cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Allow a POST with no arguments to trace#edit to fetch the form

Browse source
This commit is contained in:
Tom Hughes 2017-02-13 10:09:43 +00:00
parent 34129ad9b5
commit e23541c20f
2 changed files with 31 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

2
app/controllers/trace_controller.rb
View file

@ -170,7 +170,7 @@ class TraceController < ApplicationController
else else
@title = t "trace.edit.title", :name => @trace.name @title = t "trace.edit.title", :name => @trace.name
if request.post? if request.post? && params[:trace]
@trace.description = params[:trace][:description] @trace.description = params[:trace][:description]
@trace.tagstring = params[:trace][:tagstring] @trace.tagstring = params[:trace][:tagstring]
@trace.visibility = params[:trace][:visibility] @trace.visibility = params[:trace][:visibility]

33
test/controllers/trace_controller_test.rb
View file

@ -557,7 +557,7 @@ class TraceControllerTest < ActionController::TestCase
assert_equal "trackable", users(:public_user).preferences.where(:k => "gps.trace.visibility").first.v assert_equal "trackable", users(:public_user).preferences.where(:k => "gps.trace.visibility").first.v
end end
# Test fetching the edit page for a trace # Test fetching the edit page for a trace using GET
def test_edit_get def test_edit_get
public_trace_file = create(:trace, :visibility => "public", :user => users(:normal_user)) public_trace_file = create(:trace, :visibility => "public", :user => users(:normal_user))
deleted_trace_file = create(:trace, :deleted, :user => users(:public_user)) deleted_trace_file = create(:trace, :deleted, :user => users(:public_user))
@ -584,10 +584,37 @@ class TraceControllerTest < ActionController::TestCase
assert_response :success assert_response :success
end end
# Test saving edits to a trace # Test fetching the edit page for a trace using POST
def test_edit_post def test_edit_post_no_details
public_trace_file = create(:trace, :visibility => "public", :user => users(:normal_user)) public_trace_file = create(:trace, :visibility => "public", :user => users(:normal_user))
deleted_trace_file = create(:trace, :deleted, :user => users(:public_user)) deleted_trace_file = create(:trace, :deleted, :user => users(:public_user))
# First with no auth
post :edit, :display_name => users(:normal_user).display_name, :id => public_trace_file.id
assert_response :forbidden
# Now with some other user, which should fail
post :edit, { :display_name => users(:normal_user).display_name, :id => public_trace_file.id }, { :user => users(:public_user).id }
assert_response :forbidden
# Now with a trace which doesn't exist
post :edit, { :display_name => users(:public_user).display_name, :id => 0 }, { :user => users(:public_user).id }
assert_response :not_found
# Now with a trace which has been deleted
post :edit, { :display_name => users(:public_user).display_name, :id => deleted_trace_file.id }, { :user => users(:public_user).id }
assert_response :not_found
# Finally with a trace that we are allowed to edit
post :edit, { :display_name => users(:normal_user).display_name, :id => public_trace_file.id }, { :user => users(:normal_user).id }
assert_response :success
end
# Test saving edits to a trace
def test_edit_post_with_details
public_trace_file = create(:trace, :visibility => "public", :user => users(:normal_user))
deleted_trace_file = create(:trace, :deleted, :user => users(:public_user))
# New details # New details
new_details = { :description => "Changed description", :tagstring => "new_tag", :visibility => "private" } new_details = { :description => "Changed description", :tagstring => "new_tag", :visibility => "private" }