From 523cc9fe02a0111b3fe2b8aa1ddf843002ff77f7 Mon Sep 17 00:00:00 2001
From: albert <ayi@opnet.com>
Date: Wed, 12 Jan 2011 18:21:39 -0500
Subject: [PATCH] work on forum post controller

---
 app/controllers/forum_posts_controller.rb     | 37 +++++---
 app/controllers/forum_topics_controller.rb    | 12 +--
 app/controllers/uploads_controller.rb         |  6 +-
 app/models/forum_post.rb                      |  4 +
 app/views/uploads/update.js.rjs               |  1 +
 .../functional/forum_posts_controller_test.rb | 84 ++++++++++++++++++-
 6 files changed, 121 insertions(+), 23 deletions(-)
 create mode 100644 app/views/uploads/update.js.rjs

diff --git a/app/controllers/forum_posts_controller.rb b/app/controllers/forum_posts_controller.rb
index ad23443c9..f57d74714 100644
--- a/app/controllers/forum_posts_controller.rb
+++ b/app/controllers/forum_posts_controller.rb
@@ -1,37 +1,52 @@
 class ForumPostsController < ApplicationController
+  respond_to :html, :xml, :json
+  before_filter :member_only, :except => [:index, :show]
+  rescue_from User::PrivilegeError, :with => "static/access_denied"
+
   def new
     @forum_post = ForumPost.new(:topic_id => params[:topic_id])
+    respond_with(@forum_post)
   end
   
   def edit
     @forum_post = ForumPost.find(params[:id])
+    check_privilege(@forum_post)
+    respond_with(@forum_post)
+  end
+  
+  def index
+    @forum_posts = ForumPost.search(params[:search])
+    respond_with(@forum_posts)
   end
 
   def show
     @forum_post = ForumPost.find(params[:id])
+    respond_with(@forum_post)
   end
   
   def create
     @forum_post = ForumPost.new(params[:forum_post])
-    if @forum_post.save
-      redirect_to forum_post_path(@forum_post)
-    else
-      render :action => "new"
-    end
+    respond_with(@forum_post)
   end
   
   def update
     @forum_post = ForumPost.find(params[:id])
-    if @forum_post.update_attributes(params[:forum_post])
-      redirect_to forum_post_path(@forum_post)
-    else
-      render :action => "edit"
-    end
+    check_privilege(@forum_post)
+    @forum_post.update_attributes(params[:forum_post])
+    respond_with(@forum_post)
   end
   
   def destroy
     @forum_post = ForumPost.find(params[:id])
+    check_privilege(@forum_post)
     @forum_post.destroy
-    redirect_to forum_topic_path(@forum_post.topic_id)
+    respond_with(@forum_post)
+  end
+
+private
+  def check_privilege(forum_post)
+    if !forum_post.editable_by?(CurrentUser.user)
+      raise User::PrivilegeError
+    end
   end
 end
diff --git a/app/controllers/forum_topics_controller.rb b/app/controllers/forum_topics_controller.rb
index d4348b615..0d2fcf732 100644
--- a/app/controllers/forum_topics_controller.rb
+++ b/app/controllers/forum_topics_controller.rb
@@ -43,11 +43,11 @@ class ForumTopicsController < ApplicationController
     @forum_topic.destroy
     respond_with(@forum_topic)
   end
-  
-  private
-    def check_privilege(forum_topic)
-      if !forum_topic.editable_by?(CurrentUser.user)
-        raise User::PrivilegeError
-      end
+
+private
+  def check_privilege(forum_topic)
+    if !forum_topic.editable_by?(CurrentUser.user)
+      raise User::PrivilegeError
     end
+  end
 end
diff --git a/app/controllers/uploads_controller.rb b/app/controllers/uploads_controller.rb
index 880904c87..549a31413 100644
--- a/app/controllers/uploads_controller.rb
+++ b/app/controllers/uploads_controller.rb
@@ -7,6 +7,7 @@ class UploadsController < ApplicationController
     if params[:url]
       @post = Post.find_by_source(params[:url])
     end
+    respond_with(@upload)
   end
   
   def index
@@ -16,6 +17,7 @@ class UploadsController < ApplicationController
   
   def show
     @upload = Upload.find(params[:id])
+    respond_with(@upload)
   end
 
