Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Fix #151

Raise NotFound error, if the specified id has no instance.
  • Loading branch information...
commit 5d4a7463cc8fa7f6f5a826544886d57aaa14ac3a 1 parent a963d60
tomykaira tomykaira authored
37 lib/lokka/app/admin.rb
@@ -70,12 +70,12 @@ class App
70 70 end
71 71
72 72 get '/admin/comments/:id/edit' do |id|
73   - @comment = Comment.get(id)
  73 + @comment = Comment.get(id) or raise Sinatra::NotFound
74 74 render_any :'comments/edit'
75 75 end
76 76
77 77 put '/admin/comments/:id' do |id|
78   - @comment = Comment.get(id)
  78 + @comment = Comment.get(id) or raise Sinatra::NotFound
79 79 if @comment.update(params['comment'])
80 80 flash[:notice] = t('comment_was_successfully_updated')
81 81 redirect '/admin/comments'
@@ -91,7 +91,8 @@ class App
91 91 end
92 92
93 93 delete '/admin/comments/:id' do |id|
94   - Comment.get(id).destroy
  94 + comment = Comment.get(id) or raise Sinatra::NotFound
  95 + comment.destroy
95 96 flash[:notice] = t('comment_was_successfully_deleted')
96 97 redirect '/admin/comments'
97 98 end
@@ -120,12 +121,12 @@ class App
120 121 end
121 122
122 123 get '/admin/categories/:id/edit' do |id|
123   - @category = Category.get(id)
  124 + @category = Category.get(id) or raise Sinatra::NotFound
124 125 render_any :'categories/edit'
125 126 end
126 127
127 128 put '/admin/categories/:id' do |id|
128   - @category = Category.get(id)
  129 + @category = Category.get(id) or raise Sinatra::NotFound
129 130 if @category.update(params['category'])
130 131 flash[:notice] = t('category_was_successfully_updated')
131 132 redirect '/admin/categories'
@@ -135,7 +136,8 @@ class App
135 136 end
136 137
137 138 delete '/admin/categories/:id' do |id|
138   - Category.get(id).destroy
  139 + category = Category.get(id) or raise Sinatra::NotFound
  140 + category.destroy
139 141 flash[:notice] = t('category_was_successfully_deleted')
140 142 redirect '/admin/categories'
141 143 end
@@ -148,12 +150,12 @@ class App
148 150 end
149 151
150 152 get '/admin/tags/:id/edit' do |id|
151   - @tag = Tag.get(id)
  153 + @tag = Tag.get(id) or raise Sinatra::NotFound
152 154 render_any :'tags/edit'
153 155 end
154 156
155 157 put '/admin/tags/:id' do |id|
156   - @tag = Tag.get(id)
  158 + @tag = Tag.get(id) or raise Sinatra::NotFound
157 159 if @tag.update(params['tag'])
158 160 flash[:notice] = t('tag_was_successfully_updated')
159 161 redirect '/admin/tags'
@@ -163,7 +165,8 @@ class App
163 165 end
164 166
165 167 delete '/admin/tags/:id' do |id|
166   - Tag.get(id).destroy
  168 + tag = Tag.get(id) or raise Sinatra::NotFound
  169 + tag.destroy
167 170 flash[:notice] = t('tag_was_successfully_deleted')
168 171 redirect '/admin/tags'
169 172 end
@@ -191,12 +194,12 @@ class App
191 194 end
192 195
193 196 get '/admin/users/:id/edit' do |id|
194   - @user = User.get(id)
  197 + @user = User.get(id) or raise Sinatra::NotFound
195 198 render_any :'users/edit'
196 199 end
197 200
198 201 put '/admin/users/:id' do |id|
199   - @user = User.get(id)
  202 + @user = User.get(id) or raise Sinatra::NotFound
200 203 if @user.update(params['user'])
201 204 flash[:notice] = t('user_was_successfully_updated')
202 205 redirect '/admin/users'
@@ -206,7 +209,7 @@ class App
206 209 end
207 210
208 211 delete '/admin/users/:id' do |id|
209   - target_user = User.get(id)
  212 + target_user = User.get(id) or raise Sinatra::NotFound
210 213 if current_user == target_user
211 214 flash[:alert] = 'Can not delete your self.'
