mirror of
https://github.com/alchemy-fr/Phraseanet.git
synced 2025-10-18 15:33:15 +00:00
Merge pull request #936 from romainneutron/fix-1693
[3.8] Fix #1693 : Guest users should be able to access detailed view
This commit is contained in:
Nicolas Le Goff
@@ -30,10 +30,6 @@ class Records implements ControllerProviderInterface
|
|||||||
|
|
||||||
$app['firewall']->addMandatoryAuthentication($controllers);
|
$app['firewall']->addMandatoryAuthentication($controllers);
|
||||||
|
|
||||||
$controllers->before(function (Request $request) use ($app) {
|
|
||||||
$app['firewall']->requireNotGuest();
|
|
||||||
});
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the record detailed view
|
* Get the record detailed view
|
||||||
*
|
*
|
||||||
@@ -65,7 +61,10 @@ class Records implements ControllerProviderInterface
|
|||||||
* return : JSON Response
|
* return : JSON Response
|
||||||
*/
|
*/
|
||||||
$controllers->post('/delete/', $this->call('doDeleteRecords'))
|
$controllers->post('/delete/', $this->call('doDeleteRecords'))
|
||||||
->bind('record_delete');
|
->bind('record_delete')
|
||||||
|
->before(function (Request $request) use ($app) {
|
||||||
|
$app['firewall']->requireNotGuest();
|
||||||
|
});
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Verify if I can delete records
|
* Verify if I can delete records
|
||||||
@@ -81,7 +80,10 @@ class Records implements ControllerProviderInterface
|
|||||||
* return : HTML Response
|
* return : HTML Response
|
||||||
*/
|
*/
|
||||||
$controllers->post('/delete/what/', $this->call('whatCanIDelete'))
|
$controllers->post('/delete/what/', $this->call('whatCanIDelete'))
|
||||||
->bind('record_what_can_i_delete');
|
->bind('record_what_can_i_delete')
|
||||||
|
->before(function (Request $request) use ($app) {
|
||||||
|
$app['firewall']->requireNotGuest();
|
||||||
|
});
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Renew a record URL
|
* Renew a record URL
|
||||||
|
|||||||
@@ -4,6 +4,8 @@ namespace Alchemy\Tests\Phrasea\Controller\Prod;
|
|||||||
|
|
||||||
use Alchemy\Phrasea\Border\File;
|
use Alchemy\Phrasea\Border\File;
|
||||||
use Alchemy\Phrasea\SearchEngine\SearchEngineOptions;
|
use Alchemy\Phrasea\SearchEngine\SearchEngineOptions;
|
||||||
|
use Entities\Basket;
|
||||||
|
use Entities\BasketElement;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @todo Test Alchemy\Phrasea\Controller\Prod\Export::exportMail
|
* @todo Test Alchemy\Phrasea\Controller\Prod\Export::exportMail
|
||||||
@@ -78,6 +80,49 @@ class RecordsTest extends \PhraseanetWebTestCaseAuthenticatedAbstract
|
|||||||
$this->assertBadResponse(self::$DI['client']->getResponse());
|
$this->assertBadResponse(self::$DI['client']->getResponse());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testGetRecordDetailAsGuest()
|
||||||
|
{
|
||||||
|
$inviteUsrid = \User_Adapter::get_usr_id_from_login(self::$DI['app'], 'invite');
|
||||||
|
$invite_user = \User_Adapter::getInstance($inviteUsrid, self::$DI['app']);
|
||||||
|
|
||||||
|
$this->authenticate(self::$DI['app'], $invite_user);
|
||||||
|
|
||||||
|
$basket = new Basket();
|
||||||
|
$basket->setUsrId($inviteUsrid);
|
||||||
|
$basket->setName('test');
|
||||||
|
|
||||||
|
self::$DI['app']['EM']->persist($basket);
|
||||||
|
|
||||||
|
$element = new BasketElement();
|
||||||
|
$element->setRecord(self::$DI['record_24']);
|
||||||
|
$element->setBasket($basket);
|
||||||
|
$basket->addElement($element);
|
||||||
|
|
||||||
|
self::$DI['app']['EM']->persist($element);
|
||||||
|
self::$DI['app']['EM']->flush();
|
||||||
|
|
||||||
|
$this->XMLHTTPRequest('POST', '/prod/records/', array(
|
||||||
|
'env' => 'BASK',
|
||||||
|
'pos' => 0,
|
||||||
|
'query' => '',
|
||||||
|
'cont' => $basket->getId(),
|
||||||
|
));
|
||||||
|
$response = self::$DI['client']->getResponse();
|
||||||
|
|
||||||
|
$this->assertEquals(200, $response->getStatusCode());
|
||||||
|
$data = json_decode($response->getContent(), true);
|
||||||
|
|
||||||
|
$this->assertArrayHasKey('desc', $data);
|
||||||
|
$this->assertArrayHasKey('html_preview', $data);
|
||||||
|
$this->assertArrayHasKey('current', $data);
|
||||||
|
$this->assertArrayHasKey('others', $data);
|
||||||
|
$this->assertArrayHasKey('history', $data);
|
||||||
|
$this->assertArrayHasKey('popularity', $data);
|
||||||
|
$this->assertArrayHasKey('tools', $data);
|
||||||
|
$this->assertArrayHasKey('pos', $data);
|
||||||
|
$this->assertArrayHasKey('title', $data);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @covers Alchemy\Phrasea\Controller\Prod\Records::getRecord
|
* @covers Alchemy\Phrasea\Controller\Prod\Records::getRecord
|
||||||
*/
|
*/
|
||||||
|
|||||||
@@ -917,12 +917,14 @@ abstract class PhraseanetPHPUnitAbstract extends WebTestCase
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
protected function authenticate(Application $app)
|
protected function authenticate(Application $app, $user = null)
|
||||||
{
|
{
|
||||||
|
$user = $user ?: self::$DI['user'];
|
||||||
|
|
||||||
$app['session']->clear();
|
$app['session']->clear();
|
||||||
$app['session']->set('usr_id', self::$DI['user']->get_id());
|
$app['session']->set('usr_id', $user->get_id());
|
||||||
$session = new \Entities\Session();
|
$session = new \Entities\Session();
|
||||||
$session->setUsrId(self::$DI['user']->get_id());
|
$session->setUsrId($user->get_id());
|
||||||
$session->setUserAgent('');
|
$session->setUserAgent('');
|
||||||
self::$DI['app']['EM']->persist($session);
|
self::$DI['app']['EM']->persist($session);
|
||||||
self::$DI['app']['EM']->flush();
|
self::$DI['app']['EM']->flush();
|
||||||
|
|||||||
Reference in New Issue
Block a user