zena 1.1.1 → 1.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/History.txt +15 -0
- data/app/controllers/nodes_controller.rb +13 -8
- data/app/models/acl.rb +19 -5
- data/app/models/column.rb +2 -0
- data/app/models/node.rb +3 -2
- data/app/models/site.rb +3 -0
- data/app/models/user.rb +1 -1
- data/app/views/columns/_add.html.erb +2 -2
- data/app/views/columns/_form.html.erb +8 -2
- data/app/views/columns/_li.html.erb +4 -1
- data/app/views/columns/index.html.erb +2 -2
- data/app/views/zafu/default/Node-+adminLayout.zafu +9 -1
- data/app/views/zafu/default/Node-admin.zafu +6 -3
- data/bricks/acls/lib/bricks/acls.rb +7 -7
- data/bricks/acls/zena/test/unit/acl_test.rb +33 -11
- data/bricks/math/lib/bricks/math.rb +11 -8
- data/bricks/worker/zena/worker +1 -0
- data/bricks/zena/zena/migrate/20111101103900_add_comment_to_columns.rb +9 -0
- data/config/gems.yml +7 -4
- data/lib/bricks.rb +2 -0
- data/lib/bricks/helper.rb +18 -0
- data/lib/zena.rb +1 -1
- data/lib/zena/console.rb +24 -0
- data/lib/zena/db_helper/abstract_db.rb +5 -2
- data/lib/zena/db_helper/mysql.rb +6 -3
- data/lib/zena/info.rb +1 -1
- data/lib/zena/init.rb +22 -0
- data/lib/zena/use/ajax.rb +1 -1
- data/lib/zena/use/forms.rb +6 -2
- data/lib/zena/use/i18n.rb +13 -65
- data/lib/zena/use/ml_index.rb +15 -0
- data/lib/zena/use/query_node.rb +10 -7
- data/lib/zena/use/rendering.rb +5 -0
- data/lib/zena/use/upload.rb +5 -2
- data/lib/zena/use/version_hash.rb +2 -0
- data/public/stylesheets/backend.css +6 -3
- data/public/stylesheets/zena.css +2 -2
- data/test/integration/navigation_test.rb +25 -1
- data/test/integration/query_node/basic.yml +6 -1
- data/test/integration/query_node/filters.yml +6 -1
- data/test/integration/query_node/idx_scope.yml +10 -0
- data/test/integration/zafu_compiler/ajax.yml +19 -0
- data/test/integration/zafu_compiler/display.yml +4 -0
- data/test/integration/zafu_compiler/meta.yml +8 -0
- data/test/selenium/Drop/drop1.rsel +6 -10
- data/test/selenium/Drop/drop2.rsel +6 -3
- data/test/selenium/Drop/drop3.rsel +19 -34
- data/test/selenium/Drop/drop4.rsel +25 -33
- data/test/sites/zena/columns.yml +4 -3
- data/test/unit/bricks_test.rb +24 -0
- data/test/unit/column_test.rb +5 -0
- data/test/unit/zena/use/ml_index_test.rb +26 -0
- data/test/unit/zena/use/version_hash_test.rb +0 -1
- data/zena.gemspec +28 -122
- metadata +85 -145
data/History.txt
CHANGED
@@ -1,7 +1,22 @@
|
|
1
|
+
== 1.1.2 2011-11-09
|
2
|
+
|
3
|
+
* Minor changes
|
4
|
+
* Support sorting by scope index fields.
|
5
|
+
* Fixed bug in math brick (using Open4 instead of system with redirections).
|
6
|
+
* Added 'change_prop' method in console.
|
7
|
+
* Fixed a bug with 404 pages not showing in the correct language.
|
8
|
+
* Fixed a bug with properties called 'copy' not working as expected.
|
9
|
+
* Added <r:style> tag for dynamic CSS.
|
10
|
+
* Added support for 'value' in 'date' input fields.
|
11
|
+
* Added comment on property definition.
|
12
|
+
* Added 'coalesce' method in queries.
