Project

General

Profile

Download (8.17 KB)

Feature #851 ยป 851.diff

Mateo Murphy, 2008-03-17 22:45

View differences:

test/functional/wiki_controller_test.rb (working copy)
156 156 
    get :index, :id => 999
157 157 
    assert_response 404
158 158 
  end
159
160
161 
  def test_show_page_with_edit_link
162 
    @request.session[:user_id] = 2
163 
    get :index, :id => 1
164 
    assert_response :success
165 
    assert_template 'show'
166 
    assert_tag :tag => 'a', :attributes => { :href => '/wiki/1/CookBook_documentation/edit' }
167 
  end
168
169 
  def test_show_page_without_edit_link
170 
    @request.session[:user_id] = 4
171 
    get :index, :id => 1
172 
    assert_response :success
173 
    assert_template 'show'
174 
    assert_no_tag :tag => 'a', :attributes => { :href => '/wiki/1/CookBook_documentation/edit' }
175 
  end
176
177 
  def test_edit_unprotected_page
178 
    # Non members can edit unprotected wiki pages
179 
    @request.session[:user_id] = 4
180 
    get :edit, :id => 1, :page => 'Another_page'
181 
    assert_response :success
182 
    assert_template 'edit'
183 
  end
184
185 
  def test_edit_protected_page_by_nonmember
186 
    # Non members can't edit protected wiki pages
187 
    @request.session[:user_id] = 4
188 
    get :edit, :id => 1, :page => 'CookBook_documentation'
189 
    assert_response 403
190 
  end
191
192 
  def test_edit_protected_page_by_member
193 
    @request.session[:user_id] = 2
194 
    get :edit, :id => 1, :page => 'CookBook_documentation'
195 
    assert_response :success
196 
    assert_template 'edit'
197 
  end
198
159 199 
end
test/fixtures/roles.yml (working copy)
74 74 
    - :manage_documents
75 75 
    - :view_wiki_pages
76 76 
    - :edit_wiki_pages
77 
    - :protect_wiki_pages
77 78 
    - :delete_wiki_pages
78 79 
    - :rename_wiki_pages
79 80 
    - :add_messages
......
115 116 
    - :manage_documents
116 117 
    - :view_wiki_pages
117 118 
    - :edit_wiki_pages
119 
    - :protect_wiki_pages
118 120 
    - :delete_wiki_pages
119 121 
    - :add_messages
120 122 
    - :manage_boards
......
152 154 
    - :manage_documents
153 155 
    - :view_wiki_pages
154 156 
    - :edit_wiki_pages
157 
    - :protect_wiki_pages
155 158 
    - :delete_wiki_pages
156 159 
    - :add_messages
157 160 
    - :manage_boards
test/fixtures/wiki_pages.yml (working copy)
4 4 
  title: CookBook_documentation
5 5 
  id: 1
6 6 
  wiki_id: 1
7 
  protected: true
7 8 
wiki_pages_002:
8 9 
  created_on: 2007-03-08 00:18:07 +01:00
9 10 
  title: Another_page
10 11 
  id: 2
11 12 
  wiki_id: 1
13 
  protected: false
12 14 
wiki_pages_003:
13 15 
  created_on: 2007-03-08 00:18:07 +01:00
14 16 
  title: Start_page
15 17 
  id: 3
16 18 
  wiki_id: 2
19 
  protected: false
17 20
app/controllers/wiki_controller.rb (working copy)
30 30 
  def index
31 31 
    page_title = params[:page]
32 32 
    @page = @wiki.find_or_new_page(page_title)
33 
    @editable = editable?
33 34 
    if @page.new_record?
34 
      if User.current.allowed_to?(:edit_wiki_pages, @project)
35 
      if User.current.allowed_to?(:edit_wiki_pages, @project) && @editable
35 36 
        edit
36 37 
        render :action => 'edit'
37 38 
      else
......
54 55 
  # edit an existing page or a new one
55 56 
  def edit
56 57 
    @page = @wiki.find_or_new_page(params[:page])
58 
    return render_403 unless editable?
57 59 
    @page.content = WikiContent.new(:page => @page) if @page.new_record?
58 60
59 61 
    @content = @page.content_for_version(params[:version])
......
152 154
153 155 
  def preview
154 156 
    page = @wiki.find_page(params[:page])
157 
    return render_403 unless editable?(page)
155 158 
    @attachements = page.attachments if page
156 159 
    @text = params[:content][:text]
157 160 
    render :partial => 'common/preview'
......
159 162 

  		




  160
  163
  
    
  def add_attachment

  		




  161
  164
  
    
    @page = @wiki.find_page(params[:page])

  		




  
  165
  
    
    return render_403 unless editable?

  		




  162
  166
  
    
    attach_files(@page, params[:attachments])

  		




  163
  167
  
    
    redirect_to :action => 'index', :page => @page.title

  		




  164
  168
  
    
  end

  		




  165
  169
  
    

  		




  166
  170
  
    
  def destroy_attachment

  		




  167
  171
  
    
    @page = @wiki.find_page(params[:page])

  		




  
  172
  
    
    return render_403 unless editable?

