Feature #851 ยป 851.diff
test/functional/wiki_controller_test.rb (working copy) | ||
---|---|---|
156 | 156 |
get :index, :id => 999 |
157 | 157 |
assert_response 404 |
158 | 158 |
end |
159 |
|
|
160 |
|
|
161 |
def test_show_page_with_edit_link |
|
162 |
@request.session[:user_id] = 2 |
|
163 |
get :index, :id => 1 |
|
164 |
assert_response :success |
|
165 |
assert_template 'show' |
|
166 |
assert_tag :tag => 'a', :attributes => { :href => '/wiki/1/CookBook_documentation/edit' } |
|
167 |
end |
|
168 |
|
|
169 |
def test_show_page_without_edit_link |
|
170 |
@request.session[:user_id] = 4 |
|
171 |
get :index, :id => 1 |
|
172 |
assert_response :success |
|
173 |
assert_template 'show' |
|
174 |
assert_no_tag :tag => 'a', :attributes => { :href => '/wiki/1/CookBook_documentation/edit' } |
|
175 |
end |
|
176 |
|
|
177 |
def test_edit_unprotected_page |
|
178 |
# Non members can edit unprotected wiki pages |
|
179 |
@request.session[:user_id] = 4 |
|
180 |
get :edit, :id => 1, :page => 'Another_page' |
|
181 |
assert_response :success |
|
182 |
assert_template 'edit' |
|
183 |
end |
|
184 |
|
|
185 |
def test_edit_protected_page_by_nonmember |
|
186 |
# Non members can't edit protected wiki pages |
|
187 |
@request.session[:user_id] = 4 |
|
188 |
get :edit, :id => 1, :page => 'CookBook_documentation' |
|
189 |
assert_response 403 |
|
190 |
end |
|
191 |
|
|
192 |
def test_edit_protected_page_by_member |
|
193 |
@request.session[:user_id] = 2 |
|
194 |
get :edit, :id => 1, :page => 'CookBook_documentation' |
|
195 |
assert_response :success |
|
196 |
assert_template 'edit' |
|
197 |
end |
|
198 |
|
|
159 | 199 |
end |
test/fixtures/roles.yml (working copy) | ||
---|---|---|
74 | 74 |
- :manage_documents |
75 | 75 |
- :view_wiki_pages |
76 | 76 |
- :edit_wiki_pages |
77 |
- :protect_wiki_pages |
|
77 | 78 |
- :delete_wiki_pages |
78 | 79 |
- :rename_wiki_pages |
79 | 80 |
- :add_messages |
... | ... | |
115 | 116 |
- :manage_documents |
116 | 117 |
- :view_wiki_pages |
117 | 118 |
- :edit_wiki_pages |
119 |
- :protect_wiki_pages |
|
118 | 120 |
- :delete_wiki_pages |
119 | 121 |
- :add_messages |
120 | 122 |
- :manage_boards |
... | ... | |
152 | 154 |
- :manage_documents |
153 | 155 |
- :view_wiki_pages |
154 | 156 |
- :edit_wiki_pages |
157 |
- :protect_wiki_pages |
|
155 | 158 |
- :delete_wiki_pages |
156 | 159 |
- :add_messages |
157 | 160 |
- :manage_boards |
test/fixtures/wiki_pages.yml (working copy) | ||
---|---|---|
4 | 4 |
title: CookBook_documentation |
5 | 5 |
id: 1 |
6 | 6 |
wiki_id: 1 |
7 |
protected: true |
|
7 | 8 |
wiki_pages_002: |
8 | 9 |
created_on: 2007-03-08 00:18:07 +01:00 |
9 | 10 |
title: Another_page |
10 | 11 |
id: 2 |
11 | 12 |
wiki_id: 1 |
13 |
protected: false |
|
12 | 14 |
wiki_pages_003: |
13 | 15 |
created_on: 2007-03-08 00:18:07 +01:00 |
14 | 16 |
title: Start_page |
15 | 17 |
id: 3 |
16 | 18 |
wiki_id: 2 |
19 |
protected: false |
|
17 | 20 |
|
app/controllers/wiki_controller.rb (working copy) | ||
---|---|---|
30 | 30 |
def index |
31 | 31 |
page_title = params[:page] |
32 | 32 |
@page = @wiki.find_or_new_page(page_title) |
33 |
@editable = editable? |
|
33 | 34 |
if @page.new_record? |
34 |
if User.current.allowed_to?(:edit_wiki_pages, @project) |
|
35 |
if User.current.allowed_to?(:edit_wiki_pages, @project) && @editable
|
|
35 | 36 |
edit |
36 | 37 |
render :action => 'edit' |
37 | 38 |
else |
... | ... | |
54 | 55 |
# edit an existing page or a new one |
55 | 56 |
def edit |
56 | 57 |
@page = @wiki.find_or_new_page(params[:page]) |
58 |
return render_403 unless editable? |
|
57 | 59 |
@page.content = WikiContent.new(:page => @page) if @page.new_record? |
58 | 60 |
|
59 | 61 |
@content = @page.content_for_version(params[:version]) |
... | ... | |
152 | 154 |
|
153 | 155 |
def preview |
154 | 156 |
page = @wiki.find_page(params[:page]) |
157 |
return render_403 unless editable?(page) |
|
155 | 158 |
@attachements = page.attachments if page |
156 | 159 |
@text = params[:content][:text] |
157 | 160 |
render :partial => 'common/preview' |
... | ... | |
159 | 162 | |
160 | 163 |
def add_attachment |
161 | 164 |
@page = @wiki.find_page(params[:page]) |
165 |
return render_403 unless editable? |