|
13
|
+
* Added 'asset_host?' in Acl queries.
|
14
|
+
|
1
15
|
== 1.1.1 2011-07-12
|
2
16
|
|
3
17
|
* Minor changes
|
4
18
|
* Fixed scoped DOM ids in saved template.
|
19
|
+
* Cosmetic changes to backend.css (menu on the left).
|
5
20
|
|
6
21
|
== 1.1.0 2011-07-11
|
7
22
|
|
@@ -35,7 +35,7 @@ class NodesController < ApplicationController
|
|
35
35
|
format.xml { render :xml => @node.to_xml }
|
36
36
|
end
|
37
37
|
elsif base_node = visitor.node_without_secure
|
38
|
-
if node = visitor.find_node(nil, base_node.zip, nil,
|
38
|
+
if node = visitor.find_node(nil, base_node.zip, nil, request)
|
39
39
|
# If the visitor is acl authorized to view his own node,
|
40
40
|
# redirect there.
|
41
41
|
redirect_to zen_path(node)
|
@@ -132,13 +132,13 @@ class NodesController < ApplicationController
|
|
132
132
|
# swap (a way to preview content by drag & drop)
|
133
133
|
@node = other
|
134
134
|
elsif params[:change] == 'receiver'
|
135
|
-
attributes[:
|
135
|
+
attributes[:_copy] = other
|
136
136
|
@node.update_attributes_with_transformation(attributes)
|
137
137
|
if !@node.errors.empty?
|
138
138
|
@errors = @node.errors
|
139
139
|
end
|
140
140
|
else
|
141
|
-
attributes[:
|
141
|
+
attributes[:_copy] = @node
|
142
142
|
other.update_attributes_with_transformation(attributes)
|
143
143
|
if !other.errors.empty?
|
144
144
|
@errors = other.errors
|
@@ -223,7 +223,7 @@ class NodesController < ApplicationController
|
|
223
223
|
|
224
224
|
begin
|
225
225
|
# Make sure we can load parent (also enables ACL to work for us here).
|
226
|
-
parent = visitor.find_node(nil, attrs.delete('parent_zip'), nil,
|
226
|
+
parent = visitor.find_node(nil, attrs.delete('parent_zip'), nil, request)
|
227
227
|
@node = parent.new_child(attrs, false)
|
228
228
|
@node.save
|
229
229
|
rescue ActiveRecord::RecordNotFound
|
@@ -542,7 +542,12 @@ class NodesController < ApplicationController
|
|
542
542
|
if request.env['REQUEST_PATH']
|
543
543
|
# request.env['REQUEST_PATH'] is not set during testing (but this is
|
544
544
|
# a temporary hack anyway)
|
545
|
-
|
545
|
+
if path = request.env['REQUEST_PATH'].split('/')[2..-1]
|
546
|
+
params[:path] = path
|
547
|
+
else
|
548
|
+
Node.logger.warn("REQUEST_PATH: #{request.env['REQUEST_PATH'].inspect}")
|
549
|
+
path = params[:path]
