API tools faq
paste
Guest User

Untitled

a guest
Feb 20th, 2018
100
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 18.33 KB | None | 0 0
raw download clone embed print report
  1. Index: test/unit/section_test.rb
  2. ===================================================================
  3. --- test/unit/section_test.rb (revision 2079)
  4. +++ test/unit/section_test.rb (working copy)
  5. @@ -2,7 +2,7 @@
  6.  
  7. class SectionTest < Test::Unit::TestCase
  8. fixtures :sections, :contents, :assigned_sections, :sites, :users
  9. -
  10. +
  11. def test_find_or_create_sanity_check
  12. assert_no_difference Section, :count do
  13. assert_equal sections(:home), sites(:first).sections.find_or_create_by_path('')
  14. Index: test/functional/admin/templates_controller_test.rb
  15. ===================================================================
  16. --- test/functional/admin/templates_controller_test.rb (revision 2079)
  17. +++ test/functional/admin/templates_controller_test.rb (working copy)
  18. @@ -13,6 +13,7 @@
  19. @request = ActionController::TestRequest.new
  20. @response = ActionController::TestResponse.new
  21. login_as :quentin
  22. + users(:quentin).is_mephisto_admin
  23. end
  24.  
  25. def test_should_show_edit_template_form
  26. Index: test/functional/admin/settings_controller_test.rb
  27. ===================================================================
  28. --- test/functional/admin/settings_controller_test.rb (revision 2079)
  29. +++ test/functional/admin/settings_controller_test.rb (working copy)
  30. @@ -10,15 +10,28 @@
  31. @controller = Admin::SettingsController.new
  32. @request = ActionController::TestRequest.new
  33. @response = ActionController::TestResponse.new
  34. - login_as :quentin
  35. end
  36.  
  37. + def test_should_not_show_settings
  38. + login_as :arthur
  39. + get :index
  40. + assert_redirected_to :controller => 'account', :action => 'login'
  41. +
  42. + users(:arthur).is_admin_of sites(:hostess) # wrong site
  43. + get :index
  44. + assert_redirected_to :controller => 'account', :action => 'login'
  45. + end
  46. +
  47. def test_should_show_settings
  48. + login_as :quentin
  49. + users(:quentin).is_admin_of sites(:first)
  50. get :index
  51. assert_tag 'input', :attributes => { :id => 'site_title', :value => sites(:first).title }
  52. end
  53.  
  54. def test_should_update_settings
  55. + login_as :quentin
  56. + users(:quentin).is_mephisto_admin
  57. post :update, :site => { :title => 'foo' }
  58. assert_equal 'foo', sites(:first).title
  59. assert_redirected_to :action => 'index'
  60. Index: test/functional/admin/users_controller_test.rb
  61. ===================================================================
  62. --- test/functional/admin/users_controller_test.rb (revision 2079)
  63. +++ test/functional/admin/users_controller_test.rb (working copy)
  64. @@ -11,6 +11,7 @@
  65. @request = ActionController::TestRequest.new
  66. @response = ActionController::TestResponse.new
  67. login_as :quentin
  68. + users(:quentin).is_mephisto_admin
  69. end
  70.  
  71. def test_should_not_explode_on_index
  72. @@ -18,6 +19,35 @@
  73. assert_response :success
  74. end
  75.  
