noosfero | 15 new commits pushed to repository
Antonio Terceiro
gitlab at gitlab.com
Fri Feb 27 12:36:50 BRT 2015
Antonio Terceiro pushed to refs/heads/stable-1.0 at <a href="https://gitlab.com/noosfero/noosfero">Noosfero / noosfero</a>
Commits:
<a href="https://gitlab.com/noosfero/noosfero/commit/6155251a3164a7b097aeaa9da12778b183f3f5d0">6155251a</a> by Daniela Feitosa
Fix: avoid crashing when displaying articles
On environments created before including =spam_comments_count=, the visualization
of number of comments was crashing because it was nil
Fixes #31
(cherry picked from commit 6c59ac4a8cfd8089927917718a312493c77a578a)
- - - - -
<a href="https://gitlab.com/noosfero/noosfero/commit/a91788f0bbc7e277ba443e4ea6c95b61d1253ece">a91788f0</a> by Victor Costa
Append logged-in class in body when user is logged in
(cherry picked from commit 05e56cd31341a2c42a4d1fda2cd1a4f2c94c5f1a)
- - - - -
<a href="https://gitlab.com/noosfero/noosfero/commit/93fdd1c2860525e340249ee43d5073cf06d31f1b">93fdd1c2</a> by Victor Costa
Base controller for plugins administration
The PluginAdminController protect by default users that didn't have
edit_environment_features permission against access plugin administration.
(cherry picked from commit 7c541b4a2fef9c201c164a05f1519b190f667a5f)
- - - - -
<a href="https://gitlab.com/noosfero/noosfero/commit/7896182670ba1ef80e4f08873f57a199c4db54fe">78961826</a> by Victor Costa
Use default base class for plugin admin controllers
(cherry picked from commit e47daca26c5861d09c8248855472d4e65cbda1d0)
- - - - -
<a href="https://gitlab.com/noosfero/noosfero/commit/4c78ceeb1cd77610a46df8c03477fffce3cb69ae">4c78ceeb</a> by Daniela Feitosa
Fixed translation of date on spanish (es)
(cherry picked from commit 0484736d982f3beb877cf35e508712440cbb62e1)
- - - - -
<a href="https://gitlab.com/noosfero/noosfero/commit/ab18ce7b69f81564e39dde9bbf4d0a2985b70b71">ab18ce7b</a> by Daniela Feitosa
external_feed: allow only_once to mass-assignment
Also removed "id" on update of external_feed_data. It must not be updated or
mass-assigned
(cherry picked from commit 87a25ade46aa48e9f962f684a2bae334ba0bb504)
- - - - -
<a href="https://gitlab.com/noosfero/noosfero/commit/14d4128353cebdcb99aba2714a321c34f2eaafcc">14d41283</a> by Larissa Reis
[custom_form] Fixes fields not showing up on rails 3
Also fixes a mass assignment error in membership task and removes a
redundant `attr_accessible` in TextField since it was already set
in Field.
(cherry picked from commit 05db3adf7a68cc4a307726913bf5591a6f154411)
- - - - -
<a href="https://gitlab.com/noosfero/noosfero/commit/9d490f253f7dca6b3c699d9b772189ac355eddc3">9d490f25</a> by Daniela Feitosa
[custom_forms] destroy answers when remove field
Also:
- fix to avoid crash if there is some answer without a related field
(cherry picked from commit 6fcf788e02ff6731733cb3bc6abb5dba63fa0ac9)
- - - - -
<a href="https://gitlab.com/noosfero/noosfero/commit/dbaf47010d9f1e87c9cf295a7eb6615be52f60d8">dbaf4701</a> by Aurélio A. Heckert
DatesHelper now uses i18n from Rails
(cherry picked from commit 3600768ceceed5b804b5d208b0df307f9e7b1408)
- - - - -
<a href="https://gitlab.com/noosfero/noosfero/commit/1f4a93fd7c125fec38f4d04934e4705285eda015">1f4a93fd</a> by Braulio Bhavamitra
Allow Access-Control-Allow-Credentials in Access-Control-Allow-Origin
