before_action -> { check_database_readable(:need_api => true) }
before_action :require_oauth
before_action :update_totp, :only => [:query]
+ before_action :require_moderator_for_unredacted_history, :only => [:relation_history, :way_history, :node_history]
around_action :web_timeout
authorize_resource :class => false
end
def query; end
+
+ private
+
+ def require_moderator_for_unredacted_history
+ deny_access(nil) if params[:show_redactions] && !current_user&.moderator?
+ end
end
authorize_resource
+ before_action :require_moderator_for_unredacted_history
around_action :web_timeout
def show
rescue ActiveRecord::RecordNotFound
render :action => "not_found", :status => :not_found
end
+
+ private
+
+ def require_moderator_for_unredacted_history
+ deny_access(nil) if params[:show_redactions] && !current_user&.moderator?
+ end
end
authorize_resource
+ before_action :require_moderator_for_unredacted_history
around_action :web_timeout
def show
rescue ActiveRecord::RecordNotFound
render :action => "not_found", :status => :not_found
end
+
+ private
+
+ def require_moderator_for_unredacted_history
+ deny_access(nil) if params[:show_redactions] && !current_user&.moderator?
+ end
end
authorize_resource
+ before_action :require_moderator_for_unredacted_history
around_action :web_timeout
def show
rescue ActiveRecord::RecordNotFound
render :action => "not_found", :status => :not_found
end
+
+ private
+
+ def require_moderator_for_unredacted_history
+ deny_access(nil) if params[:show_redactions] && !current_user&.moderator?
+ end
end
<h4>
- <%= t "browse.version" %>
+ <%= if common_details.redacted?
+ t "browse.redacted_version"
+ else
+ t "browse.version"
+ end %>
#<%= link_to_unless_current common_details.version, :controller => "old_#{@type.pluralize}", :action => :show, :version => common_details.version %>
</h4>
-<% if node.redacted? %>
+<% if node.redacted? && !params[:show_redactions] %>
<div class="browse-section browse-redacted">
<%= t "browse.redacted.message_html",
:type => t("browse.redacted.type.node"),
:id => node.redaction.id), node.redaction) %>
</div>
<% else %>
- <div class="browse-section browse-node">
+ <%= tag.div :class => ["browse-section", "browse-node", { "text-muted" => node.redacted? }] do %>
<%= render :partial => "browse/common_details", :object => node %>
<% unless node.ways.empty? and node.containing_relation_members.empty? %>
</details>
<% end %>
<% end %>
- </div>
+ <% end %>
<% end %>
-<% if relation.redacted? %>
+<% if relation.redacted? && !params[:show_redactions] %>
<div class="browse-section browse-redacted">
<%= t "browse.redacted.message_html",
:type => t("browse.redacted.type.relation"),
:id => relation.redaction.id), relation.redaction) %>
</div>
<% else %>
- <div class="browse-section browse-relation">
+ <%= tag.div :class => ["browse-section", "browse-relation", { "text-muted" => relation.redacted? }] do %>
<%= render :partial => "browse/common_details", :object => relation %>
<% unless relation.containing_relation_members.empty? %>
</ul>
</details>
<% end %>
- </div>
+ <% end %>
<% end %>
--- /dev/null
+<div class='secondary-actions'>
+ <%= link_to t("browse.view_details"), :controller => :browse, :action => @type %>
+ <% if !@feature.redacted? %>
+ ·
+ <%= link_to t("browse.download_xml"), :controller => "api/old_#{@type.pluralize}", :action => :version %>
+ <% elsif current_user&.moderator? %>
+ ·
+ <% if !params[:show_redactions] %>
+ <%= link_to t("browse.view_redacted_data"), :params => { :show_redactions => true } %>
+ <% else %>
+ <%= link_to t("browse.view_redaction_message") %>
+ <% end %>
+ <% end %>
+</div>
+
+<div class='secondary-actions'>
+ <% if @feature.version > 1 %>
+ <%= link_to({ :version => @feature.version - 1 }, { :class => "icon-link" }) do %>
