Diff
Deleted: branches/authorization_new/app/controllers/permissions_controller.rb (2078 => 2079)
--- branches/authorization_new/app/controllers/permissions_controller.rb 2009-02-02 16:52:07 UTC (rev 2078)
+++ branches/authorization_new/app/controllers/permissions_controller.rb 2009-02-02 17:28:18 UTC (rev 2079)
@@ -1,154 +0,0 @@
-# myExperiment: app/controllers/permissions_controller.rb
-#
-# Copyright (c) 2007 University of Manchester and the University of Southampton.
-# See license.txt for details.
-
-class PermissionsController < ApplicationController
- before_filter :login_required
-
- before_filter :find_permissions_auth, : [:index]
- before_filter :find_permission_auth, : [:show, :edit, :update, :destroy]
-
- # GET /policies/1/permissions
- # GET /permissions
- def index
- respond_to do |format|
- format.html # index.rhtml
- end
- end
-
- # GET /policies/1/permissions
- # GET /permissions/1
- def show
- respond_to do |format|
- format.html # show.rhtml
- end
- end
-
- # GET /policies/1/permissions/new
- # GET /permissions/new
- def new
- @permission = Permission.new
-
- begin
- policy = Policy.find(params[:policy_id], :conditions => ["contributor_id = ? AND contributor_type = ?", current_user.id, current_user.class.to_s])
- @permission.policy_id = policy.id
- rescue ActiveRecord::RecordNotFound
- error("Policy ID not supplied", "not supplied", :policy_id)
- end
- end
-
- # GET /policies/1/permissions/1;edit
- # GET /permissions/1;edit
- def edit
-
- end
-
- # POST /policies/1/permissions
- # POST /permissions
- def create
- # hack for _javascript_ contributor selection form
- case params[:permission][:contributor_type].to_s
- when "User"
- params[:permission][:contributor_id] = params[:user_contributor_id]
- when "Network"
- params[:permission][:contributor_id] = params[:network_contributor_id]
- else
- error("Contributor ID not selected", "not selected", :contributor_id)
- end
-
- @permission = Permission.new(params[:permission])
-
- respond_to do |format|
- if @permission.save
- flash[:notice] = 'Permission was successfully created.'
- #format.html { redirect_to permission_url(@permission.policy, @permission) }
- format.html { redirect_to policy_url(@permission.policy) }
- else
- format.html { render :action ="" "new" }
- end
- end
- end
-
- # PUT /policies/1/permissions/1
- # PUT /permissions/1
- def update
- respond_to do |format|
- if @permission.update_attributes(params[:permission])
- flash[:notice] = 'Permission was successfully updated.'
- #format.html { redirect_to permission_url(@permission.policy, @permission) }
- format.html { redirect_to policy_url(@permission.policy) }
- else
- format.html { render :action ="" "edit" }
- end
- end
- end
-
- # DELETE /policies/1/permissions/1
- # DELETE /permissions/1
- def destroy
- policy = @permission.policy
-
- @permission.destroy
-
- respond_to do |format|
- #format.html { redirect_to permissions_url(@permission.policy)}
- format.html { redirect_to policy_url(policy) }
- end
- end
-
-protected
-
- def find_permissions_auth
- if params[:policy_id]
- begin
- @policy = Policy.find(params[:policy_id], :conditions => ["contributor_id = ? AND contributor_type = ?", current_user.id, current_user.class.to_s])
-
- @permissions = @policy.permissions
- rescue ActiveRecord::RecordNotFound
- error("Policy not found (id not authorized)", "is invalid (not owner)", :policy_id)
