[noosfero/noosfero][master] 9 commits: Added custom roles management for organizations
Rodrigo Souto
gitlab at gitlab.com
Fri May 8 18:57:48 BRT 2015
Rodrigo Souto pushed to branch master at Noosfero / noosfero
Commits:
77ffeee2 by André Guedes at 2015-05-08T16:13:55Z
Added custom roles management for organizations
Signed-off-by: Hebert Douglas <hebertdougl at gmail.com>
Signed-off-by: Filipe Ribeiro <firibeiro77 at live.com>
Signed-off-by: André Bernardes <andrebsguedes at gmail.com>
- - - - -
148b47c5 by André Guedes at 2015-05-08T16:13:55Z
Added assign option to roles
Signed-off-by: Hebert Douglas <hebertdougl at gmail.com>
Signed-off-by: Filipe Ribeiro <firibeiro77 at live.com>
Signed-off-by: André Bernardes <andrebsguedes at gmail.com>
- - - - -
8bcf8c4f by André Bernardes at 2015-05-08T16:13:55Z
Added permission to manage_custom_roles and started test for the controller
Signed-off-by: Hebert Douglas <hebertdougl at gmail.com>
Signed-off-by: Filipe Ribeiro <firibeiro77 at live.com>
Signed-off-by: André Bernardes <andrebsguedes at gmail.com>
- - - - -
201327e1 by André Bernardes at 2015-05-08T16:13:55Z
Created tests for the new controller and added images
Signed-off-by: Hebert Douglas <hebertdougl at gmail.com>
Signed-off-by: André Bernardes <andrebsguedes at gmail.com>
- - - - -
cbf24413 by André Bernardes at 2015-05-08T16:13:55Z
Refactoring profile to fix tests
Signed-off-by: André Bernardes <andrebsguedes at gmail.com>
Signed-off-by: Hebert Douglas <hebertdougl at gmail.com>
- - - - -
040516df by André Bernardes at 2015-05-08T16:13:55Z
Fixed custom_roles method replacement on profile_member_controller
- - - - -
7b90808f by André Bernardes at 2015-05-08T16:13:55Z
Change role assign icon
Signed-off-by: André Bernardes <andrebsguedes at gmail.com>
Signed-off-by: Luciano Prestes <lucianopcbr at gmail.com>
- - - - -
5f7895c3 by André Bernardes at 2015-05-08T18:53:09Z
Merge request revision
- Fixed search method for members
- Fixed headings and misplaced divs
- Fixed tests for better reliability
- - - - -
55893dbf by Rodrigo Souto at 2015-05-08T18:54:25Z
Merge branch 'custom_roles_management'
- - - - -
24 changed files:
- app/controllers/admin/role_controller.rb
- app/controllers/my_profile/profile_members_controller.rb
- + app/controllers/my_profile/profile_roles_controller.rb
- app/models/organization.rb
- app/models/profile.rb
- app/views/profile_editor/index.html.erb
- app/views/profile_members/change_role.html.erb
- + app/views/profile_roles/_form.html.erb
- + app/views/profile_roles/assign.html.erb
- + app/views/profile_roles/destroy.html.erb
- + app/views/profile_roles/edit.html.erb
- + app/views/profile_roles/index.html.erb
- + app/views/profile_roles/new.html.erb
- + app/views/profile_roles/show.html.erb
- app/views/tasks/_add_member_accept_details.html.erb
- + db/migrate/20150203143051_add_reference_to_role.rb
- + db/migrate/20150210143723_add_custom_roles_permission_to_admin_roles.rb
- + public/images/control-panel/role-management.gif
- + public/images/control-panel/role-management.png
- + public/javascripts/assign_role.js
- public/stylesheets/application.css
- test/functional/content_viewer_controller_test.rb
- + test/functional/profile_roles_controller_test.rb
- vendor/plugins/access_control/lib/role.rb
Changes:
=====================================
app/controllers/admin/role_controller.rb
=====================================
--- a/app/controllers/admin/role_controller.rb
+++ b/app/controllers/admin/role_controller.rb
@@ -2,7 +2,7 @@ class RoleController < AdminController
protect 'manage_environment_roles', :environment
def index
- @roles = environment.roles.find(:all)
