Diff
Modified: branches/packs/app/controllers/sessions_controller.rb (3776 => 3777)
--- branches/packs/app/controllers/sessions_controller.rb 2013-11-11 09:48:42 UTC (rev 3776)
+++ branches/packs/app/controllers/sessions_controller.rb 2013-11-11 15:52:04 UTC (rev 3777)
@@ -179,7 +179,7 @@
respond_to do |format|
flash[:notice] = "Logged in successfully. Welcome to #{Conf.sitename}!"
home_url = url_for(:controller => 'home')
- format.html { session[:return_to] and URI.parse(session[:return_to]).path == '/' ? redirect_to(home_url) : redirect_back_or_default(home_url) }
+ format.html { redirect_to(home_url) }
end
end
Modified: branches/packs/app/models/pack.rb (3776 => 3777)
--- branches/packs/app/models/pack.rb 2013-11-11 09:48:42 UTC (rev 3776)
+++ branches/packs/app/models/pack.rb 2013-11-11 15:52:04 UTC (rev 3777)
@@ -783,7 +783,11 @@
entry = contributable_entries.detect { |e| e.contributable_type == 'Blob' && e.contributable && e.contributable.component_profile? }
if entry
profile = ""
- profile.find_version(entry.contributable_version) if entry.contributable_version
+ if entry.contributable_version
+ profile.find_version(entry.contributable_version)
+ else
+ profile
+ end
else
nil
end
Modified: branches/packs/app/views/feedback/index.rhtml (3776 => 3777)
--- branches/packs/app/views/feedback/index.rhtml 2013-11-11 09:48:42 UTC (rev 3776)
+++ branches/packs/app/views/feedback/index.rhtml 2013-11-11 15:52:04 UTC (rev 3777)
@@ -35,7 +35,7 @@
<center>
<div class="box_form" style="width: 410px; margin: 2em 0; text-align: left;">
- <% form_tag ({:action ="" :create}) do %>
+ <% form_tag({:action ="" :create}) do %>
<p><b>From</b></p>
<%= text_field_tag :from, logged_in? ? current_user.name : params[:from], :size => 30 %>
Modified: branches/packs/app/views/friendships/show.rhtml (3776 => 3777)
--- branches/packs/app/views/friendships/show.rhtml 2013-11-11 09:48:42 UTC (rev 3776)
+++ branches/packs/app/views/friendships/show.rhtml 2013-11-11 15:52:04 UTC (rev 3777)
@@ -76,7 +76,7 @@
<!-- These forms serve as 'data senders' for Accept/Reject buttons -->
- <% form_tag (accept_user_friendship_path(@friendship.friend_id, @friendship)) do %>
+ <% form_tag(accept_user_friendship_path(@friendship.friend_id, @friendship)) do %>
<%= hidden_field_tag "accept_msg", "" %>
<% end %>
Modified: branches/packs/app/views/users/_invite.rhtml (3776 => 3777)
--- branches/packs/app/views/users/_invite.rhtml 2013-11-11 09:48:42 UTC (rev 3776)
+++ branches/packs/app/views/users/_invite.rhtml 2013-11-11 15:52:04 UTC (rev 3777)
@@ -4,7 +4,7 @@
Send invitations to people who are not already on <%= Conf.sitename %>. You can include a message to intoduce yourself if you like.
</div>
-<% form_tag (:controller => 'users', :action ="" 'process_invitations') do %>
+<% form_tag(:controller => 'users', :action ="" 'process_invitations') do %>
<p style="line-heght: 1.5; margin-left: 1.5em">
<%= hidden_field_tag :invitations_user_id, current.id -%>
Modified: branches/packs/lib/api/resources/blobs.rb (3776 => 3777)
--- branches/packs/lib/api/resources/blobs.rb 2013-11-11 09:48:42 UTC (rev 3776)
+++ branches/packs/lib/api/resources/blobs.rb 2013-11-11 15:52:04 UTC (rev 3777)
@@ -124,7 +124,10 @@
return rest_response(400, :object => ob) unless success
if opts[:query]['version'].nil?
