diff --git a/docs/changelog/7.x.x.txt b/docs/changelog/7.x.x.txt
index 2e2ba4f97..386b89f98 100644
--- a/docs/changelog/7.x.x.txt
+++ b/docs/changelog/7.x.x.txt
@@ -2,10 +2,13 @@
- fix: template variable isUncommitted is not documented in the help
- Cleaned the pollution from the forms system.
- fix: Event is no longer editable by anyone who can add events
+ - fix: Event now sets ownerUserId correctly
+ - add: Calendar can now select which workflow to use for committing Events
- fixed: Package search is slow for large websites
- fixed: rich editor image picker displays incorrectly in IE
- fixed: the export system was largely incomprehensible. rewritten.
- the new export system now needs Path::Class
+ - add: GalleryAlbum now shows link to add Photo
7.5.10
- fix: Syntax error in GetCsMail
diff --git a/docs/gotcha.txt b/docs/gotcha.txt
index 7f779c876..f5107216f 100644
--- a/docs/gotcha.txt
+++ b/docs/gotcha.txt
@@ -7,13 +7,27 @@ upgrading from one version to the next, or even between multiple
versions. Be sure to heed the warnings contained herein as they will
save you many hours of grief.
-
7.5.11
--------------------------------------------------------------------
* The exporting system before this release was largely incomprehensible and
difficult to understand. It has been rewritten, and now requires Path::Class to
function.
+ * WebGUI versions since 7.3.0 (when the new Calendar was added)
+ have allowed users to post Events to Calendars, but the owner of
+ the Event has been saved as Admin (user ID 3). Also, anyone who
+ was allowed to add an Event was allowed to edit any Event in the
+ Calendar.
+ The permissions have now been fixed, but it is not possible to
+ fix the owner of Events posted by individual users. Users are
+ not allowed to edit the owner of an Event from the web interface
+ as a security measure.
+ The new permissions are:
+ * Users who post an Event are allowed to edit and delete the
+ Events they post
+ * Users who can edit the Calendar are allowed to add, edit,
+ and delete all Events
+
7.5.9
--------------------------------------------------------------------
* WebGUI 7.5.6 uses a Unicode database connection, but this can cause problems
diff --git a/docs/upgrades/_upgrade.skeleton b/docs/upgrades/_upgrade.skeleton
index 957377ce2..a9ea0fd32 100644
--- a/docs/upgrades/_upgrade.skeleton
+++ b/docs/upgrades/_upgrade.skeleton
@@ -28,6 +28,7 @@ finish($session); # this line required
#----------------------------------------------------------------------------
+# Describe what our function does
#sub exampleFunction {
# my $session = shift;
# print "\tWe're doing some stuff here that you should know about... " unless $quiet;
diff --git a/docs/upgrades/upgrade_7.5.10-7.5.11.pl b/docs/upgrades/upgrade_7.5.10-7.5.11.pl
index fe9ffc5b2..3855db93b 100644
--- a/docs/upgrades/upgrade_7.5.10-7.5.11.pl
+++ b/docs/upgrades/upgrade_7.5.10-7.5.11.pl
@@ -23,11 +23,13 @@ my $quiet; # this line required
my $session = start(); # this line required
# upgrade functions go here
+addCalendarEventWorkflow( $session );
finish($session); # this line required
#----------------------------------------------------------------------------
+# Describe what our function does
#sub exampleFunction {
# my $session = shift;
# print "\tWe're doing some stuff here that you should know about... " unless $quiet;
@@ -35,6 +37,25 @@ finish($session); # this line required
# print "DONE!\n" unless $quiet;
#}
+#----------------------------------------------------------------------------
+# Add the database column to select the workflow to approve Calendar Events
+sub addCalendarEventWorkflow {
+ my $session = shift;
+ print "\tAdding Calendar Event Workflow field..." unless $quiet;
+
+ $session->db->write(
+ qq{ ALTER TABLE Calendar ADD COLUMN workflowIdCommit VARCHAR(22) BINARY },
+ );
+
+ # Add a nice default value
+ $session->db->write(
+ qq{ UPDATE Calendar SET workflowIdCommit = ? },
+ [ $session->setting->get('defaultVersionTagWorkflow') ],
+ );
+
+ print "DONE!\n" unless $quiet;
+}
+
# -------------- DO NOT EDIT BELOW THIS LINE --------------------------------
diff --git a/lib/WebGUI/Asset/Event.pm b/lib/WebGUI/Asset/Event.pm
index 0c60d9eaa..9e4b8775c 100644
--- a/lib/WebGUI/Asset/Event.pm
+++ b/lib/WebGUI/Asset/Event.pm
@@ -298,7 +298,8 @@ By specifying this method, you activate this feature.