  76. + def test_should_require_login_for_index
  77. + login_as :arthur
  78. + get :index
  79. + assert_redirected_to :controller => 'account', :action => 'login'
  80. +
  81. + users(:arthur).is_admin_of sites(:hostess) # wrong site
  82. + get :index
  83. + assert_redirected_to :controller => 'account', :action => 'login'
  84. + end
  85. +
  86. + def test_should_require_login_for_create
  87. + login_as :arthur
  88. + post :create, :user => { :login => 'bob', :email => 'foo', :password => 'testy', :password_confirmation => 'testy' }
  89. + assert_redirected_to :controller => 'account', :action => 'login'
  90. + end
  91. +
  92. + def test_should_require_login_for_update
  93. + login_as :arthur
  94. + post :update, :id => users(:quentin).id, :user => { :email => 'foo', :password => 'testy', :password_confirmation => 'testy' }
  95. + assert_redirected_to :controller => 'account', :action => 'login'
  96. + end
  97. +
  98. + def test_site_admin_can_access_index
  99. + login_as :arthur
  100. + users(:arthur).is_admin_of sites(:first)
  101. + get :index
  102. + assert_response :success
  103. + end
  104. +
  105. def test_should_create_user
  106. assert_difference User, :count do
  107. post :create, :user => { :login => 'bob', :email => 'foo', :password => 'testy', :password_confirmation => 'testy' }
  108. Index: test/functional/admin/assets_controller_test.rb
  109. ===================================================================
  110. --- test/functional/admin/assets_controller_test.rb (revision 2079)
  111. +++ test/functional/admin/assets_controller_test.rb (working copy)
  112. @@ -12,6 +12,7 @@
  113. @request = ActionController::TestRequest.new
  114. @response = ActionController::TestResponse.new
  115. login_as :quentin
  116. + users(:quentin).is_mephisto_admin
  117. end
  118.  
  119. def test_should_visit_index
  120. Index: test/functional/admin/articles_controller_test.rb
  121. ===================================================================
  122. --- test/functional/admin/articles_controller_test.rb (revision 2079)
  123. +++ test/functional/admin/articles_controller_test.rb (working copy)
  124. @@ -12,6 +12,7 @@
  125. @request = ActionController::TestRequest.new
  126. @response = ActionController::TestResponse.new
  127. login_as :quentin
  128. + users(:quentin).is_mephisto_admin
  129. FileUtils.mkdir_p ASSET_PATH
  130. end
  131.  
  132. @@ -215,6 +216,7 @@
  133.  
  134. def test_should_update_article_with_given_sections
  135. login_as :arthur
  136. + users(:arthur).is_member_of sites(:first)
  137. assert_difference AssignedSection, :count, -1 do
  138. post :update, :id => contents(:welcome).id, :article => { :title => "My Red Hot Car", :excerpt => "Blah Blah", :body => "Blah Blah", :section_ids => [sections(:home).id] }, :submit => :save
  139. assert_redirected_to :action => 'index'
  140. Index: test/functional/admin/assets_controller_upload_test.rb
  141. ===================================================================
  142. --- test/functional/admin/assets_controller_upload_test.rb (revision 2079)
  143. +++ test/functional/admin/assets_controller_upload_test.rb (working copy)
  144. @@ -13,6 +13,7 @@
  145. @request = ActionController::TestRequest.new
  146. @response = ActionController::TestResponse.new
  147. login_as :quentin
  148. + users(:quentin).is_mephisto_admin
  149. Fixtures.delete_existing_fixtures_for(Asset.connection, :assets)
  150. end
  151.  
  152. Index: test/functional/admin/overview_controller_test.rb
  153. ===================================================================
  154. --- test/functional/admin/overview_controller_test.rb (revision 2079)
  155. +++ test/functional/admin/overview_controller_test.rb (working copy)
  156. @@ -11,6 +11,7 @@
  157. @request = ActionController::TestRequest.new
  158. @response = ActionController::TestResponse.new
  159. login_as :quentin
  160. + users(:quentin).is_mephisto_admin
  161. end
  162.  
  163. def test_routing
  164. Index: test/functional/admin/sections_controller_test.rb
  165. ===================================================================
  166. --- test/functional/admin/sections_controller_test.rb (revision 2079)
  167. +++ test/functional/admin/sections_controller_test.rb (working copy)
  168. @@ -12,6 +12,7 @@
  169. @request = ActionController::TestRequest.new
  170. @response = ActionController::TestResponse.new
  171. login_as :quentin
  172. + users(:quentin).is_mephisto_admin
  173. end
  174.  
  175. def test_should_list_sections
  176. Index: test/functional/admin/design_controller_test.rb
  177. ===================================================================
  178. --- test/functional/admin/design_controller_test.rb (revision 2079)
  179. +++ test/functional/admin/design_controller_test.rb (working copy)
  180. @@ -13,6 +13,7 @@
  181. @request = ActionController::TestRequest.new
  182. @response = ActionController::TestResponse.new
  183. login_as :quentin
  184. + users(:quentin).is_mephisto_admin
  185. end
  186.  
