Permalink
Browse files

Add Pro/Demote to admin buttons in Settings->Users, closes #1002

  • Loading branch information...
1 parent 2d013b3 commit fcb836b99c60970326dc7541b9c70449cc7dd29b @ginatrapani ginatrapani committed Nov 3, 2011
@@ -349,13 +349,13 @@ public function testAccountStatus() {
public function testSetOwnerActive() {
$builders_array = array();
- # build our data
+ // build our data
$builders_array[] = FixtureBuilder::build('owners', array('full_name'=>'ThinkUp J. User',
'email'=>'ttuser2@example.com', 'is_activated'=>0));
$builders_array[] = FixtureBuilder::build('owners', array('full_name'=>'ThinkUp J. User',
'email'=>'ttuser3@example.com', 'is_activated'=>1));
- # init our dao
+ // init our dao
$dao = new OwnerMySQLDAO();
// flip form false to true
@@ -385,6 +385,44 @@ public function testSetOwnerActive() {
$this->assertFalse($owner->is_activated);
}
+ public function testSetOwnerAdmin() {
+ $builders_array = array();
+ // build our data
+ $builders_array[] = FixtureBuilder::build('owners', array('full_name'=>'ThinkUp J. User',
+ 'email'=>'ttuser2@example.com', 'is_activated'=>0, 'is_admin'=>0));
+
+ $builders_array[] = FixtureBuilder::build('owners', array('full_name'=>'ThinkUp J. User',
+ 'email'=>'ttuser3@example.com', 'is_activated'=>1, 'is_admin'=>1));
+ // init our dao
+ $dao = new OwnerMySQLDAO();
+
+ // flip form false to true
+ $test_owners_records = $builders_array[0]->columns;
+ $id = $test_owners_records['last_insert_id'];
+ $this->assertTrue($dao->setOwnerAdmin($id, 1));
+ $owner = $this->DAO->getByEmail('ttuser2@example.com');
+ //new status
+ $this->assertTrue($owner->is_admin);
+
+ // already true
+ $test_owners_records = $builders_array[1]->columns;
+ $id = $test_owners_records['last_insert_id'];
+ // nothing updated, so false
+ $this->assertFalse($dao->setOwnerAdmin($id, 1));
+ $owner = $this->DAO->getByEmail('ttuser3@example.com');
+ //new status
+ $this->assertTrue($owner->is_admin);
+
+ // flip to false
+ $test_owners_records = $builders_array[0]->columns;
+ $id = $test_owners_records['last_insert_id'];
+ $this->assertTrue($dao->setOwnerAdmin($id, 0));
+
+ $owner = $this->DAO->getByEmail('ttuser2@example.com');
+ //new status
+ $this->assertFalse($owner->is_admin);
+ }
+
public function testIsOwnerAuthorized(){
// Check a correct unique salted password
$this->assertTrue($this->DAO->isOwnerAuthorized('salteduser@example.com', 'pwd3'),
@@ -0,0 +1,115 @@
+<?php
+/**
+ *
+ * ThinkUp/tests/TestOfToggleOwnerAdminController.php
+ *
+ * Copyright (c) 2011 Gina Trapani
+ *
+ * LICENSE:
+ *
+ * This file is part of ThinkUp (http://thinkupapp.com).
+ *
+ * ThinkUp is free software: you can redistribute it and/or modify it under the terms of the GNU General Public
+ * License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any
+ * later version.
+ *
+ * ThinkUp is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU General Public License along with ThinkUp. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ *
+ * @author Gina Trapani <ginatrapani[at]gmail[dot]com>
+ * @license http://www.gnu.org/licenses/gpl.html
+ * @copyright 2011 Gina Trapani
+ */
+require_once dirname(__FILE__).'/init.tests.php';
+require_once THINKUP_ROOT_PATH.'webapp/_lib/extlib/simpletest/autorun.php';
+require_once THINKUP_ROOT_PATH.'webapp/config.inc.php';
+
+class TestOfToggleOwnerAdminController extends ThinkUpUnitTestCase {
+
+ public function setUp() {
+ parent::setUp();
+ }
+
+ public function tearDown() {
+ parent::tearDown();
+ }
+
+ public function testConstructor() {
+ $controller = new ToggleOwnerAdminController(true);
+ $this->assertTrue(isset($controller));
+ }
+
+ public function testNotLoggedIn() {
+ $controller = new ToggleOwnerAdminController(true);
+ $results = $controller->go();
+ $v_mgr = $controller->getViewManager();
+ $config = Config::getInstance();
+ $this->assertEqual('You must <a href="'.$config->getValue('site_root_path').
+ 'session/login.php">log in</a> to do this.', $v_mgr->getTemplateDataItem('error_msg'));
+ }
+
+ public function testNotAnAdmin() {
+ $this->simulateLogin('me@example.com');
+ $controller = new ToggleOwnerAdminController(true);
+ $results = $controller->go();
+
+ $v_mgr = $controller->getViewManager();
+ $config = Config::getInstance();
+ $this->assertEqual('You must be a ThinkUp admin to do this', $v_mgr->getTemplateDataItem('error_msg'));
+ }
+
+ public function testMissingOwnerIdParam() {
+ $this->simulateLogin('me@example.com', true);
+ $_GET['a'] = 1;
+ $controller = new ToggleOwnerAdminController(true);
+ $results = $controller->go();
+ $this->assertEqual($results, 'Missing required parameters.', $results);
+ }
+
+ public function testMissingAdminParam() {
+ $this->simulateLogin('me@example.com', true);
