[webui][api] edit and delete both route through different methods now.

openSUSE · Aug 19, 2013 · b6d28dc · b6d28dc
1 parent ce30ce0
commit b6d28dc
Show file tree

Hide file tree

Showing 18 changed files with 140 additions and 63 deletions.
diff --git a/src/api/app/controllers/webui/comments_controller.rb b/src/api/app/controllers/webui/comments_controller.rb
@@ -37,18 +37,35 @@ def requests_new
 		render_ok
 	end
 
-	def projects_update
-		CommentProject.update_comment(params)
+	def projects_edit
+		CommentProject.edit_comment(params)
 		render_ok
 	end
 
-	def packages_update
-		CommentPackage.update_comment(params)
+	def packages_edit
+		CommentPackage.edit_comment(params)
 		render_ok
 	end
 
-	def requests_update
-		CommentRequest.update_comment(params)
+	def requests_edit
+		CommentRequest.edit_comment(params)
 		render_ok
 	end
+
+	def projects_delete
+		CommentProject.delete_comment(params)
+		render_ok
+	end
+
+	def packages_delete
+		CommentPackage.delete_comment(params)
+		render_ok
+	end
+
+	def requests_delete
+		CommentRequest.delete_comment(params)
+		render_ok
+	end
+
+
 end
diff --git a/src/api/app/models/comment.rb b/src/api/app/models/comment.rb
@@ -29,20 +29,25 @@ def self.save(params)
     end
   end
 
-  def self.update_comment(params)
+  def self.edit_comment(params)
 
-    if params[:update_type] == 'edit' && User.current.login == params[:user]
+    if User.current.login == params[:user]
       self.update(params[:comment_id],:body => params[:body])
-    elsif params[:update_type] == 'delete' && @object_permission_check
-      self.update(params[:comment_id],:body => "Comment deleted.")
     else
       raise WritePermissionError, "You don't have the permissions to modify the content."
     end
 
-    if params[:update_type] == 'edit' && params[:body].blank?
+    if params[:body].blank?
       raise NoDataEnteredError.new "You didn't add a body to the comment." 
     end
+  end
 
+  def self.delete_comment(params)
+    if @object_permission_check
+      self.update(params[:comment_id],:body => "Comment deleted.")
+    else
+      raise WritePermissionError, "You don't have the permissions to modify the content."
+    end
   end
 
 end
diff --git a/src/api/app/models/comment_package.rb b/src/api/app/models/comment_package.rb
@@ -6,7 +6,7 @@ def self.save(params)
 		CommentPackage.create(@comment)
 	end
 
-	def self.update_comment(params)
+	def self.delete_comment(params)
 		package = Package.get_by_project_and_name(params[:project], params[:package])
 		@object_permission_check = (User.current.can_modify_package?(package) || User.current.is_admin? || User.current.login == params[:user])		
 		super

diff --git a/src/api/app/models/comment_project.rb b/src/api/app/models/comment_project.rb
@@ -7,7 +7,7 @@ def self.save(params)
 		CommentProject.create(@comment)
 	end
 
-	def self.update_comment(params)
+	def self.delete_comment(params)
 		project = Project.get_by_name(params[:project])
 		@object_permission_check = (User.current.can_modify_project?(project) || User.current.is_admin? || User.current.login == params[:user])		
 		super

diff --git a/src/api/app/models/comment_request.rb b/src/api/app/models/comment_request.rb
@@ -5,7 +5,7 @@ def self.save(params)
 		CommentRequest.create(@comment)
 	end
 
-	def self.update_comment(params)
+	def self.delete_comment(params)
 		@object_permission_check = (User.current.is_admin? || User.current.login == params[:user])		
 		super
 	end

diff --git a/src/api/config/routes.rb b/src/api/config/routes.rb
@@ -355,10 +355,13 @@
       post 'comments/package/:project/:package/new' => 'comments#packages_new', constraints: cons
       post 'comments/request/:id/new' => 'comments#requests_new', constraints: cons
 
-      put 'comments/project/:project/update' => 'comments#projects_update', constraints: cons
-      put 'comments/package/:project/:package/update' => 'comments#packages_update', constraints: cons
-      put 'comments/request/:id/update' => 'comments#requests_update', constraints: cons
+      put 'comments/project/:project/update' => 'comments#projects_edit', constraints: cons
+      put 'comments/package/:project/:package/update' => 'comments#packages_edit', constraints: cons
+      put 'comments/request/:id/update' => 'comments#requests_edit', constraints: cons
 
