From d80f7d0a812641a18daf0ae6757cc3032bdfd5e1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20G=C3=BCnther?= Date: Mon, 8 Nov 2021 15:59:36 +0100 Subject: [PATCH] [39662] Fix syntax error in locked wiki page updates https://community.openproject.org/wp/39662 --- app/contracts/wiki_pages/base_contract.rb | 2 +- spec/controllers/wiki_controller_spec.rb | 175 ++++++++++++---------- 2 files changed, 99 insertions(+), 78 deletions(-) diff --git a/app/contracts/wiki_pages/base_contract.rb b/app/contracts/wiki_pages/base_contract.rb index 7e06047086..3ab5355b6b 100644 --- a/app/contracts/wiki_pages/base_contract.rb +++ b/app/contracts/wiki_pages/base_contract.rb @@ -47,7 +47,7 @@ module WikiPages def validate_user_edit_allowed if model.project && !user.allowed_to?(:edit_wiki_pages, model.project) || - (model.protected_was && !user.allowed_to?(:protect_wiki_pages)) + (model.protected_was && !user.allowed_to?(:protect_wiki_pages, model.project)) errors.add :base, :error_unauthorized end end diff --git a/spec/controllers/wiki_controller_spec.rb b/spec/controllers/wiki_controller_spec.rb index e2e925cc03..446365d0e6 100644 --- a/spec/controllers/wiki_controller_spec.rb +++ b/spec/controllers/wiki_controller_spec.rb @@ -31,30 +31,31 @@ require 'spec_helper' describe WikiController, type: :controller do shared_let(:admin) { FactoryBot.create :admin } - describe 'actions' do - before do - allow(@controller).to receive(:set_localization) + shared_let(:project) do + FactoryBot.create(:project).tap(&:reload) + end - @role = FactoryBot.create(:non_member) - login_as admin + shared_let(:existing_page) do + FactoryBot.create(:wiki_page, wiki_id: project.wiki.id, title: 'ExistingPage') + end - @project = FactoryBot.create(:project) - @project.reload # to get the wiki into the proxy + shared_let(:existing_content) do + # creating page contents + FactoryBot.create(:wiki_content, page_id: existing_page.id, author_id: admin.id) + end - # creating pages - @existing_page = FactoryBot.create(:wiki_page, wiki_id: @project.wiki.id, - title: 'ExistingPage') - # creating page contents - FactoryBot.create(:wiki_content, page_id: @existing_page.id, - author_id: admin.id) + describe 'actions' do + before do + allow(controller).to receive(:set_localization) + login_as admin end shared_examples_for "a 'new' action" do it 'assigns @project to the current project' do get_page - expect(assigns[:project]).to eq(@project) + expect(assigns[:project]).to eq(project) end it 'assigns @page to a newly created wiki page' do @@ -62,7 +63,7 @@ describe WikiController, type: :controller do expect(assigns[:page]).to be_new_record expect(assigns[:page]).to be_kind_of WikiPage - expect(assigns[:page].wiki).to eq(@project.wiki) + expect(assigns[:page].wiki).to eq(project.wiki) end it 'assigns @content to a newly created wiki content' do @@ -81,35 +82,35 @@ describe WikiController, type: :controller do end describe 'new' do - let(:get_page) { get 'new', params: { project_id: @project } } + let(:get_page) { get 'new', params: { project_id: project } } it_should_behave_like "a 'new' action" end describe 'new_child' do - let(:get_page) { get 'new_child', params: { project_id: @project, id: @existing_page.title } } + let(:get_page) { get 'new_child', params: { project_id: project, id: existing_page.title } } it_should_behave_like "a 'new' action" it 'sets the parent page for the new page' do get_page - expect(assigns[:page].parent).to eq(@existing_page) + expect(assigns[:page].parent).to eq(existing_page) end it 'renders 404 if used with an unknown page title' do - get 'new_child', params: { project_id: @project, id: 'foobar' } + get 'new_child', params: { project_id: project, id: 'foobar' } expect(response.status).to eq(404) # not found end end describe 'show' do - let(:get_page) { get :show, params: { project_id: @project, id: 'wiki' } } + let(:get_page) { get :show, params: { project_id: project, id: 'wiki' } } describe 'with an empty wiki and no permission to edit' do let(:view_role) { FactoryBot.create :role, permissions: %w[view_wiki_pages] } - let(:user) { FactoryBot.create(:user, member_in_project: @project, member_through_role: view_role) } + let(:user) { FactoryBot.create(:user, member_in_project: project, member_through_role: view_role) } it 'visiting the start page redirects to