(cherry picked from commit e51453fd3b20c01ed6b77b2c4396ec4254fbd403)
- - - - -
<a href="https://gitlab.com/noosfero/noosfero/commit/cbc22943f022085711f6372b3aee5a4170e66bb7">cbc22943</a> by Victor Costa
Sanitize HTML in event name
(cherry picked from commit 23b9a86393b7806070dc36c45d2fe79b96b26eaa)
- - - - -
<a href="https://gitlab.com/noosfero/noosfero/commit/8f4ec35223dafaa7744392ee065349fa1109f790">8f4ec352</a> by Victor Costa
Sanitize HTML in folder name
(cherry picked from commit fa7cddb0f79d4bb6d7750ed6fd41bb63446a6012)
- - - - -
<a href="https://gitlab.com/noosfero/noosfero/commit/8da8e13cef4861ad75f79854825e21efe9cb6d10">8da8e13c</a> by Antonio Terceiro
release: set environment variables for dch
(cherry picked from commit 51dc531e5958e9824b70fb4978e4857b3422ae35)
- - - - -
<a href="https://gitlab.com/noosfero/noosfero/commit/a3a2807e1ebbbe15580203de4b76b43db244e149">a3a2807e</a> by Antonio Terceiro
rake test: summarize tasks at the end
(cherry picked from commit dcc12e37c6767d6d5c44040d3d9d620f7b64292f)
- - - - -
<a href="https://gitlab.com/noosfero/noosfero/commit/00958241db84bc0a3a8c46f1cc2b8dfdca31a0ba">00958241</a> by Antonio Terceiro
Bumping version 1.0.4
- - - - -
Changes:
=====================================
app/controllers/admin/plugin_admin_controller.rb
=====================================
--- /dev/null
+++ b/app/controllers/admin/plugin_admin_controller.rb
@@ -0,0 +1,5 @@
+class PluginAdminController < AdminController
+
+ protect 'edit_environment_features', :environment
+
+end
=====================================
app/controllers/application_controller.rb
=====================================
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -28,6 +28,7 @@ class ApplicationController < ActionController::Base
unless environment.access_control_allow_methods.blank?
response.headers["Access-Control-Allow-Methods"] = environment.access_control_allow_methods
end
+ response.headers["Access-Control-Allow-Credentials"] = 'true'
elsif environment.restrict_to_access_control_origins
render_access_denied _('Origin not in allowed.')
end
=====================================
app/helpers/content_viewer_helper.rb
=====================================
--- a/app/helpers/content_viewer_helper.rb
+++ b/app/helpers/content_viewer_helper.rb
@@ -10,7 +10,7 @@ module ContentViewerHelper
end
def number_of_comments(article)
- display_number_of_comments(article.comments_count - article.spam_comments_count)
+ display_number_of_comments(article.comments_count - article.spam_comments_count.to_i)
end
def article_title(article, args = {})
=====================================
app/helpers/dates_helper.rb
=====================================
--- a/app/helpers/dates_helper.rb
+++ b/app/helpers/dates_helper.rb
@@ -2,24 +2,14 @@ require 'noosfero/i18n'
module DatesHelper
- # FIXME Date#strftime should translate this for us !!!!
- MONTHS = [
- N_('January'),
- N_('February'),
- N_('March'),
- N_('April'),
- N_('May'),
- N_('June'),
- N_('July'),
- N_('August'),
- N_('September'),
- N_('October'),
- N_('November'),
- N_('December')
- ]
-
- def month_name(n)
- _(MONTHS[n-1])
+ MONTHS = I18n.t('date.month_names')
+
+ def month_name(n, abbreviated = false)
+ if abbreviated
+ I18n.t('date.abbr_month_names')[n]
+ else
+ MONTHS[n]
+ end
end
# formats a date for displaying.
@@ -91,15 +81,7 @@ module DatesHelper
_(date.strftime("%a"))