+ <%= previous_page_svg_tag :height => 11 %>
+ <%= "#{t('browse.version')} ##{@feature.version - 1}" %>
+ <% end %>
+ ·
+ <% end %>
+ <%= link_to t("browse.view_history"), :controller => :browse, :action => "#{@type}_history" %>
+ <% unless @feature.latest_version? %>
+ ·
+ <%= link_to({ :version => @feature.version + 1 }, { :class => "icon-link" }) do %>
+ <%= "#{t('browse.version')} ##{@feature.version + 1}" %>
+ <%= next_page_svg_tag :height => 11 %>
+ <% end %>
+ <% end %>
+</div>
-<% if way.redacted? %>
+<% if way.redacted? && !params[:show_redactions] %>
<div class="browse-section browse-redacted">
<%= t "browse.redacted.message_html",
:type => t("browse.redacted.type.way"),
:id => way.redaction.id), way.redaction) %>
</div>
<% else %>
- <div class="browse-section browse-way">
+ <%= tag.div :class => ["browse-section", "browse-way", { "text-muted" => way.redacted? }] do %>
<%= render :partial => "browse/common_details", :object => way %>
<% unless way.containing_relation_members.empty? %>
</ul>
</details>
<% end %>
- </div>
+ <% end %>
<% end %>
·
<% end %>
<%= link_to t("browse.view_history"), :action => "#{@type}_history" %>
+ <% if current_user&.moderator? %>
+ ·
+ <%= link_to(t("browse.view_unredacted_history"), :action => "#{@type}_history", :params => { :show_redactions => true }) %>
+ <% end %>
<% if @feature.version > 1 %>
·
<%= link_to({ :controller => "old_#{@type.pluralize}", :action => :show, :version => @feature.version }, :class => "icon-link") do %>
<%= link_to(t("browse.download_xml"), :controller => "api/old_#{@type.pluralize}", :action => "history") %>
·
<%= link_to(t("browse.view_details"), :action => @type) %>
+ <% if params[:show_redactions] %>
+ ·
+ <%= link_to(t("browse.view_history"), :action => "#{@type}_history") %>
+ <% elsif current_user&.moderator? %>
+ ·
+ <%= link_to(t("browse.view_unredacted_history"), :action => "#{@type}_history", :params => { :show_redactions => true }) %>
+ <% end %>
</div>
<%= render :partial => "browse/node", :object => @feature %>
-<div class='secondary-actions'>
- <% unless @feature.redacted? %>
- <%= link_to t("browse.download_xml"), node_version_path(*@feature.id) %>
- ·
- <% end %>
- <%= link_to t("browse.view_details"), node_path(@feature.node_id) %>
-</div>
-
-<div class='secondary-actions'>
- <% if @feature.version > 1 %>
- <%= link_to old_node_path(@feature.node_id, @feature.version - 1), :class => "icon-link" do %>
- <%= previous_page_svg_tag :height => 11 %>
- <%= "#{t('browse.version')} ##{@feature.version - 1}" %>
- <% end %>
- ·
- <% end %>
- <%= link_to t("browse.view_history"), node_history_path(@feature.node_id) %>
- <% if @feature.version < @feature.current_node.version %>
- ·
- <%= link_to old_node_path(@feature.node_id, @feature.version + 1), :class => "icon-link" do %>
- <%= "#{t('browse.version')} ##{@feature.version + 1}" %>
- <%= next_page_svg_tag :height => 11 %>
- <% end %>
- <% end %>
-</div>
+<%= render :partial => "browse/version_actions" %>
<%= render :partial => "browse/relation", :object => @feature %>
-<div class='secondary-actions'>
- <% unless @feature.redacted? %>
- <%= link_to t("browse.download_xml"), relation_version_path(*@feature.id) %>
- ·
- <% end %>
- <%= link_to t("browse.view_details"), relation_path(@feature.relation_id) %>
-</div>
-
-<div class='secondary-actions'>
- <% if @feature.version > 1 %>
- <%= link_to old_relation_path(@feature.relation_id, @feature.version - 1), :class => "icon-link" do %>
- <%= previous_page_svg_tag :height => 11 %>
- <%= "#{t('browse.version')} ##{@feature.version - 1}" %>
- <% end %>
- ·
- <% end %>
- <%= link_to t("browse.view_history"), relation_history_path(@feature.relation_id) %>
- <% if @feature.version < @feature.current_relation.version %>
