0
@@ -15,5 +15,9 @@
0
     @site ||= Site.find(:first)
0
   end
0
   
0
+  def require_admin
0
+    redirect_to(page_path('home')) unless logged_in? && current_user.admin?
0
+  end
0
+  
0
 end

0
@@ -5,7 +5,7 @@
0
   before_filter :admin_required, :only => :index
0
 protected
0
   def admin_required
0
-    raise AccessDenied unless current_user.admin?
0
+    redirect_to new_session_path unless current_user.admin?
0
   end
0
 
0
 public
0
@@ -13,7 +13,7 @@
0
   # collection methods
0
 
0
   def create
0
-    flag = current_user.flags.create! params[:flag]
0
+    flag = current_user.flags.create!(params[:flag])
0
     flash[:notice] = if flag.new_record?
0
       "You already flagged this content!"
0
     else # success

0
@@ -1,5 +1,6 @@
0
 class PagesController < ApplicationController
0
-  before_filter :require_login, :except => [:index, :show, :revision]
0
+  before_filter :require_login, :except => [:index, :show, :revision, :search]
0
+  before_filter :require_admin, :only => [:lock]
0
   before_filter :check_private, :only => [:show, :revision]
0
   caches_page :show
0
   cache_sweeper :page_sweeper, :only => [:create, :update]

0
@@ -2,8 +2,8 @@
0
   
0
   def wikified_body(body)
0
     r = RedCloth.new(body)
0
-    r.gsub!(/\[\[(.*)(\|(.*))?\]\]/) {wiki_link(*$1.split("|")[0..1])}
0
-    r.to_html
0
+    r.gsub!(/\[\[(.*?)(\|(.*?))?\]\]/) { wiki_link($1, $3) }
0
+    sanitize r.to_html
0
   end
0
   
0
   def wiki_link(wiki_words, link_text = nil)
0
0
0
@@ -20,10 +20,14 @@
0
   end
0
   
0
   def body_input(f)
0
+    text_input(f, 'body')
0
+  end
0
+  
0
+  def text_input(f, attr)
0
     if site.disable_teh
0
-      f.text_area :body
0
+      f.text_area attr.to_sym
0
     else
0
-      textile_editor 'page', 'body'
0
+      textile_editor 'page', attr
0
     end
0
   end
0
   

0
@@ -89,7 +89,11 @@
0
   end
0
   
0
   def locked?
0
-    locked_at.nil? or locked_at > Time.now
0
+    if locked_at.nil?
0
+      return false
0
+    else
0
+      locked_at < Time.now
0
+    end
0
   end
0
   
0
   def unlock

0
@@ -15,7 +15,7 @@
0
   <tbody>
0
     <% @flags.each do |flag| %>
0
     <tr class="<%= cycle('alternate','') %>">
0
-      <td><%=h flag.created_at.to_s :short %></td>
0
+      <td><%=h flag.created_at.to_s(:short) %></td>
0
       <td><%=h flag.user.login %> (<%=h flag.user.flags.size %>)</td>
0
       <td><%= link_to h('%s %i' % [flag.flaggable_type, flag.flaggable_id]), flag.flaggable %></td>
0
       <td><%= flag.owner ? (link_to h(flag.owner.login), flag.owner) : "Anonymous" %></td>

0
@@ -5,7 +5,7 @@
0
 
0
   <p>
0
     <label for="body">Body</label><br />
0
-	<%= body_input(f) %>
0
+	  <%= body_input(f) %>
0
   </p>
0
 
0
   <p>

0
@@ -10,7 +10,7 @@
0
 <ul class="meta_info">
0
   <li><%= link_to('View previous revision', revision_page_url(:id => @page.permalink, :version => (@page.previous.version))) if @page.previous %></li>
0
   <li><%= link_to('View next revision', revision_page_url(:id => @page.permalink, :version => (@page.next.version))) if @page.next %></li>
0
-	<li><%= link_to "Rollback to this revision", rollback_page_url(:id => @page.permalink, :version => (@page.version)) unless current_revision(@page.page_id, @page.version) || (Page.find(@page.page_id).locked? && !current_user.admin?) %></li>
0
+	<li><%= link_to "Rollback to this revision", rollback_page_url(:id => @page.permalink, :version => (@page.version)) unless current_revision(@page.page_id, @page.version) || (Page.find(@page.page_id).locked? && (logged_in? && !current_user.admin?)) %></li>
0
   <%# FIXME Clean up this revision link logic %>
0
   <li><%= link_to 'Return to current revision', wiki_page_url(@page.permalink) %></li>
0
 </ul>