else
# FIXME Date#strftime should translate this for us !!!!
- _([
- N_('Sunday'),
- N_('Monday'),
- N_('Tuesday'),
- N_('Wednesday'),
- N_('Thursday'),
- N_('Friday'),
- N_('Saturday'),
- ][date.wday])
+ I18n.t('date.day_names')[date.wday]
end
end
@@ -111,7 +93,7 @@ module DatesHelper
date = date << 1
end
if opts[:only_month]
- _('%{month}') % {:month => month_name(date.month.to_i) }
+ _('%{month}') % { :month => month_name(date.month.to_i) }
else
_('%{month} %{year}') % { :year => date.year, :month => month_name(date.month.to_i) }
end
@@ -156,7 +138,7 @@ module DatesHelper
else
order = [:day, :month, :year]
end
- date_select(object, method, html_options.merge(options.merge(:include_blank => true, :order => order, :use_month_names => MONTHS.map {|item| gettext(item)})))
+ date_select(object, method, html_options.merge(options.merge(:include_blank => true, :order => order, :use_month_names => MONTHS)))
end
end
=====================================
app/helpers/layout_helper.rb
=====================================
--- a/app/helpers/layout_helper.rb
+++ b/app/helpers/layout_helper.rb
@@ -2,6 +2,7 @@ module LayoutHelper
def body_classes
# Identify the current controller and action for the CSS:
+ (logged_in? ? " logged-in" : "") +
" controller-#{controller.controller_name}" +
" action-#{controller.controller_name}-#{controller.action_name}" +
" template-#{@layout_template || if profile.blank? then 'default' else profile.layout_template end}" +
=====================================
app/models/blog.rb
=====================================
--- a/app/models/blog.rb
+++ b/app/models/blog.rb
@@ -53,7 +53,7 @@ class Blog < Folder
def prepare_external_feed
unless self.external_feed_data.nil?
if self.external_feed(true) && self.external_feed.id == self.external_feed_data[:id].to_i
- self.external_feed.attributes = self.external_feed_data
+ self.external_feed.attributes = self.external_feed_data.except(:id)
else
self.build_external_feed(self.external_feed_data, :without_protection => true)
end
=====================================
app/models/blog_archives_block.rb
=====================================
--- a/app/models/blog_archives_block.rb
+++ b/app/models/blog_archives_block.rb
@@ -36,8 +36,7 @@ class BlogArchivesBlock < Block
results << content_tag('li', content_tag('strong', "#{year} (#{count})"))
results << "<ul class='#{year}-archive'>"
posts.except(:order).count(:all, :conditions => ['EXTRACT(YEAR FROM published_at)=?', year], :group => 'EXTRACT(MONTH FROM published_at)').sort_by {|month, count| -month.to_i}.each do |month, count|
- month_name = gettext(MONTHS[month.to_i - 1])
- results << content_tag('li', link_to("#{month_name} (#{count})", owner_blog.url.merge(:year => year, :month => month)))
+ results << content_tag('li', link_to("#{month_name(month.to_i)} (#{count})", owner_blog.url.merge(:year => year, :month => month)))
end
results << "</ul>"
end
=====================================
app/models/event.rb
=====================================
--- a/app/models/event.rb
+++ b/app/models/event.rb
@@ -19,7 +19,7 @@ class Event < Article
maybe_add_http(self.setting[:link])
end
- xss_terminate :only => [ :body, :link, :address ], :with => 'white_list', :on => 'validation'
+ xss_terminate :only => [ :name, :body, :link, :address ], :with => 'white_list', :on => 'validation'
def initialize(*args)
super(*args)
=====================================
app/models/external_feed.rb
=====================================
--- a/app/models/external_feed.rb
+++ b/app/models/external_feed.rb
@@ -10,7 +10,7 @@ class ExternalFeed < ActiveRecord::Base
{ :conditions => ['(fetched_at is NULL) OR (fetched_at < ?)', Time.now - FeedUpdater.update_interval] }
}
- attr_accessible :address, :enabled
+ attr_accessible :address, :enabled, :only_once
def add_item(title, link, date, content)
return if content.blank?