212 215 else
@@ -241,12 +244,12 @@ class App
241 244 end
242 245
243 246 get '/admin/snippets/:id/edit' do |id|
244   - @snippet = Snippet.get(id)
  247 + @snippet = Snippet.get(id) or raise Sinatra::NotFound
245 248 render_any :'snippets/edit'
246 249 end
247 250
248 251 put '/admin/snippets/:id' do |id|
249   - @snippet = Snippet.get(id)
  252 + @snippet = Snippet.get(id) or raise Sinatra::NotFound
250 253 if @snippet.update(params['snippet'])
251 254 flash[:notice] = t('snippet_was_successfully_updated')
252 255 redirect '/admin/snippets'
@@ -256,7 +259,8 @@ class App
256 259 end
257 260
258 261 delete '/admin/snippets/:id' do |id|
259   - Snippet.get(id).destroy
  262 + snippet = Snippet.get(id) or raise Sinatra::NotFound
  263 + snippet.destroy
260 264 flash[:notice] = t('snippet_was_successfully_deleted')
261 265 redirect '/admin/snippets'
262 266 end
@@ -389,7 +393,8 @@ class App
389 393 end
390 394
391 395 delete '/admin/field_names/:id' do |id|
392   - FieldName.get(id).destroy
  396 + field_name = FieldName.get(id) or raise Sinatra::NotFound
  397 + field_name.destroy
393 398 flash[:notice] = t('field_name_was_successfully_deleted')
394 399 redirect '/admin/field_names'
395 400 end
6 lib/lokka/helpers.rb
@@ -222,7 +222,7 @@ def get_admin_entry_new(entry_class)
222 222
223 223 def get_admin_entry_edit(entry_class, id)
224 224 @name = entry_class.name.downcase
225   - @entry = entry_class.get(id)
  225 + @entry = entry_class.get(id) or raise Sinatra::NotFound
226 226 @categories = Category.all.map {|c| [c.id, c.title] }.unshift([nil, t('not_select')])
227 227 @field_names = FieldName.all(:order => :name.asc)
228 228 render_any :'entries/edit'
@@ -248,7 +248,7 @@ def post_admin_entry(entry_class)
248 248
249 249 def put_admin_entry(entry_class, id)
250 250 @name = entry_class.name.downcase
251   - @entry = entry_class.get(id)
  251 + @entry = entry_class.get(id) or raise Sinatra::NotFound
252 252 if params['preview']
253 253 render_preview entry_class.new(params[@name])
254 254 else
@@ -265,7 +265,7 @@ def put_admin_entry(entry_class, id)
265 265
266 266 def delete_admin_entry(entry_class, id)
267 267 name = entry_class.name.downcase
268   - entry = entry_class.get(id)
  268 + entry = entry_class.get(id) or raise Sinatra::NotFound
269 269 entry.destroy
270 270 flash[:notice] = t("#{name}_was_successfully_deleted")
271 271 if entry.draft
19 spec/integration/admin/categories_spec.rb
@@ -54,4 +54,23 @@
54 54 Category(@category.id).should be_nil
55 55 end
56 56 end
  57 +
  58 + context 'when the category does not exist' do
  59 + before { Category.destroy }
  60 +
  61 + context 'GET' do
  62 + before { get '/admin/categories/9999/edit' }
  63 + it_behaves_like 'a not found page'
  64 + end
  65 +
  66 + context 'PUT' do
  67 + before { put '/admin/categories/9999' }
  68 + it_behaves_like 'a not found page'
  69 + end
  70 +
  71 + context 'DELETE' do
  72 + before { delete '/admin/categories/9999' }
  73 + it_behaves_like 'a not found page'
  74 + end
  75 + end
57 76 end
19 spec/integration/admin/comments_spec.rb
@@ -70,4 +70,23 @@
70 70 Comment.spam.size.should == 0
71 71 end
72 72 end
  73 +
  74 + context 'when the comment does not exist' do
  75 + before { Comment.destroy }
  76 +
  77 + context 'GET' do
  78 + before { get '/admin/comments/9999/edit' }
  79 + it_behaves_like 'a not found page'
  80 + end
  81 +
  82 + context 'PUT' do
  83 + before { put '/admin/comments/9999' }
  84 + it_behaves_like 'a not found page'
  85 + end
  86 +
  87 + context 'DELETE' do
  88 + before { delete '/admin/comments/9999' }
  89 + it_behaves_like 'a not found page'
  90 + end
  91 + end
73 92 end
9 spec/integration/admin/field_names_spec.rb
@@ -37,4 +37,13 @@
37 37 FieldName.get(@field_name.id).should be_nil