0
@@ -1 +1,75 @@
0
+require File.dirname(__FILE__) + "/../spec_helper"
0
+
0
+describe FlagsController, "a user not logged in" do
0
+  fixtures :sites, :users, :pages
0
+  integrate_views
0
+  
0
+  before do
0
+    controller.stub!(:logged_in?).and_return false
0
+    controller.stub!(:current_user).and_return :false
0
+  end
0
+  
0
+  it "does not render 'index'" do
0
+    get :index
0
+    response.should redirect_to('session/new')
0
+  end
0
+  
0
+  it 'can not flag something' do
0
+    post :create, :flag => { :flaggable_type => 'Page', :flaggable_id => 1, :reason => 'outdated' }
0
+    response.should redirect_to('session/new')
0
+  end
0
+end
0
+
0
+describe FlagsController, "a user logged in as normal user" do
0
+  fixtures :sites, :pages, :page_versions, :users
0
+  integrate_views
0
+  
0
+  before do
0
+    # Mocking this was a bitch.
0
+    @user = users(:jeremy)
0
+    
0
+    controller.stub!(:require_login)
0
+    controller.stub!(:logged_in?).and_return true
0
+    controller.stub!(:current_user).and_return @user
0
+  end
0
+  
0
+  it "does not render 'index'" do
0
+    get :index
0
+    response.should redirect_to('session/new')
0
+  end
0
+  
0
+  it 'can flag something' do
0
+    lambda {
0
+      post :create, :flag => { :flaggable_type => 'Page', :flaggable_id => 1, :reason => 'outdated', :user_id => @user.id }
0
+      response.should redirect_to('pages/hai')
0
+    }.should change(Flag, :count).by(1)
0
+  end
0
+end
0
+
0
+
0
+describe FlagsController, "a user logged in as admin" do
0
+  fixtures :sites, :pages, :page_versions, :users
0
+  integrate_views
0
+  
0
+  before do
0
+    @user = users(:admin)
0
+    controller.stub!(:require_login)
0
+    controller.stub!(:logged_in?).and_return true
0
+    controller.stub!(:current_user).and_return @user
0
+  end
0
+  
0
+  it "renders 'index'" do
0
+    get :index
0
+    response.should be_success
0
+    response.should render_template("index")    
0
+  end
0
+  
0
+  it 'can flag something' do
0
+    lambda {
0
+      post :create, :flag => { :flaggable_type => 'Page', :flaggable_id => 1, :reason => 'outdated', :user_id => @user.id }
0
+      response.should redirect_to('pages/hai')
0
+    }.should change(Flag, :count).by(1)
0
+  end
0
+  
0
+end