- end
- else
- @permissions = []
- current_user.policies.each do |policy|
- policy.permissions.each do |permission|
- @permissions << permission
- end
- end
- end
- end
-
- def find_permission_auth
- begin
- permission = Permission.find(params[:id])
-
- params[:policy_id] ||= permission.policy.id
-
- begin
- policy = Policy.find(params[:policy_id], :conditions => ["contributor_id = ? AND contributor_type = ?", current_user.id, current_user.class.to_s])
-
- if permission.policy.id.to_i == policy.id.to_i
- @policy = policy
- @permission = permission
- else
- error("Permission not found (invalid Policy id)", "is invalid (does not match permission.policy_id)", :policy_id)
- end
- rescue ActiveRecord::RecordNotFound
- error("Policy not found (id not authorized)", "is invalid (not owner)", :policy_id)
- end
- rescue ActiveRecord::RecordNotFound
- error("Permission not found (does not exist)", "is invalid (not found)")
- end
- end
-
-private
-
- def error(notice, message, attr=:id)
- flash[:error] = notice
- (err = Permission.new.errors).add(attr, message)
-
- respond_to do |format|
- format.html { redirect_to policies_url }
- end
- end
-end
Deleted: branches/authorization_new/app/controllers/policies_controller.rb (2078 => 2079)
--- branches/authorization_new/app/controllers/policies_controller.rb 2009-02-02 16:52:07 UTC (rev 2078)
+++ branches/authorization_new/app/controllers/policies_controller.rb 2009-02-02 17:28:18 UTC (rev 2079)
@@ -1,117 +0,0 @@
-# myExperiment: app/controllers/policies_controller.rb
-#
-# Copyright (c) 2007 University of Manchester and the University of Southampton.
-# See license.txt for details.
-
-class PoliciesController < ApplicationController
- before_filter :login_required
-
- before_filter :find_policies_auth, : [:index]
- before_filter :find_policy_auth, : [:test, :show, :edit, :update, :destroy]
-
- # POST /policies/1;test
- def test
- contribution, contributor = Contribution.find(params[:contribution_id]), nil
-
- # hack for _javascript_ contributor selection form
- case params[:contributor_type].to_s
- when "User"
- contributor = User.find(params[:user_contributor_id])
- when "Network"
- contributor = Network.find(params[:network_contributor_id])
- else
- error("Contributor ID not selected", "not selected", :contributor_id)
- end
-
- respond_to do |format|
- format.html { render :partial => "policies/test_results", :locals => { :policy => @policy, :contribution => contribution, :contributor => contributor } }
- end
- end
-
- # GET /policies
- def index
- respond_to do |format|
- format.html # index.rhtml
- end
- end
-
- # GET /policies/1
- def show
- respond_to do |format|
- format.html # show.rhtml
- end
- end
-
- # GET /policies/new
- def new
- @policy = Policy.new
-
- @policy.contributor_id = current_user.id
- @policy.contributor_type = current_user.class.to_s
- end
-
- # GET /policies/1;edit
- def edit
-
- end
-
- # POST /policies
- def create
- @policy = Policy.new(params[:policy])
-
- respond_to do |format|
- if @policy.save
- flash[:notice] = 'Policy was successfully created.'
- format.html { redirect_to policy_url(@policy) }
- else
- format.html { render :action ="" "new" }
- end
- end
- end
-
- # PUT /policies/1
- def update
- respond_to do |format|
- if @policy.update_attributes(params[:policy])
- flash[:notice] = 'Policy was successfully updated.'