|
550
|
+
end
|
546
551
|
end
|
547
552
|
if path.last =~ Zena::Use::Urls::ALLOWED_REGEXP
|
548
553
|
zip = $3
|
@@ -558,14 +563,14 @@ class NodesController < ApplicationController
|
|
558
563
|
|
559
564
|
# We use the visitor to find the node in order to ease implementation
|
560
565
|
# of custom access rules (Acl).
|
561
|
-
@node = visitor.find_node(path, zip, name,
|
566
|
+
@node = visitor.find_node(path, zip, name, request)
|
562
567
|
else
|
563
568
|
# bad url
|
564
569
|
Node.logger.warn "Path #{path.last.inspect} does not match #{Zena::Use::Urls::ALLOWED_REGEXP}"
|
565
570
|
raise ActiveRecord::RecordNotFound
|
566
571
|
end
|
567
572
|
elsif params[:id]
|
568
|
-
@node = visitor.find_node(nil, params[:id], nil,
|
573
|
+
@node = visitor.find_node(nil, params[:id], nil, request)
|
569
574
|
end
|
570
575
|
|
571
576
|
if params[:link_id]
|
@@ -592,7 +597,7 @@ class NodesController < ApplicationController
|
|
592
597
|
|
593
598
|
case params[:action]
|
594
599
|
when 'index'
|
595
|
-
#
|
600
|
+
# We need this redirection here to enable document caching in another lang
|
596
601
|
# bad prefix '/so', '/rx' or '/en?lang=fr'
|
597
602
|
if params[:prefix] != prefix
|
598
603
|
set_visitor_lang(params[:prefix])
|
data/app/models/acl.rb
CHANGED
@@ -15,6 +15,8 @@ class Acl < ActiveRecord::Base
|
|
15
15
|
include RubyLess
|
16
16
|
|
17
17
|
safe_method :params => Zena::Use::ZafuSafeDefinitions::ParamsDictionary
|
18
|
+
safe_method :asset_host? => Boolean
|
19
|
+
safe_method :visitor => User
|
18
20
|
|
19
21
|
def safe_method_type(signature, receiver = nil)
|
20
22
|
if type = super
|
@@ -26,8 +28,8 @@ class Acl < ActiveRecord::Base
|
|
26
28
|
end
|
27
29
|
end
|
28
30
|
|
29
|
-
def authorize?(base_node, params)
|
30
|
-
res = Node.find_by_sql(eval(make_query(base_node, params).to_s))
|
31
|
+
def authorize?(base_node, params, request)
|
32
|
+
res = Node.find_by_sql(eval(make_query(base_node, params, request).to_s))
|
31
33
|
if res.empty?
|
32
34
|
nil
|
33
35
|
else
|
@@ -43,6 +45,16 @@ class Acl < ActiveRecord::Base
|
|
43
45
|
@exec_skin ||= secure(Skin) { Skin.find(exec_skin_id) }
|
44
46
|
end
|
45
47
|
|
48
|
+
# Returns true if we are on the asset host.
|
49
|
+
def asset_host?
|
50
|
+
@asset_host
|
51
|
+
end
|
52
|
+
|
53
|
+
# Make visitor public so that we can use 'visitor' in queries.
|
54
|
+
def visitor
|
55
|
+
super
|
56
|
+
end
|
57
|
+
|
46
58
|
protected
|
47
59
|
def set_defaults
|
48
60
|
self.format = 'html' if format.blank?
|
@@ -58,12 +70,14 @@ class Acl < ActiveRecord::Base
|
|
58
70
|
end
|
59
71
|
|
60
72
|
def validate_acl
|
61
|
-
make_query(visitor.prototype
|
73
|
+
make_query(visitor.prototype)
|
62
74
|
end
|
63
75
|
|
64
|
-
def make_query(node, params)
|
76
|
+
def make_query(node, params = {}, request = nil)
|
65
77
|
@node = node
|
66
78
|
@params = params
|
79
|
+
@asset_host = request ? request.port.to_i == Zena::ASSET_PORT : false
|
80
|
+
|
67
81
|
# We add a stupid order clause to avoid the 'order by title' thing.
|
68
82
|
query = Node.build_query(:first, self.query + ' order by id asc',
|
69
83
|
:node_name => '@node',
|
@@ -84,4 +98,4 @@ class Acl < ActiveRecord::Base
|
|
84
98
|
errors.add(:query, err.message)
|
85
99
|
nil
|
86
100
|
end
|
87
|
-
end
|
101
|
+
end
|
data/app/models/column.rb
CHANGED
data/app/models/node.rb
CHANGED
@@ -846,10 +846,10 @@ class Node < ActiveRecord::Base
|
|
846
846
|
res = {}
|
847
847
|
res['parent_id'] = new_attributes[:_parent_id] if new_attributes[:_parent_id] # real id set inside zena.