   def create
@@ -26,8 +28,6 @@ class UploadsController < ApplicationController
   def update
     @upload = Upload.find(params[:id])
     @upload.process!
-    render :update do |page|
-      page.reload
-    end
+    respond_with(@upload)
   end
 end
diff --git a/app/models/forum_post.rb b/app/models/forum_post.rb
index 8878c5061..16c4a8484 100644
--- a/app/models/forum_post.rb
+++ b/app/models/forum_post.rb
@@ -8,6 +8,10 @@ class ForumPost < ActiveRecord::Base
   validates_presence_of :body, :creator_id
   scope :body_matches, lambda {|body| where(["text_index @@ plainto_tsquery(?)", body])}
   search_methods :body_matches
+
+  def editable_by?(user)
+    creator_id == user.id || user.is_moderator?
+  end
   
   def update_topic_updated_at
     topic.update_attributes(:updater_id => CurrentUser.id)
diff --git a/app/views/uploads/update.js.rjs b/app/views/uploads/update.js.rjs
new file mode 100644
index 000000000..869438706
--- /dev/null
+++ b/app/views/uploads/update.js.rjs
@@ -0,0 +1 @@
+page.reload
diff --git a/test/functional/forum_posts_controller_test.rb b/test/functional/forum_posts_controller_test.rb
index b94241f12..d6858fb68 100644
--- a/test/functional/forum_posts_controller_test.rb
+++ b/test/functional/forum_posts_controller_test.rb
@@ -1,8 +1,86 @@
 require 'test_helper'
 
 class ForumPostsControllerTest < ActionController::TestCase
-  # Replace this with your real tests.
-  test "the truth" do
-    assert true
+  context "The forum posts controller" do
+    setup do
+      @user = Factory.create(:user)
+      CurrentUser.user = @user
+      CurrentUser.ip_addr = "127.0.0.1"
+      @other_user = Factory.create(:user)
+      @mod = Factory.create(:moderator_user)
+      @forum_topic = Factory.create(:forum_topic, :title => "my forum topic", :creator => @user)
+      @forum_post = Factory.create(:forum_post, :topic_id => @forum_topic.id, :body => "xxx")
+    end
+    
+    teardown do
+      CurrentUser.user = nil
+      CurrentUser.ip_addr = nil
+    end
+    
+    context "index action" do
+      should "list all forum posts" do
+        get :index
+        assert_response :success
+      end
+      
+      context "with search conditions" do
+        should "list all matching forum posts" do
+          get :index, {:search => {:body_matches => "xxx"}}
+          assert_response :success
+          assert_equal(1, assigns(:forum_posts).size)
+        end
+        
+        should "list nothing for when the search matches nothing" do
+          get :index, {:search => {:body_matches => "bababa"}}
+          assert_response :success
+          assert_equal(0, assigns(:forum_posts).size)
+        end
+      end
+    end
+    
+    context "edit action" do
+      should "render if the editor is the creator of the topic" do
+        get :edit, {:id => @forum_post.id}, {:user_id => @user.id}
+        assert_response :success
+      end
+    
+      should "render if the editor is a moderator" do
+        get :edit, {:id => @forum_post.id}, {:user_id => @mod.id}
+        assert_response :success
+      end
+      
+      should "fail if the editor is not the creator of the topic and is not a moderator" do
+        assert_raises(User::PrivilegeError) do
+          get :edit, {:id => @forum_post.id}, {:user_id => @other_user.id}
+        end
+      end
+    end
+    
+    context "new action" do
+      should "render" do
+        get :new, {}, {:user_id => @user.id}
+        assert_response :success
+      end
+    end
+    
+    context "create action" do
+      should "create a new forum post" do
+        assert_difference("ForumPost.count", 1) do
+          post :create, {:forum_post => {:body => "xaxaxa"}}, {:user_id => @user.id}
+        end
+
+        forum_post = ForumPost.last
+        assert_redirected_to(forum_post_path(forum_post))
+      end
+    end
+    
+    context "destroy action" do
+      should "destroy the posts" do
+        assert_difference("ForumPost.count", -1) do
+          post :destroy, {:id => @forum_post.id}, {:user_id => @user.id}
+        end
+        assert_redirected_to(forum_posts_path)
+      end
+    end
   end
 end