Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Cucumber features pass.

  • Loading branch information...
commit b807826ba14924bec40c20518c51402b82ff7476 1 parent 13326ea
@seancribbs seancribbs authored
View
22 app/views/layouts/application.html.haml
@@ -24,16 +24,18 @@
%a{:href=>"#view_site_popup", :id=>"view_site", :onclick=>"return false"} View Site
%ul#navigation
- nav_tabs.each do |tab|
- %li{:class=> current_tab?(tab) ? 'current' : ''}
- %a{:href=>(tab.first.url if tab.first)}
- = tab.proper_name
- - if current_tab?(tab)
- %ul#nav_sub
- - tab.each do |sub_item|
- %li
- %a{:href => sub_item.url, :class => current_item?(sub_item) ? 'current' : ''}>
- %span
- = sub_item.proper_name
+ - if tab.visible?(current_user)
+ %li{:class=> current_tab?(tab) ? 'current' : ''}
+ %a{:href=>(tab.first.url if tab.first)}
+ = tab.proper_name
+ - if current_tab?(tab)
+ %ul#nav_sub
+ - tab.each do |sub_item|
+ - if sub_item.visible?(current_user)
+ %li
+ %a{:href => sub_item.url, :class => current_item?(sub_item) ? 'current' : ''}>
+ %span
+ = sub_item.proper_name
#header_bottom
%div
#main
View
7 features/admin/pages_management.feature
@@ -30,7 +30,8 @@ Feature: Managing pages
And I fill in the "extended" content with "foobar"
And I select "Published" from "Status"
And I press "Create page"
- Then I should see "Your page has been saved"
+ Then I should be on the sitemap
+ And I should see "My site"
When I go to "/"
Then I should see "Under Construction"
@@ -47,7 +48,7 @@ Feature: Managing pages
And I fill in the "extended" content with "foobar"
And I select "Published" from "Status"
And I press "Save and Continue Editing"
- Then I should see "Your page has been saved"
+ Then I should see "Edit Page"
And I should see "Under Construction"
When I go to "/my-child"
Then I should see "Under Construction"
@@ -67,5 +68,5 @@ Feature: Managing pages
When I edit the "virtual" page
And I select "<normal>" from "Page type"
And I press "Save and Continue Editing"
- Then I should see "Your page has been saved"
+ Then I should see "Edit Page"
And "<normal>" should be selected for "Page type"
View
4 features/admin/snippets_management.feature
@@ -19,7 +19,7 @@ Feature: Managing snippets
And I fill in "Name" with "Mine"
And I fill in "Body" with "My snippet"
And I press "Create Snippet"
- Then I should see "saved"
+ Then I should be on the snippets list
And I should see "Mine"
Scenario: Display form errors
@@ -36,7 +36,7 @@ Feature: Managing snippets
And I fill in "Name" with "Mine"
And I fill in "Body" with "My snippet"
And I press "Save and Continue Editing"
- Then I should see "saved"
+ Then I should see "Edit Snippet"
And I should see the form
Scenario: View a snippet
View
33 features/admin/user_permissions.feature
@@ -18,8 +18,8 @@ Feature: User authentication and permissions
Scenario Outline: Authentication-logout
Given I am logged in as "<username>"
- When I follow "Log out"
- Then I should see "You are now logged out."
+ When I follow "Logout"
+ Then I should be on the login screen
Examples:
| username |
@@ -58,8 +58,9 @@ Feature: User authentication and permissions
Scenario Outline: Admins and developers can see and edit layouts
Given I am logged in as "<username>"
- And I should see "Layouts"
- When I go to "/admin/layouts"
+ And I should see "Design"
+ When I follow "Design"
+ And I follow "Layouts"
And I should not see "You must have developer privileges"
And I follow "Main"
Then I should see "Edit Layout"
@@ -71,7 +72,7 @@ Feature: User authentication and permissions
Scenario Outline: Ordinary users cannot edit layouts
Given I am logged in as "<username>"
- And I should not see "Layouts"
+ And I should not see "Design"
When I go to "/admin/layouts"
Then I should see "You must have developer privileges"
@@ -82,16 +83,11 @@ Feature: User authentication and permissions
Scenario: Admins can see and edit users
Given I am logged in as "admin"
- And I should see "Users"
- When I go to "/admin/users"
+ When I follow "Settings"
+ And I follow "Users"
And I should not see "You must have administrative privileges"
And I follow "Another"
Then I should see "Edit User"
-
- Scenario: Admins do not see preferences link
- Given I am logged in as "admin"
- And I should see "Users"
- And I should not see "Preferences"
Scenario Outline: Non-admins cannot see or edit users
Given I am logged in as "<username>"
@@ -107,9 +103,10 @@ Feature: User authentication and permissions
Scenario Outline: Non-admins see preferences link
Given I am logged in as "<username>"
- And I should see "Preferences"
- When I go to "/admin/preferences"
- Then I should see "User Preferences"
+ And I should see "Settings"
+ When I follow "Settings"
+ And I follow "Personal"
