hazza/Phraseanet
1
0
Fork 0
mirror of https://github.com/alchemy-fr/Phraseanet.git synced 2025-10-17 15:03:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #936 from romainneutron/fix-1693

Browse Source 
[3.8] Fix #1693 : Guest users should be able to access detailed view
This commit is contained in:
Nicolas Le Goff
2014-02-11 08:45:04 +01:00
parent 6fd944973e 68e775dfd3
commit aa914b4c13
3 changed files with 58 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
lib/Alchemy/Phrasea/Controller/Prod/Records.php
View File

@@ -30,10 +30,6 @@ class Records implements ControllerProviderInterface
$app['firewall']->addMandatoryAuthentication($controllers);
$controllers->before(function (Request $request) use ($app) {
$app['firewall']->requireNotGuest();
});
/**
* Get the record detailed view
*
@@ -65,7 +61,10 @@ class Records implements ControllerProviderInterface
* return : JSON Response
*/
$controllers->post('/delete/', $this->call('doDeleteRecords'))
->bind('record_delete');
->bind('record_delete')
->before(function (Request $request) use ($app) {
$app['firewall']->requireNotGuest();
});
/**
* Verify if I can delete records
@@ -81,7 +80,10 @@ class Records implements ControllerProviderInterface
* return : HTML Response
*/
$controllers->post('/delete/what/', $this->call('whatCanIDelete'))
->bind('record_what_can_i_delete');
->bind('record_what_can_i_delete')
->before(function (Request $request) use ($app) {
$app['firewall']->requireNotGuest();
});
/**
* Renew a record URL

45
tests/Alchemy/Tests/Phrasea/Controller/Prod/RecordsTest.php
View File

@@ -4,6 +4,8 @@ namespace Alchemy\Tests\Phrasea\Controller\Prod;
use Alchemy\Phrasea\Border\File;
use Alchemy\Phrasea\SearchEngine\SearchEngineOptions;
use Entities\Basket;
use Entities\BasketElement;
/**
* @todo Test Alchemy\Phrasea\Controller\Prod\Export::exportMail
@@ -78,6 +80,49 @@ class RecordsTest extends \PhraseanetWebTestCaseAuthenticatedAbstract
$this->assertBadResponse(self::$DI['client']->getResponse());
}
public function testGetRecordDetailAsGuest()
{
$inviteUsrid = \User_Adapter::get_usr_id_from_login(self::$DI['app'], 'invite');
$invite_user = \User_Adapter::getInstance($inviteUsrid, self::$DI['app']);
$this->authenticate(self::$DI['app'], $invite_user);
$basket = new Basket();
$basket->setUsrId($inviteUsrid);
$basket->setName('test');
self::$DI['app']['EM']->persist($basket);
$element = new BasketElement();
$element->setRecord(self::$DI['record_24']);
$element->setBasket($basket);
$basket->addElement($element);
self::$DI['app']['EM']->persist($element);
self::$DI['app']['EM']->flush();
$this->XMLHTTPRequest('POST', '/prod/records/', array(
'env' => 'BASK',
'pos' => 0,
'query' => '',
'cont' => $basket->getId(),
));
$response = self::$DI['client']->getResponse();
$this->assertEquals(200, $response->getStatusCode());
$data = json_decode($response->getContent(), true);
$this->assertArrayHasKey('desc', $data);
$this->assertArrayHasKey('html_preview', $data);
$this->assertArrayHasKey('current', $data);
$this->assertArrayHasKey('others', $data);
$this->assertArrayHasKey('history', $data);
$this->assertArrayHasKey('popularity', $data);
$this->assertArrayHasKey('tools', $data);
$this->assertArrayHasKey('pos', $data);
$this->assertArrayHasKey('title', $data);
}
/**
* @covers Alchemy\Phrasea\Controller\Prod\Records::getRecord
*/

8
tests/classes/PhraseanetPHPUnitAbstract.php
View File

@@ -917,12 +917,14 @@ abstract class PhraseanetPHPUnitAbstract extends WebTestCase
return;
}
protected function authenticate(Application $app)
protected function authenticate(Application $app, $user = null)
{
$user = $user ?: self::$DI['user'];
$app['session']->clear();
$app['session']->set('usr_id', self::$DI['user']->get_id());
$app['session']->set('usr_id', $user->get_id());
$session = new \Entities\Session();
$session->setUsrId(self::$DI['user']->get_id());
$session->setUsrId($user->get_id());
$session->setUserAgent('');
self::$DI['app']['EM']->persist($session);
self::$DI['app']['EM']->flush();