='title'><%= _('properties') %></h2>
|
2
2
|
|
3
3
|
<table id='column_list' class='admin' cellspacing="0">
|
4
|
-
<tr><th class='nav' colspan='
|
4
|
+
<tr><th class='nav' colspan='4'><%= will_paginate @columns %></th></tr>
|
5
5
|
<% role_id = nil; @columns.each do |col| -%>
|
6
6
|
<% if col.role_id != role_id; role_id = col.role_id -%>
|
7
7
|
<tr class='<%= col.role.class.to_s.underscore %>'>
|
8
|
-
<th class='nav sub constant' colspan='
|
8
|
+
<th class='nav sub constant' colspan='4'>
|
9
9
|
<span class='kpath'><%= col.role.kpath %></span> <%= col.role.name %>
|
10
10
|
</th>
|
11
11
|
</tr>
|
@@ -1,6 +1,14 @@
|
|
1
1
|
<r:include template='$default/Node-admin'>
|
2
|
+
<r:with part='logo'>
|
3
|
+
<r:root do='link'/>
|
4
|
+
</r:with>
|
5
|
+
<r:with part='navigation'>
|
6
|
+
<ul id='menu' do='admin_links'>
|
7
|
+
<li do='each' do='show'>x</li>
|
8
|
+
</ul>
|
9
|
+
</r:with>
|
2
10
|
<r:with part='content' do='content_for_layout'>
|
3
|
-
<
|
11
|
+
<h2 class='title' do='title'/>
|
4
12
|
<div id='related' do='visitor'>
|
5
13
|
<r:to_publish>
|
6
14
|
<h3 class='group' do='trans'>to publish</h3>
|
@@ -15,16 +15,17 @@
|
|
15
15
|
<r:uses_datebox/>
|
16
16
|
</head>
|
17
17
|
<body>
|
18
|
-
<h1 id='logo'
|
18
|
+
<h1 id='logo'>
|
19
|
+
<r:link>admin_interface</r:link>
|
20
|
+
</h1>
|
19
21
|
<div id='container'>
|
20
22
|
<div id='navigation'>
|
21
|
-
<ul id='menu' do='admin_links'>
|
23
|
+
<ul id='menu' do='admin_links' list='home'>
|
22
24
|
<li do='each' do='show'>x</li>
|
23
25
|
</ul>
|
24
26
|
</div>
|
25
27
|
|
26
28
|
<div id='content'>
|
27
|
-
<h1 id='title'><r:title/> <span class='klass'>(<r:klass/>)</span></h1>
|
28
29
|
<div id='preview'>
|
29
30
|
<h2 class='preview' do='link' do='t'>view_live</h2>
|
30
31
|
<r:Image?>
|
@@ -38,6 +39,8 @@
|
|
38
39
|
</r:Image?>
|
39
40
|
</div>
|
40
41
|
|
42
|
+
<h1 id='title'><r:title/> <span class='klass'>(<r:klass/>)</span></h1>
|
43
|
+
|
41
44
|
<div id='actions'>
|
42
45
|
<r:if test='can_edit?'>
|
43
46
|
<label do='t("edit #{klass}")'/>
|
@@ -31,7 +31,7 @@ module Bricks
|
|
31
31
|
end
|
32
32
|
end
|
33
33
|
|
34
|
-
def acl_authorized?(action, params,
|
34
|
+
def acl_authorized?(action, params, request)
|
35
35
|
node = nil
|
36
36
|
group_ids_bak = group_ids.dup
|
37
37
|
acls(action, params[:mode], params[:format]).each do |acl|
|
@@ -39,8 +39,8 @@ module Bricks
|
|
39
39
|
if acl.exec_group_id
|
40
40
|
@group_ids = group_ids_bak + [acl.exec_group_id]
|
41
41
|
end
|
42
|
-
base_node
|
43
|
-
if node = acl.authorize?(base_node, params)
|
42
|
+
base_node = self.node_without_secure
|
43
|
+
if node = acl.authorize?(base_node, params, request)
|
44
44
|
self.exec_acl = acl
|
45
45
|
# Keep loaded exec_group
|
46
46
|
return node
|
@@ -73,11 +73,11 @@ module Bricks
|
|
73
73
|
exec_acl ? exec_acl.exec_skin : get_skin_without_acls(node)
|
74
74
|
end
|
75
75
|
|
76
|
-
def find_node_with_acls(path, zip, name,
|
77
|
-
find_node_without_acls(path, zip, name,
|
76
|
+
def find_node_with_acls(path, zip, name, request)
|
77
|
+
find_node_without_acls(path, zip, name, request)
|
78
78
|
rescue ActiveRecord::RecordNotFound
|
79
79
|
raise unless visitor.use_acls?
