end
if user.administrator?
- can [:hide, :hidecomment], [DiaryEntry, DiaryComment]
+ can [:hide, :unhide, :hidecomment], [DiaryEntry, DiaryComment]
can [:index, :show, :resolve, :ignore, :reopen], Issue
can :create, IssueComment
can [:set_status, :delete, :index], User
redirect_to :action => "index", :display_name => entry.user.display_name
end
+ def unhide
+ entry = DiaryEntry.find(params[:id])
+ entry.update(:visible => true)
+ redirect_to :action => "index", :display_name => entry.user.display_name
+ end
+
def hidecomment
comment = DiaryComment.find(params[:comment])
comment.update(:visible => false)
<% if current_user && current_user.administrator? %>
<li>
- <%= link_to t(".hide_link"), hide_diary_entry_path(:display_name => diary_entry.user.display_name, :id => diary_entry.id), :method => :post, :data => { :confirm => t(".confirm") } %>
+ <% if diary_entry.visible %>
+ <%= link_to t(".hide_link"), hide_diary_entry_path(:display_name => diary_entry.user.display_name, :id => diary_entry.id), :method => :post, :data => { :confirm => t(".confirm") } %>
+ <% else %>
+ <%= link_to t(".unhide_link"), unhide_diary_entry_path(:display_name => diary_entry.user.display_name, :id => diary_entry.id), :method => :post, :data => { :confirm => t(".confirm") } %>
+ <% end %>
</li>
<% end %>
</ul>
other: "%{count} comments"
edit_link: Edit this entry
hide_link: Hide this entry
+ unhide_link: Unhide this entry
confirm: Confirm
report: Report this entry
diary_comment:
end
post "/user/:display_name/diary/:id/newcomment" => "diary_entries#comment", :id => /\d+/
post "/user/:display_name/diary/:id/hide" => "diary_entries#hide", :id => /\d+/, :as => :hide_diary_entry
+ post "/user/:display_name/diary/:id/unhide" => "diary_entries#unhide", :id => /\d+/, :as => :unhide_diary_entry
post "/user/:display_name/diary/:id/hidecomment/:comment" => "diary_entries#hidecomment", :id => /\d+/, :comment => /\d+/, :as => :hide_diary_comment
post "/user/:display_name/diary/:id/subscribe" => "diary_entries#subscribe", :as => :diary_entry_subscribe, :id => /\d+/
post "/user/:display_name/diary/:id/unsubscribe" => "diary_entries#unsubscribe", :as => :diary_entry_unsubscribe, :id => /\d+/
{ :path => "/user/username/diary/1/hide", :method => :post },
{ :controller => "diary_entries", :action => "hide", :display_name => "username", :id => "1" }
)
+ assert_routing(
+ { :path => "/user/username/diary/1/unhide", :method => :post },
+ { :controller => "diary_entries", :action => "unhide", :display_name => "username", :id => "1" }
+ )
assert_routing(
{ :path => "/user/username/diary/1/hidecomment/2", :method => :post },
{ :controller => "diary_entries", :action => "hidecomment", :display_name => "username", :id => "1", :comment => "2" }
assert_equal false, DiaryEntry.find(diary_entry.id).visible
end
+ def test_unhide
+ user = create(:user)
+
+ # Try without logging in
+ diary_entry = create(:diary_entry, :user => user, :visible => false)
+ post :unhide,
+ :params => { :display_name => user.display_name, :id => diary_entry.id }
+ assert_response :forbidden
+ assert_equal false, DiaryEntry.find(diary_entry.id).visible
+
+ # Now try as a normal user
+ post :unhide,
+ :params => { :display_name => user.display_name, :id => diary_entry.id },
+ :session => { :user => user }
+ assert_response :redirect
+ assert_redirected_to :controller => :errors, :action => :forbidden
+ assert_equal false, DiaryEntry.find(diary_entry.id).visible
+
+ # Finally try as an administrator
+ post :unhide,
+ :params => { :display_name => user.display_name, :id => diary_entry.id },
+ :session => { :user => create(:administrator_user) }
+ assert_response :redirect
+ assert_redirected_to :action => :index, :display_name => user.display_name
+ assert_equal true, DiaryEntry.find(diary_entry.id).visible
+ end
+
def test_hidecomment
user = create(:user)
administrator_user = create(:administrator_user)
projects / rails.git / commitdiff