|
162 | 166 |
attach_files(@page, params[:attachments]) |
163 | 167 |
redirect_to :action => 'index', :page => @page.title |
164 | 168 |
end |
165 | 169 | |
166 | 170 |
def destroy_attachment |
167 | 171 |
@page = @wiki.find_page(params[:page]) |
172 |
return render_403 unless editable? |
|
168 | 173 |
@page.attachments.find(params[:attachment_id]).destroy |
169 | 174 |
redirect_to :action => 'index', :page => @page.title |
170 | 175 |
end |
171 | 176 | |
177 |
def protect |
|
178 |
page = @wiki.find_page(params[:page]) |
|
179 |
page.protected = !page.protected? |
|
180 |
page.save |
|
181 |
redirect_to :action => 'index', :page => page.title |
|
182 |
end |
|
183 | ||
172 | 184 |
private |
173 | 185 |
|
174 | 186 |
def find_wiki |
... | ... | |
178 | 190 |
rescue ActiveRecord::RecordNotFound |
179 | 191 |
render_404 |
180 | 192 |
end |
193 |
|
|
194 |
def editable?(page = @page) |
|
195 |
!page.protected? || User.current.allowed_to?(:protect_wiki_pages, @project) |
|
196 |
end |
|
197 |
|
|
181 | 198 |
end |
app/views/wiki/show.rhtml (working copy) | ||
---|---|---|
1 | 1 |
<div class="contextual"> |
2 |
<%= link_to_if_authorized(l(:button_edit), {:action => 'edit', :page => @page.title}, :class => 'icon icon-edit', :accesskey => accesskey(:edit)) if @content.version == @page.content.version %> |
|
2 |
<%= link_to_if_authorized(l(:button_edit), {:action => 'edit', :page => @page.title}, :class => 'icon icon-edit', :accesskey => accesskey(:edit)) if @content.version == @page.content.version && @editable %>
|
|
3 | 3 |
<%= link_to_if_authorized(l(:button_rename), {:action => 'rename', :page => @page.title}, :class => 'icon icon-move') if @content.version == @page.content.version %> |
4 | 4 |
<%= link_to_if_authorized(l(:button_delete), {:action => 'destroy', :page => @page.title}, :method => :post, :confirm => l(:text_are_you_sure), :class => 'icon icon-del') %> |
5 | 5 |
<%= link_to_if_authorized(l(:button_rollback), {:action => 'edit', :page => @page.title, :version => @content.version }, :class => 'icon icon-cancel') if @content.version < @page.content.version %> |
6 |
<%= link_to_if_authorized(l(:button_lock), {:action => 'protect', :page => @page.title}, :class => 'icon icon-lock') if !@page.protected? %> |
|
7 |
<%= link_to_if_authorized(l(:button_unlock), {:action => 'protect', :page => @page.title}, :class => 'icon icon-unlock') if @page.protected? %> |
|
6 | 8 |
<%= link_to(l(:label_history), {:action => 'history', :page => @page.title}, :class => 'icon icon-history') %> |
7 | 9 |
</div> |
8 | 10 | |
... | ... | |
24 | 26 | |
25 | 27 |
<%= link_to_attachments @page.attachments, :delete_url => (authorize_for('wiki', 'destroy_attachment') ? {:controller => 'wiki', :action => 'destroy_attachment', :page => @page.title} : nil) %> |
26 | 28 | |
27 |
<% if authorize_for('wiki', 'add_attachment') %> |
|
29 |
<% if authorize_for('wiki', 'add_attachment') && @editable %>
|
|
28 | 30 |
<p><%= link_to l(:label_attachment_new), {}, :onclick => "Element.show('add_attachment_form'); Element.hide(this); Element.scrollTo('add_attachment_form'); return false;", |
29 | 31 |
:id => 'attach_files_link' %></p> |
30 | 32 |
<% form_tag({ :controller => 'wiki', :action => 'add_attachment', :page => @page.title }, :multipart => true, :id => "add_attachment_form", :style => "display:none;") do %> |
db/migrate/093_add_wiki_pages_protected.rb (revision 0) | ||
---|---|---|
1 |
class AddWikiPagesProtected < ActiveRecord::Migration |
|
2 |
def self.up |
|
3 |
add_column :wiki_pages, :protected, :boolean, :default => false, :null => false |
|
4 |
end |
|
5 | ||
6 |
def self.down |
|
7 |
remove_column :wiki_pages, :protected |
|
8 |
end |
|
9 |
end |
lib/redmine.rb (working copy) | ||
---|---|---|
75 | 75 |
map.permission :delete_wiki_pages, {:wiki => :destroy}, :require => :member |
76 | 76 |
map.permission :view_wiki_pages, :wiki => [:index, :history, :diff, :annotate, :special] |
77 | 77 |
map.permission :edit_wiki_pages, :wiki => [:edit, :preview, :add_attachment, :destroy_attachment] |
78 |
map.permission :protect_wiki_pages, :wiki => [:protect] |
|
78 | 79 |
end |
79 | 80 |
|
80 | 81 |
map.project_module :repository do |map| |