- ·
- <%= link_to old_relation_path(@feature.relation_id, @feature.version + 1), :class => "icon-link" do %>
- <%= "#{t('browse.version')} ##{@feature.version + 1}" %>
- <%= next_page_svg_tag :height => 11 %>
- <% end %>
- <% end %>
-</div>
+<%= render :partial => "browse/version_actions" %>
<%= render :partial => "browse/way", :object => @feature %>
-<div class='secondary-actions'>
- <% unless @feature.redacted? %>
- <%= link_to t("browse.download_xml"), way_version_path(*@feature.id) %>
- ·
- <% end %>
- <%= link_to t("browse.view_details"), way_path(@feature.way_id) %>
-</div>
-
-<div class='secondary-actions'>
- <% if @feature.version > 1 %>
- <%= link_to old_way_path(@feature.way_id, @feature.version - 1), :class => "icon-link" do %>
- <%= previous_page_svg_tag :height => 11 %>
- <%= "#{t('browse.version')} ##{@feature.version - 1}" %>
- <% end %>
- ·
- <% end %>
- <%= link_to t("browse.view_history"), way_history_path(@feature.way_id) %>
- <% if @feature.version < @feature.current_way.version %>
- ·
- <%= link_to old_way_path(@feature.way_id, @feature.version + 1), :class => "icon-link" do %>
- <%= "#{t('browse.version')} ##{@feature.version + 1}" %>
- <%= next_page_svg_tag :height => 11 %>
- <% end %>
- <% end %>
-</div>
+<%= render :partial => "browse/version_actions" %>
deleted_ago_by_html: "Deleted %{time_ago} by %{user}"
edited_ago_by_html: "Edited %{time_ago} by %{user}"
version: "Version"
+ redacted_version: "Redacted Version"
in_changeset: "Changeset"
anonymous: "anonymous"
no_comment: "(no comment)"
other: "%{count} ways"
download_xml: "Download XML"
view_history: "View History"
+ view_unredacted_history: "View Unredacted History"
view_details: "View Details"
+ view_redacted_data: "View Redacted Data"
+ view_redaction_message: "View Redaction Message"
location: "Location:"
common_details:
coordinates_html: "%{latitude}, %{longitude}"
assert_select ".browse-section.browse-node .longitude", 0
end
+ def test_redacted_node_unredacted_history
+ session_for(create(:moderator_user))
+ node = create(:node, :with_history, :deleted, :version => 2)
+ node_v1 = node.old_nodes.find_by(:version => 1)
+ node_v1.redact!(create(:redaction))
+
+ get node_history_path(:id => node, :params => { :show_redactions => true })
+ assert_response :success
+ assert_template "browse/history"
+
+ assert_select ".browse-section", 2
+ assert_select ".browse-section.browse-redacted", 0
+ assert_select ".browse-section.browse-node", 2
+ end
+
def test_redacted_way_history
way = create(:way, :with_history, :version => 4)
way_v1 = way.old_ways.find_by(:version => 1)
assert_select ".browse-section.browse-way", 2
end
+ def test_redacted_way_unredacted_history
+ session_for(create(:moderator_user))
+ way = create(:way, :with_history, :version => 4)
+ way_v1 = way.old_ways.find_by(:version => 1)
+ way_v1.redact!(create(:redaction))
+ way_v3 = way.old_ways.find_by(:version => 3)
+ way_v3.redact!(create(:redaction))
+
+ get way_history_path(:id => way, :params => { :show_redactions => true })
+ assert_response :success
+ assert_template "browse/history"
+
+ assert_select ".browse-section", 4
+ assert_select ".browse-section.browse-redacted", 0
+ assert_select ".browse-section.browse-way", 4
+ end
+
def test_redacted_relation_history
relation = create(:relation, :with_history, :version => 4)
relation_v1 = relation.old_relations.find_by(:version => 1)
assert_select ".browse-section.browse-relation", 2
end
+ def test_redacted_relation_unredacted_history
+ session_for(create(:moderator_user))
+ relation = create(:relation, :with_history, :version => 4)
+ relation_v1 = relation.old_relations.find_by(:version => 1)
+ relation_v1.redact!(create(:redaction))
+ relation_v3 = relation.old_relations.find_by(:version => 3)
