From 12fb6bf5ca3c3ff67c144db3766379832f70db8a Mon Sep 17 00:00:00 2001 From: yanxd Date: Thu, 17 Jul 2014 09:52:56 +0800 Subject: [PATCH] . --- app/controllers/courses_controller.rb | 28 ++++++++--------- test/functional/courses_controller_test.rb | 36 ++++++++++++++++++---- 2 files changed, 44 insertions(+), 20 deletions(-) diff --git a/app/controllers/courses_controller.rb b/app/controllers/courses_controller.rb index a38d9f9c8..e10d6df88 100644 --- a/app/controllers/courses_controller.rb +++ b/app/controllers/courses_controller.rb @@ -217,7 +217,7 @@ class CoursesController < ApplicationController @issue_category ||= IssueCategory.new @member ||= @course.members.new @trackers = Tracker.sorted.all - end + end def create if User.current.user_extensions.identity @@ -239,18 +239,18 @@ class CoursesController < ApplicationController @trackers = Tracker.sorted.all if User.current.user_extensions.identity == 0 - if @course.save + if @course.save #unless User.current.admin? - r = Role.givable.find_by_id(Setting.new_project_user_role_id.to_i) || Role.givable.first - m = Member.new(:user => User.current, :roles => [r]) - m.project_id = -1 - course = CourseInfos.new(:user_id => User.current.id, :course_id => @course.id) - #user_grades = UserGrade.create(:user_id => User.current.id, :course_id => @course.id) - if params[:course][:is_public] == '1' - course_status = CourseStatus.create(:course_id => @course.id, :watchers_count => 0, :changesets_count => 0, :grade => 0, :course_type => @course_tag) - end - @course.members << m - @course.course_infos << course + r = Role.givable.find_by_id(Setting.new_project_user_role_id.to_i) || Role.givable.first + m = Member.new(:user => User.current, :roles => [r]) + m.project_id = -1 + course = CourseInfos.new(:user_id => User.current.id, :course_id => @course.id) + #user_grades = UserGrade.create(:user_id => User.current.id, :course_id => @course.id) + if params[:course][:is_public] == '1' + course_status = CourseStatus.create(:course_id => @course.id, :watchers_count => 0, :changesets_count => 0, :grade => 0, :course_type => @course_tag) + end + @course.members << m + @course.course_infos << course #end respond_to do |format| format.html { @@ -272,7 +272,7 @@ class CoursesController < ApplicationController format.api { render_validation_errors(@course) } end end - end + end end @@ -715,4 +715,4 @@ class CoursesController < ApplicationController -end \ No newline at end of file +end diff --git a/test/functional/courses_controller_test.rb b/test/functional/courses_controller_test.rb index ebd0325b3..a1551a717 100644 --- a/test/functional/courses_controller_test.rb +++ b/test/functional/courses_controller_test.rb @@ -29,27 +29,51 @@ class CoursesControllerTest < ActionController::TestCase assert_template :new end - def test_create_course_anyone_temporary + def test_create_course_with_access_control @request.session[:user_id] = 5 Role.find_by_name("Non member").add_permission! :add_course #Non member + course_name = 'course_one' post :create, :class_period => '32', :time => '2014', :term => 'spring', :course => { - :name => 'course one', + :name => course_name, # names can't contain space. :password => '1234', :description => 'description', - :is_public => '1234', + :is_public => '1', :course_type => '1' } + assert_response :found - course = Course.find_by_name('course one') - assert_redirected_to "courses/#{course.id}/settings" - #assert_redirected_to "courses/#{course.id}/settings" + course = Course.find_by_name(course_name) + red_url = "courses/#{course.id}/settings" + assert_match %r(#{red_url}), @response.redirect_url + # 创建成功跳转settings方法会带参数一枚,故一下方法失败 + # assert_redirected_to "courses/#{course.id}/settings" end + def test_create_course_without_access_control + @request.session[:user_id] = 5 + #Role.find_by_name("Non member").add_permission! :add_course #Non member + course_name = 'course_one' + + post :create, + :class_period => '32', + :time => '2014', + :term => 'spring', + :course => { + :name => course_name, # names can't contain space. + :password => '1234', + :description => 'description', + :is_public => '1', + :course_type => '1' + } + + assert_response :forbidden + end + # test "#index by non-admin user with view_time_entries permission should show overall spent time link" do # @request.session[:user_id] = 3 # get :index