- format.html { redirect_to policy_url(@policy) }
- else
- format.html { render :action ="" "edit" }
- end
- end
- end
-
- # DELETE /policies/1
- def destroy
- @policy.destroy
-
- respond_to do |format|
- format.html { redirect_to policies_url }
- end
- end
-
-protected
-
- def find_policies_auth
- @policies = Policy.find(:all, :conditions => ["contributor_id = ? AND contributor_type = ?", current_user.id, current_user.class.to_s])
- end
-
- def find_policy_auth
- begin
- @policy = Policy.find(params[:id], :conditions => ["contributor_id = ? AND contributor_type = ?", current_user.id, current_user.class.to_s])
- rescue ActiveRecord::RecordNotFound
- error("Policy not found (id not authorized)", "is invalid (not owner)")
- end
- end
-
-private
-
- def error(notice, message, attr=:id)
- flash[:error] = notice
- (err = Policy.new.errors).add(attr, message)
-
- respond_to do |format|
- format.html { redirect_to policies_url }
- end
- end
-end
Modified: branches/authorization_new/app/views/contributions/edit.rhtml (2078 => 2079)
--- branches/authorization_new/app/views/contributions/edit.rhtml 2009-02-02 16:52:07 UTC (rev 2078)
+++ branches/authorization_new/app/views/contributions/edit.rhtml 2009-02-02 17:28:18 UTC (rev 2079)
@@ -5,11 +5,9 @@
<% form_for(:contribution, :url ="" contribution_path(@contribution), :html => { :method => :put }) do |f| %>
<% if @contribution.owner?(current_user) %>
<%= render :partial => "contributions/contributor_form", :locals => { :user => current_user } %>
-
- <%= render :partial => "policies/listform", :locals => { :contribution => @contribution, :user => current_user } %>
<% end %>
<p>
<%= submit_tag "Update" %>
</p>
-<% end %>
\ No newline at end of file
+<% end %>
Modified: branches/authorization_new/app/views/contributions/new.rhtml (2078 => 2079)
--- branches/authorization_new/app/views/contributions/new.rhtml 2009-02-02 16:52:07 UTC (rev 2078)
+++ branches/authorization_new/app/views/contributions/new.rhtml 2009-02-02 17:28:18 UTC (rev 2079)
@@ -15,9 +15,7 @@
<%= f.text_field :contributable_type %>
</p>
- <%= render :partial => "policies/listform", :locals => { :contribution => @contribution, :user => current_user } %>
-
<p>
<%= submit_tag "Create" %>
</p>
-<% end %>
\ No newline at end of file
+<% end %>
Modified: branches/authorization_new/config/routes.rb (2078 => 2079)
--- branches/authorization_new/config/routes.rb 2009-02-02 16:52:07 UTC (rev 2078)
+++ branches/authorization_new/config/routes.rb 2009-02-02 17:28:18 UTC (rev 2079)
@@ -22,9 +22,6 @@
:render_output => :get }
end
- # policy wizard
- map.resource :policy_wizard
-
# mashup
map.resource :mashup
@@ -125,12 +122,6 @@
contribution.resources :viewings
end
- # all policies for all contributables
- map.resources :policies, :member => { :test => :post } do |policy|
- # policies have nested permissions that name contributors
- policy.resources :permissions
- end
-
# messages
map.resources :messages, :collection => { :sent => :get, :delete_all_selected => :delete }
Deleted: branches/authorization_new/test/functional/permissions_controller_test.rb (2078 => 2079)
--- branches/authorization_new/test/functional/permissions_controller_test.rb 2009-02-02 16:52:07 UTC (rev 2078)
+++ branches/authorization_new/test/functional/permissions_controller_test.rb 2009-02-02 17:28:18 UTC (rev 2079)
@@ -1,90 +0,0 @@
-# myExperiment: test/functional/permissions_controller_test.rb
-#
-# Copyright (c) 2007 University of Manchester and the University of Southampton.
-# See license.txt for details.
-
-require File.dirname(__FILE__) + '/../test_helper'
-require 'permissions_controller'
-
-# Re-raise errors caught by the controller.