+ @roles = environment.roles.find(:all, :conditions => {:profile_id => nil})
end
def new
=====================================
app/controllers/my_profile/profile_members_controller.rb
=====================================
--- a/app/controllers/my_profile/profile_members_controller.rb
+++ b/app/controllers/my_profile/profile_members_controller.rb
@@ -58,6 +58,7 @@ class ProfileMembersController < MyProfileController
def change_role
@roles = Profile::Roles.organization_member_roles(environment.id)
+ @custom_roles = profile.custom_roles
begin
@member = profile.members.find(params[:id])
rescue ActiveRecord::RecordNotFound
=====================================
app/controllers/my_profile/profile_roles_controller.rb
=====================================
--- /dev/null
+++ b/app/controllers/my_profile/profile_roles_controller.rb
@@ -0,0 +1,115 @@
+class ProfileRolesController < MyProfileController
+
+ protect 'manage_custom_roles', :profile
+
+ def index
+ @roles = profile.custom_roles
+ end
+
+ def new
+ @role = Role.new
+ end
+
+ def create
+ @role = Role.create({:name => params[:role][:name], :permissions => params[:role][:permissions], :profile_id => profile.id, :environment => environment }, :without_protection => true)
+ if @role.save
+ redirect_to :action => 'show', :id => @role
+ else
+ session[:notice] = _('Failed to create role')
+ render :action => 'new'
+ end
+ end
+
+ def show
+ @role = environment.roles.find(params[:id])
+ end
+
+ def edit
+ @role = environment.roles.find(params[:id])
+ end
+
+ def assign_role_by_members
+ return redirect_to "/" if params[:q].nil? or !request.xhr?
+ arg = params[:q].downcase
+ result = find_by_contents(:people, environment, profile.members, params[:q])[:results]
+ render :text => prepare_to_token_input(result).to_json
+ end
+
+ def destroy
+ @role = environment.roles.find(params[:id])
+ @members = profile.members_by_role(@role)
+ @roles_list = all_roles(environment, profile)
+ @roles_list.delete(@role)
+ end
+
+ def remove
+ @role = environment.roles.find(params[:id])
+ @members = profile.members_by_role(@role)
+ member_roles = params[:roles] ? environment.roles.find(params[:roles].select{|r|!r.to_i.zero?}) : []
+ append_roles(@members, member_roles, profile)
+ if @role.destroy
+ session[:notice] = _('Role successfuly removed!')
+ else
+ session[:notice] = _('Failed to remove role!')
+ end
+ redirect_to :action => 'index'
+ end
+
+ def update
+ @role = environment.roles.find(params[:id])
+ if @role.update_attributes(params[:role])
+ redirect_to :action => 'show', :id => @role
+ else
+ session[:notice] = _('Failed to edit role')
+ render :action => 'edit'
+ end
+ end
+
+ def assign
+ @role = environment.roles.find(params[:id])
+ @roles_list = all_roles(environment, profile)
+ @roles_list.delete(@role)
+ end
+
+ def define
+ @role = environment.roles.find(params[:id])
+ selected_role = params[:selected_role] ? environment.roles.find(params[:selected_role].to_i) : nil
+ if params[:assign_role_by].eql? "members"
+ members_list = params[:person_id].split(',').collect {|id| environment.profiles.find(id.to_i)}
+ members_list.collect{|person| person.add_role(@role, profile)}
+ elsif params[:assign_role_by].eql? "roles"
+ members = profile.members_by_role(selected_role)
+ replace_role(members, selected_role, @role, profile)
+ else
+ session[:notice] = _("Error")
+ end
+ redirect_to :action => 'index'
+ end
+
+ protected
+
+ def append_roles(members, roles, profile)
+ members.each do |person|
+ all_roles = person.find_roles(profile).map(&:role) + roles
+ person.define_roles(all_roles, profile)
+ end
+ end
+
+ def all_roles(environment, profile)
