[Git][noosfero/noosfero][master] 2 commits: Add Public Access Restriction Plugin

Tue Jan 10 13:02:24 BRST 2017

Rodrigo Souto pushed to branch master at Noosfero / noosfero


Commits:
1b5f307d by Aurélio A. Heckert at 2017-01-06T10:39:29-03:00
Add Public Access Restriction Plugin

- - - - -
f0d0759e by Rodrigo Souto at 2017-01-10T15:02:19+00:00
Merge branch 'public-restriction-plugin' into 'master'

Add Public Access Restriction Plugin

See merge request !1081
- - - - -


3 changed files:

- + plugins/public_access_restriction/lib/public_access_restriction_plugin.rb
- + plugins/public_access_restriction/po/public_access_restriction.pot
- + plugins/public_access_restriction/test/unit/public_access_restriction_test.rb


Changes:

=====================================
plugins/public_access_restriction/lib/public_access_restriction_plugin.rb
=====================================

--- /dev/null
+++ b/plugins/public_access_restriction/lib/public_access_restriction_plugin.rb
@@ -0,0 +1,35 @@
+class PublicAccessRestrictionPlugin < Noosfero::Plugin
+
+  def self.plugin_name
+    _('Public Access Restriction')
+  end
+
+  def self.plugin_description
+    _('Restrict unauthenticated visitors to access any public profile, but the portal.')
+  end
+
+  def should_block?(user, environment, params, profile)
+    params = params.with_indifferent_access
+    profile = Profile[params[:profile]] unless profile
+    not(
+      user ||
+      (profile && environment.is_portal_community?(profile)) ||
+      params['controller'] == 'account' ||
+      params['controller'] == 'home'
+    )
+  end
+
+  def application_controller_filters
+    me = self
+    {
+      type: 'before_filter',
+      method_name: 'public_access_restriction',
+      block: lambda do
+        if me.should_block? user, environment, params, profile
+          redirect_to controller: '/account', action: 'login'
+        end
+      end
+    }
+  end
+
+end


=====================================
plugins/public_access_restriction/po/public_access_restriction.pot
=====================================
--- /dev/null
+++ b/plugins/public_access_restriction/po/public_access_restriction.pot
@@ -0,0 +1,22 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL at ADDRESS>, YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: 1.3~rc2-1-ga15645d\n"
+"POT-Creation-Date: 2015-10-30 16:35-0300\n"
+"PO-Revision-Date: 2015-08-06 17:21-0300\n"
+"Last-Translator: FULL NAME <EMAIL at ADDRESS>\n"
+"Language-Team: LANGUAGE <LL at li.org>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=INTEGER; plural=EXPRESSION;\n"
+
+#: plugins/template/lib/template_plugin.rb:10
+msgid "Public Access Restriction"
+msgstr "Restrição ao Acesso Público"


=====================================
plugins/public_access_restriction/test/unit/public_access_restriction_test.rb
=====================================
--- /dev/null
+++ b/plugins/public_access_restriction/test/unit/public_access_restriction_test.rb
@@ -0,0 +1,48 @@
+require 'test_helper'
+
+class PublicAccessRestrictionPluginTest < ActiveSupport::TestCase
+
+  def setup
+    @plugin = PublicAccessRestrictionPlugin.new
+    @context = mock()
+    @plugin.context = @context
+    @env = Environment.new
+    @context.stubs(:environment).returns(@env)
+  end
+
+  should 'not block a common authenticated user' do
+    user = fast_create Person
+    profile = fast_create Community
+    assert ! @plugin.should_block?(user, @env, {}, nil)
+    assert ! @plugin.should_block?(user, @env, {controller:'any'}, profile)
+    assert ! @plugin.should_block?(user, @env, {controller:'account'}, nil)
+    assert ! @plugin.should_block?(user, @env, {controller:'home'}, nil)
+  end
+
+  should 'block a unauthenticated user on most controllers' do
+    user = nil
+    profile = fast_create Community
+    assert @plugin.should_block?(user, @env, {controller:'some'}, nil)
+    assert @plugin.should_block?(user, @env, {controller:'some'}, profile)
+  end
+
+  should 'not block a unauthenticated user on home controller' do
+    user = nil
+    assert ! @plugin.should_block?(user, @env, {controller:'home'}, nil)
+  end
+
+  should 'not block a unauthenticated user on portal profile' do
+    user = nil
+    profile = fast_create Community
+    @env.stubs(:is_portal_community?).returns(profile)
+    assert ! @plugin.should_block?(user, @env, {controller:'some'}, profile)
+    assert ! @plugin.should_block?(user, @env, {controller:'content_viewer',
+              action:'view_page', profile:profile.identifier, page:'some'}, nil)
+  end
+
+  should 'not block a unauthenticated user on account controller' do
+    user = nil
+    assert ! @plugin.should_block?(user, @env, {controller:'account'}, nil)
+  end
+
+end



View it on GitLab: https://gitlab.com/noosfero/noosfero/compare/a3d0223b5996ba7d609ab32e543501f5da73eddd...f0d0759e4d316c0704c45c38669291b4b6587106
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listas.softwarelivre.org/pipermail/noosfero-dev/attachments/20170110/907558d8/attachment-0001.html>