index' do login_as user @@ -122,7 +123,7 @@ describe WikiController, type: :controller do describe 'edit' do it 'will link to a parent page if it was set' do - get 'edit', params: { project_id: @project, id: 'foobar' }, flash: { _related_wiki_page_id: 1234 } + get 'edit', params: { project_id: project, id: 'foobar' }, flash: { _related_wiki_page_id: 1234 } page = assigns[:page] expect(page.parent_id).to eq 1234 @@ -134,21 +135,21 @@ describe WikiController, type: :controller do it 'redirects to the show action' do post 'create', params: { - project_id: @project, + project_id: project, content: { text: 'h1. abc', page: { title: 'abc' } } } - expect(response).to redirect_to action: 'show', project_id: @project, id: 'abc' + expect(response).to redirect_to action: 'show', project_id: project, id: 'abc' end it 'saves a new WikiPage with proper content' do post 'create', params: { - project_id: @project, + project_id: project, content: { text: 'h1. abc', page: { title: 'abc' } } } - page = @project.wiki.pages.find_by title: 'abc' + page = project.wiki.pages.find_by title: 'abc' expect(page).not_to be_nil expect(page.content.text).to eq('h1. abc') end @@ -158,7 +159,7 @@ describe WikiController, type: :controller do it 'renders "wiki/new"' do post 'create', params: { - project_id: @project, + project_id: project, content: { text: 'h1. abc', page: { title: '' } } } @@ -168,33 +169,33 @@ describe WikiController, type: :controller do it 'assigns project to work with new template' do post 'create', params: { - project_id: @project, + project_id: project, content: { text: 'h1. abc', page: { title: '' } } } - expect(assigns[:project]).to eq(@project) + expect(assigns[:project]).to eq(project) end it 'assigns wiki to work with new template' do post 'create', params: { - project_id: @project, + project_id: project, content: { text: 'h1. abc', page: { title: '' } } } - expect(assigns[:wiki]).to eq(@project.wiki) + expect(assigns[:wiki]).to eq(project.wiki) expect(assigns[:wiki]).not_to be_new_record end it 'assigns page to work with new template' do post 'create', params: { - project_id: @project, + project_id: project, content: { text: 'h1. abc', page: { title: '' } } } expect(assigns[:page]).to be_new_record - expect(assigns[:page].wiki.project).to eq(@project) + expect(assigns[:page].wiki.project).to eq(project) expect(assigns[:page].title).to eq('') expect(assigns[:page]).not_to be_valid end @@ -202,21 +203,40 @@ describe WikiController, type: :controller do it 'assigns content to work with new template' do post 'create', params: { - project_id: @project, + project_id: project, content: { text: 'h1. abc', page: { title: '' } } } expect(assigns[:content]).to be_new_record - expect(assigns[:content].page.wiki.project).to eq(@project) + expect(assigns[:content].page.wiki.project).to eq(project) expect(assigns[:content].text).to eq('h1. abc') end end end + describe 'update' do + context 'when the page is locked' do + before do + existing_page.update!(protected: true) + end + + it 'redirects to the show action' do + post 'update', + params: { + project_id: project, + id: existing_page.title, + content: { text: 'h1. abc', page: { title: 'foobar' } } + } + + expect(response).to redirect_to action: 'show', project_id: project, id: 'foobar' + end + end + end + describe 'destroy' do describe 'successful action' do context 'when it is not the only wiki page' do - let(:wiki) { @project.wiki } + let(:wiki) { project.wiki } let(:redirect_page_after_destroy) { wiki.find_page(wiki.start_page) || wiki.pages.first } before do @@ -224,15 +244,15 @@ describe WikiController, type: :controller do end it 'redirects to wiki#index' do - delete :destroy, params: { project_id: @project, id: @existing_page } - expect(response).to redirect_to action: 'index', project_id: @project, id: redirect_page_after_destroy + delete :destroy, params: { project_id: project, id: existing_page } + expect(response).to redirect_to action: 'index', project_id: project, id: redirect_page_after_destroy end end context 'when it is the only wiki page' do it 'redirects to projects#show' do - delete :destroy, params: { project_id: @project, id: @existing_page } - expect(response).to redirect_to project_path(@project) + delete :destroy, params: { project_id: project, id: existing_page } + expect(response).to