BUGFIX: history link doesn't work on deleted posts

This commit is contained in:
Régis Hanol 2014-02-04 20:05:50 +01:00
parent 36683ff1e3
commit 4fb274fb9d
7 changed files with 92 additions and 3 deletions

View file

@ -216,6 +216,8 @@ class PostsController < ApplicationController
raise Discourse::InvalidParameters.new(:revision) if revision < 2
post_revision = PostRevision.where(post_id: post_id, number: revision).first
post_revision.post = find_post_from_params
guardian.ensure_can_see!(post_revision)
post_revision
end

View file

@ -104,7 +104,9 @@ module PostGuardain
end
def can_see_post_revision?(post_revision)
post_revision.present? && (is_staff? || can_see_post?(post_revision.post))
return false if post_revision.nil?
return true if SiteSetting.edit_history_visible_to_public
authenticated? && (is_staff? || can_see_post?(post_revision.post))
end
def can_vote?(post, opts={})

View file

@ -2,7 +2,6 @@ require 'spec_helper'
describe PostsController do
describe 'short_link' do
it 'logs the incoming link once' do
IncomingLink.expects(:add).once.returns(true)
@ -386,4 +385,64 @@ describe PostsController do
end
end
describe "revisions" do
let(:post_revision) { Fabricate(:post_revision) }
it "throws an exception when revision is < 2" do
expect {
xhr :get, :revisions, post_id: post_revision.post_id, revision: 1
}.to raise_error(Discourse::InvalidParameters)
end
context "when edit history is not visible to the public" do
before { SiteSetting.stubs(:edit_history_visible_to_public).returns(false) }
it "ensures anonymous can not see the revisions" do
xhr :get, :revisions, post_id: post_revision.post_id, revision: post_revision.number
response.should be_forbidden
end
it "ensures staff can see the revisions" do
log_in(:admin)
xhr :get, :revisions, post_id: post_revision.post_id, revision: post_revision.number
response.should be_success
end
it "ensures poster can see the revisions" do
user = log_in(:active_user)
pr = Fabricate(:post_revision, user: user)
xhr :get, :revisions, post_id: pr.post_id, revision: pr.number
response.should be_success
end
end
context "when edit history is visible to everyone" do
before { SiteSetting.stubs(:edit_history_visible_to_public).returns(true) }
it "ensures anyone can see the revisions" do
xhr :get, :revisions, post_id: post_revision.post_id, revision: post_revision.number
response.should be_success
end
end
context "deleted post" do
let(:admin) { log_in(:admin) }
let(:deleted_post) { Fabricate(:post, user: admin) }
let(:deleted_post_revision) { Fabricate(:post_revision, user: admin, post: deleted_post) }
before { deleted_post.trash!(admin) }
it "also work on deleted post" do
xhr :get, :revisions, post_id: deleted_post_revision.post_id, revision: deleted_post_revision.number
response.should be_success
end
end
end
end

View file

@ -0,0 +1,8 @@
Fabricator(:post_revision) do
post
user
number 3
modifications do
{ "cooked" => ["<p>BEFORE</p>", "<p>AFTER</p>"], "raw" => ["BEFORE", "AFTER"] }
end
end

View file

@ -0,0 +1,9 @@
require 'spec_helper'
require_dependency 'post_revision'
describe PostRevision do
it { should belong_to :user }
it { should belong_to :post }
end

View file

@ -0,0 +1,9 @@
require 'spec_helper'
require_dependency 'topic_revision'
describe TopicRevision do
it { should belong_to :user }
it { should belong_to :topic }
end