0
@@ -1 +1,260 @@
0
+require File.dirname(__FILE__) + "/../spec_helper"
0
+
0
+def create_page
0
+  Page.create(:title => "hee haw", :body => "moop", :site_id => 1)
0
+end
0
+
0
+describe PagesController, " with site that requires login, a user not logged in" do
0
+  fixtures :sites, :pages, :page_versions, :users
0
+  integrate_views
0
+  before do
0
+    controller.stub!(:logged_in?).and_return false
0
+    controller.stub!(:current_user).and_return :false
0
+  end
0
+  
0
+  it "does not render 'new'" do
0
+    get :new
0
+    response.should redirect_to('session/new')
0
+  end
0
+  
0
+  it "renders 'revision'" do
0
+    page = create_page
0
+    page.body = "MEEP"
0
+    page.save!
0
+
0
+    get :revision, :id => page.permalink, :version => page.version - 1
0
+    response.should be_success
0
+    response.should render_template("revision")    
0
+  end
0
+  
0
+  it "searches for pages" do
0
+    get :search, :query => "home"
0
+    response.should be_success
0
+  end
0
+  
0
+  it "can not lock a page" do
0
+    get :lock, :id => 'hai'
0
+    response.should redirect_to('session/new')
0
+  end
0
+  
0
+  it "can not rollback a page" do
0
+    page = create_page
0
+    page.body = "MEEP"
0
+    page.save!
0
+    current_version = page.version
0
+
0
+    get :rollback, :id => page.permalink, :version => 1
0
+    response.should redirect_to('session/new')
0
+    
0
+    page = page.reload
0
+    page.version.should be == current_version
0
+  end
0
+  
0
+  it "can not edit a page" do
0
+    page = create_page
0
+    
0
+    lambda do
0
+      post :update, :id => page.permalink, :page => {:body => "hehehe"}
0
+      response.should redirect_to('session/new')
0
+    end.should_not change(page, :body)
0
+  end
0
+  
0
+  it "can not create a page" do
0
+    lambda do
0
+      post :create, :page => { :site_id => 1, :title => "o hai", :body => "meeg000!!" }
0
+      response.should redirect_to('session/new')
0
+    end.should_not change(Page, :count)
0
+  end
0
+end
0
+
0
+describe PagesController, " with site that does not require login, a user not logged in" do
0
+  fixtures :sites, :pages, :page_versions, :users
0
+  integrate_views
0
+  before do
0
+    site = Site.find(:first)
0
+    site.require_login_to_post = false
0
+    site.save!
0
+
0
+    controller.stub!(:logged_in?).and_return false
0
+    controller.stub!(:current_user).and_return :false
0
+  end
0
+  
0
+  it "renders 'new'" do
0
+    get :new
0
+    response.should be_success
0
+  end
0
+  
0
+  it "can rollback a page" do
0
+    page = create_page
0
+    page.body = "MEEP"
0
+    page.save!
0
+    current_version = page.version
0
+
0
+    get :rollback, :id => page.permalink, :version => 1
0
+    response.should redirect_to(page.permalink)
0
+    
0
+    page = page.reload
0
+    page.version.should be < current_version
0
+  end
0
+  
0
+  it "can edit a page" do
0
+    page = create_page
0
+    
0
+    lambda do
0
+      post :update, :id => page.permalink, :page => {:body => "hehehe"}
0
+      response.should redirect_to(page.permalink)
0
+      page.reload
0
+    end.should change(page, :body)
0
+  end
0
+  
0
+  it "can create a page" do
0
+    lambda do
0
+      post :create, :page => { :site_id => 1, :title => "o hai", :body => "meeg000!!" }
0
+      response.should redirect_to('o-hai')
0
+    end.should change(Page, :count)
0
+  end
0
+end
0
+
0
+describe PagesController, "a user logged in as normal user" do
0
+  fixtures :sites, :pages, :page_versions, :users
0
+  integrate_views
0
+  
0
+  before do
0
+    controller.stub!(:require_login)
0
+    controller.stub!(:logged_in?).and_return true
0
+    controller.stub!(:current_user).and_return users(:jeremy)
0
+  end
0
+  
0
+  
0
+  it "renders 'new'" do
0
+    get :new
0
+    response.should be_success
0
+    response.should render_template("new")
0
+  end
0
+  
0
+  it "renders 'revision'" do
0
+    page = create_page
0
+    page.body = "MEEP"
0
+    page.save!
0
+
0
+    get :revision, :id => page.permalink, :version => page.version - 1
0
+    response.should be_success
0
+    response.should render_template("revision")   
0
+  end
0
+  
0
+  it "searches for pages" do
0
+    get :search, :query => "home"
0
+    response.should be_success
0
+  end
0
+  
0
+  it "can edit a page" do
0
+    page = create_page
0
+    
0
+    lambda do
0
+      post :update, :id => page.permalink, :page => {:body => "hehehe"}
0
+      response.should redirect_to(page.permalink)
0
+      page = page.reload
0
+    end.should change(page, :body)
0
+  end
0
+
0
+  it "can create a page" do
0
+    lambda do
0
+      post :create, :page => { :site_id => 1, :title => "o hai", :body => "meeg000!!" }
0
+      response.should redirect_to('o-hai')
0
+    end.should change(Page, :count)
0
+  end
0
+
0
+  it "can rollback a page" do
0
+    page = Page.create(:title => "hee haw", :body => "moop", :site_id => 1)
0
+    page.body = "MEEP"
0
+    page.save!
0
+    current_version = page.version
0
+
0
+    get :rollback, :id => page.permalink, :version => 1
0
+    response.should redirect_to(page.permalink)
0
+    
0
+    page = page.reload
0
+    page.version.should be < current_version
0
+  end
0
+
0
+  it "can not lock a page" do
0
+    get :lock, :id => 'hai'
0
+    response.should redirect_to('pages/home')
0
+  end
0
+end
0
+
0
+describe PagesController, "a user logged in as admin" do
0
+  fixtures :sites, :pages, :page_versions, :users
0
+  integrate_views
0
+  before do
0
+    controller.stub!(:require_login)
0
+    controller.stub!(:logged_in?).and_return true
0
+    controller.stub!(:current_user).and_return users(:admin)
0
+  end
0
+  
0
+  it "renders 'new'" do
0
+    get :new
0
+    response.should be_success
0
+    response.should render_template("new")
0
+  end
0
+  
0
+  it "renders 'revision'" do
0
+    page = create_page
0
+    page.body = "MEEP"
0
+    page.save!
0
+
0
+    get :revision, :id => page.permalink, :version => page.version - 1
0
+    response.should be_success
0
+    response.should render_template("revision")   
0
+  end
0
+  
0
+  it "searches for pages" do
0
+    get :search, :query => "home"
0
+    response.should be_success
0
+  end
0
+  
0
+  it "can edit a page" do
0
+    page = create_page
0
+    
0
+    lambda do
0
+      post :update, :id => page.permalink, :page => {:body => "hehehe"}
0
+      response.should redirect_to(page.permalink)
0
+      page = page.reload
0
+    end.should change(page, :body)
0
+  end
0
+
0
+  it "can create a page" do
0
+    lambda do
0
+      post :create, :page => { :site_id => 1, :title => "o hai", :body => "meeg000!!" }
0
+      response.should redirect_to('o-hai')
0
+    end.should change(Page, :count)
0
+  end
0
+
0
+  it "can rollback a page" do
0
+    page = Page.create(:title => "hee haw", :body => "moop", :site_id => 1)
0
+    page.body = "MEEP"
0
+    page.save!
0
+    current_version = page.version
0
+
0
+    get :rollback, :id => page.permalink, :version => 1
0
+    response.should redirect_to(page.permalink)
0
+    
0
+    page = page.reload
0
+    page.version.should be < current_version
0
+  end
0
+
0
+  it "can lock a page" do
0
+    get :lock, :id => 'hai'
0
+    response.should redirect_to('hai')
0
+  end
0
+  
0
+  it "can unlock a page" do
0
+    page = create_page
0
+    page.lock
0
+    
0
+    get :lock, :id => page.permalink
0
+    page.reload
0
+    page.should_not be_locked
0
+  end
0
+end

