oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fixed #12129: AdminBar calls canAdd as an object method

Browse source
This commit is contained in:
Paul Driver 2011-05-16 16:10:18 -05:00
parent 0df9fb747a
commit c1a29182ca
4 changed files with 31 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

1
docs/changelog/7.x.x.txt
View file

@ -3,6 +3,7 @@
- rfe #2123: Layouts related for export purposes - rfe #2123: Layouts related for export purposes
- fixed #12125: Recaptcha API url - fixed #12125: Recaptcha API url
- rfe #12127: AssetProperty macro - rfe #12127: AssetProperty macro
- fixed #12129: AdminBar calls canAdd as an object method
7.10.15 7.10.15
- fixed #12117: Thingy - www_searchViaAjax broken - fixed #12117: Thingy - www_searchViaAjax broken

4
lib/WebGUI/Asset.pm
View file

@ -226,6 +226,10 @@ The "turn admin on" group which is group id 12.
sub canAdd { sub canAdd {
my $className = shift; my $className = shift;
# just in case we get called as object method
$className = $className->get('className') if blessed $className;
my $session = shift; my $session = shift;
my $userId = shift || $session->user->userId; my $userId = shift || $session->user->userId;
my $user = WebGUI::User->new($session, $userId); my $user = WebGUI::User->new($session, $userId);

5
lib/WebGUI/Macro/AdminBar.pm
View file

@ -160,12 +160,13 @@ sub process {
# prototypes # prototypes
foreach my $prototype (@{ $session->asset->getPrototypeList }) { foreach my $prototype (@{ $session->asset->getPrototypeList }) {
next unless ($prototype->canView && $prototype->canAdd($session) && $prototype->getUiLevel <= $userUiLevel); my $class = $prototype->get('className');
next unless ($prototype->canView && $class->canAdd($session) && $prototype->getUiLevel <= $userUiLevel);
$categories{prototypes}{items} ||= []; $categories{prototypes}{items} ||= [];
push @{$categories{prototypes}{items}}, { push @{$categories{prototypes}{items}}, {
title => $prototype->getTitle, title => $prototype->getTitle,
url => $asset->getUrl( url => $asset->getUrl(
"func=add;class=".$prototype->get('className').";prototype=".$prototype->getId.$proceed "func=add;class=$class;prototype=".$prototype->getId.$proceed
), ),
icon => $prototype->getIcon(1), icon => $prototype->getIcon(1),
}; };

24
t/Asset/Asset.t
View file

@ -23,6 +23,7 @@ use WebGUI::Asset::Sku;
use WebGUI::Asset::Sku::Product; use WebGUI::Asset::Sku::Product;
use WebGUI::AssetVersioning; use WebGUI::AssetVersioning;
use WebGUI::VersionTag; use WebGUI::VersionTag;
use Monkey::Patch;
use Test::More; use Test::More;
use Test::Deep; use Test::Deep;
@ -172,7 +173,7 @@ sub definition {
package main; package main;
plan tests => 137 plan tests => 138
+ scalar(@fixIdTests) + scalar(@fixIdTests)
+ scalar(@fixTitleTests) + scalar(@fixTitleTests)
+ 2*scalar(@getTitleTests) #same tests used for getTitle and getMenuTitle + 2*scalar(@getTitleTests) #same tests used for getTitle and getMenuTitle
@ -1212,4 +1213,25 @@ sub getTitleTests {
); );
} }
subtest 'canAdd tolerates being called as an object method', sub {
my $class = 'WebGUI::Asset::Snippet';
my $snip = $tempNode->addChild({className => $class});
# Make a test user who's just in Turn Admin On
my $u = WebGUI::User->create($session);
WebGUI::Test->addToCleanup($u);
$u->addToGroups(['12']);
$session->user({ user => $u });
# default addGroup is Turn Admin On
ok $class->canAdd($session), 'can add when called as a class method';
ok $snip->canAdd($session), '...or an object method';
my $key = "assets/$class/addGroup";
WebGUI::Test->originalConfig($key);
$session->config->set($key, 3);
# now only admins can add snippets, so canAdd should return false
ok !$class->canAdd($session), 'Cannot add when called as a class method';
ok !$snip->canAdd($session), '...or an object method';
};