[Git][noosfero/noosfero][master] 2 commits: Remove publish content permission
Leandro Nunes
gitlab at mg.gitlab.com
Tue Nov 6 21:50:45 BRST 2018
Leandro Nunes pushed to branch master at Noosfero / noosfero
Commits:
4b041db5 by Iasmin Mendes at 2018-11-06T23:50:37Z
Remove publish content permission
- - - - -
53329f36 by Leandro Nunes at 2018-11-06T23:50:37Z
Merge branch 'publish-content-permission' into 'master'
Remove publish content permission
See merge request noosfero/noosfero!1638
- - - - -
12 changed files:
- app/api/entities.rb
- app/controllers/my_profile/cms_controller.rb
- app/models/article.rb
- app/models/person.rb
- app/models/profile.rb
- + db/migrate/20181025162837_remove_publish_content_permission_from_roles.rb
- features/roles.feature
- test/fixtures/roles.yml
- test/functional/cms_controller_test.rb
- test/functional/content_viewer_controller_test.rb
- test/unit/article_test.rb
- test/unit/person_test.rb
Changes:
=====================================
app/api/entities.rb
=====================================
@@ -258,8 +258,7 @@ module Api
end
expose :permissions do |article, options|
Entities.permissions_for_entity(article, options[:current_person],
- :allow_edit?, :allow_post_content?, :allow_delete?, :allow_create?,
- :allow_publish_content?)
+ :allow_edit?, :allow_post_content?, :allow_delete?, :allow_create?)
end
end
=====================================
app/controllers/my_profile/cms_controller.rb
=====================================
@@ -26,7 +26,7 @@ class CmsController < MyProfileController
helper_method :file_types
protect_if :except => [:suggest_an_article, :set_home_page, :edit, :destroy, :publish, :publish_on_portal_community, :publish_on_communities, :search_communities_to_publish, :upload_files, :new] do |c, user, profile|
- user && (user.has_permission?('post_content', profile) || user.has_permission?('publish_content', profile))
+ user && user.has_permission?('post_content', profile)
end
protect_if :only => [:new, :upload_files] do |c, user, profile|
=====================================
app/models/article.rb
=====================================
@@ -546,11 +546,7 @@ class Article < ApplicationRecord
def allow_post_content?(user = nil)
return true if allow_edit_topic?(user)
- user && (profile.allow_post_content?(user) || allow_publish_content?(user) && (user == author))
- end
-
- def allow_publish_content?(user = nil)
- user && user.has_permission?('publish_content', profile)
+ user && profile.allow_post_content?(user)
end
def allow_view_private_content?(user = nil)
@@ -564,7 +560,7 @@ class Article < ApplicationRecord
end
def allow_create?(user)
- allow_post_content?(user) || allow_publish_content?(user)
+ allow_post_content?(user)
end
def allow_edit?(user)
=====================================
app/models/person.rb
=====================================
@@ -183,7 +183,7 @@ class Person < Profile
def can_post_content?(profile, parent=nil)
(!parent.nil? && (parent.allow_create?(self))) ||
- (self.has_permission?('post_content', profile) || self.has_permission?('publish_content', profile))
+ self.has_permission?('post_content', profile)
end
# Sets the identifier for this person. Raises an exception when called on a
=====================================
app/models/profile.rb
=====================================
@@ -92,7 +92,7 @@ class Profile < ApplicationRecord
'edit_profile' => N_('Edit profile'),
'destroy_profile' => N_('Destroy profile'),
'manage_memberships' => N_('Manage memberships'),
- 'post_content' => N_('Manage content'), # changed only presentation name to keep already given permissions
+ 'post_content' => N_('Manage/Publish content'), # changed only presentation name to keep already given permissions
'edit_profile_design' => N_('Edit profile design'),
'manage_products' => N_('Manage products'),
'manage_friends' => N_('Manage friends'),
@@ -102,7 +102,6 @@ class Profile < ApplicationRecord
'moderate_comments' => N_('Moderate comments'),
'edit_appearance' => N_('Edit appearance'),
'view_private_content' => N_('View private content'),
- 'publish_content' => N_('Publish content'),
'invite_members' => N_('Invite members'),
'send_mail_to_members' => N_('Send e-Mail to members'),
'manage_custom_roles' => N_('Manage custom roles'),
=====================================
db/migrate/20181025162837_remove_publish_content_permission_from_roles.rb
=====================================
@@ -0,0 +1,8 @@
+class RemovePublishContentPermissionFromRoles < ActiveRecord::Migration
+ def change
+ Role.all.each do |role|
+ role.permissions.delete("publish_content")
+ role.save!