  187. def test_should_show_all_templates
  188. @@ -26,7 +27,19 @@
  189. assert_equal 'this is liquid', sites(:first).templates['my_little_pony'].read
  190. assert_redirected_to :controller => 'admin/templates', :action => 'edit', :filename => 'my_little_pony.liquid'
  191. end
  192. +
  193. + def test_should_not_show_all_templates
  194. + login_as :arthur
  195. + get :index
  196. + assert_redirected_to :controller => 'account', :action => 'login'
  197. + end
  198.  
  199. + def test_should_not_create_template
  200. + login_as :arthur
  201. + post :create, :data => 'this is liquid', :filename => 'my_little_pony'
  202. + assert_redirected_to :controller => 'account', :action => 'login'
  203. + end
  204. +
  205. def test_should_create_css
  206. post :create, :data => 'body {}', :filename => 'styles.css'
  207. assert sites(:first).resources['styles.css'].file?
  208. Index: test/functional/admin/resources_controller_test.rb
  209. ===================================================================
  210. --- test/functional/admin/resources_controller_test.rb (revision 2079)
  211. +++ test/functional/admin/resources_controller_test.rb (working copy)
  212. @@ -12,6 +12,7 @@
  213. @request = ActionController::TestRequest.new
  214. @response = ActionController::TestResponse.new
  215. login_as :quentin
  216. + users(:quentin).is_mephisto_admin
  217. end
  218.  
  219. def test_should_show_edit_resource_form
  220. Index: test/integration/caching_test.rb
  221. ===================================================================
  222. --- test/integration/caching_test.rb (revision 2079)
  223. +++ test/integration/caching_test.rb (working copy)
  224. @@ -182,6 +182,7 @@
  225.  
  226. assert_expires_pages section_url_for(:about), feed_url_for(:about), section_url_for(:about, :site_map) do
  227. login_as :quentin do |writer|
  228. + users(:quentin).is_mephisto_admin
  229. writer.update_section sections(:about), :name => 'ABOUT'
  230. end
  231. end
  232. @@ -191,6 +192,7 @@
  233. visit_sections_and_feeds_with visit
  234. assert_expires_pages section_url_for(:home), section_url_for(:about), feed_url_for(:home), feed_url_for(:about) do
  235. login_as :quentin do |writer|
  236. + users(:quentin).is_mephisto_admin
  237. writer.update_template sites(:first).templates[:error], '<p>error!</p>'
  238. end
  239. end
  240. Index: app/models/user.rb
  241. ===================================================================
  242. --- app/models/user.rb (revision 2079)
  243. +++ app/models/user.rb (working copy)
  244. @@ -1,6 +1,7 @@
  245. class User < UserAuth
  246. has_many :articles
  247. acts_as_paranoid
  248. + acts_as_authorized_user
  249.  
  250. def to_liquid
  251. [:login, :email].inject({}) { |hsh, attr_name| hsh.merge attr_name.to_s => send(attr_name) }
  252. Index: app/models/asset.rb
  253. ===================================================================
  254. --- app/models/asset.rb (revision 2079)
  255. +++ app/models/asset.rb (working copy)
  256. @@ -44,6 +44,8 @@
  257.  
  258. include Mephisto::TaggableMethods
  259.  
  260. + acts_as_authorizable
  261. +
  262. belongs_to :site
  263. acts_as_attachment :storage => :file_system, :thumbnails => { :thumb => '120>', :tiny => '50>' }, :max_size => 30.megabytes
  264. before_validation_on_create :set_site_from_parent
  265. Index: app/models/article.rb
  266. ===================================================================
  267. --- app/models/article.rb (revision 2079)
  268. +++ app/models/article.rb (working copy)
  269. @@ -28,6 +28,8 @@
  270. end
  271. end
  272.  