|
80
|
-
acl_params = params.dup
|
80
|
+
acl_params = request.params.dup
|
81
81
|
if name =~ /^\d+$/
|
82
82
|
acl_params[:id] = name
|
83
83
|
elsif name
|
@@ -87,7 +87,7 @@ module Bricks
|
|
87
87
|
acl_params[:id] = zip
|
88
88
|
end
|
89
89
|
|
90
|
-
visitor.acl_authorized?(::Acl::ACTION_FROM_METHOD[method], acl_params)
|
90
|
+
visitor.acl_authorized?(::Acl::ACTION_FROM_METHOD[request.method], acl_params, request)
|
91
91
|
end
|
92
92
|
end # UserMethods
|
93
93
|
end # Acls
|
@@ -5,6 +5,11 @@ class AclTest < Zena::Unit::TestCase
|
|
5
5
|
def base_node
|
6
6
|
visitor.node_without_secure
|
7
7
|
end
|
8
|
+
MockRequest = Struct.new(:method, :params, :port)
|
9
|
+
|
10
|
+
def mock_request(method = :get, params = {}, port = 0)
|
11
|
+
MockRequest.new(method, params, port)
|
12
|
+
end
|
8
13
|
|
9
14
|
context 'On a site with acl' do
|
10
15
|
setup do
|
@@ -26,17 +31,17 @@ class AclTest < Zena::Unit::TestCase
|
|
26
31
|
|
27
32
|
context 'with a matching query' do
|
28
33
|
should 'authorize' do
|
29
|
-
assert subject.authorize?(base_node, :id => nodes_zip(:queen))
|
34
|
+
assert subject.authorize?(base_node, {:id => nodes_zip(:queen)}, mock_request)
|
30
35
|
end
|
31
36
|
|
32
37
|
should 'return searched node' do
|
33
|
-
assert_equal nodes_id(:queen), subject.authorize?(base_node, :id => nodes_zip(:queen)).id
|
38
|
+
assert_equal nodes_id(:queen), subject.authorize?(base_node, {:id => nodes_zip(:queen)}, mock_request).id
|
34
39
|
end
|
35
40
|
end # with a matching query
|
36
41
|
|
37
42
|
context 'with a node outside the query' do
|
38
43
|
should 'not authorize' do
|
39
|
-
assert_nil subject.authorize?(base_node, {:id => nodes_zip(:over_zeus)})
|
44
|
+
assert_nil subject.authorize?(base_node, {:id => nodes_zip(:over_zeus)}, mock_request)
|
40
45
|
end
|
41
46
|
end # with a node outside the query
|
42
47
|
|
@@ -44,6 +49,23 @@ class AclTest < Zena::Unit::TestCase
|
|
44
49
|
|
45
50
|
end # an acl
|
46
51
|
|
52
|
+
context 'saving an acl with asset_host in query' do
|
53
|
+
subject do
|
54
|
+
acls(:rap)
|
55
|
+
end
|
56
|
+
|
57
|
+
should 'validate' do
|
58
|
+
erebus_id = groups_id(:erebus)
|
59
|
+
visitor.instance_eval do
|
60
|
+
@group_ids = self.group_ids + [erebus_id]
|
61
|
+
end
|
62
|
+
assert subject.update_attributes(:query => 'nodes where 1 = #{asset_host? ? 1 : 0} in site')
|
63
|
+
assert_nil subject.authorize?(base_node, {:id => nodes_zip(:over_zeus)}, mock_request)
|
64
|
+
assert_equal 'A plan to overrule Zeus', subject.authorize?(base_node, {:id => nodes_zip(:over_zeus)}, mock_request(:get, {}, 80)).title
|
65
|
+
end
|
66
|
+