|
848
848
|
|
849
|
+
copy_node = new_attributes.delete(:_copy)
|
849
850
|
attributes = new_attributes.stringify_keys
|
850
851
|
|
851
|
-
if
|
852
|
-
copy_node = attributes.delete('copy')
|
852
|
+
if copy_node || attributes['copy_id']
|
853
853
|
copy_node ||= Node.find_by_zip(attributes.delete('copy_id'))
|
854
854
|
attributes = copy_node.replace_attributes_in_values(attributes)
|
855
855
|
end
|
@@ -1009,6 +1009,7 @@ class Node < ActiveRecord::Base
|
|
1009
1009
|
end
|
1010
1010
|
|
1011
1011
|
# Parse text and replace ids '!30!' by their pseudo path '!(img/bird)!'
|
1012
|
+
# key is used in TextDocument overloaded method.
|
1012
1013
|
def unparse_assets(text, helper, key)
|
1013
1014
|
ZazenParser.new(text,:helper=>helper).render(:translate_ids => :relative_path, :node=>self)
|
1014
1015
|
end
|
data/app/models/site.rb
CHANGED
@@ -33,6 +33,9 @@ class Site < ActiveRecord::Base
|
|
33
33
|
# Should be the same serialization as in Node
|
34
34
|
include Property::Serialization::JSON
|
35
35
|
|
36
|
+
# TODO: can we just use MLIndex in app.rb ?
|
37
|
+
include Zena::Use::MLIndex::SiteMethods
|
38
|
+
|
36
39
|
@@attributes_for_form = {
|
37
40
|
:bool => %w{authentication http_auth auto_publish},
|
38
41
|
:text => %w{name languages default_lang},
|
data/app/models/user.rb
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
<tr id='add_column' class='btn_add'>
|
2
2
|
<td class='add'><%= link_to_function _('btn_column_add'), "['add_column', 'add_column_form'].each(Element.toggle); $('column_name').focus();" %></td>
|
3
|
-
<td class='add_column' colspan='
|
3
|
+
<td class='add_column' colspan='3'></td>
|
4
4
|
</tr>
|
5
5
|
<tr id='add_column_form' style='display:none;'>
|
6
6
|
<%= render :partial=>'columns/form' %>
|
7
|
-
</tr>
|
7
|
+
</tr>
|
@@ -5,7 +5,7 @@
|
|
5
5
|
link_to_function _('btn_x'), "['add_column', 'add_column_form'].each(Element.toggle)"
|
6
6
|
end %>
|
7
7
|
</td>
|
8
|
-
<td class="add" colspan='
|
8
|
+
<td class="add" colspan='3'>
|
9
9
|
<div id='column_errors'><%= error_messages_for(:column, :object => @column) %></div>
|
10
10
|
<% if @column.new_record? %>
|
11
11
|
<%= form_remote_tag(:url => columns_path ) %>
|
@@ -25,6 +25,12 @@
|
|
25
25
|
<td><%= text_field('column', 'name', :size=>15 ) %></td>
|
26
26
|
<td><span class='text'><%= select_tag "column[index]", grouped_options_for_select(Column.indices_for_form, @column.index, '') %></span></td>
|
27
27
|
</tr>
|
28
|
+
<tr>
|
29
|
+
<td class='label'><%= _("comment") %></td>
|
30
|
+
<td colspan='3'>
|
31
|
+
<%= text_area('column', 'comment', :rows => 2, :cols => 50) %>
|
32
|
+
</td>
|
33
|
+
</tr>
|
28
34
|
<tr><td colspan='4'><p class='btn_validate'><input type='submit' value='<%= _('validate') %>'/></p></td></tr>
|
29
35
|
</table>
|
30
36
|
</form>
|
@@ -33,4 +39,4 @@
|
|
33
39
|
<p class='destroy'><%= _('destroy property') %> <input type='submit' value='<%= _('destroy') %>'></p>
|
34
40
|
</form>
|
35
41
|
<% end -%>
|
36
|
-
</td>
|
42
|
+
</td>
|
@@ -1,11 +1,11 @@
|
|
1
1
|
<h2 class='title'><%= _('properties') %></h2>
|
2
2
|
|
3
3
|