  		




  168
  173
  
    
    @page.attachments.find(params[:attachment_id]).destroy

  		




  169
  174
  
    
    redirect_to :action => 'index', :page => @page.title

  		




  170
  175
  
    
  end

  		




  171
  176
  
    

  		




  
  177
  
    
  def protect

  		




  
  178
  
    
    page = @wiki.find_page(params[:page])

  		




  
  179
  
    
    page.protected = !page.protected?

  		




  
  180
  
    
    page.save

  		




  
  181
  
    
    redirect_to :action => 'index', :page => page.title

  		




  
  182
  
    
  end

  		




  
  183
  
    

  		




  172
  184
  
    
private

  		




  173
  185
  
    
  

  		




  174
  186
  
    
  def find_wiki

  		




  ......




  178
  190
  
    
  rescue ActiveRecord::RecordNotFound

  		




  179
  191
  
    
    render_404

  		




  180
  192
  
    
  end

  		




  
  193
  
    
  

  		




  
  194
  
    
  def editable?(page = @page)

  		




  
  195
  
    
    !page.protected? || User.current.allowed_to?(:protect_wiki_pages, @project)

  		




  
  196
  
    
  end  

  		




  
  197
  
    
  

  		




  181
  198
  
    
end

  		












  

    
      app/views/wiki/show.rhtml	(working copy)
    
  





  1
  1
  
    
<div class="contextual">

  		




  2
  
  
    
<%= link_to_if_authorized(l(:button_edit), {:action => 'edit', :page => @page.title}, :class => 'icon icon-edit', :accesskey => accesskey(:edit)) if @content.version == @page.content.version %>

  		




  
  2
  
    
<%= link_to_if_authorized(l(:button_edit), {:action => 'edit', :page => @page.title}, :class => 'icon icon-edit', :accesskey => accesskey(:edit)) if @content.version == @page.content.version && @editable %>

  		




  3
  3
  
    
<%= link_to_if_authorized(l(:button_rename), {:action => 'rename', :page => @page.title}, :class => 'icon icon-move') if @content.version == @page.content.version %>

  		




  4
  4
  
    
<%= link_to_if_authorized(l(:button_delete), {:action => 'destroy', :page => @page.title}, :method => :post, :confirm => l(:text_are_you_sure), :class => 'icon icon-del') %>

  		




  5
  5
  
    
<%= link_to_if_authorized(l(:button_rollback), {:action => 'edit', :page => @page.title, :version => @content.version }, :class => 'icon icon-cancel') if @content.version < @page.content.version %>

  		




  
  6
  
    
<%= link_to_if_authorized(l(:button_lock), {:action => 'protect', :page => @page.title}, :class => 'icon icon-lock') if !@page.protected? %>

  		




  
  7
  
    
<%= link_to_if_authorized(l(:button_unlock), {:action => 'protect', :page => @page.title}, :class => 'icon icon-unlock') if @page.protected? %>

  		




  6
  8
  
    
<%= link_to(l(:label_history), {:action => 'history', :page => @page.title}, :class => 'icon icon-history') %>

  		




  7
  9
  
    
</div>

  		




  8
  10
  
    

  		




  ......




  24
  26
  
    

  		




  25
  27
  
    
<%= link_to_attachments @page.attachments, :delete_url => (authorize_for('wiki', 'destroy_attachment') ? {:controller => 'wiki', :action => 'destroy_attachment', :page => @page.title} : nil) %>

  		




  26
  28
  
    

  		




  27
  
  
    
<% if authorize_for('wiki', 'add_attachment') %>

  		




  
  29
  
    
<% if authorize_for('wiki', 'add_attachment') && @editable %>

  		




  28
  30
  
    
<p><%= link_to l(:label_attachment_new), {}, :onclick => "Element.show('add_attachment_form'); Element.hide(this); Element.scrollTo('add_attachment_form'); return false;",

  		




  29
  31
  
    
                                             :id => 'attach_files_link' %></p>

  		




  30
  32
  
    
<% form_tag({ :controller => 'wiki', :action => 'add_attachment', :page => @page.title }, :multipart => true, :id => "add_attachment_form", :style => "display:none;") do %>

  		












  

    
      db/migrate/093_add_wiki_pages_protected.rb	(revision 0)
    
  





  
  1
  
    
class AddWikiPagesProtected < ActiveRecord::Migration

  		




  
  2
  
    
  def self.up

  		




  
  3
  
    
    add_column :wiki_pages, :protected, :boolean, :default => false, :null => false

  		




  
  4
  
    
  end

  		




  
  5
  
    

  		




  
  6
  
    
  def self.down

  		




  
  7
  
    
    remove_column :wiki_pages, :protected

  		




  
  8
  
    
  end

  		




  
  9
  
    
end

  		












  

    
      lib/redmine.rb	(working copy)
    
  





  75
  75
  
    
    map.permission :delete_wiki_pages, {:wiki => :destroy}, :require => :member

  		




  76
  76
  
    
    map.permission :view_wiki_pages, :wiki => [:index, :history, :diff, :annotate, :special]

  		




  77
  77
  
    
    map.permission :edit_wiki_pages, :wiki => [:edit, :preview, :add_attachment, :destroy_attachment]

  		




  
  78
  
    
    map.permission :protect_wiki_pages, :wiki => [:protect]

  		




  78
  79
  
    
  end

  		




  79
  80
  
    
    

  		




  80
  81
  
    
  map.project_module :repository do |map|

  		















  
    (1-1/1)