+ relation_v3.redact!(create(:redaction))
+
+ get relation_history_path(:id => relation, :params => { :show_redactions => true })
+ assert_response :success
+ assert_template "browse/history"
+
+ assert_select ".browse-section", 4
+ assert_select ".browse-section.browse-redacted", 0
+ assert_select ".browse-section.browse-relation", 4
+ end
+
def test_query
get query_path
assert_response :success
assert_template "browse/query"
end
+
+ def test_anonymous_user_feature_page_secondary_actions
+ node = create(:node, :with_history)
+ get node_path(:id => node)
+ assert_response :success
+ assert_select ".secondary-actions a", :text => "View Details", :count => 0
+ assert_select ".secondary-actions a", :text => "View History", :count => 1
+ assert_select ".secondary-actions a", :text => "View Unredacted History", :count => 0
+ end
+
+ def test_regular_user_feature_page_secondary_actions
+ session_for(create(:user))
+ node = create(:node, :with_history)
+ get node_path(:id => node)
+ assert_response :success
+ assert_select ".secondary-actions a", :text => "View Details", :count => 0
+ assert_select ".secondary-actions a", :text => "View History", :count => 1
+ assert_select ".secondary-actions a", :text => "View Unredacted History", :count => 0
+ end
+
+ def test_moderator_user_feature_page_secondary_actions
+ session_for(create(:moderator_user))
+ node = create(:node, :with_history)
+ get node_path(:id => node)
+ assert_response :success
+ assert_select ".secondary-actions a", :text => "View Details", :count => 0
+ assert_select ".secondary-actions a", :text => "View History", :count => 1
+ assert_select ".secondary-actions a", :text => "View Unredacted History", :count => 1
+ end
+
+ def test_anonymous_user_history_page_secondary_actions
+ node = create(:node, :with_history)
+ get node_history_path(:id => node)
+ assert_response :success
+ assert_select ".secondary-actions a", :text => "View Details", :count => 1
+ assert_select ".secondary-actions a", :text => "View History", :count => 0
+ assert_select ".secondary-actions a", :text => "View Unredacted History", :count => 0
+ end
+
+ def test_regular_user_history_page_secondary_actions
+ session_for(create(:user))
+ node = create(:node, :with_history)
+ get node_history_path(:id => node)
+ assert_response :success
+ assert_select ".secondary-actions a", :text => "View Details", :count => 1
+ assert_select ".secondary-actions a", :text => "View History", :count => 0
+ assert_select ".secondary-actions a", :text => "View Unredacted History", :count => 0
+ end
+
+ def test_moderator_user_history_page_secondary_actions
+ session_for(create(:moderator_user))
+ node = create(:node, :with_history)
+ get node_history_path(:id => node)
+ assert_response :success
+ assert_select ".secondary-actions a", :text => "View Details", :count => 1
+ assert_select ".secondary-actions a", :text => "View History", :count => 0
+ assert_select ".secondary-actions a", :text => "View Unredacted History", :count => 1
+ end
+
+ def test_anonymous_user_unredacted_history_page_secondary_actions
+ node = create(:node, :with_history)
+ get node_history_path(:id => node, :params => { :show_redactions => true })
+ assert_response :redirect
+ end
+
+ def test_regular_user_unredacted_history_page_secondary_actions
+ session_for(create(:user))
+ node = create(:node, :with_history)
+ get node_history_path(:id => node, :params => { :show_redactions => true })
+ assert_response :redirect
+ end
+
+ def test_moderator_user_unredacted_history_page_secondary_actions
+ session_for(create(:moderator_user))
+ node = create(:node, :with_history)
+ get node_history_path(:id => node, :params => { :show_redactions => true })
+ assert_response :success