+      put 'comments/project/:project/delete' => 'comments#projects_delete', constraints: cons
+      put 'comments/package/:project/:package/delete' => 'comments#packages_delete', constraints: cons
+      put 'comments/request/:id/delete' => 'comments#requests_delete', constraints: cons
 
     end
 

diff --git a/src/api/test/functional/comments_controller_test.rb b/src/api/test/functional/comments_controller_test.rb
@@ -29,65 +29,65 @@ def test_update_permissions_for_comments_on_project
     reset_auth
     prepare_request_with_user "tom", "thunder"
 
-    put "/webui/comments/project/BaseDistro/update", {:comment_id => 100, :update_type => 'delete', :user => 'tom', :title => "This is a title", :body => "Comment deleted"}
+    put "/webui/comments/project/BaseDistro/update", {:comment_id => 100, :user => 'tom', :title => "This is a title", :body => "Comment deleted"}
     assert_response 200
 
     # Test to see if another user can delete a comment he/she is not associated with
     prepare_request_with_user "tom", "thunder"
 
-    put "/webui/comments/project/BaseDistro/update", {:comment_id => 100, :update_type => 'delete', :user => 'Iggy',:project => "BaseDistro", :title => "This is a title", :body => "Comment deleted"}
+    put "/webui/comments/project/BaseDistro/delete", {:comment_id => 100, :user => 'Iggy',:project => "BaseDistro", :title => "This is a title", :body => "Comment deleted"}
     assert_response 400
 
     # Test to see check permission on editing comments
 
-    put "/webui/comments/project/BaseDistro/update", {:comment_id => 100, :update_type => 'edit', :user => 'Iggy',:project => "BaseDistro", :title => "This is a title", :body => "Comment deleted"}
+    put "/webui/comments/project/BaseDistro/update", {:comment_id => 100, :user => 'Iggy',:project => "BaseDistro", :title => "This is a title", :body => "Comment deleted"}
     assert_response 400
 
-    put "/webui/comments/project/BaseDistro/update", {:comment_id => 100, :update_type => 'edit', :user => 'tom',:project => "BaseDistro", :title => "This is a title", :body => "Comment deleted"}
+    put "/webui/comments/project/BaseDistro/update", {:comment_id => 100, :user => 'tom',:project => "BaseDistro", :title => "This is a title", :body => "Comment deleted"}
     assert_response 200
   end
 
   def test_update_permissions_for_comments_on_package
     reset_auth
     prepare_request_with_user "tom", "thunder"
 
-    put "/webui/comments/package/BaseDistro/pack1/update", {:comment_id => 102, :update_type => 'delete', :user => 'tom', :title => "This is a title", :body => "Comment deleted"}
+    put "/webui/comments/package/BaseDistro/pack1/update", {:comment_id => 102, :user => 'tom', :title => "This is a title", :body => "Comment deleted"}
     assert_response 200
 
     # Test to see if another user can delete a comment he/she is not associated with
     prepare_request_with_user "tom", "thunder"
 
-    put "/webui/comments/package/BaseDistro/pack1/update", {:comment_id => 102, :update_type => 'delete', :user => 'Iggy', :title => "This is a title", :body => "Comment deleted"}
+    put "/webui/comments/package/BaseDistro/pack1/delete", {:comment_id => 102, :user => 'Iggy', :title => "This is a title", :body => "Comment deleted"}
     assert_response 400
 
     # Test to see check permission on editing comments
 
-    put "/webui/comments/package/BaseDistro/pack1/update", {:comment_id => 102, :update_type => 'edit', :user => 'Iggy', :title => "This is a title", :body => "Comment deleted"}
+    put "/webui/comments/package/BaseDistro/pack1/update", {:comment_id => 102, :user => 'Iggy', :title => "This is a title", :body => "Comment deleted"}
     assert_response 400
 
-    put "/webui/comments/package/BaseDistro/pack1/update", {:comment_id => 102, :update_type => 'edit', :user => 'tom', :title => "This is a title", :body => "Comment deleted"}
+    put "/webui/comments/package/BaseDistro/pack1/update", {:comment_id => 102, :user => 'tom', :title => "This is a title", :body => "Comment deleted"}
     assert_response 200
   end
 
   def test_update_permissions_for_comments_on_request
     reset_auth
     prepare_request_with_user "tom", "thunder"
 
