@@ -1,5 +1,5 @@ <li class="event-revision<%= " shade" if defined?(shaded) && shaded == true %>"> <span class="event-time"><%= event_time_for event, later %></span> <%= link_to h(event.title), :controller => 'articles', :action => 'edit', :id => event.article_id %> was revised. - <span class="meta">by <%= link_to who(event.user.login), :controller => 'users', :action => 'show', :id => event.user %></span> + <span class="meta">by <%= link_to h(who(event.user.login)), :controller => 'users', :action => 'show', :id => event.user %></span> </li> \ No newline at end of file app/views/admin/overview/_edit_event.rhtml @@ -3,13 +3,13 @@ require File.dirname(__FILE__) + '/../../test_helper' # Re-raise errors caught by the controller. class Admin::OverviewController; def rescue_action(e) raise e end; end -class Admin::OverviewControllerTest < Test::Unit::TestCase - fixtures :users, :contents, :events, :sites, :memberships +class Admin::OverviewControllerTest < ActionController::TestCase def setup - @controller = Admin::OverviewController.new - @request = ActionController::TestRequest.new - @response = ActionController::TestResponse.new - login_as :quentin + Site.transaction do + [Site, User, Event, Article, Membership].each &:delete_all + end + @site = Site.make + host! @site.host end def test_routing @@ -20,41 +20,62 @@ class Admin::OverviewControllerTest < Test::Unit::TestCase end def test_should_allow_site_admins_to_access_site - login_as :arthur + @user = User.make + Membership.make :user => @user, :site => @site, :admin => true + @request.session[:user] = User.authenticate_for(@site, @user.login, 'test') + get :index assert_response :success end def test_should_allow_site_members_to_acces_overview - login_as :ben - get :index - assert_response :success - end + @user = User.make + Membership.make :user => @user, :site => @site, :admin => false + @request.session[:user] = User.authenticate_for(@site, @user.login, 'test') - def test_should_not_explode_on_home_page get :index assert_response :success end - + def test_should_require_http_auth_on_feed get :feed assert_response 401 end - - def test_should_require_http_auth_on_feed - @request.env['HTTP_AUTHORIZATION'] = "Basic #{Base64.encode64("quentin:test")}" + + def test_should_allow_http_auth_on_feed + @user = User.make + Membership.make :user => @user, :site => @site, :admin => true + @request.env['HTTP_AUTHORIZATION'] = "Basic #{Base64.encode64("#{@user.login}:test")}" get :feed assert_response :success end - + def test_should_sort_future_items_in_todays_events - today = Time.now.utc - assert events(:future).update_attribute( :created_at, today + 2.days) - assert events(:site_map).update_attribute(:created_at, today) - assert events(:about).update_attribute( :created_at, today - 1.day) + Site.transaction do + @admin = User.make + @user = User.make + @article = Article.make :site => @site, :user => @user + @article.title = 'foo' ; @article.body = 'bar' + @event1 = Event.make_from @article + @comment = Comment.make :article => @article + @event2 = Event.make_from @comment + @article.title = 'foo2' ; @article.body = 'bar2' + @event3 = Event.make_from @article + @events = Event.all + assert_equal 3, @events.size + + today = Time.now.utc + assert @event1.update_attribute(:created_at, today + 2.days) + assert @event2.update_attribute(:created_at, today) + assert @event3.update_attribute(:created_at, today - 1.day) + + Membership.make :user => @admin, :site => @site, :admin => true + end + + @request.session[:user] = User.authenticate_for(@site, @admin.login, 'test') get :index - assert assigns(:todays_events).include?(events(:future)), "#{assigns(:todays_events).collect(&:id).inspect}" - assert assigns(:todays_events).include?(events(:site_map)), "#{assigns(:todays_events).collect(&:id).inspect}" - assert assigns(:yesterdays_events).include?(events(:about)), "#{assigns(:yesterdays_events).collect(&:id).inspect}" + assert assigns(:todays_events).include?(@event1), "#{assigns(:todays_events).collect(&:id).inspect}" + assert assigns(:todays_events).include?(@event2), "#{assigns(:todays_events).collect(&:id).inspect}" + assert assigns(:yesterdays_events).include?(@event3), "#{assigns(:yesterdays_events).collect(&:id).inspect}" end end test/functional/admin/overview_controller_test.rb 4aae70e165bd63602fb51ef44d516f9f67c3737a rick technoweenie@gmail.com http://github.com/halorgium/mephisto/commit/e229865d6e63a6b6c0e6cb7aac21992ca303f94a e229865d6e63a6b6c0e6cb7aac21992ca303f94a 2008-12-20T10:48:38-08:00 2008-12-20T10:48:38-08:00 catch tainted string in overview 7a580309ed604bf6eb679546848711d3a6202804 rick technoweenie@gmail.com