| @@ -17,7 +17,7 | |||
|
|
17 | 17 | |
|
|
18 | 18 | class AttachmentsController < ApplicationController |
|
|
19 | 19 | before_action :find_attachment, :only => [:show, :download, :thumbnail, :destroy] |
|
|
20 | before_action :find_editable_attachments, :only => [:edit, :update] | |
|
|
20 | before_action :find_editable_attachments, :only => [:edit_all, :update_all] | |
|
|
21 | 21 | before_action :file_readable, :read_authorize, :only => [:show, :download, :thumbnail] |
|
|
22 | 22 | before_action :delete_authorize, :only => :destroy |
|
|
23 | 23 | before_action :authorize_global, :only => :upload |
| @@ -26,7 +26,7 class AttachmentsController < ApplicationController | |||
|
|
26 | 26 | # MIME type text/javascript. |
|
|
27 | 27 | skip_after_filter :verify_same_origin_request, :only => :download |
|
|
28 | 28 | |
|
|
29 | accept_api_auth :show, :download, :thumbnail, :upload, :destroy | |
|
|
29 | accept_api_auth :show, :download, :thumbnail, :upload, :update, :destroy | |
|
|
30 | 30 | |
|
|
31 | 31 | def show |
|
|
32 | 32 | respond_to do |format| |
| @@ -107,17 +107,19 class AttachmentsController < ApplicationController | |||
|
|
107 | 107 | end |
|
|
108 | 108 | end |
|
|
109 | 109 | |
|
|
110 | def edit | |
|
|
110 | # Edit all the attachments of a container | |
|
|
111 | def edit_all | |
|
|
111 | 112 | end |
|
|
112 | 113 | |
|
|
113 | def update | |
|
|
114 | # Update all the attachments of a container | |
|
|
115 | def update_all | |
|
|
114 | 116 | if params[:attachments].is_a?(Hash) |
|
|
115 | 117 | if Attachment.update_attachments(@attachments, params[:attachments]) |
|
|
116 | 118 | redirect_back_or_default home_path |
|
|
117 | 119 | return |
|
|
118 | 120 | end |
|
|
119 | 121 | end |
|
|
120 | render :action => 'edit' | |
|
|
122 | render :action => 'edit_all' | |
|
|
121 | 123 | end |
|
|
122 | 124 | |
|
|
123 | 125 | def destroy |
|
|
1 | NO CONTENT: file renamed from app/views/attachments/edit.html.erb to app/views/attachments/edit_all.html.erb |
| @@ -294,8 +294,8 Rails.application.routes.draw do | |||
|
|
294 | 294 | get 'attachments/download/:id', :to => 'attachments#download', :id => /\d+/ |
|
|
295 | 295 | get 'attachments/thumbnail/:id(/:size)', :to => 'attachments#thumbnail', :id => /\d+/, :size => /\d+/, :as => 'thumbnail' |
|
|
296 | 296 | resources :attachments, :only => [:show, :destroy] |
|
|
297 | get 'attachments/:object_type/:object_id/edit', :to => 'attachments#edit', :as => :object_attachments_edit | |
|
|
298 | patch 'attachments/:object_type/:object_id', :to => 'attachments#update', :as => :object_attachments | |
|
|
297 | get 'attachments/:object_type/:object_id/edit', :to => 'attachments#edit_all', :as => :object_attachments_edit | |
|
|
298 | patch 'attachments/:object_type/:object_id', :to => 'attachments#update_all', :as => :object_attachments | |
|
|
299 | 299 | |
|
|
300 | 300 | resources :groups do |
|
|
301 | 301 | resources :memberships, :controller => 'principal_memberships' |
| @@ -354,9 +354,9 class AttachmentsControllerTest < Redmine::ControllerTest | |||
|
|
354 | 354 | puts '(ImageMagick convert not available)' |
|
|
355 | 355 | end |
|
|
356 | 356 | |
|
|
357 | def test_edit | |
|
|
357 | def test_edit_all | |
|
|
358 | 358 | @request.session[:user_id] = 2 |
|
|
359 | get :edit, :object_type => 'issues', :object_id => '2' | |
|
|
359 | get :edit_all, :object_type => 'issues', :object_id => '2' | |
|
|
360 | 360 | assert_response :success |
|
|
361 | 361 | |
|
|
362 | 362 | assert_select 'form[action=?]', '/attachments/issues/2' do |
| @@ -371,24 +371,24 class AttachmentsControllerTest < Redmine::ControllerTest | |||
|
|
371 | 371 | end |
|
|
372 | 372 | end |
|
|
373 | 373 | |
|
|
374 | def test_edit_invalid_container_class_should_return_404 | |
|
|
375 | get :edit, :object_type => 'nuggets', :object_id => '3' | |
|
|
374 | def test_edit_all_with_invalid_container_class_should_return_404 | |
|
|
375 | get :edit_all, :object_type => 'nuggets', :object_id => '3' | |
|
|
376 | 376 | assert_response 404 |
|
|
377 | 377 | end |
|
|
378 | 378 | |
|
|
379 | def test_edit_invalid_object_should_return_404 | |
|
|
380 | get :edit, :object_type => 'issues', :object_id => '999' | |
|
|
379 | def test_edit_all_with_invalid_object_should_return_404 | |
|
|
380 | get :edit_all, :object_type => 'issues', :object_id => '999' | |
|
|
381 | 381 | assert_response 404 |
|
|
382 | 382 | end |
|
|
383 | 383 | |
|
|
384 | def test_edit_for_object_that_is_not_visible_should_return_403 | |
|
|
385 | get :edit, :object_type => 'issues', :object_id => '4' | |
|
|
384 | def test_edit_all_for_object_that_is_not_visible_should_return_403 | |
|
|
385 | get :edit_all, :object_type => 'issues', :object_id => '4' | |
|
|
386 | 386 | assert_response 403 |
|
|
387 | 387 | end |
|
|
388 | 388 | |
|
|
389 | def test_update | |
|
|
389 | def test_update_all | |
|
|
390 | 390 | @request.session[:user_id] = 2 |
|
|
391 | patch :update, :object_type => 'issues', :object_id => '2', :attachments => { | |
|
|
391 | patch :update_all, :object_type => 'issues', :object_id => '2', :attachments => { | |
|
|
392 | 392 | '1' => {:filename => 'newname.text', :description => ''}, |
|
|
393 | 393 | '4' => {:filename => 'newname.rb', :description => 'Renamed'}, |
|
|
394 | 394 | } |
| @@ -399,9 +399,9 class AttachmentsControllerTest < Redmine::ControllerTest | |||
|
|
399 | 399 | assert_equal 'Renamed', attachment.description |
|
|
400 | 400 | end |
|
|
401 | 401 | |
|
|
402 | def test_update_with_failure | |
|
|
402 | def test_update_all_with_failure | |
|
|
403 | 403 | @request.session[:user_id] = 2 |
|
|
404 | patch :update, :object_type => 'issues', :object_id => '3', :attachments => { | |
|
|
404 | patch :update_all, :object_type => 'issues', :object_id => '3', :attachments => { | |
|
|
405 | 405 | '1' => {:filename => '', :description => ''}, |
|
|
406 | 406 | '4' => {:filename => 'newname.rb', :description => 'Renamed'}, |
|
|
407 | 407 | } |
General Comments 0
You need to be logged in to leave comments.
Login now