Organisation management

This commit is contained in:
echarp 2015-05-25 11:42:53 +02:00
parent eacff6bedb
commit 6aed6ffc8e
7 changed files with 51 additions and 15 deletions

View File

@ -1,7 +1,8 @@
# Groups life cycle
class OrgasController < ApplicationController
before_action :authenticate_user!, only: [:new, :edit, :update, :destroy]
before_action :set_orga, except: [:index, :new, :create]
before_action :authenticate_user!, only: [:edit, :update, :destroy],
unless: :check_secret
def index
@search = Orga.search params[:q]
@ -19,7 +20,7 @@ class OrgasController < ApplicationController
def create
@orga = Orga.new orga_params
respond_to do |format|
if @orga.save # && send_creation_mails
if @orga.save
format.html { redirect_to :root, notice: t('.ok') }
# 201 means :created
format.json { render action: 'show', status: 201, location: @orga }
@ -42,7 +43,7 @@ class OrgasController < ApplicationController
# PATCH/PUT /orgas/1.json
def update
respond_to do |format|
if @orga.update(orga_params) # && send_update_mails
if @orga.update orga_params
format.html { redirect_to @orga, notice: t('.ok') }
format.json { head :no_content }
else
@ -67,4 +68,9 @@ class OrgasController < ApplicationController
.permit :lock_version, :kind_id, :name, :city, :department, :region_id,
:url, :feed, :contact, :submitter
end
# Check that you can only edit an existing event if you know its secret
def check_secret
!@orga.secret || @orga.secret == params[:secret]
end
end

View File

@ -8,12 +8,12 @@ class Orga < ActiveRecord::Base
validates :region, presence: true
validates :url, format: %r{\Ahttps?:\/\/.*\..*\z}
validates :feed, allow_blank: true, format: %r{\Ahttps?:\/\/.*\..*\z}
validates :contact, allow_blank: true, email: true
validates :contact, presence: true, email: true
validates :submitter, allow_blank: true, email: true
before_validation on: :create do
self.submission_time = Time.zone.now
self.decision_time = Time.zone.now
before_validation do
self.secret ||= SecureRandom.urlsafe_base64(32)[0...32]
self.submission_time ||= Time.zone.now
# Populate submitter using contact info if absent
self.submitter ||= contact

View File

@ -25,17 +25,17 @@
= orga.name
- if orga.url =~ /^http/
= image_tag orga.url + '/favicon.ico', alt: '', class: :favicon
%td
= orga.city
%td
= orga.department
%td
= orga.region
%td
= link_to orga.url, orga.url
%td= orga.city
%td= orga.department
%td= orga.region
%td= link_to orga.url, orga.url
%td
= link_to t('show'),
orga_path(orga, q: params[:q], page: params[:page]),
class: :view_link
= paginate @orgas
= link_to new_orga_path do
%em.fa.fa-plus
= t '.new'

View File

@ -233,6 +233,8 @@ description."
search:
title: Find your %{entity}!
label: Search
index:
new: Add an organisation
show:
links: Links
actions: Actions
@ -251,6 +253,7 @@ description."
edit:
title: Organisation
edit: Edition
forbidden: You are not authorised to modify this organisation
update:
ok: Organisation has been updated
form:

View File

@ -235,6 +235,8 @@ description plus complète."
search:
title: Trouve ton %{entity}!
label: Recherche
index:
new: Ajouter une organisation
show:
links: Liens
actions: Actions
@ -253,6 +255,7 @@ description plus complète."
edit:
title: Organisation
edit: Édition
forbidden: Vous n'êtes pas authorisé à modifier cette organisation
update:
ok: L'organisation a été mise à jour
form:

View File

@ -50,4 +50,27 @@ class OrgasControllerTest < ActionController::TestCase
get :show, id: @orga
assert_response :success
end
test 'should update orga' do
sign_in users(:one)
patch :update, id: @orga, orga: { name: @orga.name }
assert_empty assigns(:orga).errors.messages
assert_redirected_to assigns(:orga)
end
test 'should not update orga' do
sign_in users(:one)
patch :update, id: @orga, orga: { name: nil }
assert_not_empty assigns(:orga).errors.messages
end
test 'should not update orga without proper secret' do
patch :update, id: @orga, secret: @orga.secret, orga: {
name: 'hello world'
}
assert_redirected_to assigns(:orga)
end
end

View File

@ -10,6 +10,7 @@ one:
feed: http://april.org/index.rss
contact: test@exemple.com
submitter: test@exemple.com
secret: my_secret
two:
kind: provider