<table id='column_list' class='admin' cellspacing="0">
|
4
|
-
<tr><th class='nav' colspan='
|
4
|
+
<tr><th class='nav' colspan='4'><%= will_paginate @columns %></th></tr>
|
5
5
|
<% role_id = nil; @columns.each do |col| -%>
|
6
6
|
<% if col.role_id != role_id; role_id = col.role_id -%>
|
7
7
|
<tr class='<%= col.role.class.to_s.underscore %>'>
|
8
|
-
<th class='nav sub constant' colspan='
|
8
|
+
<th class='nav sub constant' colspan='4'>
|
9
9
|
<span class='kpath'><%= col.role.kpath %></span> <%= col.role.name %>
|
10
10
|
</th>
|
11
11
|
</tr>
|
@@ -1,6 +1,14 @@
|
|
1
1
|
<r:include template='$default/Node-admin'>
|
2
|
+
<r:with part='logo'>
|
3
|
+
<r:root do='link'/>
|
4
|
+
</r:with>
|
5
|
+
<r:with part='navigation'>
|
6
|
+
<ul id='menu' do='admin_links'>
|
7
|
+
<li do='each' do='show'>x</li>
|
8
|
+
</ul>
|
9
|
+
</r:with>
|
2
10
|
<r:with part='content' do='content_for_layout'>
|
3
|
-
<
|
11
|
+
<h2 class='title' do='title'/>
|
4
12
|
<div id='related' do='visitor'>
|
5
13
|
<r:to_publish>
|
6
14
|
<h3 class='group' do='trans'>to publish</h3>
|
@@ -15,16 +15,17 @@
|
|
15
15
|
<r:uses_datebox/>
|
16
16
|
</head>
|
17
17
|
<body>
|
18
|
-
<h1 id='logo'
|
18
|
+
<h1 id='logo'>
|
19
|
+
<r:link>admin_interface</r:link>
|
20
|
+
</h1>
|
19
21
|
<div id='container'>
|
20
22
|
<div id='navigation'>
|
21
|
-
<ul id='menu' do='admin_links'>
|
23
|
+
<ul id='menu' do='admin_links' list='home'>
|
22
24
|
<li do='each' do='show'>x</li>
|
23
25
|
</ul>
|
24
26
|
</div>
|
25
27
|
|
26
28
|
<div id='content'>
|
27
|
-
<h1 id='title'><r:title/> <span class='klass'>(<r:klass/>)</span></h1>
|
28
29
|
<div id='preview'>
|
29
30
|
<h2 class='preview' do='link' do='t'>view_live</h2>
|
30
31
|
<r:Image?>
|
@@ -38,6 +39,8 @@
|
|
38
39
|
</r:Image?>
|
39
40
|
</div>
|
40
41
|
|
42
|
+
<h1 id='title'><r:title/> <span class='klass'>(<r:klass/>)</span></h1>
|
43
|
+
|
41
44
|
<div id='actions'>
|
42
45
|
<r:if test='can_edit?'>
|
43
46
|
<label do='t("edit #{klass}")'/>
|
@@ -31,7 +31,7 @@ module Bricks
|
|
31
31
|
end
|
32
32
|
end
|
33
33
|
|
34
|
-
def acl_authorized?(action, params,
|
34
|
+
def acl_authorized?(action, params, request)
|
35
35
|
node = nil
|
36
36
|
group_ids_bak = group_ids.dup
|
37
37
|
acls(action, params[:mode], params[:format]).each do |acl|
|
@@ -39,8 +39,8 @@ module Bricks
|
|
39
39
|
if acl.exec_group_id
|
40
40
|
@group_ids = group_ids_bak + [acl.exec_group_id]
|
41
41
|
end
|
42
|
-
base_node
|
43
|
-
if node = acl.authorize?(base_node, params)
|
42
|
+
base_node = self.node_without_secure
|
43
|
+
if node = acl.authorize?(base_node, params, request)
|
44
44
|
self.exec_acl = acl
|
45
45
|
# Keep loaded exec_group
|
46
46
|
return node
|
@@ -73,11 +73,11 @@ module Bricks
|
|
73
73
|
exec_acl ? exec_acl.exec_skin : get_skin_without_acls(node)
|
74
74
|
end
|
75
75
|
|
76
|
-
def find_node_with_acls(path, zip, name,
|
77
|
-
find_node_without_acls(path, zip, name,
|
76
|
+
def find_node_with_acls(path, zip, name, request)
|
77
|
+
find_node_without_acls(path, zip, name, request)
|
78
78
|
rescue ActiveRecord::RecordNotFound
|
79
79
|
raise unless visitor.use_acls?
