Refactor: split ProjectsController#add into #add (GET) and #create (P…

…OST). git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4067 e93f8b46-1217-0410-a6f0-8f06a7374b81
edavis10 · Sep 6, 2010 · 763ab07 · 763ab07
1 parent 9da4ee5
commit 763ab07
Show file tree

Hide file tree

Showing 5 changed files with 99 additions and 68 deletions.
diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb
@@ -20,13 +20,13 @@ class ProjectsController < ApplicationController
   menu_item :roadmap, :only => :roadmap
   menu_item :settings, :only => :settings
 
-  before_filter :find_project, :except => [ :index, :list, :add, :copy ]
-  before_filter :authorize, :except => [ :index, :list, :add, :copy, :archive, :unarchive, :destroy]
-  before_filter :authorize_global, :only => :add
+  before_filter :find_project, :except => [ :index, :list, :add, :create, :copy ]
+  before_filter :authorize, :except => [ :index, :list, :add, :create, :copy, :archive, :unarchive, :destroy]
+  before_filter :authorize_global, :only => [:add, :create]
   before_filter :require_admin, :only => [ :copy, :archive, :unarchive, :destroy ]
   accept_key_auth :index
 
-  after_filter :only => [:add, :edit, :archive, :unarchive, :destroy] do |controller|
+  after_filter :only => [:create, :edit, :archive, :unarchive, :destroy] do |controller|
     if controller.request.post?
       controller.send :expire_action, :controller => 'welcome', :action => 'robots.txt'
     end
@@ -65,35 +65,41 @@ def add
     @issue_custom_fields = IssueCustomField.find(:all, :order => "#{CustomField.table_name}.position")
     @trackers = Tracker.all
     @project = Project.new(params[:project])
-    if request.get?
-      @project.identifier = Project.next_identifier if Setting.sequential_project_identifiers?
-      @project.trackers = Tracker.all
-      @project.is_public = Setting.default_projects_public?
-      @project.enabled_module_names = Setting.default_projects_modules
+
+    @project.identifier = Project.next_identifier if Setting.sequential_project_identifiers?
+    @project.trackers = Tracker.all
+    @project.is_public = Setting.default_projects_public?
+    @project.enabled_module_names = Setting.default_projects_modules
+  end
+
+  def create
+    @issue_custom_fields = IssueCustomField.find(:all, :order => "#{CustomField.table_name}.position")
+    @trackers = Tracker.all
+    @project = Project.new(params[:project])
+
+    @project.enabled_module_names = params[:enabled_modules]
+    if validate_parent_id && @project.save
+      @project.set_allowed_parent!(params[:project]['parent_id']) if params[:project].has_key?('parent_id')
+      # Add current user as a project member if he is not admin
+      unless User.current.admin?
+        r = Role.givable.find_by_id(Setting.new_project_user_role_id.to_i) || Role.givable.first
+        m = Member.new(:user => User.current, :roles => [r])
+        @project.members << m
+      end
+      respond_to do |format|
+        format.html { 
+          flash[:notice] = l(:notice_successful_create)
+          redirect_to :controller => 'projects', :action => 'settings', :id => @project
+        }
+        format.xml  { head :created, :location => url_for(:controller => 'projects', :action => 'show', :id => @project.id) }
+      end
     else
-      @project.enabled_module_names = params[:enabled_modules]
-      if validate_parent_id && @project.save
-        @project.set_allowed_parent!(params[:project]['parent_id']) if params[:project].has_key?('parent_id')
-        # Add current user as a project member if he is not admin
-        unless User.current.admin?
-          r = Role.givable.find_by_id(Setting.new_project_user_role_id.to_i) || Role.givable.first
-          m = Member.new(:user => User.current, :roles => [r])
-          @project.members << m
-        end
-        respond_to do |format|
-          format.html { 
-            flash[:notice] = l(:notice_successful_create)
-            redirect_to :controller => 'projects', :action => 'settings', :id => @project
-          }
-          format.xml  { head :created, :location => url_for(:controller => 'projects', :action => 'show', :id => @project.id) }
-        end
-      else
-        respond_to do |format|
-          format.html
-          format.xml  { render :xml => @project.errors, :status => :unprocessable_entity }
-        end
+      respond_to do |format|
+        format.html { render :action => 'add' }
+        format.xml  { render :xml => @project.errors, :status => :unprocessable_entity }
       end
-    end	
+    end
+
   end
 
