Diff
Modified: branches/component-querying/Rakefile (3517 => 3518)
--- branches/component-querying/Rakefile 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/Rakefile 2013-04-25 08:14:32 UTC (rev 3518)
@@ -192,6 +192,244 @@
puts doc.to_s
end
+desc 'Create initial activities'
+task "myexp:activities:create" do
+ require File.dirname(__FILE__) + '/config/environment'
+
+ activities = []
+
+ User.find(:all, :conditions => "activated_at IS NOT NULL", :include => :profile).map do |object|
+
+ activities << Activity.new(
+ :subject => object,
+ :subject_label => object.name,
+ :action ="" 'register',
+ :created_at => object.created_at)
+
+ if object.profile.updated_at && object.profile.updated_at != object.profile.created_at
+
+
+ activities << Activity.new(
+ :subject => object,
+ :subject_label => object.name,
+ :action ="" 'edit',
+ :created_at => object.profile.updated_at)
+
+ end
+ end
+
+ (Workflow.all + Blob.all + Pack.all).map do |object|
+
+ activities << Activity.new(
+ :subject => object.contributor,
+ :action ="" 'create',
+ :objekt => object,
+ :auth => object,
+ :created_at => object.created_at)
+
+ if object.updated_at && object.updated_at != object.created_at
+
+ activities << Activity.new(
+ :subject => object.contributor,
+ :action ="" 'edit',
+ :objekt => object,
+ :auth => object,
+ :created_at => object.updated_at)
+ end
+ end
+
+ workflow_versions = (WorkflowVersion.find(:all, :conditions => "version > 1")).select do |object|
+ !(object.version == 2 && object.content_blob.data == object.workflow.versions.first.content_blob.data)
+ end
+
+ workflow_versions.map do |object|
+
+ activities << Activity.new(
+ :subject => object.contributor,
+ :action ="" 'create',
+ :objekt => object,
+ :extra => object.version,
+ :auth => object.versioned_resource,
+ :created_at => object.created_at)
+
+ if object.updated_at && object.updated_at != object.created_at
+
+ activities << Activity.new(
+ :subject => object.contributor,
+ :action ="" 'edit',
+ :objekt => object,
+ :extra => object.version,
+ :auth => object.versioned_resource,
+ :created_at => object.updated_at)
+ end
+ end
+
+ (BlobVersion.find(:all, :conditions => "version > 1")).map do |object|
+
+ activities << Activity.new(
+ :subject => object.blob.contributor,
+ :action ="" 'create',
+ :objekt => object,
+ :extra => object.version,
+ :auth => object.versioned_resource,
+ :created_at => object.created_at)
+
+ if object.updated_at && object.updated_at != object.created_at
+
+ activities << Activity.new(
+ :subject => object.blob.contributor,
+ :action ="" 'edit',
+ :objekt => object,
+ :extra => object.version,
+ :auth => object.versioned_resource,
+ :created_at => object.updated_at)
+ end
+ end
+
+ activities += Comment.all.map do |comment|
+
+ Activity.new(
+ :subject => comment.user,
+ :action ="" 'create',
+ :objekt => comment,
+ :auth => comment.commentable,
+ :created_at => comment.created_at)
+ end
+
+ activities += Bookmark.all.map do |bookmark|
+
+ Activity.new(
+ :subject => bookmark.user,
+ :action ="" 'create',
+ :objekt => bookmark,
+ :auth => bookmark.bookmarkable,
+ :created_at => bookmark.created_at)
+ end
+
+ Announcement.all.each do |object|
+
+ activities << Activity.new(
+ :subject => object.user,
+ :action ="" 'create',
+ :objekt => object,
+ :created_at => object.created_at)
+
+ if object.updated_at && object.updated_at != object.created_at
+
+
+ activities << Activity.new(
+ :subject => object.user,
+ :action ="" 'edit',
+ :objekt => object,
+ :created_at => object.updated_at)
+ end
+ end
+
+ Citation.all.each do |object|
+
+ activities << Activity.new(
+ :subject => object.user,
+ :action ="" 'create',
+ :objekt => object,
+ :auth => object.workflow,
+ :created_at => object.created_at)
+
+ if object.updated_at && object.updated_at != object.created_at
+
+ activities << Activity.new(
+ :subject => object.user,
+ :action ="" 'edit',
+ :objekt => object,
+ :auth => object.workflow,
+ :created_at => object.updated_at)
+ end
+ end
+
+ Rating.all.each do |object|
+
+ activities << Activity.new(
+ :subject => object.user,
+ :action ="" 'create',
+ :objekt => object,
+ :auth => object.rateable,
+ :extra => object.rating,
+ :created_at => object.created_at)
+ end
+
+ Review.all.each do |object|
+
+ activities << Activity.new(
+ :subject => object.user,
+ :action ="" 'create',
+ :objekt => object,
+ :auth => object.reviewable,
+ :created_at => object.created_at)
+
+ if object.updated_at && object.updated_at != object.created_at
+
+ activities << Activity.new(
+ :subject => object.user,
+ :action ="" 'edit',
+ :objekt => object,
+ :auth => object.reviewable,
+ :created_at => object.updated_at)
+ end
+ end
+
+ Tagging.all.each do |object|
+
+ activities << Activity.new(
+ :subject => object.user,
+ :action ="" 'create',
+ :objekt => object,
+ :auth => object.taggable,
+ :extra => object.tag.name,
+ :created_at => object.created_at)
+ end
+
+ Network.all.each do |object|
+
+ activities << Activity.new(
+ :subject => object.owner,
+ :action ="" 'create',
+ :objekt => object,
+ :created_at => object.created_at)
+
+ if object.updated_at && object.updated_at != object.created_at
+
+ activities << Activity.new(
+ :subject => object.owner,
+ :action ="" 'edit',
+ :objekt => object,
+ :created_at => object.updated_at)
+ end
+ end
+
+ Membership.all.each do |membership|
+
+ next unless membership.accepted?
+
+ activities << Activity.new(
+ :subject => membership.user,
+ :action ="" 'join',
+ :objekt => membership.network,
+ :created_at => membership.accepted_at)
+ end
+
+ activities.sort! do |a, b|
+ if a.created_at && b.created_at
+ a.created_at <=> b.created_at
+ else
+ a.object_id <=> b.object_id
+ end
+ end
+
+ activities.each do |activity|
+ activity.save
+ end
+
+end
+
desc 'Perform spam analysis on user profiles'
task "myexp:spam:run" do
require File.dirname(__FILE__) + '/config/environment'
Modified: branches/component-querying/app/controllers/announcements_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/announcements_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/announcements_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -50,6 +50,7 @@
params[:announcement][:user_id] = current_user.id
@announcement = Announcement.new(params[:announcement])
if @announcement.save
+ Activity.create(:subject => current_user, :action ="" 'create', :objekt => @announcement)
flash[:notice] = 'Announcement was successfully created.'
redirect_to :action ="" 'index'
else
@@ -64,6 +65,7 @@
def update
@announcement = Announcement.find(params[:id])
if @announcement.update_attributes(params[:announcement])
+ Activity.create(:subject => current_user, :action ="" 'edit', :objekt => @announcement)
flash[:notice] = 'Announcement was successfully updated.'
redirect_to :action ="" 'show', :id => @announcement
else
Modified: branches/component-querying/app/controllers/blobs_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/blobs_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/blobs_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -168,6 +168,7 @@
respond_to do |format|
if @blob.save
+ Activity.create(:subject => current_user, :action ="" 'create', :objekt => @blob, :auth => @blob)
if params[:blob][:tag_list]
@blob.tags_user_id = current_user
@blob.tag_list = convert_tags_to_gem_format params[:blob][:tag_list]
@@ -236,6 +237,13 @@
respond_to do |format|
if @blob.update_attributes(params[:blob])
+
+ if @blob.new_version_number
+ Activity.create(:subject => current_user, :action ="" 'create', :objekt => @blob.find_version(@blob.new_version_number), :extra => @blob.new_version_number, :auth => @blob)
+ else
+ Activity.create(:subject => current_user, :action ="" 'edit', :objekt => @blob, :auth => @blob)
+ end
+
@blob.refresh_tags(convert_tags_to_gem_format(params[:blob][:tag_list]), current_user) if params[:blob][:tag_list]
policy_err_msg = update_policy(@blob, params)
@@ -287,19 +295,19 @@
# POST /files/1;rate
def rate
- if @blob.contributor_type == 'User' and @blob.contributor_id == current_user.id
- error("You cannot rate your own file!", "")
- else
+ unless @blob.contributor_type == 'User' and @blob.contributor_id == current_user.id
Rating.delete_all(["rateable_type = ? AND rateable_id = ? AND user_id = ?", @blob.class.to_s, @blob.id, current_user.id])
+
+ rating = Rating.create(:rateable => @blob, :user => current_user, :rating => params[:rating])
+ Activity.create(:subject => current_user, :action ="" 'create', :objekt => rating, :auth => @blob, :extra => params[:rating].to_i)
- Rating.create(:rateable => @blob, :user => current_user, :rating => params[:rating])
-
respond_to do |format|
- format.html {
+ format.html do
render :update do |page|
page.replace_html "ratings_inner", :partial => "contributions/ratings_box_inner", :locals => { :contributable => @blob, :controller_name => controller.controller_name }
page.replace_html "ratings_breakdown", :partial => "contributions/ratings_box_breakdown", :locals => { :contributable => @blob }
- end }
+ end
+ end
end
end
end
@@ -325,7 +333,14 @@
# POST /files/1;favourite
def favourite
- @blob.bookmarks << Bookmark.create(:user => current_user, :bookmarkable => @blob) unless @blob.bookmarked_by_user?(current_user)
+
+ bookmark = Bookmark.new(:user => current_user, :bookmarkable => @blob)
+
+ success = bookmark.save unless @blob.bookmarked_by_user?(current_user)
+
+ if success
+ Activity.create(:subject => current_user, :action ="" 'create', :objekt => bookmark, :auth => @blob)
+ end
respond_to do |format|
flash[:notice] = "You have successfully added this item to your favourites."
@@ -473,15 +488,4 @@
render_401("You are not authorised to manage this file.") unless @blob.owner?(current_user)
end
end
-
- private
-
- def error(notice, message, attr=:id)
- flash[:error] = notice
- (err = Blob.new.errors).add(attr, message)
-
- respond_to do |format|
- format.html { redirect_to blobs_url }
- end
- end
end
Modified: branches/component-querying/app/controllers/bookmarks_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/bookmarks_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/bookmarks_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -37,21 +37,8 @@
protected
def find_bookmark_auth
- begin
- @bookmark = Bookmark.find(params[:id], :conditions => ["user_id = ?", current_user.id])
- rescue ActiveRecord::RecordNotFound
- error("Bookmark not found", "is invalid")
+ if (@bookmark = Bookmark.find_by_id(params[:id], :conditions => ["user_id = ?", current_user.id])).nil?
+ render_404("Bookmark not found.")
end
end
-
-private
-
- def error(notice, message, attr=:id)
- flash[:error] = notice
- (err = Bookmark.new.errors).add(attr, message)
-
- respond_to do |format|
- format.html { redirect_to bookmarks_url }
- end
- end
end
Modified: branches/component-querying/app/controllers/citations_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/citations_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/citations_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -6,17 +6,19 @@
class CitationsController < ApplicationController
before_filter :login_required, :except => [ :index, :show ]
- before_filter :find_workflow_auth
+ before_filter :find_workflow
+ before_filter :auth_view_workflow, : [:index, :show]
+ before_filter :auth_edit_workflow, : :create
+ before_filter :find_citation, : [:show, :edit, :update, :destroy ]
+ before_filter :auth_citation, : [:edit, :update, :destroy ]
- before_filter :find_citations, : :index
- before_filter :find_citation, : :show
- before_filter :find_citation_auth, : [ :edit, :update, :destroy ]
-
# declare sweepers and which actions should invoke them
cache_sweeper :citation_sweeper, : [ :create, :update, :destroy ]
# GET /citations
def index
+ @citations = @workflow.citations
+
respond_to do |format|
format.html # index.rhtml
end
@@ -47,6 +49,8 @@
respond_to do |format|
if @citation.save
+
+ Activity.create(:subject => current_user, :action ="" 'create', :objekt => @citation, :auth => @workflow)
flash[:notice] = 'Citation was successfully created.'
format.html { redirect_to workflow_citation_url(@workflow, @citation) }
else
@@ -59,6 +63,7 @@
def update
respond_to do |format|
if @citation.update_attributes(params[:citation])
+ Activity.create(:subject => current_user, :action ="" 'edit', :objekt => @citation, :auth => @workflow)
flash[:notice] = 'Citation was successfully updated.'
format.html { redirect_to workflow_citation_url(@workflow, @citation) }
else
@@ -79,73 +84,33 @@
protected
- def find_workflow_auth
- begin
- # attempt to authenticate the user before you return the workflow
- login_required if login_available?
-
- workflow = Workflow.find(params[:workflow_id])
-
- if Authorization.check((["index", "show"].include?(action_name) ? "view" : "edit"), workflow, current_user)
- @workflow = workflow
-
- # remove workflow data from workflow if the user is not authorized for download
- @workflow.content_blob.data = "" unless Authorization.check("download", @workflow, current_user)
- else
- if logged_in?
- error("Workflow not found (id not authorized)", "is invalid (not authorized)")
- else
- find_workflow_auth if login_required
- end
- end
- rescue ActiveRecord::RecordNotFound
- error("Workflow not found", "is invalid")
+ def find_workflow
+ if (@workflow = Workflow.find_by_id(params[:workflow_id])).nil?
+ render_404("Workflow not found.")
end
end
-
- def find_citations
- if @workflow
- @citations = @workflow.citations
- else
- @citations = []
+
+ def auth_view_workflow
+ unless Authorization.check("view", @workflow, current_user)
+ render_401("You are not authorized to view this workflow's citations.")
end
end
-
- def find_citation
- if citation = @workflow.citations.find(:first, :conditions => ["id = ?", params[:id]])
- @citation = citation
- else
- error("Citation not found", "is invalid", params[:id])
+
+ def auth_edit_workflow
+ unless Authorization.check("edit", @workflow, current_user)
+ render_401("You are not authorized to manage this workflow's citations.")
end
end
-
- def find_citation_auth
- if citation = @workflow.citations.find(:first, :conditions => ["id = ? AND user_id = ?", params[:id], current_user.id])
- @citation = citation
- else
- error("Citation not found (id not authorized)", "is invalid (not authorized)", params[:id])
+
+ def find_citation
+ if (@citation = @workflow.citations.find(:first, :conditions => ["id = ?", params[:id]])).nil?
+ render_404("Citation not found.")
end
end
-private
-
- def error(notice, message, attr=nil)
- flash[:error] = notice
-
- workflow_id_attr = attr
- workflow_id_attr = :id if workflow_id_attr.nil?