sub getAutoCommitWorkflowId {
my $self = shift;
- return "pbworkflow000000000003";
+ return $self->getParent->get('workflowIdCommit')
+ || $self->session->setting->get('defaultVersionTagWorkflow');
}
@@ -1916,7 +1917,12 @@ sub www_edit {
. WebGUI::Form::hidden($self->session, {
name => "class",
value => $self->session->form->process("class","className"),
- });
+ })
+ . WebGUI::Form::hidden( $self->session, {
+ name => 'ownerUserId',
+ value => $self->session->user->userId,
+ } )
+ ;
}
else {
$var->{"formHeader"}
@@ -1926,7 +1932,12 @@ sub www_edit {
. WebGUI::Form::hidden($self->session, {
name => "sequenceNumber",
value => $self->get("sequenceNumber"),
- });
+ })
+ . WebGUI::Form::hidden( $self->session, {
+ name => 'ownerUserId',
+ value => $self->session->user->userId,
+ } )
+ ;
}
$var->{"formHeader"}
diff --git a/lib/WebGUI/Asset/Wobject/Calendar.pm b/lib/WebGUI/Asset/Wobject/Calendar.pm
index b0e671173..0cd7ce898 100644
--- a/lib/WebGUI/Asset/Wobject/Calendar.pm
+++ b/lib/WebGUI/Asset/Wobject/Calendar.pm
@@ -263,14 +263,14 @@ sub definition {
unitsAvailable => [ qw( days weeks months years ) ],
},
- # This doesn't function currently
- #subscriberNotifyOffset => {
- # fieldType => "integer",
- # defaultValue => "2",
- # tab => "properties",
- # hoverHelp => $i18n->get('subscriberNotifyOffset description'),
- # label => $i18n->get('subscriberNotifyOffset label'),
- #},
+ workflowIdCommit => {
+ fieldType => "workflow",
+ defaultValue => $session->setting->get('defaultVersionTagWorkflow'),
+ tab => 'security',
+ label => $i18n->get('editForm workflowIdCommit label'),
+ hoverHelp => $i18n->get('editForm workflowIdCommit description'),
+ type => 'WebGUI::VersionTag',
+ },
);
push @{$definition}, {
@@ -432,7 +432,7 @@ sub canAddEvent {
);
return 1 if (
- $user->isInGroup($self->get("groupIdEventEdit"))
+ $user->isInGroup( $self->get("groupIdEventEdit") )
);
}
diff --git a/lib/WebGUI/Asset/Wobject/Gallery.pm b/lib/WebGUI/Asset/Wobject/Gallery.pm
index 339576e3c..0d38e1e4a 100644
--- a/lib/WebGUI/Asset/Wobject/Gallery.pm
+++ b/lib/WebGUI/Asset/Wobject/Gallery.pm
@@ -617,6 +617,21 @@ sub getAssetClassForFile {
#----------------------------------------------------------------------------
+=head2 getGalleryFileClassesAvailable ( )
+
+Returns an array reference of the Asset classes available to be added to this
+Gallery.