38 38 end
39 39 end
  40 +
  41 + context 'when the field name does not exist' do
  42 + before { FieldName.destroy }
  43 +
  44 + context 'DELETE' do
  45 + before { delete '/admin/field_names/9999' }
  46 + it_behaves_like 'a not found page'
  47 + end
  48 + end
40 49 end
19 spec/integration/admin/pages_spec.rb
@@ -65,4 +65,23 @@
65 65 Page(@page.id).should be_nil
66 66 end
67 67 end
  68 +
  69 + context 'when the page does not exist' do
  70 + before { Page.destroy }
  71 +
  72 + context 'GET' do
  73 + before { get '/admin/pages/9999/edit' }
  74 + it_behaves_like 'a not found page'
  75 + end
  76 +
  77 + context 'PUT' do
  78 + before { put '/admin/pages/9999' }
  79 + it_behaves_like 'a not found page'
  80 + end
  81 +
  82 + context 'DELETE' do
  83 + before { delete '/admin/pages/9999' }
  84 + it_behaves_like 'a not found page'
  85 + end
  86 + end
68 87 end
19 spec/integration/admin/posts_spec.rb
@@ -65,4 +65,23 @@
65 65 Post(@post.id).should be_nil
66 66 end
67 67 end
  68 +
  69 + context 'when the post does not exist' do
  70 + before { Post.destroy }
  71 +
  72 + context 'GET' do
  73 + before { get '/admin/posts/9999/edit' }
  74 + it_behaves_like 'a not found page'
  75 + end
  76 +
  77 + context 'PUT' do
  78 + before { put '/admin/posts/9999' }
  79 + it_behaves_like 'a not found page'
  80 + end
  81 +
  82 + context 'DELETE' do
  83 + before { delete '/admin/posts/9999' }
  84 + it_behaves_like 'a not found page'
  85 + end
  86 + end
68 87 end
19 spec/integration/admin/snippets_spec.rb
@@ -52,4 +52,23 @@
52 52 Snippet.get(@snippet.id).should be_nil
53 53 end
54 54 end
  55 +
  56 + context 'when the snippet does not exist' do
  57 + before { Snippet.destroy }
  58 +
  59 + context 'GET' do
  60 + before { get '/admin/snippets/9999/edit' }
  61 + it_behaves_like 'a not found page'
  62 + end
  63 +
  64 + context 'PUT' do
  65 + before { put '/admin/snippets/9999' }
  66 + it_behaves_like 'a not found page'
  67 + end
  68 +
  69 + context 'DELETE' do
  70 + before { delete '/admin/snippets/9999' }
  71 + it_behaves_like 'a not found page'
  72 + end
  73 + end
55 74 end
6 spec/integration/admin/spec_helper.rb
@@ -11,3 +11,9 @@
11 11
12 12 after { User.destroy }
13 13 end
  14 +
  15 +shared_examples_for 'a not found page' do
  16 + it 'should return 404' do
  17 + last_response.status.should == 404
  18 + end
  19 +end
19 spec/integration/admin/tags_spec.rb
@@ -35,4 +35,23 @@
35 35 Tag.get(@tag.id).should be_nil
36 36 end
37 37 end
  38 +
  39 + context 'when the tag does not exist' do
  40 + before { Tag.destroy }
  41 +
  42 + context 'GET' do
  43 + before { get '/admin/tags/9999/edit' }
  44 + it_behaves_like 'a not found page'
  45 + end
  46 +
  47 + context 'PUT' do
  48 + before { put '/admin/tags/9999' }
  49 + it_behaves_like 'a not found page'
  50 + end
  51 +
  52 + context 'DELETE' do
  53 + before { delete '/admin/tags/9999' }
  54 + it_behaves_like 'a not found page'
  55 + end
  56 + end
38 57 end
19 spec/integration/admin/users_spec.rb
@@ -73,4 +73,23 @@
73 73 User.get(@user.id).should_not be_nil
74 74 end
75 75 end
  76 +
  77 + context 'when the user does not exist' do
  78 + before { User.destroy }
  79 +
  80 + context 'GET' do
  81 + before { get '/admin/users/9999/edit' }
  82 + it_behaves_like 'a not found page'
  83 + end
  84 +
  85 + context 'PUT' do
  86 + before { put '/admin/users/9999' }
  87 + it_behaves_like 'a not found page'
  88 + end
  89 +
  90 + context 'DELETE' do
  91 + before { delete '/admin/users/9999' }
  92 + it_behaves_like 'a not found page'
  93 + end
  94 + end
76 95 end

0 comments on commit 5d4a746

Please sign in to comment.
Something went wrong with that request. Please try again.