+ $_GET['oid'] = 1;
+ $controller = new ToggleOwnerAdminController(true);
+ $results = $controller->go();
+ $this->assertEqual($results, 'Missing required parameters.', $results);
+ }
+
+ public function testBothParamsNonExistentInstance() {
+ $this->simulateLogin('me@example.com', true);
+ $_GET['oid'] = 1;
+ $_GET['a'] = 1;
+ $controller = new ToggleOwnerAdminController(true);
+ $results = $controller->go();
+ $this->assertEqual($results, 0, $results);
+ }
+
+ public function testBothParamsExistentInstanceNoCSRFToken() {
+ $builder = FixtureBuilder::build('owners', array('id'=>51, 'email'=>'me123@example.com', 'is_active'=>0));
+ $this->simulateLogin('me@example.com', true, true);
+ $_GET['oid'] = '51';
+ $_GET['a'] = '1';
+ $controller = new ToggleOwnerAdminController(true);
+ try {
+ $results = $controller->control();
+ $this->fail("should throw InvalidCSRFTokenException");
+ } catch(InvalidCSRFTokenException $e) {
+ $this->assertIsA($e, 'InvalidCSRFTokenException');
+ }
+ }
+
+ public function testBothParamsExistentInstance() {
+ $builder = FixtureBuilder::build('owners', array('id'=>51, 'email'=>'me123@example.com', 'is_active'=>0));
+ $this->simulateLogin('me@example.com', true, true);
+ $_GET['csrf_token'] = parent::CSRF_TOKEN;
+ $_GET['oid'] = '51';
+ $_GET['a'] = '1';
+ $controller = new ToggleOwnerAdminController(true);
+ $results = $controller->go();
+ $this->assertEqual($results, 1);
+ }
+}
@@ -57,6 +57,7 @@
$controller_test->add(new TestOfTestAdminController());
$controller_test->add(new TestOfToggleActiveInstanceController());
$controller_test->add(new TestOfToggleActiveOwnerController());
+$controller_test->add(new TestOfToggleOwnerAdminController());
$controller_test->add(new TestOfToggleActivePluginController());
$controller_test->add(new TestOfTogglePublicInstanceController());
$controller_test->add(new TestOfUserController());
@@ -0,0 +1,63 @@
+<?php
+/**
+ *
+ * ThinkUp/webapp/_lib/controller/class.ToggleOwnerAdminController.php
+ *
+ * Copyright (c) 2011 Gina Trapani
+ *
+ * LICENSE:
+ *
+ * This file is part of ThinkUp (http://thinkupapp.com).
+ *
+ * ThinkUp is free software: you can redistribute it and/or modify it under the terms of the GNU General Public
+ * License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any
+ * later version.
+ *
+ * ThinkUp is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU General Public License along with ThinkUp. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * Toggle Owner Admin Controller
+ * Promote or demote an owner from/to admin status.
+ *
+ * @license http://www.gnu.org/licenses/gpl.html
+ * @copyright 2011 Gina Trapani
+ * @author Gina Trapani <ginatrapani[at]gmail[dot]com>
+ */
+class ToggleOwnerAdminController extends ThinkUpAdminController {
+ /**
+ * Required query string parameters
+ * @var array oid = owner ID, a = 1 or 0, active or inactive
+ */
+ var $REQUIRED_PARAMS = array('oid', 'a');
+ /**
+ *
+ * @var boolean
+ */
+ var $is_missing_param = false;
+
+ public function __construct($session_started=false) {
+ parent::__construct($session_started);
+ $this->setViewTemplate('session.toggle.tpl');
+ foreach ($this->REQUIRED_PARAMS as $param) {
+ if (!isset($_GET[$param]) || $_GET[$param] == '' ) {
+ $this->addInfoMessage('Missing required parameters.');
+ $this->is_missing_param = true;
+ }
+ }
+ }
+
+ public function adminControl(){
+ if (!$this->is_missing_param) {
+ // verify CSRF token
+ $this->validateCSRFToken();
+ $is_admin = ($_GET["a"] != 1)?false:true;
+ $owner_dao = DAOFactory::getDAO('OwnerDAO');
+ $this->addToView('result', $owner_dao->setOwnerAdmin($_GET["oid"], $is_admin));
+ }
+ return $this->generateView();
+ }
+}
@@ -304,6 +304,15 @@ public function setOwnerActive($id, $is_activated) {
return $this->getUpdateCount($stmt);
}
+ public function setOwnerAdmin($id, $is_admin) {
+ $q = "UPDATE #prefix#owners
+ SET is_admin=:is_admin
+ WHERE id=:id";
+ if ($this->profiler_enabled) Profiler::setDAOMethod(__METHOD__);
+ $stmt = $this->execute($q, array(':is_admin' => $is_admin, ':id' => $id));
+ return $this->getUpdateCount($stmt);
+ }
+
public function resetAPIKey($id) {
$q = "UPDATE #prefix#owners SET api_key=:api_key WHERE id=:id";
if ($this->profiler_enabled) Profiler::setDAOMethod(__METHOD__);
@@ -190,6 +190,15 @@ public function clearAccountStatus($email);
public function setOwnerActive($id, $is_activated);
/**
+ * Sets an owner's admin status.
+ *
+ * @param str $owner_id
+ * @param int $is_admin Active = 1, Inactive=0.
+ * @return int number of updated rows.
+ */
+ public function setOwnerAdmin($id, $is_admin);
+
+ /**
* Generates and sets a new API key.
*
* @param str $owner_id
Oops, something went wrong.

0 comments on commit fcb836b

Please sign in to comment.