- update_permissions(ob, permissions, opts[:user])
+ begin
+ update_permissions(ob, permissions, opts[:user])
+ rescue NotAuthorizedException, NotFoundException
+ end
end
end
Modified: branches/packs/lib/api/resources/components.rb (3776 => 3777)
--- branches/packs/lib/api/resources/components.rb 2013-11-11 09:48:42 UTC (rev 3776)
+++ branches/packs/lib/api/resources/components.rb 2013-11-11 15:52:04 UTC (rev 3777)
@@ -104,8 +104,9 @@
# Create the component or version
response = workflow_aux('create', opts)
- # If we created a new component, we need to tag it and add it to the family
- unless id
+ if id # Reload the component to get the latest version
+ component = component.reload
+ else # If we created a new component, we need to tag it and add it to the family
# Awful hack to get the newly created component
component = resource_from_uri(response[:xml].find_first('//workflow')['resource'])
@@ -222,7 +223,9 @@
end
# Check if can delete ALL components in family
- component_entries = family.contributable_entries.select { |e| e.contributable_type == 'Workflow' && e.contributable.component? }
+ component_entries = family.contributable_entries.select { |e| e.contributable_type == 'Workflow' &&
+ !e.contributable.nil? &&
+ e.contributable.component? }
components = component_entries.map { |e| e.contributable }
undeletable_components = components.select { |c| !Authorization.check('destroy', c, opts[:user]) }
if undeletable_components.size == 0
@@ -234,7 +237,9 @@
rest_get_request(family, opts[:user], opts[:query])
else
- family.errors.add_to_base("You don't have permission to delete #{undeletable_components.size} components in this component family.")
+ family.errors.add_to_base(
+ "You don't have permission to delete #{undeletable_components.size} components in this component family: " +
+ "#{undeletable_components.map { |c| rest_access_uri(c) }.join(', ')}")
rest_response(401, :object => family)
end
end
Modified: branches/packs/lib/api/resources/packs.rb (3776 => 3777)
--- branches/packs/lib/api/resources/packs.rb 2013-11-11 09:48:42 UTC (rev 3776)
+++ branches/packs/lib/api/resources/packs.rb 2013-11-11 15:52:04 UTC (rev 3777)
@@ -69,7 +69,10 @@
return rest_response(400, :object => ob)
end
- update_permissions(ob, permissions, opts[:user])
+ begin
+ update_permissions(ob, permissions, opts[:user])
+ rescue NotAuthorizedException, NotFoundException
+ end
end
rest_get_request(ob, opts[:user], { "id" => ob.id.to_s })
Modified: branches/packs/lib/api/resources/workflows.rb (3776 => 3777)
--- branches/packs/lib/api/resources/workflows.rb 2013-11-11 09:48:42 UTC (rev 3776)
+++ branches/packs/lib/api/resources/workflows.rb 2013-11-11 15:52:04 UTC (rev 3777)
@@ -160,7 +160,10 @@
# Elements to update if we're not dealing with a workflow version
if opts[:query]['version'].nil?
- update_permissions(ob, permissions, opts[:user])
+ begin
+ update_permissions(ob, permissions, opts[:user])
+ rescue NotAuthorizedException, NotFoundException
+ end
end
# Extract internals and stuff
Modified: branches/packs/lib/rest.rb (3776 => 3777)
--- branches/packs/lib/rest.rb 2013-11-11 09:48:42 UTC (rev 3776)
+++ branches/packs/lib/rest.rb 2013-11-11 15:52:04 UTC (rev 3777)
@@ -974,12 +974,12 @@
return
else
- ob.errors.add_to_base("You must be a member of #{group_policy.contributor.title} to use group policy: #{group_policy}")
- raise
+ ob.errors.add_to_base("You must be a member of #{policy.contributor.title} to use group policy: #{group_policy}")
+ raise NotAuthorizedException.new
end
else
ob.errors.add_to_base("#{group_policy} does not appear to be a valid group policy ID")
- raise
+ raise NotFoundException.new
end
else
@@ -1291,3 +1291,6 @@
end
end
end
+
+class NotFoundException < Exception; end
+class NotAuthorizedException < Exception; end
Modified: branches/packs/test/fixtures/memberships.yml (3776 => 3777)