-
- (err = Citation.new.errors).add(workflow_id_attr, message)
-
- respond_to do |format|
- format.html {
- if attr
- redirect_to workflow_citations_url(params[:workflow_id])
- else
- redirect_to workflows_url
- end
- }
+ def auth_citation
+ unless @citation.user == current_user
+ render_401("You are not authorized to #{action_name} this citation.")
end
end
-
end
Modified: branches/component-querying/app/controllers/comments_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/comments_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/comments_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -5,8 +5,8 @@
class CommentsController < ApplicationController
- before_filter :find_resource_context, : [ :create, :index, :timeline ]
- before_filter :find_resource, : [ :destroy ]
+ before_filter :find_context, : [ :create, :index, :timeline ]
+ before_filter :find_comment, : [ :destroy ]
# GET /:context_type/:context_id/comments
def index
@@ -33,9 +33,14 @@
end
if text and text.length > 0
- comment = Comment.create(:user => current_user, :comment => text)
- @context.comments << comment
- @context.solr_index if @context.respond_to?(:solr_index)
+ comment = Comment.new(:user => current_user, :comment => text, :commentable => @context)
+
+ success = comment.save
+
+ if success
+ Activity.create(:subject => current_user, :action ="" 'create', :objekt => comment, :auth => @context)
+ @context.solr_index if @context.respond_to?(:solr_index)
+ end
end
respond_to do |format|
@@ -66,25 +71,24 @@
private
- def find_resource
-
- @context = extract_resource_context(params)
+ def find_comment
@comment = Comment.find_by_id(params[:id])
+ @context = @comment.commentable
- return error if @comment.nil? || @context.nil? || @comment.commentable != @context
- return error if Authorization.check('view', @context, current_user) == false
+ if @comment.nil?
+ render_404("Comment not found.")
+ elsif !Authorization.check('view', @context, current_user)
+ render_401("You are not authorized to delete this comment.")
+ end
end
- def find_resource_context
-
+ def find_context
@context = extract_resource_context(params)
- return error if @context.nil?
- return error if Authorization.check('view', @context, current_user) == false
+ if @context.nil?
+ render_404("Comment context not found.")
+ elsif !Authorization.check('view', @context, current_user)
+ render_401("You are not authorized to view this resource's comments.")
+ end
end
-
- def error
- render :text => 'Error.'
- end
end
-
Modified: branches/component-querying/app/controllers/content_types_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/content_types_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/content_types_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -6,6 +6,7 @@
class ContentTypesController < ApplicationController
before_filter :find_content_type, : [ :show, :edit, :update ]
+ before_filter :auth_content_type, : [ :edit, :update ]
# GET /content_types
def index
@@ -54,12 +55,6 @@
# PUT /content_types/1
def update
-
- if !Authorization.check('edit', @content_type, current_user)
- error("You do not have the authorisation to edit.", "is unauthorised")
- return
- end
-
@content_type.title = params[:content_type][:title]
@content_type.description = params[:content_type][:description]
@@ -78,17 +73,13 @@
@content_type = ContentType.find_by_id(params[:id])
if @content_type.nil?
- error("Content type not found", "is invalid")
+ render_404("Content type not found.")
end
end
- def error(notice, message, attr=:id)
- flash[:error] = notice
- (err = ContentType.new.errors).add(attr, message)
-
- respond_to do |format|
- format.html { redirect_to content_types_url }
+ def auth_content_type
+ if !Authorization.check('edit', @content_type, current_user)
+ render_401("You are not authorised to edit this content type.")
end
end
end
-
Modified: branches/component-querying/app/controllers/contributions_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/contributions_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/contributions_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -14,31 +14,23 @@
private
def get_context
- begin
+ # Determine the class name of the model
+ klass_name = params[:contributable_type].singularize.camelize
- # Determine the class name of the model
- klass_name = params[:contributable_type].singularize.camelize
-
- # Process model aliases (e.g. File => Blob)
- klass_name = Conf.model_aliases[klass_name] if Conf.model_aliases[klass_name]
-
+ # Process model aliases (e.g. File => Blob)
+ klass_name = Conf.model_aliases[klass_name] if Conf.model_aliases[klass_name]
+ begin
@contributable = Object.const_get(klass_name).find_by_id(params[:contributable_id])
-
- # Abort if the contributable does not exist
- return error if @contributable.nil?
-
- # Abort if we're not allowed to see this contributable
- return error unless Authorization.check('view', @contributable, current_user)
-
rescue
+ @contributable = nil
+ end
- # In case the const_get doesn't find anything
- return error
+ # Abort if the contributable does not exist
+ if @contributable.nil?
+ render_401("You are not authorized to view this resource.")
+ elsif !Authorization.check('view', @contributable, current_user)
+ # Abort if we're not allowed to see this contributable
+ render_401("You are not authorized to view this resource.")
end
end
-
- def error
- render :text => 'Error.'
- end
end
-
Modified: branches/component-querying/app/controllers/experiments_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/experiments_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/experiments_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -125,23 +125,12 @@
"update" => "edit"
}
- experiment = Experiment.find(:first, :conditions => ["id = ?", params[:id]])
-
- if experiment and Authorization.check(action_permissions[action_name], experiment, current_user)
- @experiment = experiment
- else
- error("Experiment not found or action not authorized", "is invalid (not authorized)")
- end
- end
-
-private
+ @experiment = Experiment.find(:first, :conditions => ["id = ?", params[:id]])
- def error(notice, message, attr=:id)
- flash[:error] = notice
- (err = Experiment.new.errors).add(attr, message)
-
- respond_to do |format|
- format.html { redirect_to experiments_url }
+ if @experiment.nil?
+ render_404("Experiment not found.")
+ elsif !Authorization.check(action_permissions[action_name], @experiment, current_user)
+ render_401("You are not authorized to #{action_name} this experiment.")
end
end
end
Modified: branches/component-querying/app/controllers/friendships_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/friendships_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/friendships_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -8,7 +8,7 @@
before_filter :check_user_present # only allow actions on friendships as on nested resources
- before_filter :find_friendships, : [:index]
+ before_filter :find_user_auth, : [:index]
before_filter :find_friendship_auth, : [:show, :accept, :edit, :update, :destroy]
# declare sweepers and which actions should invoke them
@@ -40,17 +40,21 @@
respond_to do |format|
if @friendship.accept!
+ Activity.create(:subject => User.find(from_id), :action ="" 'create', :objekt => @friendship)
flash[:notice] = 'Friendship was successfully accepted.'
- format.html { redirect_to user_friendships_url(current_user.id) }
else
- error("Friendship already accepted", "already accepted")
+ flash[:error] = "Friendship already accepted."
end
+
+ format.html { redirect_to user_friendships_url(current_user.id) }
end
end
# GET /users/1/friendships
# GET /friendships
def index
+ @friendships = @user.friendships
+
respond_to do |format|
format.html # index.rhtml
end
@@ -89,8 +93,23 @@
# POST /users/1/friendships
# POST /friendships
def create
- friendship_already_exists = Friendship.find_by_user_id_and_friend_id(params[:friendship][:user_id], params[:friendship][:friend_id]) || Friendship.find_by_user_id_and_friend_id(params[:friendship][:friend_id], params[:friendship][:user_id])
- if (@friendship = Friendship.new(params[:friendship]) unless friendship_already_exists )
+ params[:friendship][:user_id] = current_user.id
+
+ friendship_already_exists =
+ Friendship.find_by_user_id_and_friend_id(params[:friendship][:user_id], params[:friendship][:friend_id]) ||
+ Friendship.find_by_user_id_and_friend_id(params[:friendship][:friend_id], params[:friendship][:user_id])
+ if friendship_already_exists
+ respond_to do |format|
+ flash[:error] = "Friendship not created (already exists)."
+ format.html { redirect_to new_user_friendship_url(current_user.id) }
+ end
+ elsif params[:friendship][:friend_id] == params[:friendship][:user_id]
+ respond_to do |format|
+ flash[:error] = "You cannot add yourself as a friend."
+ format.html { redirect_to new_user_friendship_url(current_user.id) }
+ end
+ else
+ @friendship = Friendship.new(params[:friendship])
# set initial datetime
@friendship.accepted_at = nil
if @friendship.message.blank?
@@ -114,8 +133,6 @@
format.html { render :action ="" "new" }
end
end
- else
- error("Friendship not created (already exists)", "not created, already exists")
end
end
@@ -189,51 +206,22 @@
end
end
- def find_friendships
- if params[:user_id].to_i == current_user.id.to_i
- begin
- @user = User.find(params[:user_id])
-
- @friendships = @user.friendships
- rescue ActiveRecord::RecordNotFound
- error("User not found", "is invalid", :user_id)
- end
- else
- error("You are not authorised to view other users' friendships", "")
- end
- end
+ def find_user_auth
+ @user = User.find_by_id(params[:user_id])
- def find_friendship
- if params[:user_id]
- begin
- @user = User.find(params[:user_id])
-
- begin
- @friendship = Friendship.find(params[:id], :conditions => ["friend_id = ?", @user.id])
- rescue ActiveRecord::RecordNotFound
- error("Friendship not found", "is invalid")
- end
- rescue ActiveRecord::RecordNotFound
- error("User not found", "is invalid", :user_id)
- end
- else
- begin
- @friendship = Friendship.find(params[:id])
- rescue ActiveRecord::RecordNotFound
- error("Friendship not found", "is invalid")
- end
+ if @user.nil?
+ render_404("User not found.")
+ elsif @user != current_user
+ render_401("You are not authorised to view other users' friendships.")
end
end
-
+
def find_friendship_auth
- begin
- begin
- # find the friendship first
- @friendship = Friendship.find(params[:id])
- rescue ActiveRecord::RecordNotFound
- raise ActiveRecord::RecordNotFound, "Friendship not found"
- end
-
+ # find the friendship first
+ @friendship = Friendship.find_by_id(params[:id])
+ if @friendship.nil?
+ render_404("Friendship not found.")
+ else
# now go through different actions and check which links (including user_id in the link) are allowed
not_auth = false
case action_name.to_s.downcase
@@ -250,25 +238,10 @@
not_auth = true
end
end
-
# check if we had any errors
if not_auth
- raise ActiveRecord::RecordNotFound, "You are not authorised to view other users' friendships"
+ render_401("You are not authorised to manage other users' friendships.")
end
-
- rescue ActiveRecord::RecordNotFound => exc
- error(exc.message, "")
end
end
-
-private
-
- def error(notice, message)
- flash[:error] = notice
- (err = Friendship.new.errors).add(:id, message)
-
- respond_to do |format|
- format.html { redirect_to user_friendships_url(current_user.id) }
- end
- end
end
Modified: branches/component-querying/app/controllers/group_announcements_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/group_announcements_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/group_announcements_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -99,17 +99,17 @@
protected
def find_group
- begin
- @group = Network.find(params[:network_id])
- rescue ActiveRecord::RecordNotFound
- error("Group couldn't be found")
+ @group = Network.find_by_id(params[:network_id])
+
+ if @group.nil?
+ render_404("Group not found.")
end
end
def check_admin
unless @group.administrator?(current_user.id)
- error("Only group administrators are allowed to create new announcements")
+ render_401("Only group administrators are allowed to create new announcements.")
end
end
@@ -122,61 +122,36 @@
def find_announcement_auth
- begin
- begin
- # find the announcement first
- @announcement = GroupAnnouncement.find(params[:id])
-
- # announcement found, but check if belongs to the group in URL
- unless @group.announcements.include?(@announcement)
- raise ActiveRecord::RecordNotFound
- end
- rescue ActiveRecord::RecordNotFound
- raise ActiveRecord::RecordNotFound, "Group announcement was not found"
- end
-
+ # find the announcement first
+ @announcement = GroupAnnouncement.find_by_id_and_network_id(params[:id], params[:network_id])
+
+ if @announcement.nil?
+ render_404("Group announcement not found.")
+ else
+
# at this point, group announcement is found and it definitely belongs to the group in URL;
# now go through different actions and check which links are allowed for current user
not_auth = false
case action_name.to_s.downcase
when "show"
# if the announcement is private, show it only to group members
- unless @announcement.public
- not_auth = true unless @group.member?(current_user.id)
+ unless @announcement.public || @group.member?(current_user.id)
+ not_auth = true
end
when "edit","update","destroy"
# only owner of the group can destroy the announcement
- unless ((@announcement.user == current_user) || (@group.owner?(current_user.id)))
- not_auth = true;
- raise ActiveRecord::RecordNotFound, "You don't have permissions to perform this action"
+ unless (@announcement.user == current_user) || (@group.owner?(current_user.id))
+ not_auth = true
end
else
# don't allow anything else, for now
not_auth = true
end
-
-
+
# check if we had any errors
if not_auth
raise ActiveRecord::RecordNotFound, "Group announcement was not found"
end
-
- rescue ActiveRecord::RecordNotFound => exc
- error(exc.message)
end
end
-
-
- private
-
- def error(message)
- flash[:error] = message
- return_to_path = @group.nil? ? networks_path : group_announcements_path(@group)
-
- respond_to do |format|
- format.html { redirect_to return_to_path }
- end
- end
-
-
end
Modified: branches/component-querying/app/controllers/group_policies_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/group_policies_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/group_policies_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -75,7 +75,10 @@
format.html { redirect_to network_policies_path(@group) }
end
else
- error("This policy is being used by address@hidden resources and may not be deleted.")
+ respond_to do |format|
+ flash[:error] = "This policy is being used by address@hidden resources and may not be deleted."
+ format.html { redirect_to network_policies_path(@group) }
+ end
end
end
@@ -83,38 +86,25 @@
protected
def find_group
- begin
- @group = Network.find(params[:network_id])
- rescue ActiveRecord::RecordNotFound
- error("Group couldn't be found")
+ @group = Network.find_by_id(params[:network_id])
+
+ if @group.nil?
+ render_404("Group not found.")
end
end
def find_policy
- begin
- @policy = Policy.find(params[:id])
- rescue ActiveRecord::RecordNotFound
- error("Policy couldn't be found")
+ @policy = Policy.find_by_id(params[:id])
+
+ if @policy.nil?
+ render_404("Policy not found.")
end
end
def check_admin
unless @group.administrator?(current_user.id)
- error("Only group administrators are allowed to manage policies")
+ render_401("Only group administrators are allowed to manage policies.")
end
end
-
- private
-
- def error(message)
- flash[:error] = message
- return_to_path = @group.nil? ? networks_path : network_policies_path(@group)
-
- respond_to do |format|
- format.html { redirect_to return_to_path }
- end
- end
-
-
end
Modified: branches/component-querying/app/controllers/jobs_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/jobs_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/jobs_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -9,7 +9,8 @@
before_filter :check_runner_available, : [:new, :update]
- before_filter :find_experiment_auth
+ before_filter :find_experiment
+ before_filter :auth_experiment, :except => [:create, :new]
before_filter :find_jobs, : [:index]
before_filter :find_job_auth, :except => [:index, :new, :create]
@@ -348,8 +349,19 @@
end
end
- def find_experiment_auth
+ def find_experiment
+ return if ["create","new"].include?(action_name) && params[:experiment_id].nil?
+ @experiment = Experiment.find_by_id(params[:experiment_id])
+
+ if @experiment.nil?
