summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--app/helpers/application_helper.rb21
-rw-r--r--test/unit/helpers/application_helper_test.rb29
2 files changed, 49 insertions, 1 deletions
diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index 19dd654db..0fb44a22b 100644
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -32,8 +32,27 @@ module ApplicationHelper
end
# Display a link if user is authorized
+ #
+ # @param [String] name Anchor text (passed to link_to)
+ # @param [Hash, String] options Hash params or url for the link target (passed to link_to).
+ # This will checked by authorize_for to see if the user is authorized
+ # @param [optional, Hash] html_options Options passed to link_to
+ # @param [optional, Hash] parameters_for_method_reference Extra parameters for link_to
def link_to_if_authorized(name, options = {}, html_options = nil, *parameters_for_method_reference)
- link_to(name, options, html_options, *parameters_for_method_reference) if authorize_for(options[:controller] || params[:controller], options[:action])
+ if options.is_a?(String)
+ begin
+ route = ActionController::Routing::Routes.recognize_path(options.gsub(/\?.*/,''), :method => options[:method] || :get)
+ link_controller = route[:controller]
+ link_action = route[:action]
+ rescue ActionController::RoutingError # Parse failed, not a route
+ link_controller, link_action = nil, nil
+ end
+ else
+ link_controller = options[:controller] || params[:controller]
+ link_action = options[:action]
+ end
+
+ link_to(name, options, html_options, *parameters_for_method_reference) if authorize_for(link_controller, link_action)
end
# Display a link to remote if user is authorized
diff --git a/test/unit/helpers/application_helper_test.rb b/test/unit/helpers/application_helper_test.rb
index 533311b1a..1936a981b 100644
--- a/test/unit/helpers/application_helper_test.rb
+++ b/test/unit/helpers/application_helper_test.rb
@@ -30,6 +30,35 @@ class ApplicationHelperTest < ActionView::TestCase
def setup
super
end
+
+ context "#link_to_if_authorized" do
+ context "authorized user" do
+ should "be tested"
+ end
+
+ context "unauthorized user" do
+ should "be tested"
+ end
+
+ should "allow using the :controller and :action for the target link" do
+ User.current = User.find_by_login('admin')
+
+ @project = Issue.first.project # Used by helper
+ response = link_to_if_authorized("By controller/action",
+ {:controller => 'issues', :action => 'edit', :id => Issue.first.id})
+ assert_match /href/, response
+ end
+
+ should "allow using the url for the target link" do
+ User.current = User.find_by_login('admin')
+
+ @project = Issue.first.project # Used by helper
+ response = link_to_if_authorized("By url",
+ new_issue_move_path(:id => Issue.first.id))
+ assert_match /href/, response
+ end
+
+ end
def test_auto_links
to_test = {