-class PermissionsController; def rescue_action(e) raise e end; end
-
-class PermissionsControllerTest < Test::Unit::TestCase
- fixtures :permissions, :users, :policies
-
- def setup
- @controller = PermissionsController.new
- @request = ActionController::TestRequest.new
- @response = ActionController::TestResponse.new
- end
-
- # view not used, and errors when attempted
- def test_should_get_index
- #login_as(:john)
- #get :index
- #assert_response :success
- #assert assigns(:permissions)
-
- assert true
- end
-
- def test_should_get_new
- login_as(:john)
- get :new, :policy_id => policies(:john_policy).id
- assert_response :success
- end
-
- def test_should_create_permission
- old_count = Permission.count
-
- login_as(:john)
- post :create, :permission => { :policy_id => policies(:john_policy).id,
- :contributor_type => 'User',
- :contributor_id => 2,
- :download => 1,
- :edit => 0,
- :view => 1 },
- :user_contributor_id => 2,
- :policy_id => policies(:john_policy).id
-
- assert assigns(:permission)
- assert_redirected_to policy_path(policies(:john_policy).id)
- assert_equal old_count+1, Permission.count
- end
-
- def test_should_show_permission
- login_as(:john)
- get :show, :id => 1
- assert_response :success
- end
-
- def test_should_get_edit
- login_as(:john)
- get :edit, :id => 1, :policy_id => policies(:john_policy).id
- assert_response :success
- end
-
- def test_should_update_permission
- login_as(:john)
- put :update, :id => 1, :permission => { :contributor_id => '3',
- :contributor_type => 'User',
- :edit => '0',
- :download => '0',
- :view => '1' },
- :policy_id => policies(:john_policy).id
-
- assert_equal 'Permission was successfully updated.', flash[:notice]
- assert assigns(:permission)
- assert_redirected_to policy_path(policies(:john_policy).id)
- end
-
- def test_should_destroy_permission
- old_count = Permission.count
-
- login_as(:john)
- delete :destroy, :id => 1, :policy_id => policies(:john_policy).id
-
- assert_equal old_count-1, Permission.count
- assert_redirected_to policy_path(policies(:john_policy).id)
- end
-end
Deleted: branches/authorization_new/test/functional/policies_controller_test.rb (2078 => 2079)
--- branches/authorization_new/test/functional/policies_controller_test.rb 2009-02-02 16:52:07 UTC (rev 2078)
+++ branches/authorization_new/test/functional/policies_controller_test.rb 2009-02-02 17:28:18 UTC (rev 2079)
@@ -1,74 +0,0 @@
-# myExperiment: test/functional/policies_controller_test.rb
-#
-# Copyright (c) 2007 University of Manchester and the University of Southampton.
-# See license.txt for details.
-
-require File.dirname(__FILE__) + '/../test_helper'
-require 'policies_controller'
-
-# Re-raise errors caught by the controller.
-class PoliciesController; def rescue_action(e) raise e end; end
-
-class PoliciesControllerTest < Test::Unit::TestCase
- fixtures :policies, :users
-
- def setup
- @controller = PoliciesController.new
- @request = ActionController::TestRequest.new
- @response = ActionController::TestResponse.new
- end
-
- def test_should_get_index
- login_as(:john)
- get :index
- assert_response :success
- assert assigns(:policies)
- end
-
- def test_should_get_new
- login_as(:john)
- get :new
- assert_response :success
- end
-
- def test_should_create_policy
- old_count = Policy.count
-
- login_as(:john)
- post :create, :policy => { :contributor_id => users(:john).id,
- :contributor_type => 'User',
- :name => 'test policy',
- :share_mode => 0 }
-
- assert_equal old_count+1, Policy.count
- assert_redirected_to policy_path(assigns(:policy))
- end
-
- def test_should_show_policy
- login_as(:john)
- get :show, :id => 1
- assert_response :success
- end
-
- def test_should_get_edit
- login_as(:john)
- get :edit, :id => 1
- assert_response :success
- end
-
- def test_should_update_policy
- login_as(:john)
- put :update, :id => 1, :policy => { :share_mode => 1 }
- assert_redirected_to policy_path(assigns(:policy))
- end
-
- def test_should_destroy_policy
- old_count = Policy.count
-
- login_as(:john)
- delete :destroy, :id => 1
-
- assert_equal old_count-1, Policy.count
- assert_redirected_to policies_path
- end
-end