=====================================
app/models/folder.rb
=====================================
--- a/app/models/folder.rb
+++ b/app/models/folder.rb
@@ -12,7 +12,7 @@ class Folder < Article
acts_as_having_settings :field => :setting
- xss_terminate :only => [ :body ], :with => 'white_list', :on => 'validation'
+ xss_terminate :only => [ :name, :body ], :with => 'white_list', :on => 'validation'
include WhiteListFilter
filter_iframes :body
=====================================
debian/changelog
=====================================
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+noosfero (1.0.4) wheezy; urgency=low
+
+ * Maintainance release
+
+ -- Antonio Terceiro <terceiro at colivre.coop.br> Fri, 27 Feb 2015 12:33:22 -0300
+
noosfero (1.0.3) wheezy; urgency=low
* New maintainance release, backporting a change that Colivre needs
=====================================
lib/noosfero/version.rb
=====================================
--- a/lib/noosfero/version.rb
+++ b/lib/noosfero/version.rb
@@ -1,4 +1,4 @@
module Noosfero
PROJECT = 'noosfero'
- VERSION = '1.0.3'
+ VERSION = '1.0.4'
end
=====================================
lib/tasks/release.rake
=====================================
--- a/lib/tasks/release.rake
+++ b/lib/tasks/release.rake
@@ -156,6 +156,8 @@ EOF
sh 'git checkout debian/changelog lib/noosfero/version.rb'
sh "sed -i \"s/VERSION = '[^']*'/VERSION = '#{new_version}'/\" lib/noosfero/version.rb"
+ ENV['DEBFULLNAME'] ||= `git config user.name`.strip
+ ENV['DEBEMAIL'] ||= `git config user.email`.strip
sh "dch --newversion #{new_version} --distribution #{target} --force-distribution '#{release_message}'"
sh 'git diff debian/changelog lib/noosfero/version.rb'
=====================================
lib/tasks/test.rake
=====================================
--- a/lib/tasks/test.rake
+++ b/lib/tasks/test.rake
@@ -17,15 +17,31 @@ NoosferoTasks = %w(test:noosfero_plugins)
AllTasks = TestTasks + CucumberTasks + NoosferoTasks
task :test do
- errors = AllTasks.collect do |task|
+ data = []
+ failed = []
+ AllTasks.each do |task|
+ t0 = Time.now.to_i
begin
ENV['RAILS_ENV'] = 'test'
Rake::Task[task].invoke
- nil
+ status = 'PASS'
rescue => e
- task
+ failed << task
+ status = 'FAIL'
end
- end.compact
- abort "Errors running #{errors.to_sentence}!" if errors.any?
+ t1 = Time.now.to_i
+ duration = t1 - t0
+ data << { :name => task, :status => status, :duration => Time.at(duration).utc.strftime("%H:%M:%S") }
+ end
+
+ puts
+ printf "%-30s %-6s %s\n", 'Task', 'Status', 'Duration'
+ printf "%-30s %-6s %s\n", '-' * 30, '-' * 6, '--------'
+ data.each do |entry|
+ printf "%-30s %-6s %s\n", entry[:name], entry[:status], entry[:duration]
+ end
+
+ puts
+ abort "Errors running #{failed.join(', ')}!" if failed.any?
end
=====================================
plugins/anti_spam/controllers/anti_spam_plugin_admin_controller.rb
=====================================
--- a/plugins/anti_spam/controllers/anti_spam_plugin_admin_controller.rb
+++ b/plugins/anti_spam/controllers/anti_spam_plugin_admin_controller.rb
@@ -1,4 +1,4 @@
-class AntiSpamPluginAdminController < AdminController
+class AntiSpamPluginAdminController < PluginAdminController
append_view_path File.join(File.dirname(__FILE__) + '/../views')
def index
=====================================
plugins/custom_forms/lib/custom_forms_plugin/field.rb
=====================================
--- a/plugins/custom_forms/lib/custom_forms_plugin/field.rb
+++ b/plugins/custom_forms/lib/custom_forms_plugin/field.rb
@@ -6,7 +6,7 @@ class CustomFormsPlugin::Field < ActiveRecord::Base
attr_accessible :name, :form, :mandatory, :type, :position, :default_value, :select_field_type, :alternatives_attributes
belongs_to :form, :class_name => 'CustomFormsPlugin::Form'
- has_many :answers, :class_name => 'CustomFormsPlugin::Answer'
+ has_many :answers, :class_name => 'CustomFormsPlugin::Answer', :dependent => :destroy
has_many :alternatives, :order => 'position', :class_name => 'CustomFormsPlugin::Alternative'
accepts_nested_attributes_for :alternatives, :allow_destroy => true
=====================================
plugins/custom_forms/lib/custom_forms_plugin/submission.rb
=====================================
--- a/plugins/custom_forms/lib/custom_forms_plugin/submission.rb
+++ b/plugins/custom_forms/lib/custom_forms_plugin/submission.rb
@@ -52,7 +52,7 @@ class CustomFormsPlugin::Submission < Noosfero::Plugin::ActiveRecord
self.answers.each do |answer|
answer.valid?
answer.errors.each do |attribute, msg|
- self.errors.add answer.field.id.to_s.to_sym, msg
+ self.errors.add answer.field.id.to_s.to_sym, msg if answer.field.present?