  273. + acts_as_authorizable
  274. +
  275. has_many :assigned_sections, :dependent => :destroy
  276. has_many :sections, :through => :assigned_sections, :order => 'sections.name'
  277. has_many :events, :order => 'created_at desc', :dependent => :delete_all
  278. Index: app/models/section.rb
  279. ===================================================================
  280. --- app/models/section.rb (revision 2079)
  281. +++ app/models/section.rb (working copy)
  282. @@ -4,6 +4,9 @@
  283. validates_presence_of :name, :site_id
  284. validates_exclusion_of :path, :in => [nil]
  285. validates_uniqueness_of :path, :case_sensitive => false, :scope => :site_id
  286. +
  287. + acts_as_authorizable
  288. +
  289. belongs_to :site
  290. has_many :assigned_sections, :dependent => :delete_all
  291. has_many :articles, :order => 'position', :through => :assigned_sections do
  292. Index: app/models/site.rb
  293. ===================================================================
  294. --- app/models/site.rb (revision 2079)
  295. +++ app/models/site.rb (working copy)
  296. @@ -2,6 +2,8 @@
  297. include Mephisto::Attachments::AttachmentMethods
  298. cattr_accessor :multi_sites_enabled
  299.  
  300. + acts_as_authorizable
  301. +
  302. has_many :sections do
  303. def home
  304. find_by_path ''
  305. @@ -49,6 +51,14 @@
  306. end
  307.  
  308. protected
  309. + def accepts_role?( role_name, user )
  310. + if role_name == 'member'
  311. + user.has_role?('mephisto_admin') or user.has_role?('admin', self) or user.has_role?('member', self)
  312. + else
  313. + super
  314. + end
  315. + end
  316. +
  317. def downcase_host
  318. self.host = host.to_s.downcase
  319. end
  320. Index: app/controllers/admin/base_controller.rb
  321. ===================================================================
  322. --- app/controllers/admin/base_controller.rb (revision 2079)
  323. +++ app/controllers/admin/base_controller.rb (working copy)
  324. @@ -1,5 +1,6 @@
  325. class Admin::BaseController < ApplicationController
  326. include AuthenticatedSystem
  327. before_filter :login_from_cookie
  328. - before_filter :login_required, :except => :feed
  329. + permit "member of site", :except => :feed
  330. +# before_filter :login_required, :except => :feed
  331. end
  332. Index: app/controllers/admin/templates_controller.rb
  333. ===================================================================
  334. --- app/controllers/admin/templates_controller.rb (revision 2079)
  335. +++ app/controllers/admin/templates_controller.rb (working copy)
  336. @@ -1,4 +1,6 @@
  337. class Admin::TemplatesController < Admin::BaseController
  338. +# permit "mephisto_admin or admin of site"
  339. +
  340. verify :params => :filename, :only => [:edit, :update],
  341. :add_flash => { :error => 'Template required' },
  342. :redirect_to => { :action => 'index' }
  343. Index: app/controllers/admin/settings_controller.rb
  344. ===================================================================
  345. --- app/controllers/admin/settings_controller.rb (revision 2079)
  346. +++ app/controllers/admin/settings_controller.rb (working copy)
  347. @@ -1,6 +1,6 @@
  348. class Admin::SettingsController < Admin::BaseController
  349. - before_filter :site
  350. -
  351. + permit "mephisto_admin or admin of site"
  352. +
  353. def update
  354. if site.update_attributes params[:site]
  355. redirect_to :action => 'index'
  356. Index: app/controllers/admin/users_controller.rb
  357. ===================================================================
  358. --- app/controllers/admin/users_controller.rb (revision 2079)
  359. +++ app/controllers/admin/users_controller.rb (working copy)
  360. @@ -1,4 +1,6 @@
  361. class Admin::UsersController < Admin::BaseController
  362. + permit "mephisto_admin or admin of site"
  363. +
  364. before_filter :find_all_users, :only => [:index, :show, :new]
  365. before_filter :find_user, :only => [:show, :update]
  366. def index
  367. Index: app/controllers/admin/sections_controller.rb
  368. ===================================================================
  369. --- app/controllers/admin/sections_controller.rb (revision 2079)
  370. +++ app/controllers/admin/sections_controller.rb (working copy)
  371. @@ -1,4 +1,6 @@
  372. class Admin::SectionsController < Admin::BaseController
  373. + permit "mephisto_admin or admin of site"
  374. +
  375. cache_sweeper :section_sweeper, :except => :index
  376. before_filter :find_and_sort_templates, :only => [:index, :edit]
  377. before_filter :find_and_reorder_sections, :only => [:index, :edit]
  378. Index: app/controllers/admin/design_controller.rb
  379. ===================================================================
  380. --- app/controllers/admin/design_controller.rb (revision 2079)
  381. +++ app/controllers/admin/design_controller.rb (working copy)
  382. @@ -1,4 +1,6 @@
  383. class Admin::DesignController < Admin::BaseController
  384. + permit "mephisto_admin or admin of site"
  385. +
  386. def create
  387. if params[:filename].blank? || params[:data].blank?