+
+=cut
+
+sub getGalleryFileClassesAvailable {
+ my $self = shift;
+
+ return [ 'WebGUI::Asset::File::GalleryFile::Photo' ];
+}
+
+#----------------------------------------------------------------------------
+
=head2 getImageResolutions ( )
Gets an array reference of the image resolutions to create for image-type
diff --git a/lib/WebGUI/Asset/Wobject/GalleryAlbum.pm b/lib/WebGUI/Asset/Wobject/GalleryAlbum.pm
index c87187b8e..8fafdfb8f 100644
--- a/lib/WebGUI/Asset/Wobject/GalleryAlbum.pm
+++ b/lib/WebGUI/Asset/Wobject/GalleryAlbum.pm
@@ -972,7 +972,12 @@ sub www_showConfirmation {
my $self = shift;
my $i18n = __PACKAGE__->i18n( $self->session );
- my $output = sprintf $i18n->get('save message'), $self->getUrl;
+ my $output = '' . sprintf( $i18n->get('save message'), $self->getUrl ) . '
'
+ . '' . $i18n->get('what next') . '
'
+ . ''
+ . sprintf( '- Add Photo
', $self->getUrl('func=add;class=WebGUI::Asset::File::GalleryFile::Photo') )
+ . '
'
+ ;
return $self->processStyle(
$output
diff --git a/lib/WebGUI/i18n/English/Asset_GalleryAlbum.pm b/lib/WebGUI/i18n/English/Asset_GalleryAlbum.pm
index 35543311c..f05c4eb97 100644
--- a/lib/WebGUI/i18n/English/Asset_GalleryAlbum.pm
+++ b/lib/WebGUI/i18n/English/Asset_GalleryAlbum.pm
@@ -459,6 +459,12 @@ our $I18N = {
lastUpdated => 0,
context => q{Label for button to confirm the delete},
},
+
+ 'what next' => {
+ message => q{What Next?},
+ lastUpdated => 0,
+ context => 'Title for the list of actions a user can take after saving a Gallery Album',
+ },
};
1;
diff --git a/t/Asset/Event/edit.t b/t/Asset/Event/edit.t
new file mode 100644
index 000000000..3d46c5425
--- /dev/null
+++ b/t/Asset/Event/edit.t
@@ -0,0 +1,193 @@
+# vim:syntax=perl
+#-------------------------------------------------------------------
+# WebGUI is Copyright 2001-2008 Plain Black Corporation.
+#-------------------------------------------------------------------
+# Please read the legal notices (docs/legal.txt) and the license
+# (docs/license.txt) that came with this distribution before using
+# this software.
+#------------------------------------------------------------------
+# http://www.plainblack.com info@plainblack.com
+#------------------------------------------------------------------
+
+# This script uses Test::WWW::Mechanize to test adding and editing Event
+# assets.
+#
+
+use FindBin;
+use strict;
+use lib "$FindBin::Bin/../../lib";
+use Test::More;
+use Test::Deep;
+use WebGUI::Test; # Must use this before any other WebGUI modules
+use WebGUI::Asset;
+use WebGUI::VersionTag;
+use WebGUI::Session;
+
+#----------------------------------------------------------------------------
+# Init
+my $session = WebGUI::Test->session;
+my $node = WebGUI::Asset->getImportNode( $session );
+my @versionTags = ( WebGUI::VersionTag->getWorking( $session ) );
+
+# Override some settings to make things easier to test
+my %oldSettings;
+# userFunctionStyleId
+$oldSettings{ userFunctionStyleId } = $session->setting->get( 'userFunctionStyleId' );
+$session->setting->set( 'userFunctionStyleId', 'PBtmpl0000000000000132' );
+
+# Create a user for testing purposes
+my $user = WebGUI::User->new( $session, "new" );
+$user->username( 'dufresne' . time );
+my $identifier = 'ritahayworth';
+my $auth = WebGUI::Operation::Auth::getInstance( $session, $user->authMethod, $user->userId );
+$auth->saveParams( $user->userId, $user->authMethod, {
+ 'identifier' => Digest::MD5::md5_base64( $identifier ),
+});
+
+my ( $mech );
+
+# Get the site's base URL
+my $baseUrl = 'http://' . $session->config->get('sitename')->[0];
+
+# Create a Calendar to add Events to
+my $calendar = $node->addChild( {
+ className => 'WebGUI::Asset::Wobject::Calendar',
+ groupIdEventEdit => '2', # Registered Users
+ groupIdEdit => '3', # Admins
+ workflowIdCommit => 'realtimeworkflow-00001', # Commit content immediately
+} );
+
+# Remember this event url when we want to edit it later
+my $eventUrl;
+
+$versionTags[-1]->commit;
+
+#----------------------------------------------------------------------------
+# Tests
+
+plan tests => 9; # Increment this number for each test you create
+
+use_ok( 'Test::WWW::Mechanize' ) or BAIL_OUT("Cannot continue without Test::WWW::Mechanize");
+
+#----------------------------------------------------------------------------
+# Add event: Users without permission are not shown form
+$mech = Test::WWW::Mechanize->new;