end
end
end
=====================================
plugins/custom_forms/lib/custom_forms_plugin/text_field.rb
=====================================
--- a/plugins/custom_forms/lib/custom_forms_plugin/text_field.rb
+++ b/plugins/custom_forms/lib/custom_forms_plugin/text_field.rb
@@ -1,5 +1,3 @@
class CustomFormsPlugin::TextField < CustomFormsPlugin::Field
set_table_name :custom_forms_plugin_fields
-
- attr_accessible :name
end
=====================================
plugins/custom_forms/test/unit/custom_forms_plugin/field_test.rb
=====================================
--- a/plugins/custom_forms/test/unit/custom_forms_plugin/field_test.rb
+++ b/plugins/custom_forms/test/unit/custom_forms_plugin/field_test.rb
@@ -33,6 +33,18 @@ class CustomFormsPlugin::FieldTest < ActiveSupport::TestCase
assert_equal form.fields, [license_field]
end
+ should 'destroy its answers after removing a field' do
+ form = CustomFormsPlugin::Form.create!(:name => 'Free Software', :profile => fast_create(Profile))
+ field = CustomFormsPlugin::Field.create!(:name => 'Project name', :form => form)
+
+ CustomFormsPlugin::Answer.create(:field => field, :value => 'My Project')
+ CustomFormsPlugin::Answer.create(:field => field, :value => 'Other Project')
+
+ assert_difference 'CustomFormsPlugin::Answer.count', -2 do
+ field.destroy
+ end
+ end
+
should 'have alternative if type is SelectField' do
select = CustomFormsPlugin::Field.new(:name => 'select_field001', :type => 'CustomFormsPlugin::SelectField')
assert !select.save
=====================================
plugins/custom_forms/views/custom_forms_plugin_myprofile/_form.html.erb
=====================================
--- a/plugins/custom_forms/views/custom_forms_plugin_myprofile/_form.html.erb
+++ b/plugins/custom_forms/views/custom_forms_plugin_myprofile/_form.html.erb
@@ -23,7 +23,7 @@
<h2><%= _('Fields') %></h2>
<ul class='field-list'>
- <% f.fields_for :fields do |builder| %>
+ <%= f.fields_for :fields do |builder| %>
<li>
<%= render partial_for_class(builder.object.class), :f => builder %>
</li>
=====================================
plugins/custom_forms/views/custom_forms_plugin_myprofile/custom_forms_plugin/_select_field.html.erb
=====================================
--- a/plugins/custom_forms/views/custom_forms_plugin_myprofile/custom_forms_plugin/_select_field.html.erb
+++ b/plugins/custom_forms/views/custom_forms_plugin_myprofile/custom_forms_plugin/_select_field.html.erb
@@ -27,7 +27,7 @@
</tr>
</tfoot>
<tbody class='field-list'>
- <% f.fields_for :alternatives do |builder| %>
+ <%= f.fields_for :alternatives do |builder| %>
<%= render partial_for_class(builder.object.class), :f => builder %>
<% end %>
</tbody>
=====================================
plugins/custom_forms/views/custom_forms_plugin_profile/show.html.erb
=====================================
--- a/plugins/custom_forms/views/custom_forms_plugin_profile/show.html.erb
+++ b/plugins/custom_forms/views/custom_forms_plugin_profile/show.html.erb
@@ -30,7 +30,7 @@
<% end %>
<% else %>
- <% fields_for :submission, @submission do |f| %>
+ <%= fields_for :submission, @submission do |f| %>
<%= render :partial => 'shared/form_submission', :locals => {:f => f} %>
<% end %>
<% end %>
=====================================
plugins/custom_forms/views/tasks/custom_forms_plugin/_membership_survey_accept_details.html.erb
=====================================
--- a/plugins/custom_forms/views/tasks/custom_forms_plugin/_membership_survey_accept_details.html.erb
+++ b/plugins/custom_forms/views/tasks/custom_forms_plugin/_membership_survey_accept_details.html.erb
@@ -1,5 +1,5 @@
<% @form = CustomFormsPlugin::Form.find(task.form_id) %>
-<% @submission = CustomFormsPlugin::Submission.new(:form_id => @form.id, :profile_id => user.id) %>
+<% @submission = CustomFormsPlugin::Submission.new(:form => @form, :profile => user) %>
<h2><%= @form.name %></h2>
<p><%= @form.description %></p>
@@ -11,6 +11,6 @@
<% end %>
<% end %>
-<% f.fields_for :submission do |fi| %>
+<%= f.fields_for :submission do |fi| %>
<%= render :partial => 'shared/form_submission', :locals => {:f => fi} %>
<% end %>
=====================================