+ end
+ end
+end
=====================================
features/roles.feature
=====================================
@@ -10,7 +10,7 @@ Feature: manage roles
Then I should not see "My new role"
And I follow "Create a new role"
And I fill in "Name" with "My new role"
- And I check "Publish content"
+ And I check "Manage/Publish content"
And I follow "Create role"
And I go to the environment control panel
And I follow "User roles"
=====================================
test/fixtures/roles.yml
=====================================
@@ -62,7 +62,6 @@ profile_admin:
- edit_appearance
- manage_friends
- validate_enterprise
- - publish_content
- manage_email_templates
profile_member:
id: 6
=====================================
test/functional/cms_controller_test.rb
=====================================
@@ -1326,7 +1326,7 @@ class CmsControllerTest < ActionController::TestCase
should 'allow user with permission create an article in community' do
c = Community.create!(:name => 'test_comm', :identifier => 'test_comm')
- u = create_user_with_permission('test_user', 'publish_content', c)
+ u = create_user_with_permission('test_user', 'post_content', c)
login_as :test_user
@controller.stubs(:user).returns(u)
@@ -1335,17 +1335,6 @@ class CmsControllerTest < ActionController::TestCase
assert_template 'edit'
end
- should 'not allow user edit article if he has publish permission but is not owner' do
- c = Community.create!(:name => 'test_comm', :identifier => 'test_comm')
- u = create_user_with_permission('test_user', 'publish_content', c)
- a = c.articles.create!(:name => 'test_article')
- login_as :test_user
-
- get :edit, :profile => c.identifier, :id => a.id
- assert_response :forbidden
- assert_template 'shared/access_denied'
- end
-
should 'not allow user edit article if he is owner but has no publish permission' do
c = Community.create!(:name => 'test_comm', :identifier => 'test_comm')
u = create_user_with_permission('test_user', 'bogus_permission', c)
@@ -1359,7 +1348,7 @@ class CmsControllerTest < ActionController::TestCase
should 'allow user edit article if he is owner and has publish permission' do
c = Community.create!(:name => 'test_comm', :identifier => 'test_comm')
- u = create_user_with_permission('test_user', 'publish_content', c)
+ u = create_user_with_permission('test_user', 'post_content', c)
a = create(Article, :profile => c, :name => 'test_article', :author => u)
login_as :test_user
@controller.stubs(:user).returns(u)
=====================================
test/functional/content_viewer_controller_test.rb
=====================================
@@ -781,7 +781,7 @@ class ContentViewerControllerTest < ActionController::TestCase
should 'display link to new_article if profile is publisher' do
c = Community.create!(:name => 'test_com')
- u = create_user_with_permission('test_user', 'publish_content', c)
+ u = create_user_with_permission('test_user', 'post_content', c)
login_as u.identifier
a = create(Article, :profile => c, :name => 'test-article',
:author => profile, :published => true)
=====================================
test/unit/article_test.rb
=====================================
@@ -618,7 +618,7 @@ class ArticleTest < ActiveSupport::TestCase
should 'allow author to edit if is publisher' do
c = fast_create(Community)
- p = create_user_with_permission('test_user', 'publish_content', c)
+ p = create_user_with_permission('test_user', 'post_content', c)
a = create(Article, :name => 'a test article', :author => p, :profile_id => c.id)
assert a.allow_post_content?(p)
=====================================
test/unit/person_test.rb
=====================================
@@ -1670,14 +1670,6 @@ class PersonTest < ActiveSupport::TestCase
assert person.can_post_content?(profile)
end
- should 'allow posting content when has publish_content permission' do
- person = create_user('person').person
- profile = mock
- person.expects(:has_permission?).with('post_content', profile).returns(false)
- person.expects(:has_permission?).with('publish_content', profile).returns(true)
- assert person.can_post_content?(profile)
- end
-
should 'allow posting content when has permission in the parent' do
person = create_user('person').person
profile = mock
View it on GitLab: https://gitlab.com/noosfero/noosfero/compare/6349c78d2f5ccaf69b5b4c39a9fa870d435a67a7...53329f36717ab00cf63f2f528c91e8c1338c9055
--
View it on GitLab: https://gitlab.com/noosfero/noosfero/compare/6349c78d2f5ccaf69b5b4c39a9fa870d435a67a7...53329f36717ab00cf63f2f528c91e8c1338c9055
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listas.softwarelivre.org/pipermail/noosfero-dev/attachments/20181106/2093a498/attachment-0001.html>
More information about the Noosfero-dev
mailing list