  388. render :action => 'index'
  389. Index: app/views/layouts/application.rhtml
  390. ===================================================================
  391. --- app/views/layouts/application.rhtml (revision 2079)
  392. +++ app/views/layouts/application.rhtml (working copy)
  393. @@ -13,7 +13,9 @@
  394. <div id="header">
  395. <ul id="sec-nav">
  396. <li><strong><%= link_to 'Blog', section_path([]) %></strong></li>
  397. + <% if permit? "mephisto_admin or admin of site" %>
  398. <li><%= link_to 'Settings', :controller => 'settings' %></li>
  399. + <% end %>
  400. <li><%= link_to 'Account', :controller => 'users', :action => 'show', :id => current_user %></li>
  401. <li><%= link_to 'Logout', :controller => '/account', :action => 'logout' %></li>
  402. </ul>
  403. @@ -28,11 +30,13 @@
  404. <li><%= link_to 'Articles', :controller => '/admin/articles' %></li>
  405. <li><%= link_to 'Assets', :controller => '/admin/assets' %></li>
  406. </ul>
  407. - <ul id="nav-r">
  408. - <li><%= link_to 'Sections', :controller => '/admin/sections' %></li>
  409. - <li><%= link_to 'Design', :controller => '/admin/design' %></li>
  410. - <li><%= link_to "Users", :controller => "users" %></li>
  411. - </ul>
  412. + <% if permit? "mephisto_admin or admin of site" %>
  413. + <ul id="nav-r">
  414. + <li><%= link_to 'Sections', :controller => '/admin/sections' %></li>
  415. + <li><%= link_to 'Design', :controller => '/admin/design' %></li>
  416. + <li><%= link_to "Users", :controller => "users" %></li>
  417. + </ul>
  418. + <% end %>
  419. <% end -%>
  420. </div>
  421. <!-- /div.nav -->
  422. Index: app/views/admin/overview/index.rhtml
  423. ===================================================================
  424. --- app/views/admin/overview/index.rhtml (revision 2079)
  425. +++ app/views/admin/overview/index.rhtml (working copy)
  426. @@ -3,7 +3,9 @@
  427. <div id="page-nav">
  428. <ul id="act-nav" class="clear">
  429. <li><%= link_to "Create new article", :controller => 'articles', :action => "new" %></li>
  430. + <% if permit? "mephisto_admin or admin of site" %>
  431. <li><%= link_to "Create new section", :controller => 'sections' %></li>
  432. + <% end %>
  433.  
  434. <% if @articles.any? -%>
  435. <li><%= link_to "Moderate Comments", :controller => 'comments' %></li>
  436. Index: config/environment.rb
  437. ===================================================================
  438. --- config/environment.rb (revision 2079)
  439. +++ config/environment.rb (working copy)
  440. @@ -33,6 +33,11 @@
  441. config.active_record.schema_format = :ruby
  442. end
  443.  
  444. +# requires Authorization plugin
  445. +AUTHORIZATION_MIXIN = 'object_roles'
  446. +DEFAULT_REDIRECTION_HASH = { :controller => '/account', :action => 'login' }
  447. +STORE_LOCATION_METHOD = :store_location
  448. +
  449. # Include your application configuration below
  450. require 'mephisto_init'
  451.  
  452. @@ -43,4 +48,4 @@
  453. # Mephisto::SweeperMethods.cache_sweeper_tracing = true
  454.  
  455. # Enable if you want to host multiple sites on this app
  456. -# Site.multi_sites_enabled = true
  457. \ No newline at end of file
  458. +Site.multi_sites_enabled = true
  459. \ No newline at end of file
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!