|
80
|
-
acl_params = params.dup
|
80
|
+
acl_params = request.params.dup
|
81
81
|
if name =~ /^\d+$/
|
82
82
|
acl_params[:id] = name
|
83
83
|
elsif name
|
@@ -87,7 +87,7 @@ module Bricks
|
|
87
87
|
acl_params[:id] = zip
|
88
88
|
end
|
89
89
|
|
90
|
-
visitor.acl_authorized?(::Acl::ACTION_FROM_METHOD[method], acl_params)
|
90
|
+
visitor.acl_authorized?(::Acl::ACTION_FROM_METHOD[request.method], acl_params, request)
|
91
91
|
end
|
92
92
|
end # UserMethods
|
93
93
|
end # Acls
|
@@ -5,6 +5,11 @@ class AclTest < Zena::Unit::TestCase
|
|
5
5
|
def base_node
|
6
6
|
visitor.node_without_secure
|
7
7
|
end
|
8
|
+
MockRequest = Struct.new(:method, :params, :port)
|
9
|
+
|
10
|
+
def mock_request(method = :get, params = {}, port = 0)
|
11
|
+
MockRequest.new(method, params, port)
|
12
|
+
end
|
8
13
|
|
9
14
|
context 'On a site with acl' do
|
10
15
|
setup do
|
@@ -26,17 +31,17 @@ class AclTest < Zena::Unit::TestCase
|
|
26
31
|
|
27
32
|
context 'with a matching query' do
|
28
33
|
should 'authorize' do
|
29
|
-
assert subject.authorize?(base_node, :id => nodes_zip(:queen))
|
34
|
+
assert subject.authorize?(base_node, {:id => nodes_zip(:queen)}, mock_request)
|
30
35
|
end
|
31
36
|
|
32
37
|
should 'return searched node' do
|
33
|
-
assert_equal nodes_id(:queen), subject.authorize?(base_node, :id => nodes_zip(:queen)).id
|
38
|
+
assert_equal nodes_id(:queen), subject.authorize?(base_node, {:id => nodes_zip(:queen)}, mock_request).id
|
34
39
|
end
|
35
40
|
end # with a matching query
|
36
41
|
|
37
42
|
context 'with a node outside the query' do
|
38
43
|
should 'not authorize' do
|
39
|
-
assert_nil subject.authorize?(base_node, {:id => nodes_zip(:over_zeus)})
|
44
|
+
assert_nil subject.authorize?(base_node, {:id => nodes_zip(:over_zeus)}, mock_request)
|
40
45
|
end
|
41
46
|
end # with a node outside the query
|
42
47
|
|
@@ -44,6 +49,23 @@ class AclTest < Zena::Unit::TestCase
|
|
44
49
|
|
45
50
|
end # an acl
|
46
51
|
|
52
|
+
context 'saving an acl with asset_host in query' do
|
53
|
+
subject do
|
54
|
+
acls(:rap)
|
55
|
+
end
|
56
|
+
|
57
|
+
should 'validate' do
|
58
|
+
erebus_id = groups_id(:erebus)
|
59
|
+
visitor.instance_eval do
|
60
|
+
@group_ids = self.group_ids + [erebus_id]
|
61
|
+
end
|
62
|
+
assert subject.update_attributes(:query => 'nodes where 1 = #{asset_host? ? 1 : 0} in site')
|
63
|
+
assert_nil subject.authorize?(base_node, {:id => nodes_zip(:over_zeus)}, mock_request)
|
64
|
+
assert_equal 'A plan to overrule Zeus', subject.authorize?(base_node, {:id => nodes_zip(:over_zeus)}, mock_request(:get, {}, 80)).title
|
65
|
+
end
|
66
|
+