+ render_404("Experiment not found.")
+ end
+ end
+
+ def auth_experiment
+ return if ["create","new"].include?(action_name) && params[:experiment_id].nil?
+
action_permissions = {
"create" => "create",
"destroy" => "destroy",
@@ -360,15 +372,8 @@
"update" => "edit"
}
- experiment = Experiment.find(:first, :conditions => ["id = ?", params[:experiment_id]])
-
- if experiment and Authorization.check(action_permissions[action_name], experiment, current_user)
- @experiment = experiment
- else
- # New and Create actions are allowed to run outside of the context of an Experiment
- unless ['new', 'create'].include?(action_name.downcase)
- error("The Experiment that this Job belongs to could not be found or the action is not authorized", "is invalid (not authorized)")
- end
+ unless Authorization.check(action_permissions[action_name], @experiment, current_user)
+ render_401("You are not authorized to access this experiment.")
end
end
@@ -396,27 +401,16 @@
"update" => "edit",
}
- job = Job.find(:first, :conditions => ["id = ?", params[:id]])
+ @job = Job.find_by_id(params[:id])
- if job and job.experiment.id == @experiment.id and Authorization.check(action_permissions[action_name], job, current_user)
- @job = job
- else
- error("Job not found or action not authorized", "is invalid (not authorized)")
+ if @job.nil? || @job.experiment.id != @experiment.id
+ render_404("Job not found.")
+ elsif !Authorization.check(action_permissions[action_name], @job, current_user)
+ render_401("Action not authorized.")
end
end
def check_runnable_supported
# TODO: move all checks for the runnable object here!
end
-
-private
-
- def error(notice, message, attr=:id)
- flash[:error] = notice
- (err = Job.new.errors).add(attr, message)
-
- respond_to do |format|
- format.html { redirect_to experiment_jobs_url(params[:experiment_id]) }
- end
- end
end
Modified: branches/component-querying/app/controllers/memberships_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/memberships_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/memberships_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -7,8 +7,9 @@
before_filter :login_required
before_filter :check_user_present # only allow actions on memberships as on nested resources
-
- before_filter :find_memberships, : [:index]
+
+ before_filter :find_network, : :new
+ before_filter :find_user_auth, : :index
before_filter :find_membership_auth, : [:show, :accept, :edit, :update, :destroy]
# declare sweepers and which actions should invoke them
@@ -84,14 +85,17 @@
flash[:notice] = 'Membership was successfully accepted.'
format.html { redirect_to network_url(@membership.network_id) }
else
- error("Membership already accepted", "already accepted")
+ flash[:error] = "Membership already accepted."
end
+ format.html { redirect_to network_url(@membership.network_id) }
end
end
# GET /users/1/memberships
# GET /memberships
def index
+ @memberships = @user.memberships
+
respond_to do |format|
format.html # index.rhtml
end
@@ -122,14 +126,8 @@
# GET /users/1/memberships/new
# GET /memberships/new
def new
- if params[:network_id]
- begin
- @network = Network.find(params[:network_id])
-
- @membership = Membership.new(:user_id => current_user.id, :network_id => @network.id)
- rescue ActiveRecord::RecordNotFound
- error("Group not found", "is invalid", :network_id)
- end
+ if @network
+ @membership = Membership.new(:user_id => current_user.id, :network_id => @network.id)
else
@membership = Membership.new(:user_id => current_user.id)
end
@@ -191,7 +189,10 @@
end
end
else
- error("Membership not created (already exists)", "not created, already exists")
+ respond_to do |format|
+ flash[:error] = "Membership not created (already exists)"
+ format.html { render :action ="" "new" }
+ end
end
end
@@ -339,51 +340,30 @@
end
end
- def find_memberships
- if params[:user_id].to_i == current_user.id.to_i
- begin
- @user = User.find(params[:user_id])
-
- @memberships = @user.memberships
- rescue ActiveRecord::RecordNotFound
- error("User not found", "is invalid", :user_id)
- end
- else
- error("You are not authorised to view other users' memberships", "")
+ def find_network
+ @network = Network.find_by_id(params[:network_id])
+
+ if @network.nil? && params[:network_id]
+ render_404("Group not found.")
end
end
- def find_membership
- if params[:user_id]
- begin
- @user = User.find(params[:user_id])
-
- begin
- @membership = Membership.find(params[:id], :conditions => ["user_id = ?", @user.id])
- rescue ActiveRecord::RecordNotFound
- error("Membership not found", "is invalid")
- end
- rescue ActiveRecord::RecordNotFound
- error("User not found", "is invalid", :user_id)
- end
- else
- begin
- @membership = Membership.find(params[:id])
- rescue ActiveRecord::RecordNotFound
- error("Membership not found", "is invalid")
- end
+ def find_user_auth
+ @user = User.find_by_id(params[:user_id])
+
+ if @user.nil?
+ render_404("User not found.")
+ elsif @user != current_user
+ render_401("You are not authorised to view other users' memberships.")
end
end
-
+
def find_membership_auth
- begin
- begin
- # find the membership first
- @membership = Membership.find(params[:id])
- rescue ActiveRecord::RecordNotFound
- raise ActiveRecord::RecordNotFound, "Membership not found"
- end
-
+ @membership = Membership.find_by_id(params[:id])
+
+ if @membership.nil?
+ render_404("Membership not found.")
+ else
# now go through different actions and check which links (including user_id in the link) are allowed
not_auth = false
case action_name.to_s.downcase
@@ -392,34 +372,30 @@
# depending on who initiated it (link is for current user's id only)
if @membership.user_established_at == nil
unless @membership.user_id == current_user.id && params[:user_id].to_i == @membership.user_id
- not_auth = true;
+ not_auth = true
end
elsif @membership.network_established_at == nil
unless @membership.network.administrator?(current_user.id) # TODO: CHECK WHY?! && params[:user_id].to_i == @membership.network.owner.id
- not_auth = true;
+ not_auth = true
end
end
when "show", "destroy", "update"
# Only the owner of the network OR the person who the membership is for can view/delete memberships;
# link - just user to whom the membership belongs
- unless (@membership.network.administrator?(current_user.id) || @membership.user_id == current_user.id) && @membership.user_id == params[:user_id].to_i
+ unless (@membership.network.administrator?(current_user.id) ||
+ @membership.user_id == current_user.id) && @membership.user_id == params[:user_id].to_i
not_auth = true
end
else
# don't allow anything else, for now
not_auth = true
end
-
-
+
# check if we had any errors
if not_auth
- raise ActiveRecord::RecordNotFound, "You are not authorised to view other users' memberships"
+ render_401("You are not authorised to view other users' memberships.")
end
-
- rescue ActiveRecord::RecordNotFound => exc
- error(exc.message, "")
end
-
end
private
@@ -428,14 +404,4 @@
message = Message.new(:from => from_id, :to => to_id, :subject => subject, :body => body, :reply_id => nil, :read_at => nil, :deleted_by_sender => true )
message.save
end
-
- def error(notice, message, attr=:id)
- flash[:error] = notice
- (err = Membership.new.errors).add(attr, message)
-
- respond_to do |format|
- format.html { redirect_to user_memberships_url(current_user.id) }
- end
- end
-
end
Modified: branches/component-querying/app/controllers/messages_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/messages_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/messages_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -6,8 +6,8 @@
class MessagesController < ApplicationController
before_filter :login_required
- before_filter :find_message_by_to_or_from, : [:show, :destroy]
- before_filter :find_reply_by_to, : [:new]
+ before_filter :find_and_auth_message, : [:show, :destroy]
+ before_filter :find_and_auth_reply, : :new
# declare sweepers and which actions should invoke them
cache_sweeper :message_sweeper, : [ :create, :show, :destroy, :delete_all_selected ]
@@ -55,10 +55,9 @@
# if current_user is not recipient, they must be the sender
message_folder = ( @message.recipient?(current_user.id) ? "inbox" : "outbox" )
- if (message_folder == "inbox" && @message.deleted_by_recipient == true)
- error("Message not found (id not authorized)", "is invalid (not sender or recipient)")
- elsif (message_folder == "outbox" && @message.deleted_by_sender == true)
- error("Message not found (id not authorized)", "is invalid (not sender or recipient)")
+ if (message_folder == "inbox" && @message.deleted_by_recipient == true) ||
+ (message_folder == "outbox" && @message.deleted_by_sender == true)
+ render_404("Message not found.")
else
# message is found, and is not deleted by current_user -> show the message;
# mark message as read if it is viewed by the receiver
@@ -83,7 +82,6 @@
end
end
end
-
end
@@ -242,28 +240,24 @@
protected
- def find_message_by_to
- begin
- @message = Message.find(params[:id], :conditions => ["`to` = ?", current_user.id])
- rescue ActiveRecord::RecordNotFound
- error("Message not found (id not authorized)", "is invalid (not recipient)")
+ def find_and_auth_message
+ action = "" == "show" ? "view" : action_name
+
+ @message = Message.find_by_id(params[:id])
+ if @message.nil?
+ render_404("Message not found.")
+ elsif !Authorization.check(action, @message, current_user)
+ render_401("You are not authorized to #{action} this message.")
end
end
-
- def find_message_by_to_or_from
- begin
- @message = Message.find(params[:id], :conditions => ["`to` = ? OR `from` = ?", current_user.id, current_user.id])
- rescue ActiveRecord::RecordNotFound
- error("Message not found (id not authorized)", "is invalid (not sender or recipient)")
- end
- end
-
- def find_reply_by_to
+
+ def find_and_auth_reply
if params[:reply_id]
- begin
- @reply = Message.find(params[:reply_id], :conditions => ["`to` = ?", current_user.id])
- rescue ActiveRecord::RecordNotFound
- error("Reply not found (id not authorized)", "is invalid (not recipient)")
+ @reply = Message.find_by_id(params[:reply_id])
+ if @reply.nil?
+ render_404("Original message not found.")
+ elsif !Authorization.check('view', @reply, current_user)
+ render_401("You are not authorized to reply to this message.")
end
end
end
@@ -303,15 +297,4 @@
return ordering
end
-
-private
-
- def error(notice, message)
- flash[:error] = notice
- (err = Message.new.errors).add(:id, message)
-
- respond_to do |format|
- format.html { redirect_to messages_url }
- end
- end
end
Modified: branches/component-querying/app/controllers/networks_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/networks_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/networks_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -12,7 +12,9 @@
before_filter :login_required, :except => [:index, :show, :content, :search, :all]
before_filter :find_networks, : [:all]
- before_filter :find_network, : [:membership_request, :show, :tag, :content]
+ before_filter :find_network, : [:membership_request, :show, :tag, :content,
+ :edit, :update, :destroy, :invite, :membership_invite,
+ :membership_invite_external]
before_filter :find_network_auth_admin, : [:invite, :membership_invite, :membership_invite_external]
before_filter :find_network_auth_owner, : [:edit, :update, :destroy]
@@ -320,6 +322,7 @@
respond_to do |format|
if @network.save
+ Activity.create(:subject => current_user, :action ="" 'create', :objekt => @network)
if params[:network][:tag_list]
@network.tags_user_id = current_user
@network.tag_list = convert_tags_to_gem_format params[:network][:tag_list]
@@ -340,6 +343,7 @@
respond_to do |format|
if @network.update_attributes(params[:network])
+ Activity.create(:subject => current_user, :action ="" 'edit', :objekt => @network)
@network.refresh_tags(convert_tags_to_gem_format(params[:network][:tag_list]), current_user) if params[:network][:tag_list]
flash[:notice] = 'Group was successfully updated.'
format.html { redirect_to network_url(@network) }
@@ -406,39 +410,19 @@
:host => base_host,
:id => @network.id
rescue ActiveRecord::RecordNotFound
- error("Group not found", "is invalid (not owner)")
+ render_404("Group not found.")
end
end
def find_network_auth_owner
- begin
- @network = Network.find(params[:id], :include => [ :owner, :memberships ])
- unless @network.owner == current_user || current_user.admin?
- error("Group not found (id not authorized)", "is invalid (not group administrator)")
- end
- rescue ActiveRecord::RecordNotFound
- error("Group not found (id not authorized)", "is invalid (not group administrator)")
+ unless @network.owner == current_user || current_user.admin?
+ render_401("You must be the group owner to perform this action.")
end
end
def find_network_auth_admin
- if @network = Network.find_by_id(params[:id], :include => [ :owner, :memberships ])
- unless @network.administrator?(current_user.id)
- error("You must be a group administrator to invite people","")
- end
- else
- error("Group not found (id not authorized)", "is invalid (not owner)")
+ unless @network.administrator?(current_user.id)
+ render_401("You must be a group administrator to perform this action.")
end
end
-
-private
-
- def error(notice, message)
- flash[:error] = notice
- (err = Network.new.errors).add(:id, message)
-
- respond_to do |format|
- format.html { redirect_to networks_url }
- end
- end
end
Modified: branches/component-querying/app/controllers/oauth_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/oauth_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/oauth_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -174,12 +174,4 @@
render_404("Client Application not found")
end
end
-
- def error(notice, message, attr=:id)
- flash[:error] = notice
-
- respond_to do |format|
- format.html { redirect_to oauth_url }
- end
- end
end
Modified: branches/component-querying/app/controllers/packs_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/packs_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/packs_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -203,7 +203,14 @@
# POST /packs/1;favourite
def favourite
- @pack.bookmarks << Bookmark.create(:user => current_user, :bookmarkable => @pack) unless @pack.bookmarked_by_user?(current_user)
+
+ bookmark = Bookmark.new(:user => current_user, :bookmarkable => @pack)
+
+ success = bookmark.save unless @pack.bookmarked_by_user?(current_user)
+
+ if success
+ Activity.create(:subject => current_user, :action ="" 'create', :objekt => bookmark, :auth => @pack)
+ end
respond_to do |format|
flash[:notice] = "You have successfully added this item to your favourites."
@@ -292,13 +299,11 @@
end
def edit_item
- if params[:entry_type].blank? or params[:entry_id].blank?
- error("Invalid item entry specified for editing", "")
- else
- @type = params[:entry_type].downcase
- @item_entry = find_entry(@pack.id, params[:entry_type], params[:entry_id])
+ @type = params[:entry_type].downcase
+ @item_entry = find_entry(@pack.id, params[:entry_type], params[:entry_id])
+ if @item_entry.nil?
+ render_404("Invalid item entry specified for editing.")
end
-
# Will render packs/new_item.rhtml
end
@@ -510,16 +515,7 @@
end
private
-
- def error(notice, message, attr=:id)
- flash[:error] = notice
- (err = Pack.new.errors).add(attr, message)
-
- respond_to do |format|
- format.html { redirect_to packs_url }
- end
- end
-
+
# This finds the specified entry within the specified pack (otherwise returns nil).
def find_entry(pack_id, entry_type, entry_id)
case entry_type.downcase
Modified: branches/component-querying/app/controllers/pictures_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/pictures_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/pictures_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -130,16 +130,4 @@
def find_user
@user = User.find_by_id(params[:user_id])
end
-
-private
-
- def error(notice, message, attr=:id)
- flash[:error] = notice
- (err = Picture.new.errors).add(attr, message)
-
- respond_to do |format|
- format.html { redirect_to logged_in? ? user_pictures_url(current_user) : '' }
- end
- end
end
-
Modified: branches/component-querying/app/controllers/previews_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/previews_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/previews_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -19,14 +19,14 @@
user = User.authenticate(credentials[0], credentials[1])
if user.nil?