-    put "/webui/comments/request/1000/update", {:comment_id => 103, :update_type => 'delete', :user => 'tom', :title => "This is a title", :body => "Comment deleted"}
+    put "/webui/comments/request/1000/update", {:comment_id => 103, :user => 'tom', :title => "This is a title", :body => "Comment deleted"}
     assert_response 200
 
     # Test to see if another user can delete a comment he/she is not associated with
     prepare_request_with_user "tom", "thunder"
 
-    put "/webui/comments/request/1000/update", {:comment_id => 103, :update_type => 'delete', :user => 'Iggy', :title => "This is a title", :body => "Comment deleted"}
+    put "/webui/comments/request/1000/delete", {:comment_id => 103, :user => 'Iggy', :title => "This is a title", :body => "Comment deleted"}
     assert_response 400
 
     # Test to see check permission on editing comments
 
-    put "/webui/comments/request/1000/update", {:comment_id => 103, :update_type => 'edit', :user => 'Iggy', :title => "This is a title", :body => "Comment deleted"}
+    put "/webui/comments/request/1000/update", {:comment_id => 103, :user => 'Iggy', :title => "This is a title", :body => "Comment deleted"}
     assert_response 400
 
-    put "/webui/comments/request/1000/update", {:comment_id => 103, :update_type => 'edit', :user => 'tom', :title => "This is a title", :body => "Comment deleted"}
+    put "/webui/comments/request/1000/update", {:comment_id => 103, :user => 'tom', :title => "This is a title", :body => "Comment deleted"}
     assert_response 200
   end
 

diff --git a/src/webui/app/assets/stylesheets/comments.scss b/src/webui/app/assets/stylesheets/comments.scss
@@ -2,8 +2,9 @@
   float: right;
 }
 
-.comment_reply_link{
+.comment_links {
   float: right;
+  padding: 3px;
 }
 
 .comment_thread{

diff --git a/src/webui/app/controllers/package_controller.rb b/src/webui/app/controllers/package_controller.rb
@@ -1111,12 +1111,12 @@ def save_comments
     end
   end
 
-  def update_comments
+  def edit_comments
     begin
       unless params[:update] == 'true'
         params[:project] = @project.name
         params[:package] = @package.name
-        ApiDetails.update_comments(:update_comments_for_packages, params)
+        ApiDetails.update_comments(:edit_comments_for_packages, params)
 
         respond_to do |format|
           format.js { render json: 'ok' }
@@ -1126,6 +1126,7 @@ def update_comments
           end
         end
       else
+        @permission_check = @package.can_edit?(@user)
         render_dialog
       end
     rescue ActiveXML::Transport::Error => e
@@ -1134,6 +1135,24 @@ def update_comments
     end
   end
 
+  def delete_comments
+    begin
+      params[:project] = @project.name
+      params[:package] = @package.name
+      ApiDetails.update_comments(:delete_comments_for_packages, params)
+      respond_to do |format|
+        format.js { render json: 'ok' }
+        format.html do
+          flash[:notice] = "Comment deleted successfully"
+          redirect_to action: :comments
+        end
+      end
+    rescue ActiveXML::Transport::Error => e
+      flash[:error] = e.summary
+      redirect_to(:action => "comments", :project => params[:project]) and return
+    end
+  end
+
   private
 
   def file_available? url, max_redirects=5

diff --git a/src/webui/app/controllers/project_controller.rb b/src/webui/app/controllers/project_controller.rb
@@ -1295,11 +1295,11 @@ def save_comments
     end
   end
 
-  def update_comments
+  def edit_comments
     begin
       unless params[:update] == 'true'
         params[:project] = @project.name
-        ApiDetails.update_comments(:update_comments_for_projects, params)
+        ApiDetails.update_comments(:edit_comments_for_projects, params)
 
         respond_to do |format|
           format.js { render json: 'ok' }
@@ -1309,13 +1309,31 @@ def update_comments
           end
         end
       else
+        @permission_check = @project.can_edit?(@user)
         render_dialog
       end
     rescue ActiveXML::Transport::Error => e
       flash[:error] = e.summary
       redirect_to(:action => "comments", :project => params[:project]) and return
     end
   end
+
+  def delete_comments
+    begin
+      params[:project] = @project.name
+      ApiDetails.update_comments(:delete_comments_for_projects, params)
+      respond_to do |format|
+        format.js { render json: 'ok' }
+        format.html do
+          flash[:notice] = "Comment deleted successfully"
+          redirect_to action: :comments
+        end
+      end
+    rescue ActiveXML::Transport::Error => e
+      flash[:error] = e.summary
+      redirect_to(:action => "comments", :project => params[:project]) and return
+    end
+  end
 
   private
 

diff --git a/src/webui/app/controllers/request_controller.rb b/src/webui/app/controllers/request_controller.rb
@@ -317,11 +317,11 @@ def save_comments
     end
   end
 
