Fix articles and the tests

Fix user password
Add errors to production only
Improve tests
This commit is contained in:
Ari Timonen 2020-03-17 21:31:57 +02:00
parent 2d73f617bc
commit 76faa4d18c
8 changed files with 35 additions and 23 deletions

View file

@ -38,24 +38,28 @@ class ApplicationController < ActionController::Base
redirect_to controller: "articles", action: "news_index"
end
rescue_from AccessError do |exception|
render 'errors/403', status: 403, layout: 'errors'
end
unless Rails.env.production?
rescue_from Error do |exception|
render text: exception.message, layout: true
end
rescue_from AccessError do |exception|
render 'errors/403', status: 403, layout: 'errors'
end
rescue_from ActiveRecord::StaleObjectError do |exception|
render text: t(:application_stale)
end
rescue_from Error do |exception|
render text: exception.message, layout: true
end
rescue_from ActiveRecord::RecordNotFound do |exception|
render :template => 'errors/404.html', :status => :not_found, :layout => 'errors'
rescue_from ActiveRecord::StaleObjectError do |exception|
render text: t(:application_stale)
end
rescue_from ActiveRecord::RecordNotFound do |exception|
render :template => 'errors/404.html', :status => :not_found, :layout => 'errors'
end
end
private
# FIXME: move to model
def update_user
if cuser
Time.zone = cuser.time_zone

View file

@ -39,8 +39,7 @@ class ArticlesController < ApplicationController
end
def create
@article = Article.new article_params
([:article])
@article = Article.new Article.article_params(params, cuser)
@article.user = cuser
raise AccessError unless @article.can_create? cuser
@ -53,7 +52,7 @@ class ArticlesController < ApplicationController
end
def update
raise AccessError unless @article.can_update? cuser, params[:article]
raise AccessError unless @article.can_update? cuser, Article.article_params(params, cuser)
if @article.update_attributes(article_params)
flash[:notice] = t(:articles_update)
redirect_to @article
@ -80,8 +79,4 @@ class ArticlesController < ApplicationController
def get_article
@article = Article.find params[:id]
end
def article_params
params.require(:article).permit(:title, :status, :category_id, :text, :text_coding, :user_id)
end
end

View file

@ -128,7 +128,7 @@ class UsersController < ApplicationController
private
def user_params
params.require(:user).permit(:password, :firstname, :lastname, :email, :steamid, :country, :birthdate, :timezone, :public_email, :filter)
params.require(:user).permit(:raw_password, :firstname, :lastname, :email, :steamid, :country, :birthdate, :timezone, :public_email, :filter)
end
def get_user

View file

@ -78,11 +78,11 @@ class Article < ActiveRecord::Base
end
def previous_article
category.articles.nodrafts.first.where("id < ?", self.id).order("id DESC")
category.articles.nodrafts.first&.(where("id < ?", self.id).order("id DESC"))
end
def next_article
category.articles.nodrafts.first(conditions: ["id > ?", self.id], order: "id ASC")
category.articles.nodrafts.first&.(where("id > ?", self.id).order("id ASC"))
end
def statuses
@ -141,4 +141,10 @@ class Article < ActiveRecord::Base
def can_destroy? cuser
cuser and cuser.admin?
end
def self.article_params params, cuser
p = [:title, :category_id, :text, :text_coding]
p << :status if cuser.admin?
params.require(:article).permit(*p)
end
end

View file

@ -99,6 +99,8 @@ class User < ActiveRecord::Base
scope :lately, -> {
where("lastvisit > ?", 30.days.ago.utc) }
before_validation :update_password
validates_uniqueness_of :username, :email, :steamid
validates_length_of :firstname, :in => 1..15, :allow_blank => true
validates_length_of :lastname, :in => 1..25, :allow_blank => true

View file

@ -1,3 +1,6 @@
# Load spec_helper
require 'spec_helper'
# This file is copied to spec/ when you run 'rails generate rspec:install'
ENV['RAILS_ENV'] ||= 'test'
require File.expand_path('../../config/environment', __FILE__)
@ -5,8 +8,9 @@ require File.expand_path('../../config/environment', __FILE__)
# Prevent database truncation if the environment is production
abort("The Rails environment is running in production mode!") if Rails.env.production?
# Load rails
require 'rspec/rails'
require 'spec_helper'
# Add additional requires below this line. Rails is not loaded until this point!
# Requires supporting ruby files with custom matchers and macros, etc, in

View file

@ -1,7 +1,7 @@
ENV["RAILS_ENV"] ||= "test"
require 'dotenv'
Dotenv.load('.env')
Dotenv.load()
# require "codeclimate-test-reporter"
require "simplecov"

View file

@ -7,6 +7,7 @@ module Features
fill_in "login_password", with: user.raw_password
click_button I18n.t("helpers.submit.user.login")
expect(page).to have_content(I18n.t('login_successful'))
end
def change_timezone_for(user, timezone)