redirect_to project_path(project) end end end @@ -242,6 +262,10 @@ describe WikiController, type: :controller do describe 'view related stuff' do render_views + shared_let(:project) do + FactoryBot.create(:public_project).tap(&:reload) + end + before :each do allow(@controller).to receive(:set_localization) allow(Setting).to receive(:login_required?).and_return(false) @@ -255,39 +279,36 @@ describe WikiController, type: :controller do allow(User).to receive(:current).and_return admin - @project = FactoryBot.create(:public_project) - @project.reload # to get the wiki into the proxy - # creating pages @page_default = FactoryBot.create(:wiki_page, - wiki_id: @project.wiki.id, + wiki_id: project.wiki.id, title: 'Wiki') @page_with_content = FactoryBot.create(:wiki_page, - wiki_id: @project.wiki.id, + wiki_id: project.wiki.id, title: 'PagewithContent') @page_without_content = FactoryBot.create(:wiki_page, - wiki_id: @project.wiki.id, + wiki_id: project.wiki.id, title: 'PagewithoutContent') @unrelated_page = FactoryBot.create(:wiki_page, - wiki_id: @project.wiki.id, + wiki_id: project.wiki.id, title: 'UnrelatedPage') # creating page contents FactoryBot.create(:wiki_content, page_id: @page_default.id, - author_id: admin.id) + author_id: admin.id) FactoryBot.create(:wiki_content, page_id: @page_with_content.id, - author_id: admin.id) + author_id: admin.id) FactoryBot.create(:wiki_content, page_id: @unrelated_page.id, - author_id: admin.id) + author_id: admin.id) # creating some child pages @children = {} [@page_with_content].each do |page| - child_page = FactoryBot.create(:wiki_page, wiki_id: @project.wiki.id, - parent_id: page.id, - title: page.title + ' child') + child_page = FactoryBot.create(:wiki_page, wiki_id: project.wiki.id, + parent_id: page.id, + title: page.title + ' child') FactoryBot.create(:wiki_content, page_id: child_page.id, - author_id: admin.id) + author_id: admin.id) @children[page] = child_page end @@ -296,24 +317,24 @@ describe WikiController, type: :controller do describe '- main menu links' do before do @main_menu_item_for_page_with_content = FactoryBot.create(:wiki_menu_item, - navigatable_id: @project.wiki.id, + navigatable_id: project.wiki.id, title: 'Item for Page with Content', name: @page_with_content.slug) @main_menu_item_for_new_wiki_page = FactoryBot.create(:wiki_menu_item, - navigatable_id: @project.wiki.id, + navigatable_id: project.wiki.id, title: 'Item for new WikiPage', name: 'new-wiki-page') @other_menu_item = FactoryBot.create(:wiki_menu_item, - navigatable_id: @project.wiki.id, + navigatable_id: project.wiki.id, title: 'Item for other page', name: @unrelated_page.slug) end shared_examples_for 'all wiki menu items' do it 'is inactive, when an unrelated page is shown' do - get 'show', params: { id: @unrelated_page.slug, project_id: @project.id } + get 'show', params: { id: @unrelated_page.slug, project_id: project.id } expect(response).to be_successful @@ -322,7 +343,7 @@ describe WikiController, type: :controller do end it "is inactive, when another wiki menu item's page is shown" do - get 'show', params: { id: @other_wiki_menu_item.name, project_id: @project.id } + get 'show', params: { id: @other_wiki_menu_item.name, project_id: project.id } expect(response).to be_successful expect(response.body).to have_selector('.main-menu--children a.selected', count: 0) @@ -332,7 +353,7 @@ describe WikiController, type: :controller do end it 'is active, when the given wiki menu item is shown' do - get 'show', params: { id: @wiki_menu_item.name, project_id: @project.id } + get 'show', params: { id: @wiki_menu_item.name, project_id: project.id } expect(response).to be_successful @@ -343,7 +364,7 @@ describe WikiController, type: :controller do shared_examples_for 'all existing wiki menu items' do # TODO: Add tests for new and toc options within menu item it 'is active on parents item, when new page is shown' do - get 'new_child', params: { id: @wiki_menu_item.name, project_id: @project.identifier } + get 'new_child', params: { id: @wiki_menu_item.name, project_id: project.identifier } expect(response).to be_successful @@ -351,7 +372,7 @@ describe WikiController, type: :controller do end it 'is active, when a toc page is shown' do - get 'index', params: { id: @wiki_menu_item.name, project_id: @project.id } + get 'index', params: { id: @wiki_menu_item.name, project_id: project.id } expect(response).to be_successful assert_select '#content h2', text: 'Table of Contents' @@ -361,7 +382,7 @@ describe WikiController, type: :controller do shared_examples_for 'all wiki menu items with child pages' do it 'is active, when the given wiki menu item is an ancestor of the shown page' do - get 'show', params: { id: @child_page.slug, project_id: @project.id } + get 'show', params: { id: @child_page.slug, project_id: project.id } expect(response).to be_successful expect(response.body).to have_selector('#main-menu a.selected', count: 1) @@ -394,7 +415,7 @@ describe WikiController, type: :controller do describe '- wiki_menu_item containing special chars only' do before do @wiki_menu_item = FactoryBot.create(:wiki_menu_item, - navigatable_id: @project.wiki.id, + navigatable_id: project.wiki.id, title: '?', name: 'help') @other_wiki_menu_item = @other_menu_item @@ -409,7 +430,7 @@ describe WikiController, type: :controller do describe 'on a show page' do describe 'being authorized to configure menu items' do it 'is visible' do - get 'show', params: { project_id: @project.id } + get 'show', params: { project_id: project.id } expect(response).to be_successful @@ -423,7 +444,7 @@ describe WikiController, type: :controller do end it 'is invisible' do - get 'show', params: { project_id: @project.id } + get 'show', params: { project_id: project.id } expect(response).to be_successful @@ -437,7 +458,7 @@ describe WikiController, type: :controller do describe 'on an index page' do describe 'being authorized to edit wiki pages' do it 'is invisible' do - get 'index', params: { project_id: @project.id } + get 'index', params: { project_id: project.id } expect(response).to be_successful @@ -451,7 +472,7 @@ describe WikiController, type: :controller do end it 'is invisible' do - get 'index', params: { project_id: @project.id } + get 'index', params: { project_id: project.id } expect(response).to be_successful @@ -465,14 +486,14 @@ describe WikiController, type: :controller do describe 'with a wiki page present' do it 'is visible' do get 'show', - params: { id: @page_with_content.title, project_id: @project.identifier } + params: { id: @page_with_content.title, project_id: project.identifier } expect(response).to be_successful # Expect to set back ref id expect(flash[:_related_wiki_page_id]).to eq @page_with_content.id - path = new_child_project_wiki_path(project_id: @project, id: @page_with_content.slug) + path = new_child_project_wiki_path(project_id: project, id: @page_with_content.slug) assert_select "#content a[href='#{path}']", 'Wiki page' end @@ -480,11 +501,11 @@ describe WikiController, type: :controller do describe 'with no wiki page present' do it 'is invisible' do - get 'show', params: { id: 'i-am-a-ghostpage', project_id: @project.identifier } + get 'show', params: { id: 'i-am-a-ghostpage', project_id: project.identifier } expect(response).to be_successful - assert_select "#content a[href='#{new_child_project_wiki_path(project_id: @project, id: 'i-am-a-ghostpage')}']", + assert_select "#content a[href='#{new_child_project_wiki_path(project_id: project, id: 'i-am-a-ghostpage')}']", text: 'Wiki page', count: 0 end end @@ -496,7 +517,7 @@ describe WikiController, type: :controller do end it 'is invisible' do - get 'show', params: { id: @page_with_content.title, project_id: @project.identifier } + get 'show', params: { id: @page_with_content.title, project_id: project.identifier } expect(response).to be_successful @@ -510,12 +531,12 @@ describe WikiController, type: :controller do describe 'on a show page' do describe 'being authorized to edit wiki pages' do it 'is visible' do - get 'show', params: { project_id: @project.id } + get 'show', params: { project_id: project.id } expect(response).to be_successful - assert_select ".toolbar-items a[href='#{new_child_project_wiki_path(project_id: @project, id: 'wiki')}']", -'Wiki page' + assert_select ".toolbar-items a[href='#{new_child_project_wiki_path(project_id: project, id: 'wiki')}']", + 'Wiki page' end end @@ -525,7 +546,7 @@ describe WikiController, type: :controller do end it 'is invisible' do - get 'show', params: { project_id: @project.id } + get 'show', params: { project_id: project.id } expect(response).to be_successful