+ Profile::Roles.organization_member_roles(environment.id) + profile.custom_roles
+ end
+
+ def replace_roles(members, roles, profile)
+ members.each do |person|
+ person.define_roles(roles, profile)
+ end
+ end
+
+ def replace_role(members, role, new_role, profile)
+ members.each do |person|
+ person.remove_role(role, profile)
+ person.add_role(new_role, profile)
+ end
+ end
+
+end
=====================================
app/models/organization.rb
=====================================
--- a/app/models/organization.rb
+++ b/app/models/organization.rb
@@ -29,6 +29,8 @@ class Organization < Profile
has_many :mailings, :class_name => 'OrganizationMailing', :foreign_key => :source_id, :as => 'source'
+ has_many :custom_roles, :class_name => 'Role', :foreign_key => :profile_id
+
scope :more_popular, :order => 'members_count DESC'
validate :presence_of_required_fieds, :unless => :is_template
=====================================
app/models/profile.rb
=====================================
--- a/app/models/profile.rb
+++ b/app/models/profile.rb
@@ -43,7 +43,7 @@ class Profile < ActiveRecord::Base
find_role('editor', env_id)
end
def self.organization_member_roles(env_id)
- all_roles(env_id).select{ |r| r.key.match(/^profile_/) unless r.key.blank? }
+ all_roles(env_id).select{ |r| r.key.match(/^profile_/) unless r.key.blank? || !r.profile_id.nil?}
end
def self.all_roles(env_id)
Role.all :conditions => { :environment_id => env_id }
@@ -75,6 +75,7 @@ class Profile < ActiveRecord::Base
'publish_content' => N_('Publish content'),
'invite_members' => N_('Invite members'),
'send_mail_to_members' => N_('Send e-Mail to members'),
+ 'manage_custom_roles' => N_('Manage custom roles'),
}
acts_as_accessible
=====================================
app/views/profile_editor/index.html.erb
=====================================
--- a/app/views/profile_editor/index.html.erb
+++ b/app/views/profile_editor/index.html.erb
@@ -28,6 +28,8 @@
<%= control_panel_button(_('Manage Content'), 'cms', :controller => 'cms') %>
+ <%= control_panel_button(_('Manage Roles'), 'roles', :controller => 'profile_roles') %>
+
<% unless profile.enterprise? %>
<%= case profile.blogs.count
when 0
=====================================
app/views/profile_members/change_role.html.erb
=====================================
--- a/app/views/profile_members/change_role.html.erb
+++ b/app/views/profile_members/change_role.html.erb
@@ -1,8 +1,8 @@
<h3> <%= _('Changing role of %s') % @member.name %> </h3>
<%= labelled_form_for :member, :url => {:action => 'update_roles'} do |f| %>
-
- <%= _('Roles:') %> <br>
+
+ <h4><%= _('Roles:') %></h4>
<% @roles.each do |r| %>
<%= labelled_check_box(r.name, 'roles[]', r.id, @associations.map(&:role).include?(r) ) %><br/>
<ul class="role-permissions">
@@ -11,6 +11,17 @@
<% end %>
</ul>
<% end %>
+ <% unless @custom_roles.empty? %>
+ <h4><%= _('Custom Roles:') %></h4>
+ <% @custom_roles.each do |r| %>
+ <%= labelled_check_box(r.name, 'roles[]', r.id, @associations.map(&:role).include?(r) ) %><br/>
+ <ul class="role-permissions">
+ <% r.permissions.each do |p| %>
+ <li> <%= permission_name(p) %> </li>
+ <% end %>
+ </ul>
+ <% end %>
+ <% end %>
<%= hidden_field_tag 'person', @member.id %>
<% button_bar do %>
=====================================
app/views/profile_roles/_form.html.erb
=====================================
--- /dev/null
+++ b/app/views/profile_roles/_form.html.erb
@@ -0,0 +1,22 @@
+<%= error_messages_for :role %>
+
+<%= labelled_form_for :role, :url => (mode == :edit) ? {:action => 'update', :id => role} : {:action => 'create'} do |f| %>
+
+ <%= required_fields_message %>
+
