diff --git a/app/controllers/bulk_update_requests_controller.rb b/app/controllers/bulk_update_requests_controller.rb
index 4d6c023c7..bfaab9f7e 100644
--- a/app/controllers/bulk_update_requests_controller.rb
+++ b/app/controllers/bulk_update_requests_controller.rb
@@ -1,7 +1,8 @@
class BulkUpdateRequestsController < ApplicationController
respond_to :html, :xml, :json
before_filter :member_only
- before_filter :admin_only, :only => [:update]
+ before_filter :admin_only, :only => [:approve]
+ before_filter :load_bulk_update_request, :except => [:new, :create, :index]
def new
@bulk_update_request = BulkUpdateRequest.new(:user_id => CurrentUser.user.id)
@@ -13,19 +14,43 @@ class BulkUpdateRequestsController < ApplicationController
respond_with(@bulk_update_request, :location => bulk_update_requests_path)
end
+ def edit
+ end
+
def update
- @bulk_update_request = BulkUpdateRequest.find(params[:id])
- if params[:status] == "approved"
- @bulk_update_request.approve!
+ if @bulk_update_request.editable?(CurrentUser.user)
+ @bulk_update_request.update_attributes(params[:bulk_update_request])
+ flash[:notice] = "Bulk update request updated"
+ respond_with(@bulk_update_request, :location => bulk_update_requests_path)
else
- @bulk_update_request.reject!
+ access_denied()
end
- flash[:notice] = "Bulk update request updated"
+ end
+
+ def approve
+ @bulk_update_request.approve!
+ flash[:notice] = "Bulk update request approved"
respond_with(@bulk_update_request, :location => bulk_update_requests_path)
end
+ def destroy
+ if @bulk_update_request.editable?(CurrentUser.user)
+ @bulk_update_request.destroy
+ flash[:notice] = "Bulk update request deleted"
+ respond_with(@bulk_update_request, :location => bulk_update_requests_path)
+ else
+ access_denied()
+ end
+ end
+
def index
@bulk_update_requests = BulkUpdateRequest.order("(case status when 'pending' then 0 when 'approved' then 1 else 2 end), id desc").paginate(params[:page], :limit => params[:limit])
respond_with(@bulk_update_requests)
end
+
+ private
+
+ def load_bulk_update_request
+ @bulk_update_request = BulkUpdateRequest.find(params[:id])
+ end
end
diff --git a/app/models/bulk_update_request.rb b/app/models/bulk_update_request.rb
index 1371033c7..a5635f6d5 100644
--- a/app/models/bulk_update_request.rb
+++ b/app/models/bulk_update_request.rb
@@ -32,6 +32,10 @@ class BulkUpdateRequest < ActiveRecord::Base
update_attribute(:status, "approved")
end
+ def editable?(user)
+ user_id == user.id || user.is_janitor?
+ end
+
def create_forum_topic
forum_topic = ForumTopic.create(:title => "[bulk] #{title}", :category_id => 1, :original_post_attributes => {:body => reason_with_link})
update_attribute(:forum_topic_id, forum_topic.id)
diff --git a/app/models/forum_post.rb b/app/models/forum_post.rb
index 8e8b45a22..402d93a19 100644
--- a/app/models/forum_post.rb
+++ b/app/models/forum_post.rb
@@ -91,7 +91,7 @@ class ForumPost < ActiveRecord::Base
end
def validate_topic_is_unlocked
- return if CurrentUser.is_janitor?
+ return if CurrentUser.user.is_janitor?
return if topic.nil?
if topic.is_locked?
diff --git a/app/views/bulk_update_requests/_form.html.erb b/app/views/bulk_update_requests/_form.html.erb
new file mode 100644
index 000000000..8b3df56d7
--- /dev/null
+++ b/app/views/bulk_update_requests/_form.html.erb
@@ -0,0 +1,25 @@
+<%= simple_form_for(@bulk_update_request) do |f| %>
+ <%= error_messages_for("bulk_update_request") %>
+
+ <%= f.input :title, :as => :string %>
+
+
+
+
+ <%= dtext_field "bulk_update_request", "reason", :name => "Reason" %>
+
+
+ <%= f.button :submit, :value => "Submit" %>
+ <%= dtext_preview_button "bulk_update_request", "reason" %>
+<% end %>
diff --git a/app/views/bulk_update_requests/edit.html.erb b/app/views/bulk_update_requests/edit.html.erb
new file mode 100644
index 000000000..ab87df536
--- /dev/null
+++ b/app/views/bulk_update_requests/edit.html.erb
@@ -0,0 +1,12 @@
+
+
+
Edit Bulk Update Request
+ <%= render "form" %>
+
+
<%= request.status %> |
<% if CurrentUser.is_moderator? && request.status == "pending" %>
- <%= link_to "Approve", bulk_update_request_path(request, :status => "approved"), :method => :put %>
- | <%= link_to "Reject", bulk_update_request_path(request, :status => "rejected"), :method => :put %>
+ <%= link_to "Approve", approve_bulk_update_request_path(request), :method => :post %> |
+ <% end %>
+ <% if request.editable?(CurrentUser.user) %>
+ <%= link_to "Delete", bulk_update_request_path(request), :method => :delete %> |
+ <%= link_to "Edit", edit_bulk_update_request_path(request) %>
<% end %>
|
diff --git a/app/views/bulk_update_requests/new.html.erb b/app/views/bulk_update_requests/new.html.erb
index c6731bd64..11a21a1ed 100644
--- a/app/views/bulk_update_requests/new.html.erb
+++ b/app/views/bulk_update_requests/new.html.erb
@@ -1,32 +1,8 @@
New Bulk Update Request
- <%= simple_form_for(@bulk_update_request) do |f| %>
- <%= error_messages_for("bulk_update_request") %>
-
