jro_apps/redmine Commit - r4385:0a2ec6ef0472

Extracts user groups assignment from controller....

Jean-Philippe Lang -

r4385:0a2ec6ef0472

parent child

Context file:

r4385:0a2ec6ef0472

app/controllers/users_controller.rb 0 -1

                 if params[:user][:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?)
                   @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation]
                 end
-                @user.group_ids = params[:user][:group_ids] if params[:user][:group_ids]
                 @user.safe_attributes = params[:user]
                 # Was the account actived ? (do it before User#save clears the change)
                 was_activated = (@user.status_change == [User::STATUS_REGISTERED, User::STATUS_ACTIVE])

app/models/user.rb +4 -1

               attr_accessor :password, :password_confirmation
               attr_accessor :last_before_login_on
               # Prevents unauthorized assignments
-              attr_protected :login, :admin, :password, :password_confirmation, :hashed_password, :group_ids
+              attr_protected :login, :admin, :password, :password_confirmation, :hashed_password
               validates_presence_of :login, :firstname, :lastname, :mail, :if => Proc.new { |user| !user.is_a?(AnonymousUser) }
               validates_uniqueness_of :login, :if => Proc.new { |user| !user.login.blank? }, :case_sensitive => false
                 'auth_source_id',
                 :if => lambda {|user, current_user| current_user.admin?}
+              safe_attributes 'group_ids',
+                :if => lambda {|user, current_user| current_user.admin? && !user.new_record?}
               # Utility method to help check if a user should be notified about an
               # event.
               #

test/functional/my_controller_test.rb +11 -4

               end
               def test_update_account
-                post :account, :user => {:firstname => "Joe",
+                post :account,
-                                         :login => "root",
+                  :user => {
-                                         :admin => 1,
+                    :firstname => "Joe",
-                                         :custom_field_values => {"4" => "0100562500"}}
+                    :login => "root",
+                    :admin => 1,
+                    :group_ids => ['10'],
+                    :custom_field_values => {"4" => "0100562500"}
+                  }
                 assert_redirected_to '/my/account'
                 user = User.find(2)
                 assert_equal user, assigns(:user)
                 assert_equal "Joe", user.firstname
                 assert_equal "jsmith", user.login
                 assert_equal "0100562500", user.custom_value_for(4).value
+                # ignored
                 assert !user.admin?
+                assert user.groups.empty?
               end
               def test_change_password

test/functional/users_controller_test.rb +7 0

                 assert ActionMailer::Base.deliveries.empty?
               end
+              def test_update_with_group_ids_should_assign_groups
+                put :update, :id => 2, :user => {:group_ids => ['10']}
+                user = User.find(2)
+                assert_equal [10], user.group_ids
+              end
               def test_update_with_activation_should_send_a_notification
                 u = User.new(:firstname => 'Foo', :lastname => 'Bar', :mail => 'foo.bar@somenet.foo', :language => 'fr')
                 u.login = 'foo'

General Comments 0

You need to be logged in to leave comments. Login now

No TODOs yet

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages