oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

WikiPage attachments need groupToEdit to be the same as the ancestor wiki groupToEditPage, otherwise users's cannot edit their own attachments. Fixes bug #11057

Browse source 
Also, update the test to use addToCleanup.
This commit is contained in:
Colin Kuskie 2009-10-12 20:19:33 -07:00
parent c2fde74448
commit 4b8ab2a039
4 changed files with 48 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

1
docs/changelog/7.x.x.txt
View file

@ -12,6 +12,7 @@
- fixed #11112: story archive RSS feed
- added Insurance estimator for the USPS shipping driver
- fixed #11121: Syndicated Content search terms require both title and description match
- fixed #11057: Deleting wiki attachments
7.8.1
- mark $session->datetime->time as deprecated and remove its use from core code

23
docs/upgrades/upgrade_7.8.1-7.8.2.pl
View file

@ -31,6 +31,7 @@ my $quiet; # this line required
my $session = start(); # this line required
fixTableDefaultCharsets($session);
correctWikiAttachmentPermissions( $session );
finish($session); # this line required
@ -76,6 +77,28 @@ sub fixTableDefaultCharsets {
print "Done.\n" unless $quiet;
}
#----------------------------------------------------------------------------
# Describe what our function does
sub correctWikiAttachmentPermissions {
my $session = shift;
print "\tCorrect group edit permission on wiki page attachments... " unless $quiet;
my $root = WebGUI::Asset->getRoot($session);
my $pageIterator = $root->getLineageIterator(
['descendants'],
{
includeOnlyClasses => ['WebGUI::Asset::WikiPage'],
}
);
PAGE: while (my $wikiPage = $pageIterator->()) {
my $wiki = $wikiPage->getWiki;
next PAGE unless $wiki && $wiki->get('allowAttachments') && $wikiPage->getChildCount;
foreach my $attachment (@{ $wikiPage->getLineage(['children'])}) {
$attachment->update({ groupIdEdit => $wiki->get('groupToEditPages') });
}
}
print "Done.\n" unless $quiet;
}
# -------------- DO NOT EDIT BELOW THIS LINE --------------------------------
#----------------------------------------------------------------------------

37
lib/WebGUI/Asset/WikiPage.pm
View file

@ -398,21 +398,22 @@ Extends the master method to handle properties and attachments.
=cut
sub processPropertiesFromFormPost {
my $self = shift;
$self->next::method(@_);
my $actionTaken = ($self->session->form->process("assetId") eq "new") ? "Created" : "Edited";
my $self = shift;
my $session = $self->session;
$self->next::method(@_);
my $actionTaken = ($session->form->process("assetId") eq "new") ? "Created" : "Edited";
my $wiki = $self->getWiki;
my $properties = {
groupIdView => $wiki->get('groupIdView'),
groupIdEdit => $wiki->get('groupToAdminister'),
actionTakenBy => $self->session->user->userId,
actionTaken => $actionTaken,
};
my $properties = {
groupIdView => $wiki->get('groupIdView'),
groupIdEdit => $wiki->get('groupToAdminister'),
actionTakenBy => $self->session->user->userId,
actionTaken => $actionTaken,
};
if ($wiki->canAdminister) {
$properties->{isProtected} = $self->session->form->get("isProtected");
$properties->{isFeatured} = $self->session->form->get("isFeatured");
}
if ($wiki->canAdminister) {
$properties->{isProtected} = $session->form->get("isProtected");
$properties->{isFeatured} = $session->form->get("isFeatured");
}
$self->update($properties);
@ -421,17 +422,17 @@ sub processPropertiesFromFormPost {
maxImageSize => $wiki->get('maxImageSize'),
thumbnailSize => $wiki->get('thumbnailSize'),
};
my @attachments = $self->session->form->param("attachments");
my @attachments = $session->form->param("attachments");
my @tags = ();
foreach my $assetId (@attachments) {
my $asset = WebGUI::Asset->newByDynamicClass($self->session, $assetId);
my $asset = WebGUI::Asset->newByDynamicClass($session, $assetId);
if (defined $asset) {
unless ($asset->get("parentId") eq $self->getId) {
$asset->setParent($self);
$asset->update({
ownerUserId => $self->get("ownerUserId"),
groupIdEdit => $self->get("groupIdEdit"),
groupIdView => $self->get("groupIdView"),
ownerUserId => $self->get( "ownerUserId" ),
groupIdEdit => $wiki->get( "groupToEditPages" ),
groupIdView => $self->get( "groupIdView" ),
});
}
$asset->applyConstraints($options);

17
t/Asset/WikiPage.t
View file

@ -16,7 +16,7 @@ use lib "$FindBin::Bin/../lib";
use WebGUI::Test;
use WebGUI::Session;
use Test::More tests => 18; # increment this value for each test you create
use Test::More tests => 17; # increment this value for each test you create
use WebGUI::Asset::Wobject::WikiMaster;
use WebGUI::Asset::WikiPage;
@ -25,15 +25,16 @@ my $session = WebGUI::Test->session;
my $node = WebGUI::Asset->getImportNode($session);
my $versionTag = WebGUI::VersionTag->getWorking($session);
$versionTag->set({name=>"Wiki Test"});
WebGUI::Test->tagsToRollback($versionTag);
addToCleanup($versionTag);
my $wiki = $node->addChild({className=>'WebGUI::Asset::Wobject::WikiMaster'});
$versionTag->commit;
my $wikipage = $wiki->addChild({className=>'WebGUI::Asset::WikiPage'});
my $wikipage = $wiki->addChild({className=>'WebGUI::Asset::WikiPage'}, undef, undef, {skipAutoCommitWorkflows => 1});
# Wikis create and autocommit a version tag when a child is added. Lets get the name so we can roll it back.
my $secondVersionTag = WebGUI::VersionTag->new($session,$wikipage->get("tagId"));
WebGUI::Test->tagsToRollback($secondVersionTag );
$secondVersionTag->commit;
addToCleanup($secondVersionTag );
# Test for sane object types
isa_ok($wiki, 'WebGUI::Asset::Wobject::WikiMaster');
@ -85,11 +86,3 @@ $comments = $wikipage->get('comments');
is($comments->[0]{comment}, $secondComment, "you can delete a comment");
is($wikipage->get('averageCommentRating'), 1, 'average rating is adjusted after deleting a comment');
##################
TODO: {
local $TODO = "Tests to make later";
ok(0, 'Lots and lots to do');
}