- render :nothing => true, :status => "401 Unauthorized"
+ render :nothing => true, :status => 401
response.headers['WWW-Authenticate'] = "Basic realm=\"#{Conf.sitename} REST API\""
return
end
end
if @context.preview.nil?
- render :nothing => true, :status => "404 Not Found"
+ render :nothing => true, :status => 404
return
end
@@ -37,7 +37,7 @@
end
if Authorization.check('view', auth_object, user) == false
- render :nothing => true, :status => "401 Unauthorized"
+ render :nothing => true, :status => 401
response.headers['WWW-Authenticate'] = "Basic realm=\"#{Conf.sitename} REST API\""
return
end
@@ -53,7 +53,7 @@
when 'thumb'; source = 'image'; size = 100; mime_type = 'image/jpeg'
when 'svg'; source = 'svg'; size = nil; mime_type = 'image/svg+xml'
else
- render(:inline => 'Bad preview type', :status => "400 Bad Request")
+ render(:inline => 'Bad preview type', :status => 400)
return
end
@@ -70,7 +70,7 @@
end
if content_blob.nil?
- render :nothing => true, :status => "404 Not Found"
+ render :nothing => true, :status => 404
return
end
@@ -100,14 +100,13 @@
def find_context
@context = extract_resource_context(params)
- return error unless @context
-
- @context = @context.find_version(params[:version]) if params[:version]
- return error unless @context
+ if @context.nil?
+ render_404("Resource not found.")
+ elsif params[:version]
+ @context = @context.find_version(params[:version])
+ if @context.nil?
+ render_404("Resource version not found.")
+ end
+ end
end
-
- def error
- render :text => 'Error.'
- end
end
-
Modified: branches/component-querying/app/controllers/relationships_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/relationships_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/relationships_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -7,7 +7,7 @@
helper PacksHelper
- before_filter :find_resource_context
+ before_filter :find_and_auth_resource_context
before_filter :find_resource, :except => [ :edit_relationships, :create ]
# GET /:context_type/:context_id/edit_relationships
@@ -63,25 +63,21 @@
private
- def find_resource
+ def find_and_auth_resource_context
+ @context = extract_resource_context(params)
- @context = extract_resource_context(params)
- @relationship = Relationship.find_by_id(params[:id])
-
- return error if @relationship.nil? || @context.nil? || @relationship.context != @context
- return error if Authorization.check('view', @context, current_user) == false
+ if @context.nil?
+ render_404("Relationship context not found.")
+ elsif !Authorization.check('view', @context, current_user)
+ render_401("You are not authorized to view this resource's relationships.")
+ end
end
- def find_resource_context
+ def find_resource
+ @relationship = Relationship.find_by_id(params[:id])
- @context = extract_resource_context(params)
-
- return false if @context.nil?
- return false if Authorization.check('view', @context, current_user) == false
+ if @relationship.nil? || @relationship.context != @context
+ render_404("Relationship not found.")
+ end
end
-
- def error
- render :text => 'Error.'
- end
end
-
Modified: branches/component-querying/app/controllers/reviews_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/reviews_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/reviews_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -15,8 +15,8 @@
before_filter :find_reviewable_auth
before_filter :find_reviews, : [ :index ]
- before_filter :find_review, : [ :show ]
- before_filter :find_review_auth, : [ :edit, :update, :destroy ]
+ before_filter :find_review, : [ :show, :edit, :update, :destroy ]
+ before_filter :auth_review, : [ :edit, :update, :destroy ]
# declare sweepers and which actions should invoke them
cache_sweeper :review_sweeper, : [ :create, :update, :delete ]
@@ -63,6 +63,7 @@
respond_to do |format|
if @review.save
+ Activity.create(:subject => current_user, :action ="" 'create', :objekt => @review, :auth => @reviewable, :extra => params[:rating].to_i)
update_rating(@review, params[:rating])
flash[:notice] = 'Thank you for your review!'
format.html { redirect_to workflow_review_url(@reviewable, @review) }
@@ -81,6 +82,7 @@
def update
respond_to do |format|
if @review.update_attributes(params[:review])
+ Activity.create(:subject => current_user, :action ="" 'edit', :objekt => @review, :auth => @reviewable, :extra => params[:rating].to_i)
update_rating(@review, params[:rating])
flash[:notice] = 'Review was successfully updated.'
format.html { redirect_to workflow_review_url(@reviewable, @review) }
@@ -121,28 +123,15 @@
def find_reviewable_auth
# IMPORTANT NOTE: currently the only reviewable supported is "Workflow".
# See note at the beginning of this controller for more info.
-
- begin
- # attempt to authenticate the user before you return the reviewable
- login_required if login_available?
-
- workflow = Workflow.find(params[:workflow_id])
-
- if Authorization.check('view', workflow, current_user)
- # remove workflow data from workflow if the user is not authorized for download
- workflow.content_blob.data = "" unless Authorization.check('download', workflow, current_user)
- @reviewable = workflow
- else
- if logged_in?
- error("Workflow not found (id not authorized)", "is invalid (not authorized)")
- return
- else
- login_required
- end
- end
- rescue ActiveRecord::RecordNotFound
- error("Workflow not found", "is invalid")
- return
+ @reviewable = Workflow.find_by_id(params[:workflow_id])
+
+ if @reviewable.nil?
+ render_404("Workflow not found.")
+ elsif !Authorization.check('view', @reviewable, current_user)
+ # remove workflow data from workflow if the user is not authorized for download
+ render_401("You are not authorized to review this workflow.")
+ else
+ @reviewable.content_blob.data = "" unless Authorization.check('download', @reviewable, current_user)
end
end
@@ -158,39 +147,13 @@
if review = @reviewable.reviews.find(:first, :conditions => ["id = ?", params[:id]])
@review = review
else
- error("Review not found", "is invalid")
- return
+ render_404("Review not found.")
end
end
- def find_review_auth
- if review = @reviewable.reviews.find(:first, :conditions => ["id = ? AND user_id = ?", params[:id], current_user.id])
- @review = review
- else
- error("Review not found or action not authorized", "is invalid (not authorized)")
- return
+ def auth_review
+ unless @review.user == current_user
+ render_401("You are not authorized to #{action_name} this review.")
end
end
-
-private
-
- def error(notice, message, attr = nil)
- flash[:error] = notice
-
- workflow_id_attr = attr
- workflow_id_attr = :id if workflow_id_attr.nil?
-
- (err = Review.new.errors).add(workflow_id_attr, message)
-
- respond_to do |format|
- format.html {
- if attr
- redirect_to workflow_reviews_url(params[:workflow_id])
- else
- redirect_to workflows_url
- end
- }
- end
- end
end
-
Modified: branches/component-querying/app/controllers/runners_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/runners_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/runners_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -136,23 +136,12 @@
"verify" => "view"
}
- runner = TavernaEnactor.find(:first, :conditions => ["id = ?", params[:id]])
-
- if runner and Authorization.check(action_permissions[action_name], runner, current_user)
- @runner = runner
- else
- error("Runner not found or action not authorized", "is invalid (not authorized)")
- end
- end
-
-private
+ @runner = TavernaEnactor.find_by_id(params[:id])
- def error(notice, message, attr=:id)
- flash[:error] = notice
- (err = TavernaEnactor.new.errors).add(attr, message)
-
- respond_to do |format|
- format.html { redirect_to runners_url }
+ if @runner.nil?
+ render_404("Runner not found.")
+ elsif !Authorization.check(action_permissions[action_name], @runner, current_user)
+ render_401("You are not authorized to #{action_permissions[action_name]} this runner.")
end
end
end
Modified: branches/component-querying/app/controllers/search_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/search_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/search_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -20,8 +20,11 @@
@type = "all" if @type.nil? or @type == ""
if !Conf.search_categories.include?(@type)
- error(@type)
- return
+ flash[:error] = "'#{type}' is an invalid search type"
+
+ respond_to do |format|
+ format.html { redirect_to url_for(:controller => "home") }
+ end
end
if Conf.model_aliases.key?(@type.camelize.singularize)
@@ -181,14 +184,6 @@
private
- def error(type)
- flash[:error] = "'#{type}' is an invalid search type"
-
- respond_to do |format|
- format.html { redirect_to url_for(:controller => "home") }
- end
- end
-
def search_all
@query = params[:query]
Modified: branches/component-querying/app/controllers/services_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/services_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/services_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -71,19 +71,7 @@
@contributable_path = service_path(@contributable)
rescue ActiveRecord::RecordNotFound
- error("Service not found", "is invalid")
+ render_404("Service not found.")
end
end
-
- private
-
- def error(notice, message, attr=:id)
- flash[:error] = notice
- (err = Service.new.errors).add(attr, message)
-
- respond_to do |format|
- format.html { redirect_to services_url }
- end
- end
end
-
Modified: branches/component-querying/app/controllers/tags_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/tags_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/tags_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -59,7 +59,7 @@
end
def find_tag_and_tagged_with
- @tag = Tag.find(:first, :conditions => ["id = ?", params[:id]])
+ @tag = Tag.find_by_id(params[:id])
if @tag
@tagged_with = []
@@ -87,21 +87,12 @@
@tagged_with = @tagged_with.uniq
else
- error("Tag not found", "is invalid")
+ render_404("Tag not found.")
end
end
private
- def error(notice, message, attr=:id)
- flash[:error] = notice
- (err = Tag.new.errors).add(attr, message)
-
- respond_to do |format|
- format.html { redirect_to tags_url }
- end
- end
-
# This needs to be refactored into a library somewhere!
# (eg: a myExperiment system library)
def parse_to_internal_type(type)
Modified: branches/component-querying/app/controllers/topics_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/topics_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/topics_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -5,10 +5,10 @@
class TopicsController < ApplicationController
before_filter :login_required, :except => [:index, :show]
-
+ before_filter :find_topic, : [:tag_feedback, :topic_feedback]
# declare sweepers and which actions should invoke them
- cache_sweeper :workflow_sweeper, : [ :create, :create_version, :launch, :update, :update_version, :destroy_version, :destroy ]
+ cache_sweeper :workflow_sweeper, : [ :create, :create_version, :launch, :update, :update_version, :destroy ]
cache_sweeper :download_viewing_sweeper, : [ :show, :download, :named_download, :launch ]
cache_sweeper :permission_sweeper, : [ :create, :update, :destroy ]
cache_sweeper :bookmark_sweeper, : [ :destroy, :favourite, :favourite_delete ]
@@ -39,100 +39,75 @@
end
def tag_feedback
- # Ensure that all the needed information was provided
- if params[:topic_id].blank? || params[:user_id].blank? || params[:tag_id].blank? || params[:score].blank?
- error("Malformed feedback information.", "")
- else
- this_topic = Topic.find(params[:topic_id]) rescue error("Invalid topic specified.")
- #Ensure the feedback is for the current user
- if params[:user_id].to_i != current_user.id
- error("You may only post feedback as yourself.", "")
- return
- end
- # Not allowed to create duplicate feedback
- if this_topic.topic_tag_feedback.exists?( :user_id => params[:user_id], :tag_id => params[:tag_id] )
- error( "You may provide feedback only once per topic, tag pair.", "")
- return
- end
+ this_topic = @topic
+
+ # Not allowed to create duplicate feedback
+ unless feedback = this_topic.topic_tag_feedback.find_by_user_id_and_tag_id(current_user.id, params[:tag_id])
#Create the feedback
feedback = this_topic.topic_tag_feedback.build( :score => params[:score], :submit_dt => Time.new.utc )
- feedback.user = User.find(params[:user_id])
+ feedback.user = current_user
feedback.tag = Tag.find(params[:tag_id])
feedback.save
- #topic_id => params[:topic_id], :user_id => params[:user_id], :tag_id => params[:tag_id],
-
- # What if the tag doesn't exist?
-
- respond_to do |response|
- # page.html {redirect_to topics_path }
- response.html {
- render :update do |page|
- page.replace_html "tag_feedback_div_#{params[:topic_id]}_#{params[:tag_id]}", "Thanks!"
- end
- }
- end
end
+
+ #topic_id => params[:topic_id], :user_id => params[:user_id], :tag_id => params[:tag_id],
+
+ # What if the tag doesn't exist?
+
+ respond_to do |response|
+ # page.html {redirect_to topics_path }
+ response.html {
+ render :update do |page|
+ page.replace_html "tag_feedback_div_#{params[:topic_id]}_#{params[:tag_id]}", "Thanks!"
+ end
+ }
+ end
end
def topic_feedback
- # Ensure that all the needed information was provided
- if params[:topic_id].blank? || params[:user_id].blank? || params[:score].blank?
- error("Malformed feedback information.", "")
- else
- this_topic = Topic.find(params[:topic_id]) rescue error("Invalid topic specified.")
- #Ensure the feedback is for the current user
- if params[:user_id].to_i != current_user.id
- error("You may only post feedback as yourself.", "")
- return
- end
- # Not allowed to create duplicate feedback
- if this_topic.topic_feedback.exists?( :user_id => params[:user_id] )
- error( "You may provide feedback only once per topic.", "")
- return
- end
+ this_topic = @topic
+ # Not allowed to create duplicate feedback
+ unless feedback = this_topic.topic_feedback.find_by_user_id(current_user.id)
#Create the feedback
feedback = this_topic.topic_feedback.build( :score => params[:score], :submit_dt => Time.new.utc )
- feedback.user = User.find(params[:user_id])
+ feedback.user = current_user
feedback.save
-
- respond_to do |response|
- # page.html {redirect_to topics_path }
- response.html {
- render :update do |page|
+ end
- if
- this_topic.name.blank?
- then
- topicName = "Explore this topic"
- else
- topicName = this_topic.name
- end
+ respond_to do |response|
+ # page.html {redirect_to topics_path }
+ response.html {
+ render :update do |page|
- topicLink = "<a href=""
+ if
+ this_topic.name.blank?
+ then
+ topicName = "Explore this topic"
+ else
+ topicName = this_topic.name
+ end
- if feedback.score == 1
- img_url = 'images/thumbsup_grey.png'
- else
- img_url = 'images/thumbsdown_grey.png'
- end
+ topicLink = "<a href=""
- page.replace_html "topic_feedback_#{params[:topic_id]}", "<img src=''>"
+ if feedback.score == 1
+ img_url = 'images/thumbsup_grey.png'
+ else
+ img_url = 'images/thumbsdown_grey.png'
end
- }
- end
+
+ page.replace_html "topic_feedback_#{params[:topic_id]}", "<img src=''>"
+ end
+ }
end
end
private
- def error(notice, message, attr=:id)
- flash[:error] = notice
- (err = Workflow.new.errors).add(attr, message)
-
- respond_to do |format|
- format.html { redirect_to topics_url }
+ def find_topic
+ @topic = Topic.find_by_id(params[:topic_id])
+
+ if @topic.nil?