+$mech->get( $baseUrl . $calendar->getUrl('func=add;class=WebGUI::Asset::Event') );
+
+$mech->content_lacks( q{value="editSave"} );
+
+#----------------------------------------------------------------------------
+# Add event: Users with permission are shown form to add event
+$mech = getMechLogin( $baseUrl, $user, $identifier );
+
+# Properties given to the form
+my $properties = {
+ title => 'Event Title',
+ menuTitle => 'Event Menu Title',
+};
+
+$mech->get_ok( $baseUrl . $calendar->getUrl('func=add;class=WebGUI::Asset::Event') );
+$mech->submit_form_ok(
+ {
+ with_fields => $properties,
+ },
+ 'Event add form'
+);
+
+# Form gets saved correctly
+my $event
+ = $calendar->getLineage( ['children'], {
+ returnObjects => 1,
+ orderByClause => "creationDate DESC",
+ } )->[0];
+
+# Add properties that should be set to default
+$properties = {
+ %{ $properties },
+ ownerUserId => $user->userId,
+ createdBy => $user->userId,
+};
+
+cmp_deeply( $event->get, superhashof( $properties ), 'Event properties saved correctly' );
+
+# Save the event URL for later
+$eventUrl = $event->getUrl;
+
+#----------------------------------------------------------------------------
+# Edit Event: Users without permission are not shown form
+$mech = Test::WWW::Mechanize->new;
+
+$mech->get( $baseUrl . $eventUrl . '?func=edit' );
+
+$mech->content_lacks( q{value="editSave"} );
+
+#----------------------------------------------------------------------------
+# Edit Event: User with permission is shown form to edit event
+$mech = getMechLogin( $baseUrl, $user, $identifier );
+
+$mech->get_ok( $baseUrl . $eventUrl . '?func=edit' );
+
+my $properties = {
+ title => "Event Title" . time,
+ menuTitle => "Event Menu Title" . time,
+ description => "Event Description" . time,
+};
+
+$mech->submit_form_ok(
+ {
+ with_fields => $properties,
+ },
+ 'Event edit form'
+);
+
+# Form gets saved correctly
+my $event
+ = $calendar->getLineage( ['children'], {
+ returnObjects => 1,
+ orderByClause => "creationDate DESC",
+ } )->[0];
+
+# Add defaults that should not get set from the form
+$properties = {
+ %{ $properties },
+ ownerUserId => $user->userId,
+ createdBy => $user->userId,
+};
+
+cmp_deeply( $event->get, superhashof( $properties ), 'Events properties saved correctly' );
+
+#----------------------------------------------------------------------------
+# Cleanup
+END {
+ for my $tag ( @versionTags ) {
+ $tag->rollback;
+ }
+
+ $user->delete;
+
+ for my $key ( keys %oldSettings ) {
+ $session->setting->set( $key, $oldSettings{ $key } );
+ }
+}
+
+#----------------------------------------------------------------------------
+# getMechLogin( baseUrl, WebGUI::User, "identifier" )
+# Returns a Test::WWW::Mechanize session after logging in the given user using
+# the given identifier (password)
+# baseUrl is a fully-qualified URL to the site to login to
+sub getMechLogin {
+ my $baseUrl = shift;
+ my $user = shift;
+ my $identifier = shift;
+
+ my $mech = Test::WWW::Mechanize->new;
+ $mech->get( $baseUrl . '?op=auth;method=displayLogin' );
+ $mech->submit_form(
+ with_fields => {
+ username => $user->username,
+ identifier => $identifier,
+ },
+ );
+
+ return $mech;
+}
diff --git a/t/Asset/Redirect/mech.t b/t/Asset/Redirect/mech.t
index e59724879..eeb8c3652 100644
--- a/t/Asset/Redirect/mech.t
+++ b/t/Asset/Redirect/mech.t
@@ -36,7 +36,7 @@ $session->setting->set( 'userFunctionStyleId', 'PBtmpl0000000000000132' );
# Create a user for testing purposes
my $user = WebGUI::User->new( $session, "new" );
-$user->username( 'dufresne' );
+$user->username( 'dufresne' . time );
my $identifier = 'ritahayworth';
my $auth = WebGUI::Operation::Auth::getInstance( $session, $user->authMethod, $user->userId );
$auth->saveParams( $user->userId, $user->authMethod, {
diff --git a/t/Asset/Wobject/GalleryAlbum/edit.t b/t/Asset/Wobject/GalleryAlbum/edit.t
new file mode 100644
index 000000000..40ede1d0d
--- /dev/null
+++ b/t/Asset/Wobject/GalleryAlbum/edit.t
@@ -0,0 +1,138 @@
+# vim:syntax=perl
+#-------------------------------------------------------------------
+# WebGUI is Copyright 2001-2008 Plain Black Corporation.
+#-------------------------------------------------------------------
+# Please read the legal notices (docs/legal.txt) and the license
+# (docs/license.txt) that came with this distribution before using
+# this software.