+ <%= required f.text_field(:name) %>
+
+ <% permissions.each do |key| %>
+ <div class="permissions <%= key.downcase %>">
+ <h4><%= _('%s Permissions:' % key) %></h4>
+ <% ActiveRecord::Base::PERMISSIONS[key].keys.each do |p| %>
+ <%= check_box_tag("role[permissions][]", p, role.has_permission?(p), { :id => p }) %>
+ <%= content_tag(:label, permission_name(p), { :for => p }) %><br/>
+ <% end %>
+ </div>
+ <% end %>
+
+ <% button_bar do %>
+ <%= submit_button('save', (mode == :edit) ? _('Save changes') : _('Create role'), :cancel => {:action => 'index'} ) %>
+ <% end %>
+<% end %>
=====================================
app/views/profile_roles/assign.html.erb
=====================================
--- /dev/null
+++ b/app/views/profile_roles/assign.html.erb
@@ -0,0 +1,35 @@
+<%= javascript_include_tag('assign_role.js') %>
+
+<h1> <%= _("Assign #{@role.name}") %> </h1>
+
+
+<%= labelled_form_for :role, :url => { :action => 'define', :id => @role.id } do |f| %>
+
+ <h2>
+ <%= _("Assign role by:") %>
+ </h2>
+ <p>
+ <%= labelled_radio_button _("Members"), :assign_role_by, "members", true, :id => "assign_role_by_members", :class => "assign_role_by" %>
+
+ <%= labelled_radio_button _("Roles"), :assign_role_by, "roles", false, :id => "assign_role_by_roles", :class => "assign_role_by" %>
+ </p>
+ <div class="assign_by_members">
+ <%=token_input_field_tag(:person_id, 'search-profile-members', {:action => 'assign_role_by_members'},
+ {:focus => false, :hint_text => _('Select members to assign the role')}) %>
+
+ <% button_bar do %>
+ <%= submit_button(:forward, _("Confirm")) %>
+ <% end %>
+ </div>
+ <div class="assign_by_roles" style="display: none;">
+ <h6>
+ <%= _("Replace role: ") %>
+ </h6>
+ <% @roles_list.each do |role| %>
+ <%= labelled_radio_button role.name , :selected_role, role.id , false, :class => "selected_role" %> <br>
+ <% end %>
+ <% button_bar do %>
+ <%= submit_button('save',_('Confirm'), :cancel => {:action => 'index'} ) %>
+ <% end %>
+ </div>
+<% end %>
=====================================
app/views/profile_roles/destroy.html.erb
=====================================
--- /dev/null
+++ b/app/views/profile_roles/destroy.html.erb
@@ -0,0 +1,23 @@
+<h1> <%= _("Deleting #{@role.name}") %> </h1>
+
+<% if @members.nil? || @members.empty? %>
+ <p><%= _('This role is not being currently used.')%></p>
+ <p><%= _('Are you sure you want to delete this role?') %></p>
+
+ <% button_bar do %>
+ <%= button(:remove, _('Yes, I am sure'), {:action => 'remove', :id => @role.id}, :method => :post) %>
+ <%= button(:cancel, _('No, I gave up'), {:action => 'index'}) %>
+ <% end %>
+<% else %>
+ <p><%= _('There are members currently using this role.')%></p>
+ <p><%= _('To which role do you want to change them?') %></p>
+ <%= labelled_form_for :role, :url => { :action => 'remove', :id => @role.id } do |f| %>
+ <% @roles_list.each do |role| %>
+ <%= check_box_tag("roles[]", role.id, false ,{:id => role.key}) %>
+ <%= content_tag(:label, role.name, { :for => role.key }) %><br/>
+ <% end %>
+ <% button_bar do %>
+ <%= submit_button('save',_('Delete role'), :cancel => {:action => 'index'} ) %>
+ <% end %>
+ <% end %>
+<% end %>
=====================================
app/views/profile_roles/edit.html.erb
=====================================
--- /dev/null
+++ b/app/views/profile_roles/edit.html.erb
@@ -0,0 +1,3 @@
+<h1> <%= _("Editing #{@role.name}") %> </h1>
+
+<%= render :partial => 'form', :locals => { :mode => :edit, :role => @role, :permissions => [@role.kind] } %>
=====================================
app/views/profile_roles/index.html.erb
=====================================
--- /dev/null