plugins/foo/controllers/admin/foo_plugin_admin_bar_controller.rb
=====================================
--- a/plugins/foo/controllers/admin/foo_plugin_admin_bar_controller.rb
+++ b/plugins/foo/controllers/admin/foo_plugin_admin_bar_controller.rb
@@ -1,3 +1,3 @@
-class FooPluginAdminBarController < AdminController
+class FooPluginAdminBarController < PluginAdminController
end
=====================================
plugins/ldap/controllers/ldap_plugin_admin_controller.rb
=====================================
--- a/plugins/ldap/controllers/ldap_plugin_admin_controller.rb
+++ b/plugins/ldap/controllers/ldap_plugin_admin_controller.rb
@@ -1,4 +1,4 @@
-class LdapPluginAdminController < AdminController
+class LdapPluginAdminController < PluginAdminController
append_view_path File.join(File.dirname(__FILE__) + '/../views')
=====================================
plugins/piwik/controllers/piwik_plugin_admin_controller.rb
=====================================
--- a/plugins/piwik/controllers/piwik_plugin_admin_controller.rb
+++ b/plugins/piwik/controllers/piwik_plugin_admin_controller.rb
@@ -1,4 +1,4 @@
-class PiwikPluginAdminController < AdminController
+class PiwikPluginAdminController < PluginAdminController
append_view_path File.join(File.dirname(__FILE__) + '/../views')
=====================================
plugins/vote/controllers/vote_plugin_admin_controller.rb
=====================================
--- a/plugins/vote/controllers/vote_plugin_admin_controller.rb
+++ b/plugins/vote/controllers/vote_plugin_admin_controller.rb
@@ -1,4 +1,4 @@
-class VotePluginAdminController < AdminController
+class VotePluginAdminController < PluginAdminController
def index
settings = params[:settings]
=====================================
plugins/vote/test/functional/vote_plugin_admin_controller_test.rb
=====================================
--- a/plugins/vote/test/functional/vote_plugin_admin_controller_test.rb
+++ b/plugins/vote/test/functional/vote_plugin_admin_controller_test.rb
@@ -8,7 +8,7 @@ class VotePluginAdminControllerTest < ActionController::TestCase
def setup
@environment = Environment.default
- @profile = create_user('profile').person
+ @profile = create_user_with_permission('profile', 'edit_environment_features', Environment.default)
login_as(@profile.identifier)
end
=====================================
po/es/noosfero.po
=====================================
--- a/po/es/noosfero.po
+++ b/po/es/noosfero.po
@@ -3390,7 +3390,7 @@ msgstr "%{day}/%{month}"
#: app/helpers/dates_helper.rb:31
#: plugins/display_content/lib/display_content_block.rb:187
msgid "%{month_name} %{day}, %{year}"
-msgstr "%{day} de %{month} de %{year}"
+msgstr "%{day} de %{month_name} de %{year}"
# LAs cadenas de este tipo NO se traducen
#: app/helpers/dates_helper.rb:31
=====================================
test/functional/plugin_admin_controller_test.rb
=====================================
--- /dev/null
+++ b/test/functional/plugin_admin_controller_test.rb
@@ -0,0 +1,25 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class PluginAdminController
+ def index
+ render :text => 'ok'
+ end
+end
+
+class PluginAdminControllerTest < ActionController::TestCase
+
+ should 'allow user with the required permission to access plugin administration page' do
+ create_user_with_permission('testuser', 'edit_environment_features', Environment.default)
+ login_as('testuser')
+ get :index
+ assert_response :success
+ end
+
+ should 'forbid access to users that did not have the required permission' do
+ create_user('testuser')
+ login_as('testuser')
+ get :index
+ assert_response :forbidden
+ end
+
+end
=====================================
test/unit/content_viewer_helper_test.rb
=====================================
--- a/test/unit/content_viewer_helper_test.rb
+++ b/test/unit/content_viewer_helper_test.rb
@@ -83,6 +83,14 @@ class ContentViewerHelperTest < ActionView::TestCase
assert_equal '', result
end
+ should 'not crash if spam_comments_count is nil' do
+ article = TextileArticle.new(:name => 'post for test', :body => 'post for test', :profile => profile)
+ article.stubs(:comments_count).returns(10)
+ article.stubs(:spam_comments_count).returns(nil)
+ result = number_of_comments(article)