   def copy

diff --git a/config/routes.rb b/config/routes.rb
@@ -195,9 +195,9 @@
     end
 
     projects.with_options :conditions => {:method => :post} do |project_actions|
-      project_actions.connect 'projects/new', :action => 'add'
-      project_actions.connect 'projects', :action => 'add'
-      project_actions.connect 'projects.:format', :action => 'add', :format => /xml/
+      project_actions.connect 'projects/new', :action => 'create'
+      project_actions.connect 'projects', :action => 'create'
+      project_actions.connect 'projects.:format', :action => 'create', :format => /xml/
       project_actions.connect 'projects/:id/:action', :action => /edit|destroy|archive|unarchive/
       project_actions.connect 'projects/:id/files/new', :controller => 'files', :action => 'new'
       project_actions.connect 'projects/:id/activities/save', :controller => 'project_enumerations', :action => 'save'

diff --git a/lib/redmine.rb b/lib/redmine.rb
@@ -46,12 +46,12 @@
 Redmine::AccessControl.map do |map|
   map.permission :view_project, {:projects => [:show], :activities => [:index]}, :public => true
   map.permission :search_project, {:search => :index}, :public => true
-  map.permission :add_project, {:projects => :add}, :require => :loggedin
+  map.permission :add_project, {:projects => [:add, :create]}, :require => :loggedin
   map.permission :edit_project, {:projects => [:settings, :edit]}, :require => :member
   map.permission :select_project_modules, {:projects => :modules}, :require => :member
   map.permission :manage_members, {:projects => :settings, :members => [:new, :edit, :destroy, :autocomplete_for_member]}, :require => :member
   map.permission :manage_versions, {:projects => :settings, :versions => [:new, :edit, :close_completed, :destroy]}, :require => :member
-  map.permission :add_subprojects, {:projects => :add}, :require => :member
+  map.permission :add_subprojects, {:projects => [:add, :create]}, :require => :member
 
   map.project_module :issue_tracking do |map|
     # Issue categories

diff --git a/test/functional/projects_controller_test.rb b/test/functional/projects_controller_test.rb
@@ -98,9 +98,53 @@ def test_index_atom
         assert_response :success
         assert_template 'add'
       end
+
+    end
+
+    context "by non-admin user with add_project permission" do
+      setup do
+        Role.non_member.add_permission! :add_project
+        @request.session[:user_id] = 9
+      end
+
+      should "accept get" do
+        get :add
+        assert_response :success
+        assert_template 'add'
+        assert_no_tag :select, :attributes => {:name => 'project[parent_id]'}
+      end
+    end
+
+    context "by non-admin user with add_subprojects permission" do
+      setup do
+        Role.find(1).remove_permission! :add_project
+        Role.find(1).add_permission! :add_subprojects
+        @request.session[:user_id] = 2
+      end
+
+      should "accept get" do
+        get :add, :parent_id => 'ecookbook'
+        assert_response :success
+        assert_template 'add'
+        # parent project selected
+        assert_tag :select, :attributes => {:name => 'project[parent_id]'},
+                            :child => {:tag => 'option', :attributes => {:value => '1', :selected => 'selected'}}
+        # no empty value
+        assert_no_tag :select, :attributes => {:name => 'project[parent_id]'},
+                               :child => {:tag => 'option', :attributes => {:value => ''}}
+      end
+    end
+
+  end
+
+  context "POST :create" do
+    context "by admin user" do
+      setup do
+        @request.session[:user_id] = 1
+      end
 