+ render_404("Topic not found.")
end
end
-
end
-
Modified: branches/component-querying/app/controllers/user_reports_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/user_reports_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/user_reports_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -9,34 +9,23 @@
def create
UserReport.create(:user => current_user, :subject => @object)
- render(:text => '[ reported ]')
+ render(:text => '[ reported ]', :status => 200)
end
private
def find_object
-
- # ensure that user is logged in and that params[:user_id] matches
- return error if (current_user == 0 || (current_user.id.to_s != params[:user_id]))
-
# ensure that the object type is valid
- return error unless ["Comment", "Message"].include?(params[:subject_type])
+ unless ["Comment", "Message"].include?(params[:subject_type])
+ render(:nothing => true, :status => 400)
+ else
+ @object = Object.const_get(params[:subject_type]).find_by_id(params[:subject_id])
- object = Object.const_get(params[:subject_type]).find(params[:subject_id])
-
- # ensure that the object exists
- return error if object.nil?
-
- # ensure that the object is visible to the user
- return error unless Authorization.check('view', object, current_user)
-
- @object = object
-
- true
+ if @object.nil?
+ render(:text => "Report failed. #{params[:subject_type]} not found.", :status => 404)
+ elsif !Authorization.check('view', @object, current_user)
+ render(:text => "Report failed. You are not authorized to view this #{params[:subject_type]}.", :status => 401)
+ end
+ end
end
-
- def error
- render(:text => '400 Bad Request', :status => "400 Bad Request")
- end
end
-
Modified: branches/component-querying/app/controllers/userhistory_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/userhistory_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/userhistory_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -27,26 +27,13 @@
def find_user
if params[:user_id]
- begin
- @user = User.find(params[:user_id])
-
- rescue ActiveRecord::RecordNotFound
- error("User not found", "is invalid", :user_id)
- end
+ @user = User.find_by_id(params[:user_id])
else
- @user = User.find(params[:id])
+ @user = User.find_by_id(params[:id])
end
- end
-private
-
- def error(notice, message, attr=:id)
- flash[:error] = notice
- (err = User.new.errors).add(attr, message)
-
- respond_to do |format|
- format.html { redirect_to users_url }
+ if @user.nil?
+ render_404("User not found.")
end
end
-
end
Modified: branches/component-querying/app/controllers/users_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/users_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/users_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -14,9 +14,9 @@
before_filter :login_required, :except => [:index, :new, :create, :search, :all, :confirm_email, :forgot_password, :reset_password] + show_actions
before_filter :find_users, : [:all]
- before_filter :find_user, : [:destroy] + show_actions
- before_filter :find_user_auth, : [:edit, :update]
-
+ before_filter :find_user, : [:destroy, :edit, :update] + show_actions
+ before_filter :auth_user, : [:edit, :update]
+
# declare sweepers and which actions should invoke them
cache_sweeper :user_sweeper, : [ :create, :update, :destroy ]
@@ -314,6 +314,7 @@
user.errors.full_messages.each { |e| logger.error(e) }
#END DEBUG
if confirmed
+ Activity.create(:subject => user, :action ="" 'register')
self.current_user = user
self.current_user.process_pending_invitations! # look up any pending invites for this user + transfer them to relevant tables from 'pending_invitations' table
confirmed = false if !logged_in?
@@ -763,52 +764,16 @@
end
def find_user
- begin
- @user = User.find(params[:id], :include => [ :profile, :tags ])
- rescue ActiveRecord::RecordNotFound
- error("User not found", "is invalid (not owner)")
- return
- end
-
- unless @user
- error("User not found", "is invalid (not owner)")
- return
- end
-
- unless @user.activated?
- error("User not activated", "is invalid (not owner)")
- return
- end
- end
+ @user = User.find_by_id(params[:id], :include => [ :profile, :tags ])
- def find_user_auth
- begin
- @user = User.find(params[:id], :conditions => ["id = ?", current_user.id])
- rescue ActiveRecord::RecordNotFound
- error("User not found (id not authorized)", "is invalid (not owner)")
- return
+ if @user.nil? || address@hidden
+ render_404("User not found, or not activated.")
end
-
- unless @user
- error("User not found (or not authorized)", "is invalid (not owner)")
- return
- end
-
- unless @user.activated?
- error("User not activated (id not authorized)", "is invalid (not owner)")
- return
- end
end
-
-private
- def error(notice, message)
- flash[:error] = notice
- (err = User.new.errors).add(:id, message)
-
- respond_to do |format|
- format.html { redirect_to users_url }
+ def auth_user
+ unless @user == current_user
+ render_401("You may only manage your own account.")
end
end
end
-
Modified: branches/component-querying/app/controllers/workflows_controller.rb (3517 => 3518)
--- branches/component-querying/app/controllers/workflows_controller.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/controllers/workflows_controller.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -24,7 +24,7 @@
before_filter :check_context, : :index
# declare sweepers and which actions should invoke them
- cache_sweeper :workflow_sweeper, : [ :create, :create_version, :launch, :update, :update_version, :destroy_version, :destroy ]
+ cache_sweeper :workflow_sweeper, : [ :create, :create_version, :launch, :update, :update_version, :destroy ]
cache_sweeper :download_viewing_sweeper, : [ :show, :download, :named_download, :galaxy_tool, :galaxy_tool_download, :launch ]
cache_sweeper :permission_sweeper, : [ :create, :update, :destroy ]
cache_sweeper :bookmark_sweeper, : [ :destroy, :favourite, :favourite_delete ]
@@ -44,7 +44,14 @@
# POST /workflows/1;favourite
def favourite
- Bookmark.create(:user => current_user, :bookmarkable => @workflow) unless @workflow.bookmarked_by_user?(current_user)
+
+ bookmark = Bookmark.new(:user => current_user, :bookmarkable => @workflow)
+
+ success = bookmark.save unless @workflow.bookmarked_by_user?(current_user)
+
+ if success
+ Activity.create(:subject => current_user, :action ="" 'create', :objekt => bookmark, :auth => @workflow)
+ end
respond_to do |format|
flash[:notice] = "You have successfully added this item to your favourites."
@@ -69,12 +76,11 @@
# POST /workflows/1;rate
def rate
- if @workflow.contribution.contributor_type == 'User' and @workflow.contribution.contributor_id == current_user.id
- error("You cannot rate your own workflow!", "")
- else
+ unless @workflow.contribution.contributor_type == 'User' and @workflow.contribution.contributor_id == current_user.id
Rating.delete_all(["rateable_type = ? AND rateable_id = ? AND user_id = ?", @workflow.class.to_s, @workflow.id, current_user.id])
- Rating.create(:rateable => @workflow, :user => current_user, :rating => params[:rating])
+ rating = Rating.create(:rateable => @workflow, :user => current_user, :rating => params[:rating])
+ Activity.create(:subject => current_user, :action ="" 'create', :objekt => rating, :auth => @workflow, :extra => params[:rating].to_i)
respond_to do |format|
format.html {
@@ -348,6 +354,9 @@
respond_to do |format|
if @workflow.save
+
+ Activity.create(:subject => current_user, :action ="" 'create', :objekt => @workflow, :auth => @workflow)
+
if params[:workflow][:tag_list]
@workflow.refresh_tags(convert_tags_to_gem_format(params[:workflow][:tag_list]), current_user)
@workflow.reload
@@ -478,6 +487,8 @@
raise unless Rails.env == 'production'
end
+ Activity.create(:subject => current_user, :action ="" 'create', :objekt => @workflow.versions.last, :extra => @workflow.versions.last.version, :auth => @workflow)
+
respond_to do |format|
flash[:notice] = 'New workflow version successfully created.'
format.html {
@@ -534,6 +545,8 @@
if @workflow.update_attributes(params[:workflow])
+ Activity.create(:subject => current_user, :action ="" 'edit', :objekt => @workflow, :auth => @workflow)
+
if params[:workflow][:tag_list]
@workflow.refresh_tags(convert_tags_to_gem_format(params[:workflow][:tag_list]), current_user)
@workflow.reload
@@ -597,6 +610,7 @@
respond_to do |format|
if success
+ Activity.create(:subject => current_user, :action ="" 'edit', :objekt => version, :extra => version.version, :auth => @workflow)
flash[:notice] = "Workflow version #{version.version}: \"#{original_title}\" has been updated."
format.html { redirect_to(workflow_url(@workflow) + "?version=#{params[:version]}") }
else
@@ -626,38 +640,7 @@
end
end
end
-
- # DELETE /workflows/1;destroy_version?version=1
- def destroy_version
- workflow_title = @viewing_version.title
-
- if params[:version]
- if @workflow.find_version(params[:version]) == false
- render_404("Workflow version not found.")
- end
- if @workflow.versions.length < 2
- error("Can't delete all versions", " is not allowed", :version)
- end
- success = @workflow.destroy_version(params[:version].to_i)
- else
- success = false
- end
-
- respond_to do |format|
- if success
- flash[:notice] = "Workflow version #{params[:version]}: \"#{workflow_title}\" has been deleted"
- format.html { redirect_to workflow_url(@workflow) }
- else
- flash[:error] = "Failed to delete Workflow version. Please report this."
- if params[:version]
- format.html { redirect_to(workflow_url(@workflow) + "?version=#{params[:version]}") }
- else
- format.html { redirect_to workflow_url(@workflow) }
- end
- end
- end
- end
-
+
def tag_suggestions
@suggestions = @workflow.get_tag_suggestions
end
@@ -725,7 +708,6 @@
"create" => "create",
"create_version" => "edit",
"destroy" => "destroy",
- "destroy_version" => "edit",
"download" => "download",
"edit" => "edit",
"edit_version" => "edit",
@@ -944,15 +926,6 @@
end
end
- def error(notice, message, attr=:id)
- flash[:error] = notice
- (err = Workflow.new.errors).add(attr, message)
-
- respond_to do |format|
- format.html { redirect_to workflows_url }
- end
- end
-
def construct_options
valid_keys = ["contributor_id", "contributor_type"]
Modified: branches/component-querying/app/helpers/application_helper.rb (3517 => 3518)
--- branches/component-querying/app/helpers/application_helper.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/helpers/application_helper.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -1026,14 +1026,7 @@
:action ="" "edit_version",
:version => version_number)
end
-
- def workflow_version_delete_url(workflow_id, version_number)
- return url_for(:controller => "workflows",
- :id => workflow_id,
- :action ="" "destroy_version",
- :version => version_number)
- end
-
+
def strip_html(str, preserve_tags=[])
str = str.strip || ''
preserve_arr = preserve_tags.join('|') << '|\/'
Copied: branches/component-querying/app/models/activity.rb (from rev 3517, trunk/app/models/activity.rb) (0 => 3518)
--- branches/component-querying/app/models/activity.rb (rev 0)
+++ branches/component-querying/app/models/activity.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -0,0 +1,37 @@
+# myExperiment: app/models/activity.rb
+#
+# Copyright (c) 2012 University of Manchester and the University of Southampton.
+# See license.txt for details.
+
+class Activity < ActiveRecord::Base
+
+ belongs_to :subject, :polymorphic => true
+ belongs_to :objekt, :polymorphic => true
+ belongs_to :auth, :polymorphic => true
+
+ validates_presence_of :subject
+ validates_presence_of :action
+ validates_presence_of :subject_label
+
+ before_validation do |e|
+
+ if e.subject && e.subject_label.nil?
+ e.subject_label = e.subject.label if e.subject.respond_to?(:label)
+ e.subject_label = e.subject.title if e.subject.respond_to?(:title)
+ e.subject_label = e.subject.name if e.subject.respond_to?(:name)
+ end
+
+ if e.objekt && e.objekt_label.nil?