--- branches/packs/test/fixtures/memberships.yml 2013-11-11 09:48:42 UTC (rev 3776)
+++ branches/packs/test/fixtures/memberships.yml 2013-11-11 15:52:04 UTC (rev 3777)
@@ -23,3 +23,10 @@
user_established_at: 2008-03-30 14:08:56
network_established_at: 2008-03-30 14:08:56
+john_invite_only_network:
+ id: 4
+ user_id: 1
+ network_id: 4
+ created_at: 2008-03-30 17:28:56
+ user_established_at: 2008-03-30 17:28:56
+ network_established_at: 2008-03-30 17:28:56
Modified: branches/packs/test/functional/api_controller_test.rb (3776 => 3777)
--- branches/packs/test/functional/api_controller_test.rb 2013-11-11 09:48:42 UTC (rev 3776)
+++ branches/packs/test/functional/api_controller_test.rb 2013-11-11 15:52:04 UTC (rev 3777)
@@ -1131,6 +1131,72 @@
assert_response(:not_found)
end
+ # Group Policies
+
+ test "can create file with group policy" do
+ login_as(:john)
+
+ group_policy = policies(:group_policy)
+
+ # post a file
+ assert_difference('Blob.count', 1) do
+ rest_request(:post, 'file', "<?xml version='1.0'?>
+ <file>
+ <title>A File With a Group Policy</title>
+ <description>Description</description>
+ <license-type>by-sa</license-type>
+ <filename>test.txt</filename>
+ <content-type>text/plain</content-type>
+ <content>#{Base64.encode64("This is the content of this test file.")}</content>
+ <permissions>
+ <group-policy-id>#{group_policy.id}</group-policy-id>
+ </permissions>
+ </file>")
+ end
+
+ assert_response(:success)
+ end
+
+ test "non-existant group policy doesn't error out" do
+ login_as(:john)
+
+ fake_id = Policy.last.id + 100000
+
+ # post a file
+ rest_request(:post, 'file', "<?xml version='1.0'?>
+ <file>
+ <title>A File With a Group Policy</title>
+ <description>Description</description>
+ <license-type>by-sa</license-type>
+ <filename>test.txt</filename>
+ <content-type>text/plain</content-type>
+ <content>#{Base64.encode64("This is the content of this test file.")}</content>
+ <permissions>
+ <group-policy-id>#{fake_id}</group-policy-id>
+ </permissions>
+ </file>")
+ end
+
+ test "non-member using a group policy doesn't error out" do
+ login_as(:jane)
+
+ group_policy = policies(:group_policy)
+
+ # post a file
+ rest_request(:post, 'file', "<?xml version='1.0'?>
+ <file>
+ <title>A File With a Group Policy</title>
+ <description>Description</description>
+ <license-type>by-sa</license-type>
+ <filename>test.txt</filename>
+ <content-type>text/plain</content-type>
+ <content>#{Base64.encode64("This is the content of this test file.")}</content>
+ <permissions>
+ <group-policy-id>#{group_policy.id}</group-policy-id>
+ </permissions>
+ </file>")
+ end
+
# Components
test "can create components" do
@@ -1275,6 +1341,10 @@
uri = workflow_resp.find_first('//workflow')['resource']
component = Workflow.find(uri.split('/').last.to_i)
+ # Check the response body contains the updated metadata
+ assert_equal "2", workflow_resp.find_first('//workflow')['version']
+ assert_equal 'Test Component II', workflow_resp.find_first('//title/text()').to_s
+
# Check the version was created
assert_equal version_count+1, WorkflowVersion.count
assert_equal 'Test Component II', component.title
@@ -1568,6 +1638,26 @@
assert_response(:success)
end
+ test "can delete component family after deleting a component inside it" do
+ login_as(:john)
+ component = workflows(:private_component_workflow)
+ family = packs(:protected_component_family)
+
+ assert_difference('Workflow.count', -1) do # Component deleted
+ rest_request(:delete, 'workflow', nil, 'id' => component.id)
+ end
+
+ assert_response(:success)
+
+ assert_no_difference('Blob.count') do # Profile not deleted
+ assert_difference('Pack.count', -1) do # Family deleted
+ rest_request(:delete, 'component-family', nil, 'id' => family.id)
+ end
+ end
+
+ assert_response(:success)
+ end
+
test "can't delete component family containing other people's components" do
login_as(:john)