- <%= f.input :title, :as => :string %>
-
-
-
-
- <%= dtext_field "bulk_update_request", "reason", :name => "Reason" %>
-
-
- <%= f.button :submit, :value => "Submit" %>
- <%= dtext_preview_button "bulk_update_request", "reason" %>
- <% end %>
+ <%= render "form" %>
diff --git a/config/routes.rb b/config/routes.rb
index 8fbec391d..7e1e4f34d 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -78,7 +78,11 @@ Rails.application.routes.draw do
end
end
resources :bans
- resources :bulk_update_requests
+ resources :bulk_update_requests do
+ member do
+ post :approve
+ end
+ end
resources :comments do
resources :votes, :controller => "comment_votes", :only => [:create, :destroy]
collection do
diff --git a/test/controllers/bulk_update_requests_controller_test.rb b/test/controllers/bulk_update_requests_controller_test.rb
deleted file mode 100644
index 875175ef1..000000000
--- a/test/controllers/bulk_update_requests_controller_test.rb
+++ /dev/null
@@ -1,58 +0,0 @@
-require 'test_helper'
-
-class BulkUpdateRequestsControllerTest < ActionController::TestCase
- context "BulkUpdateRequestsController" do
- setup do
- @user = FactoryGirl.create(:user)
- @admin = FactoryGirl.create(:admin_user)
- end
-
- context "#new" do
- should "render" do
- get :new, {}, {:user_id => @user.id}
- assert_response :success
- end
- end
-
- context "#create" do
- should "succeed" do
- assert_difference("BulkUpdateRequest.count", 1) do
- post :create, {:bulk_update_request => {:script => "create alias aaa -> bbb"}}, {:user_id => @user.id}
- end
- end
- end
-
- context "#index" do
- setup do
- @bulk_update_request = FactoryGirl.create(:bulk_update_request, :user_id => @admin.id)
- end
-
- should "render" do
- get :index, {}, {:user_id => @user.id}
- assert_response :success
- end
- end
-
- context "#update" do
- setup do
- @bulk_update_request = FactoryGirl.create(:bulk_update_request, :user_id => @admin.id)
- end
-
- context "for a member" do
- should "fail" do
- post :update, {:status => "approved", :id => @bulk_update_request.id}, {:user_id => @user.id}
- @bulk_update_request.reload
- assert_equal("pending", @bulk_update_request.status)
- end
- end
-
- context "for an admin" do
- should "succeed" do
- post :update, {:status => "approved", :id => @bulk_update_request.id}, {:user_id => @admin.id}
- @bulk_update_request.reload
- assert_equal("approved", @bulk_update_request.status)
- end
- end
- end
- end
-end
diff --git a/test/functional/bulk_update_requests_controller_test.rb b/test/functional/bulk_update_requests_controller_test.rb
new file mode 100644
index 000000000..42bb05986
--- /dev/null
+++ b/test/functional/bulk_update_requests_controller_test.rb
@@ -0,0 +1,98 @@
+require 'test_helper'
+
+class BulkUpdateRequestsControllerTest < ActionController::TestCase
+ context "BulkUpdateRequestsController" do
+ setup do
+ @user = FactoryGirl.create(:user)
+ @admin = FactoryGirl.create(:admin_user)
+ end
+
+ context "#new" do
+ should "render" do
+ get :new, {}, {:user_id => @user.id}
+ assert_response :success
+ end
+ end
+
+ context "#create" do
+ should "succeed" do
+ assert_difference("BulkUpdateRequest.count", 1) do
+ post :create, {:bulk_update_request => {:script => "create alias aaa -> bbb"}}, {:user_id => @user.id}
+ end
+ end
+ end
+
+ context "#index" do
+ setup do
+ CurrentUser.scoped(@user) do
+ @bulk_update_request = FactoryGirl.create(:bulk_update_request)
+ end
+ end
+
+ should "render" do
+ get :index, {}, {:user_id => @user.id}
+ assert_response :success
+ end
+ end
+
+ context "#destroy" do
+ setup do
+ CurrentUser.scoped(@user) do
+ @bulk_update_request = FactoryGirl.create(:bulk_update_request)
+ end
+ end
+
+ context "for the creator" do
+ should "succeed" do
+ assert_difference("BulkUpdateRequest.count", -1) do
+ delete :destroy, {:id => @bulk_update_request.id}, {:user_id => @user.id}
+ end
+ end
+ end
+
+ context "for another member" do
+ setup do
+ @another_user = FactoryGirl.create(:user)
+ end
+
+ should "fail" do
+ assert_difference("BulkUpdateRequest.count", 0) do
+ delete :destroy, {:id => @bulk_update_request.id}, {:user_id => @another_user.id}
+ end
+ end
+ end
+
+ context "for an admin" do
+ should "succeed" do
+ assert_difference("BulkUpdateRequest.count", -1) do
+ delete :destroy, {:id => @bulk_update_request.id}, {:user_id => @admin.id}
+ end
+ end
+ end
+ end
+
+ context "#approve" do
+ setup do
+ CurrentUser.scoped(@user) do
+ @bulk_update_request = FactoryGirl.create(:bulk_update_request)
+ end
+ end
+
+ context "for a member" do
+ should "fail" do
+ post :approve, {:id => @bulk_update_request.id}, {:user_id => @user.id}
+ @bulk_update_request.reload
+ assert_equal("pending", @bulk_update_request.status)
+ end
+ end
+
+ context "for an admin" do
+ should "succeed" do
+ post :approve, {:id => @bulk_update_request.id}, {:user_id => @admin.id}
+ @bulk_update_request.reload
+ assert_equal("approved", @bulk_update_request.status)
+ end
+ end
+ end
+ end
+end