+ e.objekt_label = e.objekt.label if e.objekt.respond_to?(:label)
+ e.objekt_label = e.objekt.title if e.objekt.respond_to?(:title)
+ e.objekt_label = e.objekt.name if e.objekt.respond_to?(:name)
+ end
+
+ if e.objekt && (e.objekt_label.nil? || e.objekt_label == "") && e.auth
+ e.objekt_label = e.auth.label if e.auth.respond_to?(:label)
+ e.objekt_label = e.auth.title if e.auth.respond_to?(:title)
+ e.objekt_label = e.auth.name if e.auth.respond_to?(:name)
+ end
+ end
+end
+
Modified: branches/component-querying/app/models/workflow_version.rb (3517 => 3518)
--- branches/component-querying/app/models/workflow_version.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/models/workflow_version.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -14,6 +14,8 @@
belongs_to :content_blob, :dependent => :destroy
belongs_to :content_type
+ belongs_to :contributor, :polymorphic => true
+
validates_presence_of :content_blob
validates_presence_of :content_type
Modified: branches/component-querying/app/views/comments/_comment.rhtml (3517 => 3518)
--- branches/component-querying/app/views/comments/_comment.rhtml 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/views/comments/_comment.rhtml 2013-04-25 08:14:32 UTC (rev 3518)
@@ -16,7 +16,7 @@
</tr>
<tr>
<td style="text-align: right; padding-right: 1em;">
- <%= render(:partial => 'contributions/user_report', :locals => { :subject => comment, :user => current_user }) -%>
+ <%= render(:partial => 'contributions/user_report', :locals => { :subject => comment }) -%>
<% if Authorization.check('destroy', comment, current_user) %>
<small>
[
Modified: branches/component-querying/app/views/contributions/_user_report.rhtml (3517 => 3518)
--- branches/component-querying/app/views/contributions/_user_report.rhtml 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/views/contributions/_user_report.rhtml 2013-04-25 08:14:32 UTC (rev 3518)
@@ -1,6 +1,6 @@
-<% if user != 0 %>
+<% if logged_in? %>
<% div_name = "report#{subject.class.name}#{subject.id}" %>
- <% if UserReport.find_by_user_id_and_subject_type_and_subject_id(user.id, subject.class.name, subject.id) %>
+ <% if UserReport.find_by_user_id_and_subject_type_and_subject_id(current_user.id, subject.class.name, subject.id) %>
<small>
[ reported ]
</small>
@@ -9,7 +9,7 @@
[
<%= link_to_remote('report',
:update => div_name,
- :url ="" "/users/#{user.id}/reports?subject_type=#{subject.class.name}&subject_id=#{subject.id}",
+ :url ="" "/users/#{current_user.id}/reports?subject_type=#{subject.class.name}&subject_id=#{subject.id}",
:method => :post,
:complete => "new Effect.Highlight('#{div_name}', { duration: 1.5 }); $('comment').value = '';",
:confirm => "Are you sure you want to report this?" ) %>
Modified: branches/component-querying/app/views/friendships/new.rhtml (3517 => 3518)
--- branches/component-querying/app/views/friendships/new.rhtml 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/views/friendships/new.rhtml 2013-04-25 08:14:32 UTC (rev 3518)
@@ -3,7 +3,6 @@
<%= error_messages_for :friendship %>
<% form_for(:friendship, :url ="" user_friendships_path) do |f| %>
- <%= f.hidden_field :user_id, :value => current_user.id %>
<%= f.hidden_field :friend_id, :value => params[:user_id] %>
<% friend = User.find(params[:user_id]) %>
Modified: branches/component-querying/app/views/messages/show.rhtml (3517 => 3518)
--- branches/component-querying/app/views/messages/show.rhtml 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/views/messages/show.rhtml 2013-04-25 08:14:32 UTC (rev 3518)
@@ -61,7 +61,7 @@
</div>
<div style="margin: 6px; text-align: right">
- <%= render(:partial => 'contributions/user_report', :locals => { :subject => @message, :user => current_user }) -%>
+ <%= render(:partial => 'contributions/user_report', :locals => { :subject => @message }) -%>
</div>
</div>
Modified: branches/component-querying/app/views/search/model.rhtml (3517 => 3518)
--- branches/component-querying/app/views/search/model.rhtml 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/views/search/model.rhtml 2013-04-25 08:14:32 UTC (rev 3518)
@@ -9,10 +9,13 @@
<%= view_privileges_notice %>
<br />
-<%= render :partial => "layouts/paginate", :locals => { :collection => @collection } %>
+<div style="overflow: auto"><%= render :partial => "layouts/paginate", :locals => { :collection => @collection } %></div><br/>
-<%= render :partial => "address@hidden/table", :locals => { :collection => @collection, :query => @query } %>
+<div class="summary">
+ <div class="results">
+ <%= render :partial => "address@hidden/table", :locals => { :collection => @collection, :query => @query } %>
+ </div>
+</div>
-<%= render :partial => "layouts/paginate", :locals => { :collection => @collection } %>
+<div style="overflow: auto"><%= render :partial => "layouts/paginate", :locals => { :collection => @collection } %></div>
-<br />
Modified: branches/component-querying/app/views/workflows/show.rhtml (3517 => 3518)
--- branches/component-querying/app/views/workflows/show.rhtml 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/app/views/workflows/show.rhtml 2013-04-25 08:14:32 UTC (rev 3518)
@@ -67,13 +67,6 @@
<div style="margin-top: 1em;">
<ul class="sectionIcons" style="margin-top: 0.7em; margin-bottom: 0.6em;">
<li style="margin-left: 0;"><%= icon('edit', workflow_version_edit_url(@workflow.id, @viewing_version.version), nil, nil, "Edit This Version") %></li>
- <% if false %>
- <% if @latest_version_number > 1 %>
- <% if Authorization.check("destroy", @workflow, current_user) %>
- <li><%= icon('destroy', workflow_version_delete_url(@workflow.id, @viewing_version.version), nil, { :confirm => "Are you sure you want to delete this version (Version address@hidden) of the Workflow file (including title/description metadata)?", :method => :delete }, 'Delete This Version') %></li>
- <% end %>
- <% end %>
- <% end %>
</ul>
</div>
<% end %>
Modified: branches/component-querying/config/routes.rb (3517 => 3518)
--- branches/component-querying/config/routes.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/config/routes.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -81,8 +81,7 @@
:rate => :post,
:tag => :post,
:create_version => :post,
- :destroy_version => :delete,
- :edit_version => :get,
+ :edit_version => :get,
:update_version => :put,
:process_tag_suggestions => :post,
:tag_suggestions => :get } do |workflow|
Copied: branches/component-querying/db/migrate/099_add_activities.rb (from rev 3517, trunk/db/migrate/099_add_activities.rb) (0 => 3518)
--- branches/component-querying/db/migrate/099_add_activities.rb (rev 0)
+++ branches/component-querying/db/migrate/099_add_activities.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -0,0 +1,32 @@
+# myExperiment: db/migrate/097_add_activities.rb
+#
+# Copyright (c) 2012 University of Manchester and the University of Southampton.
+# See license.txt for details.
+
+class AddActivities < ActiveRecord::Migration
+ def self.up
+ create_table :activities do |t|
+
+ t.string :subject_type
+ t.integer :subject_id
+ t.string :subject_label
+
+ t.string :action
+
+ t.string :objekt_type
+ t.integer :objekt_id
+ t.string :objekt_label
+
+ t.string :auth_type
+ t.integer :auth_id
+
+ t.string :extra
+
+ t.datetime :created_at
+ end
+ end
+
+ def self.down
+ drop_table :activities
+ end
+end
Modified: branches/component-querying/db/schema.rb (3517 => 3518)
--- branches/component-querying/db/schema.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/db/schema.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -11,6 +11,20 @@
ActiveRecord::Schema.define(:version => 20130308085716) do
+ create_table "activities", :force => true do |t|
+ t.string "subject_type"
+ t.integer "subject_id"
+ t.string "subject_label"
+ t.string "action"
+ t.string "objekt_type"
+ t.integer "objekt_id"
+ t.string "objekt_label"
+ t.string "auth_type"
+ t.integer "auth_id"
+ t.string "extra"
+ t.datetime "created_at"
+ end
+
create_table "activity_limits", :force => true do |t|
t.string "contributor_type", :null => false
t.integer "contributor_id", :null => false
@@ -84,6 +98,27 @@
add_index "bookmarks", ["user_id"], :name => "index_bookmarks_on_user_id"
+ create_table "checksums", :id => false, :force => true do |t|
+ t.integer "id"
+ t.string "sha1"
+ end
+
+ add_index "checksums", ["id"], :name => "i1", :unique => true
+
+ create_table "checksums_new", :id => false, :force => true do |t|
+ t.integer "id"
+ t.string "sha1"
+ end
+
+ add_index "checksums_new", ["id"], :name => "i1", :unique => true
+
+ create_table "checksums_new_new", :id => false, :force => true do |t|
+ t.integer "id"
+ t.string "sha1"
+ end
+
+ add_index "checksums_new_new", ["id"], :name => "ii", :unique => true
+
create_table "citations", :force => true do |t|
t.integer "user_id"
t.integer "workflow_id"
@@ -828,6 +863,8 @@
t.integer "preview_id"
end
+ add_index "workflow_versions", ["workflow_id"], :name => "index_workflow_versions_on_workflow_id"
+
create_table "workflows", :force => true do |t|
t.integer "contributor_id"
t.string "contributor_type"
Modified: branches/component-querying/lib/authorization.rb (3517 => 3518)
--- branches/component-querying/lib/authorization.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/lib/authorization.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -339,6 +339,13 @@
end
+ when "Message"
+ case action
+ when "view"
+ return object.to == user.id || object.from == user.id
+ when "destroy"
+ return object.to == user.id
+ end
else
# don't recognise the kind of object that is being authorized, so
# we don't specifically know that it needs to be blocked;
Modified: branches/component-querying/lib/paginated_array.rb (3517 => 3518)
--- branches/component-querying/lib/paginated_array.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/lib/paginated_array.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -19,6 +19,8 @@
((@total - 1) / @limit) + 1
end
+ alias_method :total_pages, :page_count
+
def first_page
1
end
@@ -47,6 +49,8 @@
(@offset / @limit) + 1
end
+ alias_method :current_page, :page
+
def page_exists?(x)
return false if x < first_page
return false if x > last_page
@@ -55,3 +59,4 @@
end
end
+
Modified: branches/component-querying/lib/rest.rb (3517 => 3518)
--- branches/component-querying/lib/rest.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/lib/rest.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -1185,6 +1185,15 @@
success = ob.save
+ if success
+ case "#{action} #{new_version || edit_version}"
+ when "create false"; Activity.create(:subject => opts[:user], :action ="" 'create', :objekt => ob, :auth => ob)
+ when "create true"; Activity.create(:subject => opts[:user], :action ="" 'create', :objekt => ob.versions.last, :auth => ob)
+ when "edit false"; Activity.create(:subject => opts[:user], :action ="" 'edit', :objekt => ob, :auth => ob)
+ when "edit true"; Activity.create(:subject => opts[:user], :action ="" 'edit', :objekt => ob, :extra => ob.version, :auth => ob.workflow)
+ end
+ end
+
return rest_response(400, :object => ob) unless success
# Elements to update if we're not dealing with a workflow version
@@ -1320,7 +1329,8 @@
ob.content_blob = ContentBlob.new(:data ="" content) if content
- new_version = action == 'create' && opts[:query][:id]
+ new_version = action == 'create' && opts[:query]['id'] != nil
+ edit_version = action == 'edit' && opts[:query]['version'] != nil
if new_version
ob[:revision_comments] = revision_comment
@@ -1328,6 +1338,15 @@
success = ob.save
+ if success
+ case "#{action} #{new_version || edit_version}"
+ when "create false"; Activity.create(:subject => opts[:user], :action ="" 'create', :objekt => ob, :auth => ob)
+ when "create true"; Activity.create(:subject => opts[:user], :action ="" 'create', :objekt => ob.versions.last, :auth => ob)
+ when "edit false"; Activity.create(:subject => opts[:user], :action ="" 'edit', :objekt => ob, :auth => ob)
+ when "edit true"; Activity.create(:subject => opts[:user], :action ="" 'edit', :objekt => ob, :extra => ob.version, :auth => ob.blob)
+ end
+ end
+
return rest_response(400, :object => ob) unless success
if opts[:query]['version'].nil?
@@ -2078,7 +2097,16 @@
# End of curation hack
- return rest_response(400, :object => ob) unless ob.save
+ success = ob.save
+
+ if success
+ case action
+ when "create"; Activity.create(:subject => opts[:user], :action ="" 'create', :objekt => ob)
+ when "edit"; Activity.create(:subject => opts[:user], :action ="" 'edit', :objekt => ob)
+ end
+ end
+
+ return rest_response(400, :object => ob) unless success
end
rest_get_request(ob, opts[:user], { "id" => ob.id.to_s })
@@ -2134,7 +2162,13 @@
ob.bookmarkable = target
end
- return rest_response(400, :object => ob) unless ob.save
+ success = ob.save
+
+ if success
+ Activity.create(:subject => current_user, :action ="" 'create', :objekt => ob)
+ end
+
+ return rest_response(400, :object => ob) unless success
end
rest_get_request(ob, opts[:user], { "id" => ob.id.to_s })
@@ -2193,7 +2227,13 @@
ob.rateable = subject
end
- return rest_response(400, :object => ob) unless ob.save
+ success = ob.save
+
+ if success
+ Activity.create(:subject => opts[:user], :action ="" 'create', :objekt => ob, :auth => subject)
+ end
+
+ return rest_response(400, :object => ob) unless success
end
rest_get_request(ob, opts[:user], { "id" => ob.id.to_s })
@@ -2249,11 +2289,17 @@
ob.tag = tag if tag
if subject
- return rest_response(401, :reason => "Not authorised for the specified resource") unless Authorization.check(action, Rating, opts[:user], subject)
+ return rest_response(401, :reason => "Not authorised for the specified resource") unless Authorization.check(action, Tagging, opts[:user], subject)
ob.taggable = subject
end
- return rest_response(400, :object => ob) unless ob.save
+ success = ob.save
+
+ if success && action == "create"
+ Activity.create(:subject => opts[:user], :action ="" 'create', :objekt => ob, :auth => subject)
+ end
+
+ return rest_response(400, :object => ob) unless success
end
rest_get_request(ob, opts[:user], { "id" => ob.id.to_s })
Copied: branches/component-querying/public/images/biovel_cropped.png (from rev 3517, trunk/public/images/biovel_cropped.png)
(Binary files differ)
Copied: branches/component-querying/public/images/scape_cropped.png (from rev 3517, trunk/public/images/scape_cropped.png)
(Binary files differ)
Copied: branches/component-querying/public/images/wf4ever_cropped.png (from rev 3517, trunk/public/images/wf4ever_cropped.png)
(Binary files differ)
Modified: branches/component-querying/public/index.html (3517 => 3518)
--- branches/component-querying/public/index.html 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/public/index.html 2013-04-25 08:14:32 UTC (rev 3518)
@@ -1,334 +1,293 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
- <head>
- <meta http-equiv="content-type" content="text/html"/>
- <title>myExperiment</title>
- <link rel="shortcut icon" href="" type="image/x-icon"/>
- <link href="" media="screen" rel="Stylesheet" type="text/css"/>
- <link href="" media="screen" rel="Stylesheet" type="text/css"/>
- <link href="" media="screen" rel="Stylesheet" type="text/css"/>
- <link href="" media="screen" rel="Stylesheet" type="text/css"/>
-
- <link href="" rel="alternate" type="application/rss+xml" title="myExperiment.org - Site Announcements" />
- </head>
- <body
- <div id="doc2">
- <div id="hd" class="frontpage_header">
- <img alt="Logo" src="" class="logo"/>
- <div class="text">
- myExperiment makes it easy to <b>find</b>, <b>use</b> and <b>share</b> <b>scientific workflows</b> and
- other <b>Research Objects</b>, and to build <b>communities</b>.
- </div>
- <div class="clearer"> </div>
- </div>
- <div id="bd">
- <div id="frontpage_body">
-
- <!-- Search Bar -->
- <div class="search">
- <form action="" method="get">
- <input id="query" name="query" style="width: 250px; padding: 0.1em;" />
- <select id="type" name="type">
- <option value="all" selected="selected">All</option>
- <option value="users">Users</option>
- <option value="groups">Groups</option>
- <option value="workflows">Workflows</option>
- <option value="files">Files</option>
- <option value="packs">Packs</option>
- </select>
- <input type="submit" value="Search" name="commit" this.value='Searching...'; this.form.submit();" />
- </form>
- </div>
-
- <!-- Quick Start -->
- <div class="box" style="margin-right: 20px; width: 320px;">
- <b class="xtop"><b class="xb1"></b><b class="xb2"></b><b class="xb3"></b><b class="xb4"></b></b>
- <div class="content" style="height: 29em;">
- <div class="links">
- <p class="heading" style="margin-left: 1em; margin-bottom: 1em; text-align: left;">
- First time visitor? Try these videos:
- </p>
- <ul class="use">
- <li>
- <img src="" alt="Film"/>
- <a href="" Introduction</a>
- </li>
- <li>
- <img src="" alt="Film"/>
- <a href="" Case Study</a>
- </li>
- </ul>
- <p class="heading" style="margin-left: 1em; margin-bottom: 1em; text-align: left;">
- Use myExperiment to...