0
@@ -1 +1,10 @@
0
+one_old:
0
+  id: 1
0
+  title: hai
0
+  permalink: hai
0
+  body: there, i fixed ur ram
0
+  site_id: 1
0
+  version: 1
0
+  created_at: <%= 1.day.ago.to_s :db %>
0
+  page_id: <%= Fixtures.identify :one %>

0
@@ -1 +1,9 @@
0
+one:
0
+  id: 1
0
+  title: hai
0
+  permalink: hai
0
+  body: there
0
+  site_id: 1
0
+  version: 1
0
+  locked_at:

0
@@ -2,6 +2,7 @@
0
 first:
0
   id: 1
0
   title: RoR
0
+  require_login_to_post: 1
0
   created_at: 2008-03-15 10:28:00
0
   updated_at: 2008-03-15 10:28:00

0
@@ -1 +1,12 @@
0
+jeremy:
0
+  id: 1
0
+  login: jeremy
0
+  email: hai@ohai.com
0
+  admin: 0
0
+
0
+admin:
0
+  id: 2
0
+  login: admin
0
+  email: hai@ohai.com
0
+  admin: 1

0
@@ -1 +1,18 @@
0
+require File.dirname(__FILE__) + '/../spec_helper'
0
+
0
+describe PagesHelper do
0
+  
0
+  it "has the right amount of greediness on parsing wiki links" do
0
+    self.stub!(:wiki_link).and_return "MONKEYS"
0
+    wikified_body("hello[[there]]whats[[up]]").should == "<p>helloMONKEYSwhatsMONKEYS</p>"
0
+    wikified_body("hello[[there|hai]]whats[[up|doc]]").should == "<p>helloMONKEYSwhatsMONKEYS</p>"
0
+  end
0
+  
0
+  it "parses wiki links" do
0
+    self.should_receive(:wiki_link).with("up",    nil).and_return("MONKEYS")
0
+    self.should_receive(:wiki_link).with("there", "hai").and_return("MONKEYS")
0
+    wikified_body("hello[[there|hai]]whats[[up]]").should == "<p>helloMONKEYSwhatsMONKEYS</p>"
0
+  end
0
+  
0
+end

0
@@ -46,17 +46,24 @@
0
   fixtures :sites
0
   
0
   before do
0
-    @page1 = Page.create! :title => "outbound", :permalink => "outbound", :body => "empty", :site_id => 1
0
+    @page1 = Page.create! :title => "outbound", :permalink => "outbound", :body => "empty", :site_id => sites(:first).id
0
   end
0
   
0
-  it "edit a locked page" do
0
+  it "edits a locked page" do
0
     @page1.lock
0
     @page1.body = "Blah blah"
0
     @page1.save
0
     @page1.should_not be_valid
0
   end
0
   
0
-  it "edit a previous locked but now unlocked page" do
0
+  it "sets locked correctly" do
0
+    @page1.lock
0
+    @page1.should be_locked
0
+    @page1.unlock
0
+    @page1.should_not be_locked
0
+  end
0
+  
0
+  it "edits a previous locked but now unlocked page" do
0
     @page1.lock
0
     @page1.unlock
0
     @page1.body = "Blah blah"