+ assert_select ".secondary-actions a", :text => "View Details", :count => 1
+ assert_select ".secondary-actions a", :text => "View History", :count => 1
+ assert_select ".secondary-actions a", :text => "View Unredacted History", :count => 0
+ end
end
end
assert_select ".secondary-actions a[href='#{node_version_path node, 1}']", :count => 1
assert_select ".secondary-actions a[href='#{node_path node}']", :count => 1
+ assert_select ".secondary-actions a[href='#{old_node_path node, 1, :params => { :show_redactions => true }}']", :count => 0
assert_select ".secondary-actions a[href='#{node_history_path node}']", :count => 1
end
assert_select ".secondary-actions a[href='#{old_node_path node, 1}']", :count => 1
end
- def test_redacted
- node = create(:node, :with_history, :deleted, :version => 2)
- node_v1 = node.old_nodes.find_by(:version => 1)
- node_v1.redact!(create(:redaction))
+ test "show unrevealed redacted versions to anonymous users" do
+ node = create_redacted_node
get old_node_path(node, 1)
assert_response :success
assert_template "old_nodes/show"
assert_template :layout => "map"
+ assert_select "td", :text => "TOP SECRET", :count => 0
assert_select ".secondary-actions a[href='#{node_path node}']", :count => 1
+ assert_select ".secondary-actions a[href='#{old_node_path node, 1, :params => { :show_redactions => true }}']", :count => 0
assert_select ".secondary-actions a[href='#{old_node_path node, 1}']", :count => 0
assert_select ".secondary-actions a[href='#{node_version_path node, 1}']", :count => 0
end
+ test "show unrevealed redacted versions to regular users" do
+ session_for(create(:user))
+ node = create_redacted_node
+ get old_node_path(node, 1)
+ assert_response :success
+ assert_template "old_nodes/show"
+ assert_template :layout => "map"
+ assert_select "td", :text => "TOP SECRET", :count => 0
+ assert_select ".secondary-actions a[href='#{node_path node}']", :count => 1
+ assert_select ".secondary-actions a[href='#{old_node_path node, 1, :params => { :show_redactions => true }}']", :count => 0
+ assert_select ".secondary-actions a[href='#{old_node_path node, 1}']", :count => 0
+ assert_select ".secondary-actions a[href='#{node_version_path node, 1}']", :count => 0
+ end
+
+ test "show unrevealed redacted versions to moderators" do
+ session_for(create(:moderator_user))
+ node = create_redacted_node
+ get old_node_path(node, 1)
+ assert_response :success
+ assert_template "old_nodes/show"
+ assert_template :layout => "map"
+ assert_select "td", :text => "TOP SECRET", :count => 0
+ assert_select ".secondary-actions a[href='#{node_path node}']", :count => 1
+ assert_select ".secondary-actions a[href='#{old_node_path node, 1, :params => { :show_redactions => true }}']", :count => 1
+ assert_select ".secondary-actions a[href='#{old_node_path node, 1}']", :count => 0
+ assert_select ".secondary-actions a[href='#{node_version_path node, 1}']", :count => 0
+ end
+
+ test "don't reveal redacted versions to anonymous users" do
+ node = create_redacted_node
+ get old_node_path(node, 1, :params => { :show_redactions => true })
+ assert_response :redirect
+ end
+
+ test "don't reveal redacted versions to regular users" do
+ session_for(create(:user))
+ node = create_redacted_node
+ get old_node_path(node, 1, :params => { :show_redactions => true })
+ assert_response :redirect
+ end
+
+ test "reveal redacted versions to moderators" do
+ session_for(create(:moderator_user))
+ node = create_redacted_node
+ get old_node_path(node, 1, :params => { :show_redactions => true })
+ assert_response :success
+ assert_select "td", :text => "TOP SECRET", :count => 1
+ assert_select ".secondary-actions a[href='#{old_node_path node, 1}']", :count => 1
+ end
+
def test_not_found
get old_node_path(0, 0)
assert_response :not_found