end # saving an acl with asset_host in query
|
67
|
+
|
68
|
+
|
47
69
|
context 'a visitor' do
|
48
70
|
context 'with normal access' do
|
49
71
|
subject do
|
@@ -54,7 +76,7 @@ class AclTest < Zena::Unit::TestCase
|
|
54
76
|
should 'find nodes' do
|
55
77
|
assert_equal nodes(:over_zeus).id,
|
56
78
|
subject.find_node(
|
57
|
-
nil, nodes_zip(:over_zeus), nil,
|
79
|
+
nil, nodes_zip(:over_zeus), nil, mock_request(:get)
|
58
80
|
).id
|
59
81
|
end
|
60
82
|
end # with normal access
|
@@ -69,13 +91,13 @@ class AclTest < Zena::Unit::TestCase
|
|
69
91
|
should 'find node in acl scope' do
|
70
92
|
assert_equal nodes(:queen).id,
|
71
93
|
subject.find_node(
|
72
|
-
nil, nodes_zip(:queen), nil,
|
94
|
+
nil, nodes_zip(:queen), nil, mock_request(:get)
|
73
95
|
).id
|
74
96
|
end
|
75
97
|
|
76
98
|
should 'not find node out of acl scope' do
|
77
99
|
assert_raise(ActiveRecord::RecordNotFound) do
|
78
|
-
subject.find_node(nil, nodes_zip(:over_zeus), nil,
|
100
|
+
subject.find_node(nil, nodes_zip(:over_zeus), nil, mock_request(:get))
|
79
101
|
end
|
80
102
|
end
|
81
103
|
|
@@ -87,7 +109,7 @@ class AclTest < Zena::Unit::TestCase
|
|
87
109
|
should 'try acls in turn' do
|
88
110
|
assert_equal nodes(:wedding).id,
|
89
111
|
subject.find_node(
|
90
|
-
nil, nodes_zip(:wedding), nil,
|
112
|
+
nil, nodes_zip(:wedding), nil, mock_request(:get)
|
91
113
|
).id
|
92
114
|
end
|
93
115
|
end # with many acls
|
@@ -95,13 +117,13 @@ class AclTest < Zena::Unit::TestCase
|
|
95
117
|
context 'using method without acl' do
|
96
118
|
should 'not find node out of acl scope' do
|
97
119
|
assert_raise(ActiveRecord::RecordNotFound) do
|
98
|
-
subject.find_node(nil, nodes_zip(:queen), nil,
|
120
|
+
subject.find_node(nil, nodes_zip(:queen), nil, mock_request(:put))
|
99
121
|
end
|
100
122
|
assert_raise(ActiveRecord::RecordNotFound) do
|
101
|
-
subject.find_node(nil, nodes_zip(:queen), nil,
|
123
|
+
subject.find_node(nil, nodes_zip(:queen), nil, mock_request(:delete))
|
102
124
|
end
|
103
125
|
assert_raise(ActiveRecord::RecordNotFound) do
|
104
|
-
subject.find_node(nil, nodes_zip(:queen), nil,
|
126
|
+
subject.find_node(nil, nodes_zip(:queen), nil, mock_request(:post))
|
105
127
|
end
|
106
128
|
end
|
107
129
|
end # using method without acl
|
@@ -115,7 +137,7 @@ class AclTest < Zena::Unit::TestCase
|
|
115
137
|
|
116
138
|
should 'not find nodes' do
|
117
139
|
assert_raise(ActiveRecord::RecordNotFound) do
|
118
|
-
subject.find_node(nil, nodes_zip(:queen), nil,
|
140
|
+
subject.find_node(nil, nodes_zip(:queen), nil, mock_request(:get))
|
119
141
|
end
|
120
142
|
end
|
121
143
|
end # without acl enabled
|