+ assert_match /10 comments/, result
+ end
+
should 'not list feed article' do
profile.articles << build(Blog, :name => 'Blog test', :profile => profile)
assert_includes profile.blog.children.map{|i| i.class}, RssFeed
=====================================
test/unit/dates_helper_test.rb
=====================================
--- a/test/unit/dates_helper_test.rb
+++ b/test/unit/dates_helper_test.rb
@@ -5,13 +5,16 @@ class DatesHelperTest < ActiveSupport::TestCase
include DatesHelper
should 'translate month names' do
- expects(:_).with('January').returns('Janeiro')
- assert_equal "Janeiro", month_name(1)
+ assert_equal "January", month_name(1)
+ end
+
+ should 'translate abbreviated month names' do
+ assert_equal "Sep", month_name(9, true)
end
should 'display date with translation' do
+ expects(:month_name).with(1).returns('Janeiro')
expects(:_).with('%{month_name} %{day}, %{year}').returns('%{day} de %{month_name} de %{year}')
- expects(:_).with('January').returns('Janeiro')
assert_equal '11 de Janeiro de 2008', show_date(Date.new(2008, 1, 11))
end
@@ -68,75 +71,48 @@ class DatesHelperTest < ActiveSupport::TestCase
end
should 'show day of week' do
- expects(:_).with("Sunday").returns("Domingo")
- date = mock
- date.expects(:wday).returns(0)
- assert_equal "Domingo", show_day_of_week(date)
+ assert_equal "Thursday", show_day_of_week(Date.new(2014,10,23))
end
should 'show abbreviated day of week' do
- expects(:_).with("Sun").returns("Dom")
date = Date.new(2009, 10, 25)
- assert_equal "Dom", show_day_of_week(date, true)
+ assert_equal "Sun", show_day_of_week(date, true)
end
should 'show month' do
- expects(:_).with('January').returns('January')
- expects(:_).with('%{month} %{year}').returns('%{month} %{year}')
assert_equal 'January 2008', show_month(2008, 1)
end
should 'fallback to current year/month in show_month' do
Date.expects(:today).returns(Date.new(2008,11,1)).at_least_once
-
- expects(:_).with('November').returns('November').at_least_once
- expects(:_).with('%{month} %{year}').returns('%{month} %{year}').at_least_once
assert_equal 'November 2008', show_month(nil, nil)
assert_equal 'November 2008', show_month('', '')
end
should 'show next month' do
- expects(:_).with('November').returns('November').at_least_once
- expects(:_).with('%{month} %{year}').returns('%{month} %{year}').at_least_once
assert_equal 'November 2009', show_month(2009, 10, :next => true)
end
should 'show previous month' do
- expects(:_).with('September').returns('September').at_least_once
- expects(:_).with('%{month} %{year}').returns('%{month} %{year}').at_least_once
assert_equal 'September 2009', show_month(2009, 10, :previous => true)
end
should 'provide an intertionalized date selector pass month names' do
- expects(:gettext).with('January').returns('January')
- expects(:gettext).with('February').returns('February')
- expects(:gettext).with('March').returns('March')
- expects(:gettext).with('April').returns('April')
- expects(:gettext).with('May').returns('May')
- expects(:gettext).with('June').returns('June')
- expects(:gettext).with('July').returns('July')
- expects(:gettext).with('August').returns('August')
- expects(:gettext).with('September').returns('September')
- expects(:gettext).with('October').returns('October')
- expects(:gettext).with('November').returns('November')
- expects(:gettext).with('December').returns('December')
expects(:language).returns('en')
-
- expects(:date_select).with(:object, :method, { :include_blank => true, :order => [:month, :day, :year], :use_month_names => ['January', 'February', 'March', 'April', 'May', 'June', 'July', 'August', 'September', 'October', 'November', 'December']}).returns("KKKKKKKK")
-
+ expects(:date_select).with(:object, :method, { :include_blank => true, :order => [:month, :day, :year], :use_month_names => MONTHS }).returns("KKKKKKKK")
assert_equal 'KKKKKKKK', pick_date(:object, :method)
end
should 'order date in english like month day year' do
- expects(:language).returns("en")
- expects(:date_select).with(:object, :method, { :include_blank => true, :order => [:month, :day, :year], :use_month_names => ['January', 'February', 'March', 'April', 'May', 'June', 'July', 'August', 'September', 'October', 'November', 'December']}).returns("KKKKKKKK")