+ Then I should see "Personal Preferences"
Examples:
| username |
@@ -117,15 +114,15 @@ Feature: User authentication and permissions
| another |
| developer |
-
Scenario: Admin users can see extensions
Given I am logged in as "admin"
- And I should see "Extensions"
- When I go to "/admin/extensions"
+ When I follow "Settings"
+ And I follow "Extensions"
Then I should see "Archive"
Scenario Outline: Non-admin users cannot see extensions
Given I am logged in as "<username>"
+ When I follow "Settings"
And I should not see "Extensions"
When I go to "/admin/extensions"
Then I should see "You must have administrative privileges"
View
10 features/admin/user_preferences.feature
@@ -4,15 +4,15 @@ Feature: Edit user preferences
Scenario Outline: Edit preferences
Given I am logged in as "<username>"
- When I follow "Preferences"
- And I fill in "E-mail" with "my-new-email@example.com"
+ When I open my preferences
+ And I fill in "E-mail Address" with "my-new-email@example.com"
And I press "Save Changes"
- Then I should see "updated"
- And I should see "Home"
+ Then I should be on the preferences screen
Examples:
| username |
+ | admin |
| another |
| existing |
| developer |
- | non_admin |
+ | non_admin |
View
6 features/admin/users_management.feature
@@ -20,10 +20,10 @@ Feature: Managing users
And I fill in "Name" with "New Guy"
And I fill in "E-mail" with "newguy@example.com"
And I fill in "Username" with "new_guy"
- And I fill in "Password" with "password"
- And I fill in "Confirm password" with "password"
+ And I fill in "New Password" with "password"
+ And I fill in "Confirm New Password" with "password"
And I press "Create User"
- Then I should see "saved"
+ Then I should be on the users list
And I should see "New Guy"
Scenario: Display form errors on submit
View
4 features/step_definitions/admin/admin_steps.rb
@@ -1,7 +1,7 @@
Given(/^I am logged in as "([^\"]*)"$/) do |user|
visit '/admin/login'
- user = users(user.intern)
- fill_in 'Username', :with => user.login
+ @user = users(user.intern)
+ fill_in 'Username', :with => @user.login
fill_in 'Password', :with => 'password'
click_button 'Login'
end
View
3  features/step_definitions/admin/users_management_steps.rb
@@ -10,3 +10,6 @@
visit "/admin/users/#{id}", :delete
end
+When /^I open my preferences$/ do
+ visit edit_admin_preferences_path
+end
View
13 features/support/paths.rb
@@ -3,11 +3,18 @@ def path_to(page_name)
when /the homepage/i
root_path
-
+ when /sitemap/i
+ admin_pages_path
when /login/i
login_path
- # Add more page name => path mappings here
-
+ when /preferences/i
+ edit_admin_preferences_path
+ when /snippets/i
+ admin_snippets_path
+ when /login/i
+ login_path
+ when /users/
+ admin_users_path
else
raise "Can't find mapping from \"#{page_name}\" to a path."
end
View
24 lib/login_system.rb
@@ -55,16 +55,7 @@ def authorize
end
def user_has_access_to_action?(action)
- permissions = self.class.controller_permissions[action.to_s.intern]
- case
- when allowed_roles = permissions[:when]
- allowed_roles = [allowed_roles].flatten
- allowed_roles.any? { |role| current_user.has_role?(role) }
- when condition_method = permissions[:if]
- send(condition_method)
- else
- true
- end
+ self.class.user_has_access_to_action?(current_user, action, self)
end
def login_from_session
@@ -120,5 +111,18 @@ def only_allow_access_to(*args)
def controller_permissions
@controller_permissions ||= Hash.new { |h,k| h[k.to_s.intern] = Hash.new }
end
+
+ def user_has_access_to_action?(user, action, instance=new)
+ permissions = controller_permissions[action.to_s.intern]
+ case
+ when allowed_roles = permissions[:when]
+ allowed_roles = [allowed_roles].flatten
+ allowed_roles.any? { |role| user.has_role?(role) }
+ when condition_method = permissions[:if]
+ instance.send(condition_method)
+ else
+ true
+ end
+ end
end
end
View
6 lib/radiant/admin_ui.rb
@@ -80,8 +80,8 @@ def relative_url
def visible_by_controller?(user)
params = ActionController::Routing::Routes.recognize_path(url, :method => :get)
if params && params[:controller]
- controller = "#{params[:controller].camelize}Controller".constantize
- controller.new.send(:user_has_access_to_action?, params[:action])
+ klass = "#{params[:controller].camelize}Controller".constantize
+ klass.user_has_access_to_action?(user, params[:action])
else
false
end
@@ -121,7 +121,7 @@ def load_default_nav
content << nav_item(:snippets, "Snippets", "/admin/snippets")
nav << content
- design = nav_tab(:design, "Design", [:developer])
+ design = nav_tab(:design, "Design", [:developer, :admin])
design << nav_item(:layouts, "Layouts", "/admin/layouts")
nav << design
Please sign in to comment.
Something went wrong with that request. Please try again.