Extracts user groups assignment from controller.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4499 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Jean-Philippe Lang 2010-12-12 15:13:34 +00:00
parent 87ae744dce
commit 0a2ec6ef04
4 changed files with 22 additions and 6 deletions

View File

@ -145,7 +145,6 @@ class UsersController < ApplicationController
if params[:user][:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?)
@user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation]
end
@user.group_ids = params[:user][:group_ids] if params[:user][:group_ids]
@user.safe_attributes = params[:user]
# Was the account actived ? (do it before User#save clears the change)
was_activated = (@user.status_change == [User::STATUS_REGISTERED, User::STATUS_ACTIVE])

View File

@ -60,7 +60,7 @@ class User < Principal
attr_accessor :password, :password_confirmation
attr_accessor :last_before_login_on
# Prevents unauthorized assignments
attr_protected :login, :admin, :password, :password_confirmation, :hashed_password, :group_ids
attr_protected :login, :admin, :password, :password_confirmation, :hashed_password
validates_presence_of :login, :firstname, :lastname, :mail, :if => Proc.new { |user| !user.is_a?(AnonymousUser) }
validates_uniqueness_of :login, :if => Proc.new { |user| !user.login.blank? }, :case_sensitive => false
@ -407,6 +407,9 @@ class User < Principal
'auth_source_id',
:if => lambda {|user, current_user| current_user.admin?}
safe_attributes 'group_ids',
:if => lambda {|user, current_user| current_user.admin? && !user.new_record?}
# Utility method to help check if a user should be notified about an
# event.
#

View File

@ -64,17 +64,24 @@ class MyControllerTest < ActionController::TestCase
end
def test_update_account
post :account, :user => {:firstname => "Joe",
:login => "root",
:admin => 1,
:custom_field_values => {"4" => "0100562500"}}
post :account,
:user => {
:firstname => "Joe",
:login => "root",
:admin => 1,
:group_ids => ['10'],
:custom_field_values => {"4" => "0100562500"}
}
assert_redirected_to '/my/account'
user = User.find(2)
assert_equal user, assigns(:user)
assert_equal "Joe", user.firstname
assert_equal "jsmith", user.login
assert_equal "0100562500", user.custom_value_for(4).value
# ignored
assert !user.admin?
assert user.groups.empty?
end
def test_change_password

View File

@ -183,6 +183,13 @@ class UsersControllerTest < ActionController::TestCase
assert ActionMailer::Base.deliveries.empty?
end
def test_update_with_group_ids_should_assign_groups
put :update, :id => 2, :user => {:group_ids => ['10']}
user = User.find(2)
assert_equal [10], user.group_ids
end
def test_update_with_activation_should_send_a_notification
u = User.new(:firstname => 'Foo', :lastname => 'Bar', :mail => 'foo.bar@somenet.foo', :language => 'fr')
u.login = 'foo'