+++ b/app/views/profile_roles/index.html.erb
@@ -0,0 +1,27 @@
+<h1><%= _('Manage user roles') %></h1>
+
+<table>
+ <tr>
+ <th><%= _('Role') %></th>
+ <th><%= _('Actions') %></th>
+ </tr>
+ <% @roles.each do |role| %>
+ <tr>
+ <td>
+ <%= link_to role.name, :action => 'show', :id => role %>
+ </td>
+ <td>
+ <div style="text-align: center;">
+ <%= button_without_text :edit, _('Edit'), :action => 'edit', :id => role %>
+ <%= button_without_text :delete, _('Delete'), :action => 'destroy', :id => role %>
+ <%= button_without_text 'vertical-toggle', _('Assign'), :action => 'assign', :id => role %>
+ </div>
+ </td>
+ </tr>
+ <% end %>
+</table>
+
+<% button_bar do %>
+ <%= button :add, _('Create a new role'), :action => 'new' %>
+ <%= button :back, _('Back to control panel'), :controller => 'profile_editor' %>
+<% end %>
=====================================
app/views/profile_roles/new.html.erb
=====================================
--- /dev/null
+++ b/app/views/profile_roles/new.html.erb
@@ -0,0 +1,3 @@
+<h1> <%= _("Create a new role") %> </h1>
+
+<%= render :partial => 'form', :locals => { :mode => :create, :role => @role, :permissions => ['Profile'] } %>
=====================================
app/views/profile_roles/show.html.erb
=====================================
--- /dev/null
+++ b/app/views/profile_roles/show.html.erb
@@ -0,0 +1,13 @@
+<h1> <%= _(@role.name) %></h1>
+
+<h3> <%= _('Permissions') %> </h3>
+<ul>
+ <% @role.permissions.each do |p| %>
+ <li> <%= permission_name(p) %> </li>
+ <% end %>
+</ul>
+
+<% button_bar do %>
+ <%= button :edit, _('Edit'), :action => 'edit', :id => @role %>
+ <%= button :back, _('Back to roles management'), :action => 'index' %>
+<% end %>
=====================================
app/views/tasks/_add_member_accept_details.html.erb
=====================================
--- a/app/views/tasks/_add_member_accept_details.html.erb
+++ b/app/views/tasks/_add_member_accept_details.html.erb
@@ -1,8 +1,7 @@
<%= content = _("Roles:")+"<br />"
-roles = Profile::Roles.organization_member_roles(task.target.environment.id)
+roles = Profile::Roles.organization_all_roles(task.target.environment.id)
roles.each do |role|
content += labelled_check_box(role.name, "tasks[#{task.id}][task][roles][]", role.id, false)+"<br />"
end
content_tag('p', content, :class => 'member-classify-suggestion')
%>
-
=====================================
db/migrate/20150203143051_add_reference_to_role.rb
=====================================
--- /dev/null
+++ b/db/migrate/20150203143051_add_reference_to_role.rb
@@ -0,0 +1,8 @@
+class AddReferenceToRole < ActiveRecord::Migration
+ def self.up
+ add_column :roles, :profile_id, :integer
+ end
+ def self.down
+ remove_column :roles , :profile_id
+ end
+end
=====================================
db/migrate/20150210143723_add_custom_roles_permission_to_admin_roles.rb
=====================================
--- /dev/null
+++ b/db/migrate/20150210143723_add_custom_roles_permission_to_admin_roles.rb
@@ -0,0 +1,18 @@
+class AddCustomRolesPermissionToAdminRoles < ActiveRecord::Migration
+ def self.up
+ environment_admin = Role.find_by_key("environment_administrator")
+ profile_admin = Role.find_by_key("profile_admin")
+ environment_admin.permissions.append("manage_custom_roles")
+ profile_admin.permissions.append("manage_custom_roles")
+ environment_admin.save!
+ profile_admin.save!
+ end
+ def self.down
+ environment_admin = Role.find_by_key("environment_administrator")
+ profile_admin = Role.find_by_key("profile_admin")
+ environment_admin.permissions.delete("manage_custom_roles")
+ profile_admin.permissions.delete("manage_custom_roles")
+ environment_admin.save!
+ profile_admin.save!
+ end
+end
=====================================
public/images/control-panel/role-management.gif
=====================================
Binary files /dev/null and b/public/images/control-panel/role-management.gif differ
=====================================
public/images/control-panel/role-management.png
=====================================
Binary files /dev/null and b/public/images/control-panel/role-management.png differ
=====================================
public/javascripts/assign_role.js
=====================================
--- /dev/null
+++ b/public/javascripts/assign_role.js
@@ -0,0 +1,19 @@
+(function($){
+ 'use strict';
+
+ function toggle_assignment_method() {
+ if (this.value != "roles") {
+ $('.assign_by_roles').hide();
+ $('.assign_by_members').show();
+ } else {
+ $('.assign_by_members').hide();
+ $('.assign_by_roles').show();
+ }
+ }
+
+ $(document).ready(function() {
+ $('.assign_by_roles').hide();
+ // Event triggers
+ $('.assign_role_by').click(toggle_assignment_method);
+ });
+})(jQuery);
=====================================
public/stylesheets/application.css
=====================================
--- a/public/stylesheets/application.css
+++ b/public/stylesheets/application.css
@@ -4685,6 +4685,12 @@ h1#agenda-title {
.controller-profile_editor a.control-panel-welcome-page {
background-image: url(../images/control-panel/welcome-page.png)
}
+.controller-profile_editor a.control-panel-roles {
+ background-image: url(../images/control-panel/role-management.png)
+}
+.controller-profile_editor .msie6 a.control-panel-roles {
+ background-image: url(../images/control-panel/role-management.gif)
+}
/* ==> public/stylesheets/controller_profile_members.css <== */
.controller-profile_members .no-boxes {
margin: 30px
=====================================
test/functional/content_viewer_controller_test.rb
=====================================
--- a/test/functional/content_viewer_controller_test.rb
+++ b/test/functional/content_viewer_controller_test.rb
@@ -175,7 +175,7 @@ class ContentViewerControllerTest < ActionController::TestCase
admin = fast_create(Person)
community.add_member(admin)
- folder = fast_create(Folder, :profile_id => community.id, :published => false)
+ folder = fast_create(Folder, :profile_id => community.id, :published => false, :show_to_followers => false)
community.add_member(profile)
login_as(profile.identifier)
@@ -278,7 +278,7 @@ class ContentViewerControllerTest < ActionController::TestCase
should 'not give access to private articles if logged in and only member' do
person = create_user('test_user').person
profile = Profile.create!(:name => 'test profile', :identifier => 'test_profile')
- intranet = Folder.create!(:name => 'my_intranet', :profile => profile, :published => false)
+ intranet = Folder.create!(:name => 'my_intranet', :profile => profile, :published => false, :show_to_followers => false)
profile.affiliate(person, Profile::Roles.member(profile.environment.id))
login_as('test_user')
=====================================
test/functional/profile_roles_controller_test.rb
=====================================
--- /dev/null
+++ b/test/functional/profile_roles_controller_test.rb
@@ -0,0 +1,106 @@
+require_relative "../test_helper"
+require 'profile_roles_controller'
+
+class ProfileRolesControllerTest < ActionController::TestCase
+
+ def setup
+ @controller = ProfileRolesController.new
+ @request = ActionController::TestRequest.new
+ @response = ActionController::TestResponse.new
+ @role = Role.find(:first)
+ end
+
+ should 'create a custom role' do
+ community = fast_create(Community)
+ admin = create_user_with_permission('admin_user', 'manage_custom_roles', community)
+ login_as :admin_user
+ post :create, :profile => community.identifier, :role => {:name => "some_role", :permissions => ["edit_profile"] }
+ role = Role.where(:name => 'some_role').first
+
+ assert_not_nil role
+ assert_equal community.id, role.profile_id
+ end
+
+ should 'not create a custom role without permission' do
+ community = fast_create(Community)
+ moderator = create_user_with_permission('profile_admin', 'edit_profile', community)
+ login_as :profile_admin