-      should "accept post" do
-        post :add, :project => { :name => "blog", 
+      should "create a new project" do
+        post :create, :project => { :name => "blog", 
                                  :description => "weblog",
                                  :identifier => "blog",
                                  :is_public => 1,
@@ -115,8 +159,8 @@ def test_index_atom
         assert_nil project.parent
       end
 
-      should "accept post with parent" do
-        post :add, :project => { :name => "blog", 
+      should "create a new subproject" do
+        post :create, :project => { :name => "blog", 
                                  :description => "weblog",
                                  :identifier => "blog",
                                  :is_public => 1,
@@ -137,15 +181,8 @@ def test_index_atom
         @request.session[:user_id] = 9
       end
 
-      should "accept get" do
-        get :add
-        assert_response :success
-        assert_template 'add'
-        assert_no_tag :select, :attributes => {:name => 'project[parent_id]'}
-      end
-
-      should "accept post" do
-        post :add, :project => { :name => "blog", 
+      should "accept create a Project" do
+        post :create, :project => { :name => "blog", 
                                  :description => "weblog",
                                  :identifier => "blog",
                                  :is_public => 1,
@@ -166,7 +203,7 @@ def test_index_atom
 
       should "fail with parent_id" do
         assert_no_difference 'Project.count' do
-          post :add, :project => { :name => "blog", 
+          post :create, :project => { :name => "blog", 
                                    :description => "weblog",
                                    :identifier => "blog",
                                    :is_public => 1,
@@ -188,20 +225,8 @@ def test_index_atom
         @request.session[:user_id] = 2
       end
 
-      should "accept get" do
-        get :add, :parent_id => 'ecookbook'
-        assert_response :success
-        assert_template 'add'
-        # parent project selected
-        assert_tag :select, :attributes => {:name => 'project[parent_id]'},
-                            :child => {:tag => 'option', :attributes => {:value => '1', :selected => 'selected'}}
-        # no empty value
-        assert_no_tag :select, :attributes => {:name => 'project[parent_id]'},
-                               :child => {:tag => 'option', :attributes => {:value => ''}}
-      end
-
-      should "accept post with parent_id" do
-        post :add, :project => { :name => "blog", 
+      should "create a project with a parent_id" do
+        post :create, :project => { :name => "blog", 
                                  :description => "weblog",
                                  :identifier => "blog",
                                  :is_public => 1,
@@ -214,7 +239,7 @@ def test_index_atom
 
       should "fail without parent_id" do
         assert_no_difference 'Project.count' do
-          post :add, :project => { :name => "blog", 
+          post :create, :project => { :name => "blog", 
                                    :description => "weblog",
                                    :identifier => "blog",
                                    :is_public => 1,
@@ -230,7 +255,7 @@ def test_index_atom
       should "fail with unauthorized parent_id" do
         assert !User.find(2).member_of?(Project.find(6))
         assert_no_difference 'Project.count' do
-          post :add, :project => { :name => "blog", 
+          post :create, :project => { :name => "blog", 
                                    :description => "weblog",
                                    :identifier => "blog",
                                    :is_public => 1,

diff --git a/test/integration/routing_test.rb b/test/integration/routing_test.rb
@@ -178,8 +178,8 @@ class RoutingTest < ActionController::IntegrationTest
     should_route :get, "/projects/33/activity", :controller => 'activities', :action => 'index', :id => '33'
     should_route :get, "/projects/33/activity.atom", :controller => 'activities', :action => 'index', :id => '33', :format => 'atom'
 
-    should_route :post, "/projects/new", :controller => 'projects', :action => 'add'
-    should_route :post, "/projects.xml", :controller => 'projects', :action => 'add', :format => 'xml'
+    should_route :post, "/projects/new", :controller => 'projects', :action => 'create'
+    should_route :post, "/projects.xml", :controller => 'projects', :action => 'create', :format => 'xml'
     should_route :post, "/projects/4223/edit", :controller => 'projects', :action => 'edit', :id => '4223'
     should_route :post, "/projects/64/destroy", :controller => 'projects', :action => 'destroy', :id => '64'
     should_route :post, "/projects/33/files/new", :controller => 'files', :action => 'new', :id => '33'