end # saving an acl with asset_host in query
|
67
|
+
|
68
|
+
|
47
69
|
context 'a visitor' do
|
48
70
|
context 'with normal access' do
|
49
71
|
subject do
|
@@ -54,7 +76,7 @@ class AclTest < Zena::Unit::TestCase
|
|
54
76
|
should 'find nodes' do
|
55
77
|
assert_equal nodes(:over_zeus).id,
|
56
78
|
subject.find_node(
|
57
|
-
nil, nodes_zip(:over_zeus), nil,
|
79
|
+
nil, nodes_zip(:over_zeus), nil, mock_request(:get)
|
58
80
|
).id
|
59
81
|
end
|
60
82
|
end # with normal access
|
@@ -69,13 +91,13 @@ class AclTest < Zena::Unit::TestCase
|
|
69
91
|
should 'find node in acl scope' do
|
70
92
|
assert_equal nodes(:queen).id,
|
71
93
|
subject.find_node(
|
72
|
-
nil, nodes_zip(:queen), nil,
|
94
|
+
nil, nodes_zip(:queen), nil, mock_request(:get)
|
73
95
|
).id
|
74
96
|
end
|
75
97
|
|
76
98
|
should 'not find node out of acl scope' do
|
77
99
|
assert_raise(ActiveRecord::RecordNotFound) do
|
78
|
-
subject.find_node(nil, nodes_zip(:over_zeus), nil,
|
100
|
+
subject.find_node(nil, nodes_zip(:over_zeus), nil, mock_request(:get))
|
79
101
|
end
|
80
102
|
end
|
81
103
|
|
@@ -87,7 +109,7 @@ class AclTest < Zena::Unit::TestCase
|
|
87
109
|
should 'try acls in turn' do
|
88
110
|
assert_equal nodes(:wedding).id,
|
89
111
|
subject.find_node(
|
90
|
-
nil, nodes_zip(:wedding), nil,
|
112
|
+
nil, nodes_zip(:wedding), nil, mock_request(:get)
|
91
113
|
).id
|
92
114
|
end
|
93
115
|
end # with many acls
|
@@ -95,13 +117,13 @@ class AclTest < Zena::Unit::TestCase
|
|
95
117
|
context 'using method without acl' do
|
96
118
|
should 'not find node out of acl scope' do
|
97
119
|
assert_raise(ActiveRecord::RecordNotFound) do
|
98
|
-
subject.find_node(nil, nodes_zip(:queen), nil,
|
120
|
+
subject.find_node(nil, nodes_zip(:queen), nil, mock_request(:put))
|
99
121
|
end
|
100
122
|
assert_raise(ActiveRecord::RecordNotFound) do
|
101
|
-
subject.find_node(nil, nodes_zip(:queen), nil,
|
123
|
+
subject.find_node(nil, nodes_zip(:queen), nil, mock_request(:delete))
|
102
124
|
end
|
103
125
|
assert_raise(ActiveRecord::RecordNotFound) do
|
104
|
-
subject.find_node(nil, nodes_zip(:queen), nil,
|
126
|
+
subject.find_node(nil, nodes_zip(:queen), nil, mock_request(:post))
|
105
127
|
end
|
106
128
|
end
|
107
129
|
end # using method without acl
|
@@ -115,7 +137,7 @@ class AclTest < Zena::Unit::TestCase
|
|
115
137
|
|
116
138
|
should 'not find nodes' do
|
117
139
|
assert_raise(ActiveRecord::RecordNotFound) do
|
118
|
-
subject.find_node(nil, nodes_zip(:queen), nil,
|
140
|
+
subject.find_node(nil, nodes_zip(:queen), nil, mock_request(:get))
|
119
141
|
end
|
120
142
|
end
|
121
143
|
end # without acl enabled
|