+ post :create, :profile => community.identifier, :role => {:name => "new_admin", :permissions => ["edit_profile"] }
+
+ assert_response 403
+ assert_template 'access_denied'
+
+ role = Role.where(:name => 'new_admin')
+
+ assert_empty role
+ end
+
+
+ should 'delete a custom role not used' do
+ community = fast_create(Community)
+ admin = create_user_with_permission('admin_user', 'manage_custom_roles', community)
+ login_as :admin_user
+ role = Role.create!({:name => 'delete_article', :key => 'profile_delete_article', :profile_id => community.id, :environment => Environment.default}, :without_protection => true)
+ post :remove , :profile => community.identifier, :id => role.id
+
+ assert_response :redirect
+ assert_redirected_to :action => 'index'
+
+ assert_not_includes Role.all, role
+ end
+
+ should 'delete a custom role being used' do
+ community = fast_create(Community)
+ admin = create_user_with_permission('admin_user', 'manage_custom_roles', community)
+ login_as :admin_user
+ role = Role.create!({:name => 'delete_article', :key => 'profile_delete_article', :profile_id => community.id, :environment => Environment.default}, :without_protection => true)
+ admin.add_role(role, community)
+ moderator_role = Role.find_by_name("moderator")
+
+ assert_not_includes community.members_by_role(moderator_role), admin
+
+ post :remove , :profile => community.identifier, :id => role.id, :roles => [moderator_role.id]
+
+ assert_response :redirect
+ assert_redirected_to :action => 'index'
+
+ assert_not_includes Role.all, role
+ assert_includes community.members_by_role(moderator_role), admin
+ end
+
+ should 'assign a custom role to single user' do
+ community = fast_create(Community)
+ admin = create_user_with_permission('admin_user', 'manage_custom_roles', community)
+ login_as :admin_user
+ role = Role.create!({:name => 'delete_article', :key => 'profile_delete_article', :profile_id => community.id, :environment => Environment.default}, :without_protection => true)
+
+ assert_not_includes community.members_by_role(role), admin
+
+ post :define, :profile => community.identifier, :id => role.id, :assign_role_by => "members", :person_id => admin.id
+
+ assert_includes community.members_by_role(role), admin
+ end
+
+ should 'replace a role with a custom role' do
+ community = fast_create(Community)
+ admin = create_user_with_permission('admin_user', 'manage_custom_roles', community)
+ moderator = create_user_with_permission('profile_admin', 'edit_profile', community)
+ login_as :admin_user
+ role = Role.create!({:name => 'delete_article', :key => 'profile_delete_article', :profile_id => community.id, :environment => Environment.default}, :without_protection => true)
+ moderator_role = Role.find_by_name("moderator")
+ admin.add_role(moderator_role, community)
+
+ assert_not_includes community.members_by_role(role), admin
+
+ assert_not_includes community.members_by_role(role), moderator
+ assert_not_includes community.members_by_role(moderator_role), moderator
+
+ post :define, :profile => community.identifier, :id => role.id, :assign_role_by => "roles", :selected_role => moderator_role.id
+
+ assert_not_includes community.members_by_role(moderator_role), admin
+ assert_includes community.members_by_role(role), admin
+
+ assert_not_includes community.members_by_role(role), moderator
+ assert_not_includes community.members_by_role(moderator_role), moderator
+ end
+end
=====================================
vendor/plugins/access_control/lib/role.rb
=====================================
--- a/vendor/plugins/access_control/lib/role.rb
+++ b/vendor/plugins/access_control/lib/role.rb
@@ -4,6 +4,7 @@ class Role < ActiveRecord::Base
has_many :role_assignments, :dependent => :destroy
belongs_to :environment
+ belongs_to :organization
serialize :permissions, Array
validates_presence_of :name
validates_uniqueness_of :name, :scope => :environment_id
View it on GitLab: https://gitlab.com/noosfero/noosfero/compare/9304a753d91eea8b2adfe45076b462ef15669c98...55893dbfd30682ea0de8cd780bed4cb5c320c48c
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listas.softwarelivre.org/pipermail/noosfero-dev/attachments/20150508/c8b05daf/attachment-0001.html>
More information about the Noosfero-dev
mailing list