diff --git a/lib/Alchemy/Phrasea/Controller/Admin/Publications.php b/lib/Alchemy/Phrasea/Controller/Admin/Publications.php index 49c55fe43b..9cc1d585fd 100644 --- a/lib/Alchemy/Phrasea/Controller/Admin/Publications.php +++ b/lib/Alchemy/Phrasea/Controller/Admin/Publications.php @@ -124,12 +124,14 @@ class Publications implements ControllerProviderInterface ); $feed = $app["EM"]->find('Entities\Feed', $id); + if (null === $feed) { + $app->abort(404, "Feed not found"); + } + $request = $app["request"]; - if (!$feed->getOwner($app['authentication']->getUser())) { - $datas['message'] = 'You are not allowed to do that'; - - return $app->json($datas); + if (!$feed->isOwner($app['authentication']->getUser())) { + $app->abort(403, "Access Forbidden"); } try { @@ -170,6 +172,15 @@ class Publications implements ControllerProviderInterface unset($media); + $feed->setIconUrl(true); + $app['EM']->persist($feed); + $app['EM']->flush(); + + $baseDir = realpath(__DIR__ . '/../../../../../'); + + $app['filesystem']->copy($tmpname, $baseDir . '/config/feed_' . $feed->getId() . '.jpg'); + $app['filesystem']->copy($tmpname, 'custom/feed_' . $feed->getId() . '.jpg'); + $app['filesystem']->remove($tmpname); $datas['success'] = true; @@ -217,7 +228,7 @@ class Publications implements ControllerProviderInterface $publisher = $app["EM"]->find('Entities\FeedPublisher', $request->request->get('publisher_id')); if (null === $publisher) { - throw new \Exception_Feed_PublisherNotFound(); + $app->abort(404, "Feed Publisher not found"); } $user = $publisher->getUser($app); diff --git a/templates/web/admin/publications/fiche.html.twig b/templates/web/admin/publications/fiche.html.twig index ce47d325a9..75ea22fc7c 100644 --- a/templates/web/admin/publications/fiche.html.twig +++ b/templates/web/admin/publications/fiche.html.twig @@ -11,7 +11,11 @@
- +
@@ -145,7 +149,7 @@ {{ publisher.getUser(app).get_email() }} - {% if publisher.getOwner() == true %} + {% if publisher.isOwner() == true %} X {% else %}
diff --git a/templates/web/admin/publications/list.html.twig b/templates/web/admin/publications/list.html.twig index f5cfde8d94..522b44bc71 100644 --- a/templates/web/admin/publications/list.html.twig +++ b/templates/web/admin/publications/list.html.twig @@ -64,7 +64,11 @@
- +
diff --git a/tests/Alchemy/Tests/Phrasea/Controller/Admin/PublicationTest.php b/tests/Alchemy/Tests/Phrasea/Controller/Admin/PublicationTest.php index 6a6371ee0e..5245b96978 100644 --- a/tests/Alchemy/Tests/Phrasea/Controller/Admin/PublicationTest.php +++ b/tests/Alchemy/Tests/Phrasea/Controller/Admin/PublicationTest.php @@ -107,32 +107,22 @@ class Module_Admin_Route_PublicationTest extends \PhraseanetWebTestCaseAuthentic public function testIconUploadErrorOwner() { - $this->markTestSkipped(); // icon upload being changed + $feed = $this->insertOneFeed(self::$DI['user_alt1']); - $feed = \Feed_Adapter::create(self::$DI['app'], self::$DI['user_alt1'], "salut", 'coucou'); - - self::$DI['client']->request("POST", "/admin/publications/feed/" . $feed->get_id() . "/iconupload/", array(), array(), array('HTTP_ACCEPT' => 'application/json')); + self::$DI['client']->request("POST", "/admin/publications/feed/" . $feed->getId() . "/iconupload/", array(), array(), array('HTTP_ACCEPT' => 'application/json')); $response = self::$DI['client']->getResponse(); - $this->assertTrue($response->isOk()); - - $content = json_decode($response->getContent()); - - $this->assertFalse($content->success); - - $feed->delete(); + $this->assertEquals(403, $response->getStatusCode()); } public function testIconUploadErrorFileData() { - $this->markTestSkipped(); // icon upload being changed - - $feed = \Feed_Adapter::create(self::$DI['app'], self::$DI['user'], "salut", 'coucou'); + $feed = $this->insertOneFeed(self::$DI['user']); self::$DI['client']->request( "POST" - , "/admin/publications/feed/" . $feed->get_id() . "/iconupload/" + , "/admin/publications/feed/" . $feed->getId() . "/iconupload/" , array() , array('Filedata' => array('error' => 1)) ); @@ -142,19 +132,15 @@ class Module_Admin_Route_PublicationTest extends \PhraseanetWebTestCaseAuthentic $content = json_decode($response->getContent()); $this->assertFalse($content->success); - - $feed->delete(); } public function testIconUploadErrorFileType() { - $this->markTestSkipped(); // icon upload being changed - - $feed = \Feed_Adapter::create(self::$DI['app'], self::$DI['user'], "salut", 'coucou'); + $feed = $this->insertOneFeed(self::$DI['user']); self::$DI['client']->request( "POST" - , "/admin/publications/feed/" . $feed->get_id() . "/iconupload/" + , "/admin/publications/feed/" . $feed->getId() . "/iconupload/" , array() , array('Filedata' => array('error' => 0, 'tmp_name' => __DIR__ . '/../../../../../files/test007.ppt')) ); @@ -164,15 +150,11 @@ class Module_Admin_Route_PublicationTest extends \PhraseanetWebTestCaseAuthentic $content = json_decode($response->getContent()); $this->assertFalse($content->success); - - $feed->delete(); } public function testIconUpload() { - $this->markTestSkipped(); // icon upload being changed - - $feed = \Feed_Adapter::create(self::$DI['app'], self::$DI['user'], "salut", 'coucou'); + $feed = $this->insertOneFeed(self::$DI['user']); $files = array( 'files' => array( @@ -184,7 +166,7 @@ class Module_Admin_Route_PublicationTest extends \PhraseanetWebTestCaseAuthentic self::$DI['client']->request( "POST" - , "/admin/publications/feed/" . $feed->get_id() . "/iconupload/" + , "/admin/publications/feed/" . $feed->getId() . "/iconupload/" , array() , $files ); @@ -196,10 +178,6 @@ class Module_Admin_Route_PublicationTest extends \PhraseanetWebTestCaseAuthentic $content = json_decode($response->getContent()); $this->assertTrue($content->success); - - $feed = new \Feed_Adapter(self::$DI['app'], $feed->get_id()); - - $feed->delete(); } public function testAddPublisher()