-  def update_comments
+  def edit_comments
     begin
       unless params[:update] == 'true'
         params[:request_id] = params[:id]
-        ApiDetails.update_comments(:update_comments_for_requests, params)
+        ApiDetails.update_comments(:edit_comments_for_requests, params)
 
         respond_to do |format|
           format.js { render json: 'ok' }
@@ -331,6 +331,7 @@ def update_comments
           end
         end
       else
+        @permission_check = @can_add_reviews
         render_dialog
       end
     rescue ActiveXML::Transport::Error => e
@@ -339,6 +340,23 @@ def update_comments
     end
   end
 
+  def delete_comments
+    begin
+      params[:request_id] = params[:id]
+      ApiDetails.update_comments(:delete_comments_for_requests, params)
+      respond_to do |format|
+        format.js { render json: 'ok' }
+        format.html do
+          flash[:notice] = "Comment deleted successfully"
+          redirect_to action: :comments
+        end
+      end
+    rescue ActiveXML::Transport::Error => e
+      flash[:error] = e.summary
+      redirect_to(:action => "comments", :project => params[:project]) and return
+    end
+  end
+
 private
 
   def change_request(changestate, params)

diff --git a/src/webui/app/models/api_details.rb b/src/webui/app/models/api_details.rb
@@ -40,9 +40,13 @@ def self.save_comments(route_name, params)
   def self.update_comments(route_name, params)
     uri = "/webui/" +
     case route_name.to_sym
-      when :update_comments_for_projects then "comments/project/#{params[:project]}/update"
-      when :update_comments_for_packages then "comments/package/#{params[:project]}/#{params[:package]}/update"
-      when :update_comments_for_requests then "comments/request/#{params[:request_id]}/update"
+      when :edit_comments_for_projects then "comments/project/#{params[:project]}/update"
+      when :edit_comments_for_packages then "comments/package/#{params[:project]}/#{params[:package]}/update"
+      when :edit_comments_for_requests then "comments/request/#{params[:request_id]}/update"
+
+      when :delete_comments_for_projects then "comments/project/#{params[:project]}/delete"
+      when :delete_comments_for_packages then "comments/package/#{params[:project]}/#{params[:package]}/delete"
+      when :delete_comments_for_requests then "comments/request/#{params[:request_id]}/delete"
     end
 
     uri = URI(uri)

diff --git a/...ews/application/_update_comments.html.erb → ...views/application/_edit_comments.html.erb b/...ews/application/_update_comments.html.erb → ...views/application/_edit_comments.html.erb
@@ -3,13 +3,12 @@
   <div class="dialog darkgrey_box">
     <div class="box box-shadow">
       <h2 class="box-header">Update comment</h2>
-        <%= form_tag  url_for(:controller => params[:controller], :action => "update_comments"), :method => :put do %>
+        <%= form_tag  url_for(:controller => params[:controller], :action => "edit_comments"), :method => :put do %>
         <p>
           <strong>Comment:</strong><br/>
           <%= text_area_tag 'body', @body, :cols => 80, :rows => 10 %><br/>
           <%= hidden_field_tag 'comment_id', params[:comment_id] %>
           <%= hidden_field_tag 'user', session[:login] %>
-          <%=hidden_field_tag 'update_type', "edit"%>
         </p>
 
         <p>

diff --git a/src/webui/app/views/shared/_child_comment.html.erb b/src/webui/app/views/shared/_child_comment.html.erb
@@ -4,7 +4,9 @@
     <div class="comment_child <%= "comment_odd" if level.odd? %>"  style="<%= "margin-left: #{level * 10}px;" if level <= 4 %><%= "padding-right: 20px;" if level <= 1 %>">
       <%= user_icon(comment[:user], 48, 'comment_image')%>
       <%=comment[:user]%>
-      <%= link_to("Reply", {:controller => params[:controller], :action => 'save_comments', :parent_id => comment[:id], :reply => 'true' }, :remote => true, :class => 'comment_reply_link') %>
+
+      <%=render :partial => "shared/comment_links", :locals => {:comment => comment } %>
+
       <br />
       <span class="comment_time"><%= distance_of_time_in_words_to_now(DateTime.parse(comment[:created_at])) %> ago:</span>
       <%=simple_format(comment[:body]) %>