+#------------------------------------------------------------------
+# http://www.plainblack.com info@plainblack.com
+#------------------------------------------------------------------
+
+# Test editing a GalleryAlbum from the web interface
+#
+#
+
+use FindBin;
+use strict;
+use lib "$FindBin::Bin/../../../lib";
+use Test::More;
+use WebGUI::Test; # Must use this before any other WebGUI modules
+use WebGUI::Session;
+use Test::Deep;
+use Test::WWW::Mechanize;
+
+#----------------------------------------------------------------------------
+# Init
+my $session = WebGUI::Test->session;
+my $node = WebGUI::Asset->getImportNode( $session );
+my @versionTags = ( WebGUI::VersionTag->getWorking( $session ) );
+
+# Override some settings to make things easier to test
+my %oldSettings;
+# userFunctionStyleId
+$oldSettings{ userFunctionStyleId } = $session->setting->get( 'userFunctionStyleId' );
+$session->setting->set( 'userFunctionStyleId', 'PBtmpl0000000000000132' );
+
+# Create a user for testing purposes
+my $user = WebGUI::User->new( $session, "new" );
+$user->username( 'dufresne' . time );
+my $identifier = 'ritahayworth';
+my $auth = WebGUI::Operation::Auth::getInstance( $session, $user->authMethod, $user->userId );
+$auth->saveParams( $user->userId, $user->authMethod, {
+ 'identifier' => Digest::MD5::md5_base64( $identifier ),
+});
+
+my ($mech, $redirect, $response);
+
+# Get the site's base URL
+my $baseUrl = 'http://' . $session->config->get('sitename')->[0];
+
+my $i18n = WebGUI::International->new( $session, 'Asset_GalleryAlbum' );
+
+my $gallery
+ = $node->addChild( {
+ className => 'WebGUI::Asset::Wobject::Gallery',
+ groupIdAddFile => '2', # Registered Users
+ workflowIdCommit => 'realtimeworkflow-00001', # Commit Content Immediately
+ } );
+
+$versionTags[-1]->commit;
+
+#----------------------------------------------------------------------------
+# Tests
+
+plan tests => 6; # Increment this number for each test you create
+
+#----------------------------------------------------------------------------
+# Visitor user cannot add albums
+$mech = Test::WWW::Mechanize->new;
+$mech->get( $baseUrl . $gallery->getUrl('func=add;class=WebGUI::Asset::Wobject::GalleryAlbum') );
+
+# Should contain the Log In form
+$mech->content_contains( "Permission Denied" );
+
+#----------------------------------------------------------------------------
+# Registered User can add albums
+$mech = getMechLogin( $baseUrl, $user, $identifier );
+
+# Complete the GalleryAlbum edit form
+my $properties = {
+ title => 'Gallery Album',
+ description => 'This is a new Gallery Album',
+};
+
+$mech->get_ok( $baseUrl . $gallery->getUrl('func=add;class=WebGUI::Asset::Wobject::GalleryAlbum') );
+$mech->submit_form_ok( {
+ with_fields => $properties,
+}, 'Sent GalleryAlbum edit form' );
+
+# Shows the confirmation page
+$mech->content_contains(
+ $i18n->get( 'what next' ),
+ 'Shows message about what next',
+);
+$mech->content_contains(
+ q{func=add;class=WebGUI::Asset::File::GalleryFile::Photo},
+ 'Shows link to add a Photo',
+);
+
+# Creates the album with the appropriate properties
+my $album = WebGUI::Asset->newByDynamicClass( $session, $gallery->getAlbumIds->[0] );
+cmp_deeply( $properties, subhashof( $album->get ), "Properties from edit form are set correctly" );
+
+#----------------------------------------------------------------------------
+# Cleanup
+END {
+ for my $tag ( @versionTags ) {
+ $tag->rollback;
+ }
+
+ $user->delete;
+
+ for my $key ( keys %oldSettings ) {
+ $session->setting->set( $key, $oldSettings{ $key } );
+ }
+}
+
+#----------------------------------------------------------------------------
+# getMechLogin( baseUrl, WebGUI::User, "identifier" )
+# Returns a Test::WWW::Mechanize session after logging in the given user using
+# the given identifier (password)
+# baseUrl is a fully-qualified URL to the site to login to
+sub getMechLogin {
+ my $baseUrl = shift;
+ my $user = shift;
+ my $identifier = shift;
+
+ my $mech = Test::WWW::Mechanize->new;
+ $mech->get( $baseUrl . '?op=auth;method=displayLogin' );
+ $mech->submit_form(
+ with_fields => {
+ username => $user->username,
+ identifier => $identifier,
+ },
+ );
+
+ return $mech;
+}
diff --git a/t/_test.skeleton.mech b/t/_test.skeleton.mech
new file mode 100644
index 000000000..5513c1f9e
--- /dev/null
+++ b/t/_test.skeleton.mech
@@ -0,0 +1,111 @@
+# vim:syntax=perl
+#-------------------------------------------------------------------
+# WebGUI is Copyright 2001-2008 Plain Black Corporation.