- </p>
- <ul class="use">
- <li>
- <img src="" alt="Find Workflows"/>
- <b>Find <a href=""
- </li>
- <li>
- <img src="" alt="Share Your Workflows and Files"/>
- <b>Share Your <a href="" and <a href=""
- </li>
- <li>
- <img src="" alt="Create and Find Packs of Items"/>
- <b><a href="" and Find <a href="" of Items</b>
- </li>
- <li>
- <img src="" alt="Find People and Make Friends"/>
- <b>Find <a href="" and Make Friends</b>
- </li>
- <li>
- <img src="" alt="Create and Join Groups"/>
- <b><a href="" and Join <a href=""
- </li>
- <li>
- <img src="" alt="Build your Profile and Reputation"/>
- <b>Build your Profile and Reputation</b>
- </li>
- <li>
- <img src="" alt="Tag and Rate things"/>
- <b>Tag and Rate things</b>
- </li>
- <li>
- <img src="" alt="Write Reviews and Comments"/>
- <b>Write Reviews and Comments</b>
- </li>
- </ul>
- </div>
- </div>
- <b class="xbottom"><b class="xb5"></b><b class="xb6"></b><b class="xb7"></b><b class="xb1"></b></b>
- </div>
-
- <!-- Quick Links -->
- <div class="box" style="margin-right: 20px; width: 280px;">
- <b class="xtop"><b class="xb1"></b><b class="xb2"></b><b class="xb3"></b><b class="xb4"></b></b>
- <div class="content" style="height: 29em; text-align: center;">
-
- <center>
- <a href="" "Explore button" title="Explore myExperiment" class="letmein_button">
- </a>
- </center>
- <center>
- <a href="" alt="Find Workflows button" title="Find Workflows on myExperiment" class="findworkflows_button">
- </a>
- </center>
-
- <div class="links" style="font-size: 93%; border-top: 1px dotted #999999; margin-top: 1em;">
- <p style="margin-top: 1em; font-size:120%"><a href="" target="_blank" style="font-weight: bolder;">About myExperiment</a></p>
- <p><a href="" target="_blank">Join the Mailing List</a></p>
- <p><a href="" target="_blank">myExperiment Publications</a></p>
- <p><a href="" target="_blank">For Developers</a></p>
- <p><a href="" us Feedback</a></p>
- <p><a href="" target="_blank">The BioCatalogue Project</a></p>
- </div>
- </div>
- <b class="xbottom"><b class="xb5"></b><b class="xb6"></b><b class="xb7"></b><b class="xb1"></b></b>
- </div>
-
- <!-- Register / Login -->
- <div class="box" style="width: 230px;">
- <b class="xtop"><b class="xb1"></b><b class="xb2"></b><b class="xb3"></b><b class="xb4"></b></b>
- <div class="content" style="height: 29em;">
- <center>
- <a href="" alt="Register button" title="Register for an account on myExperiment" class="register_button">
- </a>
- </center>
- <p style="font-size: 108%; margin: 0.8em 0 0.2em 0; text-align: center;">
- <b>or Login:</b>
- </p>
- <div id="login">
- <b class="xtop"><b class="xb1"></b><b class="xb2"></b><b class="xb3"></b><b class="xb4"></b></b>
- <div class="login">
- <form action="" method="post">
- <p>
- <label for=""
- Username or Email:
- </label>
- </p>
- <p>
- <input id="session[username]" name="session[username]" type="text"/>
- </p>
- <p>
- <label for=""
- Password:
- </label>
- </p>
- <p>
- <input id="session[password]" name="session[password]" type="password"/>
- </p>
- <p>
- <label for=""
- Remember me:
- </label>
- <input id="session[remember_me]" name="session[remember_me]" value="1" type="checkbox"/>
- </p>
- <div style="margin-top: 0.8em; border: 0px dotted #999999; border-width: 1px 0; padding: 0.2em 0;">
- <p>
- <label for=""
- Or use OpenID:
- </label>
- </p>
- <p>
- <input id="openid_url" name="openid_url" type="text" style="width: 150px;"/>
- <br/>
- <span style="font-size: 77%; color: #333333;">(eg: name.myopenid.com)</span>
- </p>
- </div>
- <p style="margin-top: 0.8em;">
- <input name="commit" value="" type="submit" class="submit" title="Log in to myExperiment"/>
- </p>
- <p style="font-size: 85%; margin-top: 1em;">
- <b><a href="" Password?</a></b>
- </p>
- </form>
- </div>
- <b class="xbottom"><b class="xb4"></b><b class="xb3"></b><b class="xb2"></b><b class="xb1"></b></b>
- </div>
- </div>
- <b class="xbottom"><b class="xb5"></b><b class="xb6"></b><b class="xb7"></b><b class="xb1"></b></b>
- </div>
-
- <br class="clearer"/> <br/>
-
- <div class="stats">
- myExperiment has over 5000 members, 250 groups, 2000 workflows, 450 files and 150 packs
- </div>
-
- <!-- About -->
- <div class="box" style="margin-right: 20px; width: 320px;">
- <b class="xtop"><b class="xb1"></b><b class="xb2"></b><b class="xb3"></b><b class="xb4"></b></b>
- <div class="content" style="height: 22em; padding: 0.3em 1.5em;">
- <p class="heading">
- About
- </p>
- <p>
- The myExperiment Virtual Research Environment enables you and your colleagues to
- share digital items associated with your research — in particular it enables
- you to share and execute scientific workflows.
- </p>
- <p>
- You can use myexperiment.org to <a href=""
- publicly shared workflows. If you want further access, and
- the ability to upload and share workflows, you will need to <a href="" up</b></a>.
- </p>
- <p>
- See the <a href="" Wiki</b></a>
- for
- further information about myExperiment and how to join the user and developer communities.
- </p>
- </div>
- <b class="xbottom"><b class="xb5"></b><b class="xb6"></b><b class="xb7"></b><b class="xb1"></b></b>
- </div>
-
- <!-- Who -->
- <div class="box" style="margin-right: 20px; width: 320px;">
- <b class="xtop"><b class="xb1"></b><b class="xb2"></b><b class="xb3"></b><b class="xb4"></b></b>
- <div class="content" style="height: 22em; padding: 0.3em 1.5em;">
- <p class="heading">
- Who?
- </p>
+<head>
+ <meta http-equiv="content-type" content="text/html"/>
+ <title>myExperiment</title>
+ <link rel="shortcut icon" href="" type="image/x-icon"/>
+ <link href="" media="screen" rel="Stylesheet" type="text/css"/>
+ <link href="" media="screen" rel="Stylesheet" type="text/css"/>
+ <link href="" media="screen" rel="Stylesheet" type="text/css"/>
+ <link href="" media="screen" rel="Stylesheet" type="text/css"/>
- <p>
- myExperiment is brought to you by a joint team from the
- universities of
- <a href="" target="_blank">Southampton</a>,
- <a href="" target="_blank">Manchester</a> and
- <a href="" target="_blank">Oxford</a> in the UK, led by
- <a href="" target="_blank">David De Roure</a> and
- <a href="" target="_blank">Carole Goble</a>. Funded by
- <a href="" target="_blank">JISC</a> and the Microsoft
- <a href="" target="_blank">Technical Computing Initiative</a>, the project is part of the
- <a href="" target="_blank">myGrid</a> consortium (which develops the
- <a href="" target="_blank">Taverna Workflow Workbench</a> for creating and executing scientific workflows) and
- <a href="" target="_blank"><span style="white-space: nowrap">e-Research South</span></a>.
- </p>
- </div>
- <b class="xbottom"><b class="xb5"></b><b class="xb6"></b><b class="xb7"></b><b class="xb1"></b></b>
- </div>
-
- <!-- Latest Announcements -->
- <div class="box" style="width: 190px;">
- <b class="xtop"><b class="xb1"></b><b class="xb2"></b><b class="xb3"></b><b class="xb4"></b></b>
- <div class="content" style="height: 22em; padding: 0.3em 1.5em; overflow: hidden">
- <p class="heading">
- <a href="" style="margin-right: 0.3em;">
- <img src="" alt="Subscribe to site announcements icon" title="Subscribe to site announcements RSS feed" />
- </a>
- Announcements
- </p>
- <ul id="announcements">
- <li>_javascript_ required for announcements.</li>
- </ul>
- </div>
- <b class="xbottom"><b class="xb5"></b><b class="xb6"></b><b class="xb7"></b><b class="xb1"></b></b>
- </div>
-
- <br class="clearer"/> <br/>
-
- <p style="color: #666666; font-size: 116%; text-align: center;">
- <a href="" People</a>
- |
- <a href="" a Problem</a>
- </p>
-
+ <link href="" rel="alternate" type="application/rss+xml" title="myExperiment.org - Site Announcements" />
+</head>
+<body
+<div id="doc2">
+<div id="hd" class="frontpage_header">
+ <img alt="Logo" src="" class="logo"/>
+ <div class="text">
+ myExperiment makes it easy to <b>find</b>, <b>use</b> and <b>share</b> <b>scientific workflows</b> and
+ other <b>Research Objects</b>, and to build <b>communities</b>.
+ </div>
+ <div class="clearer"> </div>
+</div>
+<div id="bd">
+<div id="frontpage_body">
+
+<!-- Search Bar -->
+<div class="search">
+ <form action="" method="get">
+ <input id="query" name="query" style="width: 250px; padding: 0.1em;" />
+ <select id="type" name="type">
+ <option value="all" selected="selected">All</option>
+ <option value="users">Users</option>
+ <option value="groups">Groups</option>
+ <option value="workflows">Workflows</option>
+ <option value="files">Files</option>
+ <option value="packs">Packs</option>
+ </select>
+ <input type="submit" value="Search" name="commit" this.value='Searching...'; this.form.submit();" />
+ </form>
+</div>
+
+<!-- Quick Start -->
+<div class="box" style="margin-right: 20px; width: 320px; height: 28em;">
+ <div class="links">
+ <h2>First time visitor? Try these videos:</h2>
+ <ul class="use">
+ <li>
+ <img src="" alt="Film"/>
+ <a href="" Introduction</a>
+ </li>
+ <li>
+ <img src="" alt="Film"/>
+ <a href="" Case Study</a>
+ </li>
+ </ul>
+ <h2>Use myExperiment to...</h2>
+ <ul class="use">
+ <li>
+ <img src="" alt="Find Workflows"/>
+ <b>Find <a href=""
+ </li>
+ <li>
+ <img src="" alt="Share Your Workflows and Files"/>
+ <b>Share Your <a href="" and <a href=""
+ </li>
+ <li>
+ <img src="" alt="Create and Find Packs of Items"/>
+ <b><a href="" and Find <a href="" of Items</b>
+ </li>
+ <li>
+ <img src="" alt="Find People and Make Friends"/>
+ <b>Find <a href="" and Make Friends</b>
+ </li>
+ <li>
+ <img src="" alt="Create and Join Groups"/>
+ <b><a href="" and Join <a href=""
+ </li>
+ <li>
+ <img src="" alt="Build your Profile and Reputation"/>
+ <b>Build your Profile and Reputation</b>
+ </li>
+ <li>
+ <img src="" alt="Tag and Rate things"/>
+ <b>Tag and Rate things</b>
+ </li>
+ <li>
+ <img src="" alt="Write Reviews and Comments"/>
+ <b>Write Reviews and Comments</b>
+ </li>
+ </ul>
+ </div>
+</div>
+
+<!-- Quick Links -->
+<div class="box" style="margin-right: 20px; width: 280px; height: 28em;">
+
+ <a href="" title="Explore myExperiment" class="letmein_button"></a>
+
+ <a href="" alt="Find Workflows button" title="Find Workflows on myExperiment" class="findworkflows_button"> </a>
+
+ <div class="links" style="font-size: 93%; border-top: 1px dotted #999999; margin-top: 1em;">
+ <p style="margin-top: 1em; font-size:120%"><a href="" target="_blank" style="font-weight: bolder;">About myExperiment</a></p>
+ <p><a href="" target="_blank">Join the Mailing List</a></p>
+ <p><a href="" target="_blank">myExperiment Publications</a></p>
+ <p><a href="" target="_blank">For Developers</a></p>
+ <p><a href="" us Feedback</a></p>
+ <p><a href="" target="_blank">The BioCatalogue Project</a></p>
+ </div>
+</div>
+
+<!-- Register / Login -->
+<div class="box" style="width: 230px; height: 28em;">
+
+ <a href="" alt="Register button" title="Register for an account on myExperiment" class="register_button">
+ </a>
+
+ <p style="font-size: 108%; margin: 0.8em 0 0.2em 0; text-align: center;">
+ <b>or Login:</b>
+ </p>
+ <div id="login">
+ <div class="login">
+ <form action="" method="post">
+ <p>
+ <label for=""
+ Username or Email:
+ </label>
+ </p>
+ <p>
+ <input id="session[username]" name="session[username]" type="text"/>
+ </p>
+ <p>
+ <label for=""
+ Password:
+ </label>
+ </p>
+ <p>
+ <input id="session[password]" name="session[password]" type="password"/>
+ </p>
+ <p>
+ <label for=""
+ Remember me:
+ </label>
+ <input id="session[remember_me]" name="session[remember_me]" value="1" type="checkbox"/>
+ </p>
+ <div style="margin-top: 0.8em; border: 0px dotted #999999; border-width: 1px 0; padding: 0.2em 0;">
+ <p>
+ <label for=""
+ Or use OpenID:
+ </label>
+ </p>
+ <p>
+ <input id="openid_url" name="openid_url" type="text" style="width: 150px;"/>
+ <br/>
+ <span style="font-size: 77%; color: #333333;">(eg: name.myopenid.com)</span>
+ </p>
</div>
- </div>
- <div id="ft">
- <p class="copyright">
- Copyright © 2007 - 2011
- <a href="" target="_blank">The University of Manchester</a>
- and
- <a href="" target="_blank">University of Southampton</a>
- </p>
- </div>
-
- </div>
+ <p style="margin-top: 0.8em;">
+ <input name="commit" value="" type="submit" class="submit" title="Log in to myExperiment"/>
+ </p>
+ <p style="font-size: 85%; margin-top: 1em;">
+ <b><a href="" Password?</a></b>
+ </p>
+ </form>
+ </div>
+ </div>
+</div>
- <script language="_javascript_" type="text/_javascript_">
-//<![CDATA[
+<br class="clearer"/> <br/>
-function loadAnnoucements()
-{
- div = document.getElementById('announcements')
- div.updated = false;
- div.innerHTML = '<li>Loading announcements...</li>';
+<div class="stats">
+ myExperiment has over 7500 members, 300 groups, 2500 workflows, 600 files and 300 packs
+</div>
- xhr = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('MSXML2.XMLHTTP.3.0');
+<!-- Who -->
+<div class="box" style="margin-right: 20px; width: 636px; height: 20em; padding-top: 1em;">
+ <p style="margin-left: 0.5em">
+ myExperiment is brought to you by a joint team from the
+ universities of
+ <a href="" target="_blank">Southampton</a>,
+ <a href="" target="_blank">Manchester</a> and
+ <a href="" target="_blank">Oxford</a> in the UK, led by
+ <a href="" target="_blank">David De Roure</a> and
+ <a href="" target="_blank">Carole Goble</a>.
+ </p>
- xhr.open('GET', '/announcements.xml?num=4&order=reverse', true);
- xhr.setRequestHeader('Accept', 'application/xml');
+ <p style="margin-left: 0.5em">
+ myExperiment is currently supported by three European Commission 7th Framework Programme (FP7) projects:
+ <a href="" target="_blank">BioVeL</a> (Grant no. 283359),
+ <a href="" target="_blank">SCAPE</a> (Grant no. 270137), and the
+ <a href="" target="_blank">Wf4Ever Project</a> (Grant no. 270192) as well as the
+ <a href="" target="_blank">e-Research South</a> and
+ <a href="" target="_blank">myGrid</a> EPSRC Platform grants.