+ expects(:language).returns('en')
+ expects(:date_select).with(:object, :method, { :include_blank => true, :order => [:month, :day, :year], :use_month_names => MONTHS }).returns("KKKKKKKK")
assert_equal 'KKKKKKKK', pick_date(:object, :method)
end
should 'order date in other languages like day month year' do
expects(:language).returns('pt_BR')
- expects(:date_select).with(:object, :method, { :include_blank => true, :order => [:day, :month, :year], :use_month_names => ['January', 'February', 'March', 'April', 'May', 'June', 'July', 'August', 'September', 'October', 'November', 'December']}).returns("KKKKKKKK")
+ expects(:date_select).with(:object, :method, { :include_blank => true, :order => [:day, :month, :year], :use_month_names => MONTHS }).returns("KKKKKKKK")
assert_equal 'KKKKKKKK', pick_date(:object, :method)
end
@@ -151,9 +127,7 @@ class DatesHelperTest < ActiveSupport::TestCase
should 'translate time' do
time = Time.parse('25 May 2009, 12:47')
- expects(:_).with('%{day} %{month} %{year}, %{hour}:%{minutes}').returns('translated time')
- stubs(:_).with('May').returns("Maio")
- assert_equal 'translated time', show_time(time)
+ assert_equal '25 May 2009, 12:47', show_time(time)
end
should 'handle nil time' do
=====================================
test/unit/event_test.rb
=====================================
--- a/test/unit/event_test.rb
+++ b/test/unit/event_test.rb
@@ -155,6 +155,14 @@ class EventTest < ActiveSupport::TestCase
assert_no_tag_in_string e.body, :tag => 'script'
end
+ should 'filter HTML in name' do
+ profile = create_user('testuser').person
+ e = create(Event, :profile => profile, :name => '<p>a paragraph (valid)</p><script type="text/javascript">/* this is invalid */</script>"', :link => 'www.colivre.coop.br', :start_date => Date.today)
+
+ assert_tag_in_string e.name, :tag => 'p', :content => 'a paragraph (valid)'
+ assert_no_tag_in_string e.name, :tag => 'script'
+ end
+
should 'nil to link' do
e = Event.new
assert_nothing_raised TypeError do
=====================================
test/unit/external_feed_test.rb
=====================================
--- a/test/unit/external_feed_test.rb
+++ b/test/unit/external_feed_test.rb
@@ -176,4 +176,13 @@ class ExternalFeedTest < ActiveSupport::TestCase
end
+ should 'allow mass assign attributes' do
+ p = create_user('testuser').person
+ blog = fast_create(Blog, :profile_id => p.id, :name => 'Blog test')
+
+ assert_difference 'ExternalFeed.count', 1 do
+ efeed = blog.create_external_feed(:address => 'http://invalid.url', :enabled => true, :only_once => 'false')
+ end
+ end
+
end
=====================================
test/unit/folder_test.rb
=====================================
--- a/test/unit/folder_test.rb
+++ b/test/unit/folder_test.rb
@@ -100,6 +100,14 @@ class FolderTest < ActiveSupport::TestCase
assert_includes folder.images(true), community.articles.find_by_name('rails.png')
end
+ should 'not let pass javascript in the name' do
+ folder = Folder.new
+ folder.name = "<script> alert(Xss!); </script>"
+ folder.valid?
+
+ assert_no_match /(<script>)/, folder.name
+ end
+
should 'not let pass javascript in the body' do
folder = Folder.new
folder.body = "<script> alert(Xss!); </script>"
=====================================
test/unit/layout_helper_test.rb
=====================================
--- /dev/null
+++ b/test/unit/layout_helper_test.rb
@@ -0,0 +1,17 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class LayoutHelperTest < ActionView::TestCase
+
+ should 'append logged-in class in body when user is logged-in' do
+ expects(:logged_in?).returns(true)
+ expects(:profile).returns(nil).at_least_once
+ assert_includes body_classes.split, 'logged-in'
+ end
+
+ should 'not append logged-in class when user is not logged-in' do
+ expects(:logged_in?).returns(false)
+ expects(:profile).returns(nil).at_least_once
+ assert_not_includes body_classes.split, 'logged-in'
+ end
+
+end
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listas.softwarelivre.org/pipermail/noosfero-dev/attachments/20150227/e1289d9e/attachment-0001.html>
More information about the Noosfero-dev
mailing list