+#-------------------------------------------------------------------
+# Please read the legal notices (docs/legal.txt) and the license
+# (docs/license.txt) that came with this distribution before using
+# this software.
+#------------------------------------------------------------------
+# http://www.plainblack.com info@plainblack.com
+#------------------------------------------------------------------
+
+# This script uses Test::WWW::Mechanize to test the operation of something
+# This skeleton sets up some things for you, such as a user to use for
+# testing.
+
+# Note: In order to test properly, you will probably have to commit your
+# version tags as they are created. By adding your version tags to
+# @versionTags, they will get cleaned up in the END block
+
+# Note 2: Test::WWW::Mechanize should not be used to test permissions,
+# or any API methods.
+
+# This is best used to test forms, do they have the required fields, do
+# they get saved properly?
+
+use FindBin;
+use strict;
+use lib "$FindBin::Bin/lib";
+use Test::More;
+use WebGUI::Test; # Must use this before any other WebGUI modules
+use WebGUI::Asset;
+use WebGUI::VersionTag;
+use WebGUI::Session;
+
+#----------------------------------------------------------------------------
+# Init
+my $session = WebGUI::Test->session;
+my $node = WebGUI::Asset->getImportNode( $session );
+my @versionTags = ( WebGUI::VersionTag->getWorking( $session ) );
+
+# Override some settings to make things easier to test
+my %oldSettings;
+# userFunctionStyleId
+$oldSettings{ userFunctionStyleId } = $session->setting->get( 'userFunctionStyleId' );
+$session->setting->set( 'userFunctionStyleId', 'PBtmpl0000000000000132' );
+
+# Create a user for testing purposes
+my $user = WebGUI::User->new( $session, "new" );
+$user->username( 'dufresne' . time );
+my $identifier = 'ritahayworth';
+my $auth = WebGUI::Operation::Auth::getInstance( $session, $user->authMethod, $user->userId );
+$auth->saveParams( $user->userId, $user->authMethod, {
+ 'identifier' => Digest::MD5::md5_base64( $identifier ),
+});
+
+my ( $mech );
+
+# Get the site's base URL
+my $baseUrl = 'http://' . $session->config->get('sitename')->[0];
+
+
+#----------------------------------------------------------------------------
+# Tests
+
+plan tests => 1; # Increment this number for each test you create
+
+use_ok( 'Test::WWW::Mechanize' ) or BAIL_OUT( "Cannot continue without Test::WWW::Mechanize" );
+
+#----------------------------------------------------------------------------
+# put your tests here
+
+# example
+#$mech = Test::WWW::Mechanize->new;
+#$mech->get_ok( $baseUrl . "?op=adminConsole" );
+#$mech = getMechLogin( $baseUrl, $user, $identifier );
+
+#----------------------------------------------------------------------------
+# Cleanup
+END {
+ for my $tag ( @versionTags ) {
+ $tag->rollback;
+ }
+
+ $user->delete;
+
+ for my $key ( keys %oldSettings ) {
+ $session->setting->set( $key, $oldSettings{ $key } );
+ }
+}
+
+#----------------------------------------------------------------------------
+# getMechLogin( baseUrl, WebGUI::User, "identifier" )
+# Returns a Test::WWW::Mechanize session after logging in the given user using
+# the given identifier (password)
+# baseUrl is a fully-qualified URL to the site to login to
+sub getMechLogin {
+ my $baseUrl = shift;
+ my $user = shift;
+ my $identifier = shift;
+
+ my $mech = Test::WWW::Mechanize->new;
+ $mech->get( $baseUrl . '?op=auth;method=displayLogin' );
+ $mech->submit_form(
+ with_fields => {
+ username => $user->username,
+ identifier => $identifier,
+ },
+ );
+
+ return $mech;
+}