+ </p>
+ <p style="margin-left: 0.5em">
+ Previously, myExperiment was funded by <a href="" target="_blank">JISC</a>
+ and the <a href="" target="_blank">Microsoft Technical Computing Initiative</a>.
+ </p>
+ <div style="display: inline-block; margin: 1em auto">
+ <a href="" target="_blank">
+ <img src="" style="float: left; width: 70px"/>
+ </a>
+ <a href="" target="_blank">
+ <img src="" style="float: left; margin: 0.5em;"/>
+ </a>
+ <a href="" target="_blank">
+ <img src="" style="float: left; margin: 0.5em; width: 170px"/>
+ </a>
- xhr. {
+ </div>
+</div>
- if (xhr.readyState == 4) {
- if (xhr.status == 200) {
+<!-- Latest Announcements -->
+<div class="box" style="width: 230px; height: 20em">
+ <p class="heading">
+ <a href="" style="margin-right: 0.3em;">
+ <img src="" alt="Subscribe to site announcements icon" title="Subscribe to site announcements RSS feed" />
+ </a>
+ Announcements
+ </p>
+ <ul id="announcements">
+ <li>_javascript_ required for announcements.</li>
+ </ul>
+</div>
- ans = xhr.responseXML.getElementsByTagName('announcement');
- txt = '';
+<br class="clearer"/> <br/>
- for (i = 0; i < ans.length; i++) {
- txt += '<li><a href="" + ans[i].attributes.getNamedItem('resource').nodeValue +
- '">' + ans[i].firstChild.nodeValue + '</a></li>';
- }
+<p style="color: #666666; font-size: 116%; text-align: center;">
+ <a href="" People</a>
+ |
+ <a href="" a Problem</a>
+</p>
- div.innerHTML = txt;
+</div>
+</div>
+<div id="ft">
+ <p class="copyright">
+ Copyright © 2007 - 2013
+ <a href="" target="_blank">The University of Manchester</a>
+ and
+ <a href="" target="_blank">University of Southampton</a>
+ </p>
+</div>
- } else {
- div.innerHTML = '<li>Announcements unavailable.</li>';
- }
+</div>
+
+<script language="_javascript_" type="text/_javascript_">
+ //<![CDATA[
+
+ function loadAnnoucements()
+ {
+ div = document.getElementById('announcements');
+ div.updated = false;
+ div.innerHTML = '<li>Loading announcements...</li>';
+
+ xhr = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('MSXML2.XMLHTTP.3.0');
+
+ xhr.open('GET', '/announcements.xml?num=5&order=reverse', true);
+ xhr.setRequestHeader('Accept', 'application/xml');
+
+ xhr. {
+
+ if (xhr.readyState == 4) {
+ if (xhr.status == 200) {
+
+ ans = xhr.responseXML.getElementsByTagName('announcement');
+ txt = '';
+
+ for (i = 0; i < ans.length; i++) {
+ txt += '<li><a href="" + ans[i].attributes.getNamedItem('resource').nodeValue +
+ '">' + ans[i].firstChild.nodeValue + '</a></li>';
}
+
+ div.innerHTML = txt;
+
+ } else {
+ div.innerHTML = '<li>Announcements unavailable.</li>';
}
+ }
+ };
- xhr.send(null);
-}
+ xhr.send(null);
+ }
-function init()
-{
- document.getElementById('session[username]').focus();
- loadAnnoucements();
-}
-// ]]>
- </script>
- </body>
+ function init()
+ {
+ document.getElementById('session[username]').focus();
+ loadAnnoucements();
+ }
+ // ]]>
+</script>
+</body>
</html>
Modified: branches/component-querying/public/stylesheets/front.css (3517 => 3518)
--- branches/component-querying/public/stylesheets/front.css 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/public/stylesheets/front.css 2013-04-25 08:14:32 UTC (rev 3518)
@@ -35,9 +35,9 @@
}
#frontpage_body {
- padding-left: 3em;
- padding-right: 3em;
+ padding: 0 16px;
text-align: center;
+ overflow: auto;
}
#frontpage_body .search {
@@ -61,21 +61,16 @@
#frontpage_body .box {
float: left;
margin: 0;
+ padding: 8px;
+ background-image: url('/images/home-box-bg.png');
+ background-position: top;
+ background-repeat: repeat-x;
+ background-color: #E0EDF8;
+ overflow: hidden;
+ text-align: center;
+ border-radius: 6px;
}
-#frontpage_body .box .content {
- padding: 0.1em 0.8em;
- border-top: none;
- border-right: #D5E4F4 1px solid;
- border-bottom: none;
- border-left: #D5E4F4 1px solid;
- background-image: url('/images/home-box-bg.png');
- background-position: top;
- background-repeat: repeat-x;
- background-color: #EEF2FF;
- background-color: #E0EDF8;
- overflow: hidden;
-}
#frontpage_body .box .heading {
color: #000033;
@@ -236,10 +231,7 @@
}
#frontpage_body .login {
- border-top: none;
- border-bottom: none;
- border-left: 1px solid #CCCCCC;
- border-right: 1px solid #CCCCCC;
+ border: 1px solid #CCCCCC;
background-color: #EEEEEE;
padding: 0.2em 0.5em;
}
@@ -293,8 +285,7 @@
height: 35px;
display: block;
background: url('/images/letmein-button.png') 0 0 no-repeat;
- margin-top: 1em;
- margin-bottom: 1.5em;
+ margin: 1em auto;
}
a:hover.letmein_button {
@@ -310,6 +301,7 @@
height: 150px;
display: block;
background: url('/images/findworkflows-button.png') 0 0 no-repeat;
+ margin: 1em auto;
}
a:hover.findworkflows_button {
@@ -325,9 +317,18 @@
height: 35px;
display: block;
background: url('/images/register-button.png') 0 0 no-repeat;
- margin-top: 1em;
+ margin: 1em auto;
}
a:hover.register_button {
background-position: -200px 0;
}
+
+h2 {
+ text-align: left;
+ background: none;
+ font-size: 120%;
+ border: none;
+ margin: 0.7em 0.5em;
+ padding: 0;
+}
Modified: branches/component-querying/test/functional/api_controller_test.rb (3517 => 3518)
--- branches/component-querying/test/functional/api_controller_test.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/test/functional/api_controller_test.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -19,6 +19,7 @@
def test_workflows
existing_workflows = Workflow.find(:all)
+ existing_activities = Activity.all
login_as(:john)
@@ -44,9 +45,17 @@
assert_response(:success)
extra_workflows = Workflow.find(:all) - existing_workflows
+ extra_activities = Activity.find(:all). - existing_activities
assert_equal(1, extra_workflows.length)
+ assert_equal(1, extra_activities.length)
+ new_activity = (extra_activities - existing_activities).first
+
+ assert_equal("John Smith", new_activity.subject_label);
+ assert_equal("create", new_activity.action);
+ assert_equal(title, new_activity.objekt_label);
+
@workflow_id = extra_workflows.first.id
# get the workflow
@@ -77,6 +86,8 @@
setup
login_as(:john)
+ existing_activities = Activity.all
+
rest_request(:put, 'workflow', "<?xml version='1.0'?>
<workflow>
<title>#{title2}</title>
@@ -84,6 +95,15 @@
assert_response(:success)
+ extra_activities = Activity.find(:all). - existing_activities
+ assert_equal(1, extra_activities.length)
+
+ new_activity = (extra_activities - existing_activities).first
+
+ assert_equal("John Smith", new_activity.subject_label);
+ assert_equal("edit", new_activity.action);
+ assert_equal(title2, new_activity.objekt_label);
+
# get the updated workflow
response = rest_request(:get, 'workflow', nil, "id" => @workflow_id,
@@ -100,6 +120,8 @@
# post a new version of the workflow
+ existing_activities = Activity.all
+
rest_request(:post, 'workflow', "<?xml version='1.0'?>
<workflow>
<type>Taverna 2</type>
@@ -108,6 +130,15 @@
assert_response(:success)
+ extra_activities = Activity.find(:all). - existing_activities
+ assert_equal(1, extra_activities.length)
+
+ new_activity = (extra_activities - existing_activities).first
+
+ assert_equal("John Smith", new_activity.subject_label);
+ assert_equal("create", new_activity.action);
+ assert_equal("Fetch today's xkcd comic", new_activity.objekt_label);
+
workflow = Workflow.find(@workflow_id)
assert_equal(2, workflow.versions.length)
@@ -134,6 +165,8 @@
# edit a particular version of a workflow
+ existing_activities = Activity.all
+
rest_request(:put, 'workflow', "<?xml version='1.0'?>
<workflow>
<title>Oranges</title>
@@ -141,6 +174,16 @@
assert_response(:success)
+ extra_activities = Activity.find(:all). - existing_activities
+ assert_equal(1, extra_activities.length)
+
+ new_activity = (extra_activities - existing_activities).first
+
+ assert_equal("John Smith", new_activity.subject_label);
+ assert_equal("edit", new_activity.action);
+ assert_equal("1", new_activity.extra);
+ assert_equal("Oranges", new_activity.objekt_label);
+
# Verify that only version 1 was changed
response = rest_request(:get, 'workflow', nil, "id" => @workflow_id, "version" => "1",
@@ -186,6 +229,8 @@
# post a file
+ existing_activities = Activity.all
+
rest_request(:post, 'file', "<?xml version='1.0'?>
<file>
<title>#{title}</title>
@@ -198,6 +243,14 @@
assert_response(:success)
+ new_activities = Activity.all - existing_activities
+
+ assert_equal(1, new_activities.length)
+
+ assert_equal("John Smith", new_activities.first.subject.name)
+ assert_equal("create", new_activities.first.action)
+ assert_equal(title, new_activities.first.objekt.title)
+
extra_files = Blob.find(:all) - existing_files
assert_equal(extra_files.length, 1)
@@ -235,6 +288,8 @@
setup
login_as(:john)
+ existing_activities = Activity.all
+
rest_request(:put, 'file', "<?xml version='1.0'?>
<file>
<title>#{title2}</title>
@@ -242,6 +297,13 @@
assert_response(:success)
+ new_activities = Activity.all - existing_activities
+
+ assert_equal(1, new_activities.length)
+ assert_equal("John Smith", new_activities.first.subject.name)
+ assert_equal("edit", new_activities.first.action)
+ assert_equal(title2, new_activities.first.objekt.title)
+
# get the updated file
response = rest_request(:get, 'file', nil, "id" => file.id,
@@ -254,6 +316,8 @@
# add a new version of the file
+ existing_activities = Activity.all
+
rest_request(:post, 'file', "<?xml version='1.0'?>
<file>
<title>#{title2}</title>
@@ -265,12 +329,21 @@
assert_response(:success)
+ new_activities = Activity.all - existing_activities
+
+ assert_equal(1, new_activities.length)
+ assert_equal("John Smith", new_activities.first.subject.name)
+ assert_equal("create", new_activities.first.action)
+ assert_equal(title2, new_activities.first.objekt.title)
+
file.reload
assert_equal(2, file.versions.length)
# update the first version of the file
+ existing_activities = Activity.all
+
rest_request(:put, 'file', "<?xml version='1.0'?>
<file>
<title>#{title3}</title>
@@ -278,6 +351,13 @@
assert_response(:success)
+ new_activities = Activity.all - existing_activities
+
+ assert_equal(1, new_activities.length)
+ assert_equal("John Smith", new_activities.first.subject.name)
+ assert_equal("edit", new_activities.first.action)
+ assert_equal(title3, new_activities.first.objekt.title)
+
file.reload
assert_equal(title3, file.find_version(1).title);
assert_equal(title2, file.find_version(2).title);
@@ -566,6 +646,8 @@
existing_comments = Comment.find(:all)
+ existing_activities = Activity.all
+
rest_request(:post, 'comment', "<?xml version='1.0'?>
<comment>
<comment>#{comment_text}</comment>
@@ -574,6 +656,13 @@
assert_response(:success)
+ new_activities = Activity.all - existing_activities
+
+ assert_equal(1, new_activities.length)
+ assert_equal("John Smith", new_activities.first.subject.name)
+ assert_equal("create", new_activities.first.action)
+ assert_equal("Unique tags", new_activities.first.objekt.commentable.title)
+
extra_comments = Comment.find(:all) - existing_comments
assert_equal(extra_comments.length, 1)
@@ -634,6 +723,8 @@
existing_ratings = Rating.find(:all)
+ existing_activities = Activity.all
+
rest_request(:post, 'rating', "<?xml version='1.0'?>
<rating>
<rating>4</rating>
@@ -642,6 +733,14 @@
assert_response(:success)
+ new_activities = Activity.all - existing_activities
+
+ assert_equal(1, new_activities.length)
+ assert_equal("John Smith", new_activities.first.subject.name)
+ assert_equal("create", new_activities.first.action)
+ assert_equal("Unique tags", new_activities.first.objekt.rateable.title)
+ assert_equal("Unique tags", new_activities.first.auth.title)
+
extra_ratings = Rating.find(:all) - existing_ratings
assert_equal(extra_ratings.length, 1)
@@ -710,6 +809,8 @@
existing_favourites = Bookmark.find(:all)
+ existing_activities = Activity.all
+
rest_request(:post, 'favourite', "<?xml version='1.0'?>
<favourite>
<object resource='#{workflow_url}'/>
@@ -717,6 +818,13 @@
assert_response(:success)
+ new_activities = Activity.all - existing_activities
+
+ assert_equal(1, new_activities.length)
+ assert_equal("John Smith", new_activities.first.subject.name)
+ assert_equal("create", new_activities.first.action)
+ assert_equal("Unique tags", new_activities.first.objekt.bookmarkable.title)
+
extra_favourites = Bookmark.find(:all) - existing_favourites
assert_equal(extra_favourites.length, 1)
@@ -768,6 +876,8 @@
existing_taggings = Tagging.find(:all)
+ existing_activities = Activity.all
+
rest_request(:post, 'tagging', "<?xml version='1.0'?>
<tagging>
<subject resource='#{workflow_url}'/>
@@ -776,6 +886,13 @@
assert_response(:success)
+ new_activities = Activity.all - existing_activities
+
+ assert_equal(1, new_activities.length)
+ assert_equal("John Smith", new_activities.first.subject.name)
+ assert_equal("create", new_activities.first.action)
+ assert_equal("my test tag", new_activities.first.objekt.tag.name)
+
extra_taggings = Tagging.find(:all) - existing_taggings
assert_equal(extra_taggings.length, 1)
Modified: branches/component-querying/test/functional/group_policies_controller_test.rb (3517 => 3518)
--- branches/component-querying/test/functional/group_policies_controller_test.rb 2013-04-23 12:38:00 UTC (rev 3517)
+++ branches/component-querying/test/functional/group_policies_controller_test.rb 2013-04-25 08:14:32 UTC (rev 3518)
@@ -13,7 +13,7 @@
def test_non_admins_cannot_view
login_as(:jane)
get :index, :network_id => networks(:exclusive_network).id
- assert_response :redirect
+ assert_response :unauthorized
end
def test_can_create