spec/controllers/pages_controller_spec.rb spec/fixtures/page_versions.yml spec/fixtures/pages.yml spec/fixtures/users.yml spec/helpers/pages_helper_spec.rb @@ -15,4 +15,8 @@ class ApplicationController < ActionController::Base @site ||= Site.find(:first) end + def require_admin + redirect_to(page_path('home')) unless logged_in? && current_user.admin? + end + end app/controllers/application.rb @@ -5,7 +5,7 @@ class FlagsController < ApplicationController before_filter :admin_required, :only => :index protected def admin_required - raise AccessDenied unless current_user.admin? + redirect_to new_session_path unless current_user.admin? end public @@ -13,7 +13,7 @@ public # collection methods def create - flag = current_user.flags.create! params[:flag] + flag = current_user.flags.create!(params[:flag]) flash[:notice] = if flag.new_record? "You already flagged this content!" else # success app/controllers/flags_controller.rb @@ -1,5 +1,6 @@ class PagesController < ApplicationController - before_filter :require_login, :except => [:index, :show, :revision] + before_filter :require_login, :except => [:index, :show, :revision, :search] + before_filter :require_admin, :only => [:lock] before_filter :check_private, :only => [:show, :revision] caches_page :show cache_sweeper :page_sweeper, :only => [:create, :update] app/controllers/pages_controller.rb @@ -2,8 +2,8 @@ module PagesHelper def wikified_body(body) r = RedCloth.new(body) - r.gsub!(/\[\[(.*)(\|(.*))?\]\]/) {wiki_link(*$1.split("|")[0..1])} - r.to_html + r.gsub!(/\[\[(.*?)(\|(.*?))?\]\]/) { wiki_link($1, $3) } + sanitize r.to_html end def wiki_link(wiki_words, link_text = nil) @@ -20,10 +20,14 @@ module PagesHelper end def body_input(f) + text_input(f, 'body') + end + + def text_input(f, attr) if site.disable_teh - f.text_area :body + f.text_area attr.to_sym else - textile_editor 'page', 'body' + textile_editor 'page', attr end end app/helpers/pages_helper.rb @@ -89,7 +89,11 @@ class Page < ActiveRecord::Base end def locked? - locked_at.nil? or locked_at > Time.now + if locked_at.nil? + return false + else + locked_at < Time.now + end end def unlock app/models/page.rb @@ -15,7 +15,7 @@ <tbody> <% @flags.each do |flag| %> <tr class="<%= cycle('alternate','') %>"> - <td><%=h flag.created_at.to_s :short %></td> + <td><%=h flag.created_at.to_s(:short) %></td> <td><%=h flag.user.login %> (<%=h flag.user.flags.size %>)</td> <td><%= link_to h('%s %i' % [flag.flaggable_type, flag.flaggable_id]), flag.flaggable %></td> <td><%= flag.owner ? (link_to h(flag.owner.login), flag.owner) : "Anonymous" %></td> app/views/flags/index.html.erb @@ -5,7 +5,7 @@ <p> <label for="body">Body</label><br /> - <%= body_input(f) %> + <%= body_input(f) %> </p> <p> app/views/pages/_form.html.erb @@ -10,7 +10,7 @@ <ul class="meta_info"> <li><%= link_to('View previous revision', revision_page_url(:id => @page.permalink, :version => (@page.previous.version))) if @page.previous %></li> <li><%= link_to('View next revision', revision_page_url(:id => @page.permalink, :version => (@page.next.version))) if @page.next %></li> - <li><%= link_to "Rollback to this revision", rollback_page_url(:id => @page.permalink, :version => (@page.version)) unless current_revision(@page.page_id, @page.version) || (Page.find(@page.page_id).locked? && !current_user.admin?) %></li> + <li><%= link_to "Rollback to this revision", rollback_page_url(:id => @page.permalink, :version => (@page.version)) unless current_revision(@page.page_id, @page.version) || (Page.find(@page.page_id).locked? && (logged_in? && !current_user.admin?)) %></li> <%# FIXME Clean up this revision link logic %> <li><%= link_to 'Return to current revision', wiki_page_url(@page.permalink) %></li> </ul> app/views/pages/revision.html.erb @@ -0,0 +1,75 @@ +require File.dirname(__FILE__) + "/../spec_helper" + +describe FlagsController, "a user not logged in" do + fixtures :sites, :users, :pages + integrate_views + + before do + controller.stub!(:logged_in?).and_return false + controller.stub!(:current_user).and_return :false + end + + it "does not render 'index'" do + get :index + response.should redirect_to('session/new') + end + + it 'can not flag something' do + post :create, :flag => { :flaggable_type => 'Page', :flaggable_id => 1, :reason => 'outdated' } + response.should redirect_to('session/new') + end +end + +describe FlagsController, "a user logged in as normal user" do + fixtures :sites, :pages, :page_versions, :users + integrate_views + + before do + # Mocking this was a bitch. + @user = users(:jeremy) + + controller.stub!(:require_login) + controller.stub!(:logged_in?).and_return true + controller.stub!(:current_user).and_return @user + end + + it "does not render 'index'" do + get :index + response.should redirect_to('session/new') + end + + it 'can flag something' do + lambda { + post :create, :flag => { :flaggable_type => 'Page', :flaggable_id => 1, :reason => 'outdated', :user_id => @user.id } + response.should redirect_to('pages/hai') + }.should change(Flag, :count).by(1) + end +end + + +describe FlagsController, "a user logged in as admin" do + fixtures :sites, :pages, :page_versions, :users + integrate_views + + before do + @user = users(:admin) + controller.stub!(:require_login) + controller.stub!(:logged_in?).and_return true + controller.stub!(:current_user).and_return @user + end + + it "renders 'index'" do + get :index + response.should be_success + response.should render_template("index") + end + + it 'can flag something' do + lambda { + post :create, :flag => { :flaggable_type => 'Page', :flaggable_id => 1, :reason => 'outdated', :user_id => @user.id } + response.should redirect_to('pages/hai') + }.should change(Flag, :count).by(1) + end + +end + spec/controllers/flags_controller_spec.rb @@ -2,5 +2,6 @@ first: id: 1 title: RoR + require_login_to_post: 1 created_at: 2008-03-15 10:28:00 updated_at: 2008-03-15 10:28:00 spec/fixtures/sites.yml @@ -46,17 +46,24 @@ describe Page, "locking pages" do fixtures :sites before do - @page1 = Page.create! :title => "outbound", :permalink => "outbound", :body => "empty", :site_id => 1 + @page1 = Page.create! :title => "outbound", :permalink => "outbound", :body => "empty", :site_id => sites(:first).id end - it "edit a locked page" do + it "edits a locked page" do @page1.lock @page1.body = "Blah blah" @page1.save @page1.should_not be_valid end - it "edit a previous locked but now unlocked page" do + it "sets locked correctly" do + @page1.lock + @page1.should be_locked + @page1.unlock + @page1.should_not be_locked + end + + it "edits a previous locked but now unlocked page" do @page1.lock @page1.unlock @page1.body = "Blah blah" spec/models/page_spec.rb ef22344ab94f249f9318c5e5bf5d93e436364d38 Josh Owens joshua.owens@gmail.com http://github.com/queso/signal-wiki/commit/97e1874d38dc94079b9205b3cba0b341b3085fc5 97e1874d38dc94079b9205b3cba0b341b3085fc5 2008-04-16T23:51:16-07:00 2008-04-16T23:51:16-07:00 Adding the patches from ENTP. Also fixed some bad page locking logic and tests. 2acd64707634af291fae9a4b9e198c65760ec840 Josh Owens joshua.owens@gmail.com