@@ -1,5 +1,6 @@ class MessagesController < ApplicationController before_filter :login_required + before_filter :can_read_messages? before_filter :store_location, :only => [:index, :sent] # Show messages for the currently logged in user. @@ -63,4 +64,12 @@ class MessagesController < ApplicationController def sent @messages = current_user.outbox_messages end + + private + def can_read_messages? + if !current_user.can?(:read_messages) + flash[:notice] = t(:you_are_not_allowed_to_read_messages) + redirect_to root_path + end + end end app/controllers/messages_controller.rb @@ -41,7 +41,7 @@ class Post < ActiveRecord::Base end def stop_spam - if (!user.posts.last.nil? && user.posts.last.created_at > Time.now - TIME_BETWEEN_POSTS) || !user.can?(:ignore_flood_limit) + if (!user.posts.last.nil? && user.posts.last.created_at > Time.now - TIME_BETWEEN_POSTS) && !user.can?(:ignore_flood_limit) errors.add_to_base("You can only post once every #{distance_of_time_in_words(Time.now, Time.now - TIME_BETWEEN_POSTS)}") and return false end end app/models/post.rb @@ -1,8 +1,9 @@ class ThemesLoader def initialize - if Theme.count != Dir.entries(THEMES_DIRECTORY).size + themes = Dir.entries(THEMES_DIRECTORY).reject { |theme| theme =~ /^\./ } + if Theme.count != themes.size Theme.delete_all - (Dir.entries(THEMES_DIRECTORY).delete_if { |e| /^\./.match(e) || !File.directory?(File.join(THEMES_DIRECTORY, e))}).each { |theme| Theme.create(:name => theme) } + (themes.delete_if { |e| /^\./.match(e) || !File.directory?(File.join(THEMES_DIRECTORY, e))}).each { |theme| Theme.create(:name => theme) } end end end \ No newline at end of file lib/themes_loader.rb @@ -10,6 +10,8 @@ describe ForumsController do @forums = [@forum] @test_category = categories(:test) @admin_category = categories(:admins_only) + @everybody = forums(:everybody) + @admins_only = forums(:admins_only) end describe "plebian" do @@ -22,6 +24,7 @@ describe ForumsController do Forum.should_receive(:without_category).and_return(@forums) @forums.should_receive(:without_parent).and_return(@forums) get 'index' + response.should render_template("index") end it "should show a list of forums inside a specific category" do @@ -29,6 +32,7 @@ describe ForumsController do @category.should_receive(:forums).and_return(@forums) @forums.should_receive(:without_parent).and_return(@forums) get 'index', :category_id => @test_category.id + response.should render_template("index") end it "should not be able to see anything inside a restricted category" do @@ -37,6 +41,49 @@ describe ForumsController do response.should redirect_to(root_path) end + it "should be able to see the everybody forum" do + get 'show', :id => @everybody.id + response.should render_template("show") + end + + it "should not be able to see the admins only forum" do + get 'show', :id => @admins_only.id + flash[:notice].should eql(t(:forum_permission_denied)) + response.should redirect_to(forums_path) + end + + end + + describe "admin" do + before do + login_as(:administrator) + end + + it "should be able to see the everybody forum" do + get 'show', :id => @everybody.id + response.should render_template("show") + end + + it "should be able to see the admins only forum" do + get 'show', :id => @admins_only.id + response.should render_template("show") + end + + it "should be able to see forums for the test category" do + Category.should_receive(:find).and_return(@category) + @category.should_receive(:forums).and_return(@forums) + @forums.should_receive(:without_parent).and_return(@forums) + get 'index', :category_id => @test_category.id + response.should render_template("index") + end + + it "should be able to see the forums for the admin category" do + Category.should_receive(:find).and_return(@category) + @category.should_receive(:forums).and_return(@forums) + @forums.should_receive(:without_parent).and_return(@forums) + get 'index', :category_id => @admin_category.id + response.should render_template("index") + end end end spec/controllers/forums_controller_spec.rb efe82b82c636889bcd8f974ab526a319633decbb Ryan Bigg radarlistener@gmail.com http://github.com/radar/rboard/commit/94021bad4d4beb1e3d069c4f9efcdca800bdfaaa 94021bad4d4beb1e3d069c4f9efcdca800bdfaaa 2009-04-03T20:27:10-07:00 2009-04-03T20:26:08-07:00 Fix themes loader and specs 089e2cefb9c9a162e7cabfaa9df27ba0bb940f40 Ryan Bigg radarlistener@gmail.com