Skip to content

Commit

Permalink
Basic/Normal User not able to delete own wiki page (publiclab#2030)
Browse files Browse the repository at this point in the history
* if condition changed

* condition added

* functional test added

* changes done

* small changes

* test correction

* small changes in test

* indentation improve
  • Loading branch information
ankitbhardwaj78 authored and Souravirus committed Mar 12, 2018
1 parent 547254b commit efc4def
Show file tree
Hide file tree
Showing 4 changed files with 46 additions and 10 deletions.
25 changes: 15 additions & 10 deletions app/controllers/notes_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -232,18 +232,23 @@ def update
# only for notes
def delete
@node = Node.find(params[:id])
if current_user.uid == @node.uid && @node.type == 'note' || current_user.role == 'admin' || current_user.role == 'moderator'
@node.delete
respond_with do |format|
format.html do
if request.xhr?
render text: I18n.t('notes_controller.content_deleted')
else
flash[:notice] = I18n.t('notes_controller.content_deleted')
redirect_to '/dashboard' + '?_=' + Time.now.to_i.to_s
if current_user && (current_user.uid == @node.uid || current_user.role == "moderator" || current_user.role == "admin")
if @node.authors.uniq.length == 1
@node.delete
respond_with do |format|
format.html do
if request.xhr?
render text: I18n.t('notes_controller.content_deleted')
else
flash[:notice] = I18n.t('notes_controller.content_deleted')
redirect_to '/dashboard' + '?_=' + Time.now.to_i.to_s
end
end
end
end
else
flash[:error] = I18n.t('notes_controller.more_than_one_contributor')
redirect_to '/dashboard' + '?_=' + Time.now.to_i.to_s
end
else
prompt_login
end
Expand Down
1 change: 1 addition & 0 deletions config/locales/controllers/notes_controller/en.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,3 +15,4 @@ en:
content_deleted: "Content deleted."
highly_liked_research_notes: "Highly liked research notes"
popular_research_notes: "Popular research notes"
more_than_one_contributor: "You cannot delete a wiki page once someone else has begun to contribute to it"
27 changes: 27 additions & 0 deletions test/functional/notes_controller_test.rb
Original file line number Diff line number Diff line change
Expand Up @@ -575,6 +575,32 @@ def teardown
end
end

test "should delete wiki if other author have not contributed" do
node = nodes(:one)
length=node.authors.uniq.length
user = UserSession.create(users(:jeff))
assert_equal 1,length

assert_difference 'Node.count', -1 do
post :delete, id: node.nid
end

assert_redirected_to '/dashboard' + '?_=' + Time.now.to_i.to_s
end

test "should not delete wiki if other author have contributed" do
node = nodes(:about)
length=node.authors.uniq.length
assert_not_equal 1,length
user = UserSession.create(users(:jeff))

assert_no_difference 'Node.count' do
get :delete, id: node.nid
end

assert_redirected_to '/dashboard' + '?_=' + Time.now.to_i.to_s
end

#should change title
test 'title change feature in comments when author is logged in' do
UserSession.create(users(:jeff))
Expand All @@ -599,4 +625,5 @@ def test_get_rss_feed
assert_equal 'application/rss+xml', @response.content_type
end


end
3 changes: 3 additions & 0 deletions test/functional/wiki_controller_test.rb
Original file line number Diff line number Diff line change
Expand Up @@ -237,6 +237,8 @@ def teardown
UserSession.find.destroy
end



# test "normal user should not delete wiki revision" do
# post :delete_revision, id: nodes(:organizers).latest.vid
# assert_equal flash[:error], "Only admins can delete wiki revisions."
Expand Down Expand Up @@ -586,4 +588,5 @@ def teardown
assert_response :success
assert_select 'div#comments h3', /Comments/
end

end

0 comments on commit efc4def

Please sign in to comment.