accept_api_auth :index
helper :watchers
+ helper :attachments
def index
case params[:format]
if request.post?
@news.attributes = params[:news]
if @news.save
+ attachments = Attachment.attach_files(@news, params[:attachments])
+ render_attachment_warning_if_needed(@news)
flash[:notice] = l(:notice_successful_create)
redirect_to :controller => 'news', :action => 'index', :project_id => @project
else
def update
if request.put? and @news.update_attributes(params[:news])
+ attachments = Attachment.attach_files(@news, params[:attachments])
+ render_attachment_warning_if_needed(@news)
flash[:notice] = l(:notice_successful_update)
redirect_to :action => 'show', :id => @news
else
validates_length_of :title, :maximum => 60
validates_length_of :summary, :maximum => 255
+ acts_as_attachable :delete_permission => :manage_news
acts_as_searchable :columns => ['title', 'summary', "#{table_name}.description"], :include => :project
acts_as_event :url => Proc.new {|o| {:controller => 'news', :action => 'show', :id => o.id}}
acts_as_activity_provider :find_options => {:include => [:project, :author]},
<p><%= f.text_field :title, :required => true, :size => 60 %></p>
<p><%= f.text_area :summary, :cols => 60, :rows => 2 %></p>
<p><%= f.text_area :description, :required => true, :cols => 60, :rows => 15, :class => 'wiki-edit' %></p>
+<p id="attachments_form"><%= label_tag('attachments[1][file]', l(:label_attachment_plural))%><%= render :partial => 'attachments/form' %></p>
</div>
-
+
<%= wikitoolbar_for 'news_description' %>
<h2><%=l(:label_news)%></h2>
-<% labelled_form_for @news, :html => { :id => 'news-form', :method => :put } do |f| %>
+<% labelled_form_for @news, :html => { :id => 'news-form', :multipart => true, :method => :put } do |f| %>
<%= render :partial => 'form', :locals => { :f => f } %>
<%= submit_tag l(:button_save) %>
<%= link_to_remote l(:label_preview),
<div id="add-news" style="display:none;">
<h2><%=l(:label_news_new)%></h2>
<% labelled_form_for @news, :url => project_news_index_path(@project),
- :html => { :id => 'news-form' } do |f| %>
+ :html => { :id => 'news-form', :multipart => true } do |f| %>
<%= render :partial => 'news/form', :locals => { :f => f } %>
<%= submit_tag l(:button_create) %>
<%= link_to_remote l(:label_preview),
<h2><%=l(:label_news_new)%></h2>
<% labelled_form_for @news, :url => project_news_index_path(@project),
- :html => { :id => 'news-form' } do |f| %>
+ :html => { :id => 'news-form', :multipart => true } do |f| %>
<%= render :partial => 'news/form', :locals => { :f => f } %>
<%= submit_tag l(:button_create) %>
<%= link_to_remote l(:label_preview),
<% if authorize_for('news', 'edit') %>
<div id="edit-news" style="display:none;">
<% labelled_form_for :news, @news, :url => news_path(@news),
- :html => { :id => 'news-form', :method => :put } do |f| %>
+ :html => { :id => 'news-form', :multipart => true, :method => :put } do |f| %>
<%= render :partial => 'form', :locals => { :f => f } %>
<%= submit_tag l(:button_save) %>
<%= link_to_remote l(:label_preview),
<p><% unless @news.summary.blank? %><em><%=h @news.summary %></em><br /><% end %>
<span class="author"><%= authoring @news.created_on, @news.author %></span></p>
<div class="wiki">
-<%= textilizable(@news.description) %>
+<%= textilizable(@news, :description) %>
</div>
+<%= link_to_attachments @news %>
<br />
<div id="comments" style="margin-bottom:16px;">
assert_tag :tag => 'h2', :content => /eCookbook first release/
end
+ def test_show_should_show_attachments
+ attachment = Attachment.first
+ attachment.container = News.find(1)
+ attachment.save!
+
+ get :show, :id => 1
+ assert_response :success
+ assert_tag 'a', :content => attachment.filename
+ end
+
def test_show_not_found
get :show, :id => 999
assert_response 404
assert_equal 1, ActionMailer::Base.deliveries.size
end
+ def test_post_create_with_attachment
+ set_tmp_attachments_directory
+ @request.session[:user_id] = 2
+ assert_difference 'News.count' do
+ assert_difference 'Attachment.count' do
+ post :create, :project_id => 1,
+ :news => { :title => 'Test', :description => 'This is the description' },
+ :attachments => {'1' => {'file' => uploaded_test_file('testfile.txt', 'text/plain')}}
+ end
+ end
+ attachment = Attachment.first(:order => 'id DESC')
+ news = News.first(:order => 'id DESC')
+ assert_equal news, attachment.container
+ end
+
+ def test_post_create_with_validation_failure
+ @request.session[:user_id] = 2
+ post :create, :project_id => 1, :news => { :title => '',
+ :description => 'This is the description',
+ :summary => '' }
+ assert_response :success
+ assert_template 'new'
+ assert_not_nil assigns(:news)
+ assert assigns(:news).new_record?
+ assert_tag :tag => 'div', :attributes => { :id => 'errorExplanation' },
+ :content => /1 error/
+ end
+
def test_get_edit
@request.session[:user_id] = 2
get :edit, :id => 1
assert_equal 'Description changed by test_post_edit', news.description
end
- def test_post_create_with_validation_failure
+ def test_put_update_with_attachment
+ set_tmp_attachments_directory
@request.session[:user_id] = 2
- post :create, :project_id => 1, :news => { :title => '',
- :description => 'This is the description',
- :summary => '' }
- assert_response :success
- assert_template 'new'
- assert_not_nil assigns(:news)
- assert assigns(:news).new_record?
- assert_tag :tag => 'div', :attributes => { :id => 'errorExplanation' },
- :content => /1 error/
+ assert_no_difference 'News.count' do
+ assert_difference 'Attachment.count' do
+ put :update, :id => 1,
+ :news => { :description => 'This is the description' },
+ :attachments => {'1' => {'file' => uploaded_test_file('testfile.txt', 'text/plain')}}
+ end
+ end
+ attachment = Attachment.first(:order => 'id DESC')
+ assert_equal News.find(1), attachment.container
end
def test_destroy
10.times { projects(:projects_001).news.create(valid_news) }
assert_equal 5, News.latest(users(:users_004)).size
end
+
+ def test_attachments_should_be_visible
+ assert News.find(1).attachments_visible?(User.anonymous)
+ end
+
+ def test_attachments_should_be_deletable_with_manage_news_permission
+ manager = User.find(2)
+ assert News.find(1).attachments_deletable?(manager)
+ end
+
+ def test_attachments_should_not_be_deletable_without_manage_news_permission
+ manager = User.find(2)
+ Role.find_by_name('Manager').remove_permission!(:manage_news)
+ assert !News.find(1).attachments_deletable?(manager)
+ end
end