assert_template :layout => "map"
assert_select "#sidebar_content", /node #0 version 0 could not be found/
end
+
+ private
+
+ def create_redacted_node
+ create(:node, :with_history, :version => 2) do |node|
+ node_v1 = node.old_nodes.find_by(:version => 1)
+ create(:old_node_tag, :old_node => node_v1, :k => "name", :v => "TOP SECRET")
+ node_v1.redact!(create(:redaction))
+ end
+ end
end
end
assert_select ".secondary-actions a[href='#{relation_version_path relation, 1}']", :count => 1
assert_select ".secondary-actions a[href='#{relation_path relation}']", :count => 1
+ assert_select ".secondary-actions a[href='#{old_relation_path relation, 1, :params => { :show_redactions => true }}']", :count => 0
assert_select ".secondary-actions a[href='#{relation_history_path relation}']", :count => 1
end
assert_template :layout => "map"
end
- def test_redacted
- relation = create(:relation, :with_history, :deleted, :version => 2)
- relation_v1 = relation.old_relations.find_by(:version => 1)
- relation_v1.redact!(create(:redaction))
+ test "show unrevealed redacted versions to anonymous users" do
+ relation = create_redacted_relation
get old_relation_path(relation, 1)
assert_response :success
assert_template "old_relations/show"
assert_template :layout => "map"
+ assert_select "td", :text => "TOP SECRET", :count => 0
assert_select ".secondary-actions a[href='#{relation_path relation}']", :count => 1
+ assert_select ".secondary-actions a[href='#{old_relation_path relation, 1, :params => { :show_redactions => true }}']", :count => 0
assert_select ".secondary-actions a[href='#{old_relation_path relation, 1}']", :count => 0
assert_select ".secondary-actions a[href='#{relation_version_path relation, 1}']", :count => 0
end
+ test "show unrevealed redacted versions to regular users" do
+ session_for(create(:user))
+ relation = create_redacted_relation
+ get old_relation_path(relation, 1)
+ assert_response :success
+ assert_template "old_relations/show"
+ assert_template :layout => "map"
+ assert_select "td", :text => "TOP SECRET", :count => 0
+ assert_select ".secondary-actions a[href='#{relation_path relation}']", :count => 1
+ assert_select ".secondary-actions a[href='#{old_relation_path relation, 1, :params => { :show_redactions => true }}']", :count => 0
+ assert_select ".secondary-actions a[href='#{old_relation_path relation, 1}']", :count => 0
+ assert_select ".secondary-actions a[href='#{relation_version_path relation, 1}']", :count => 0
+ end
+
+ test "show unrevealed redacted versions to moderators" do
+ session_for(create(:moderator_user))
+ relation = create_redacted_relation
+ get old_relation_path(relation, 1)
+ assert_response :success
+ assert_template "old_relations/show"
+ assert_template :layout => "map"
+ assert_select "td", :text => "TOP SECRET", :count => 0
+ assert_select ".secondary-actions a[href='#{relation_path relation}']", :count => 1
+ assert_select ".secondary-actions a[href='#{old_relation_path relation, 1, :params => { :show_redactions => true }}']", :count => 1
+ assert_select ".secondary-actions a[href='#{old_relation_path relation, 1}']", :count => 0
+ assert_select ".secondary-actions a[href='#{relation_version_path relation, 1}']", :count => 0
+ end
+
+ test "don't reveal redacted versions to anonymous users" do
+ relation = create_redacted_relation
+ get old_relation_path(relation, 1, :params => { :show_redactions => true })
+ assert_response :redirect
+ end
+
+ test "don't reveal redacted versions to regular users" do
+ session_for(create(:user))
+ relation = create_redacted_relation
+ get old_relation_path(relation, 1, :params => { :show_redactions => true })
+ assert_response :redirect
+ end
+
+ test "reveal redacted versions to moderators" do
+ session_for(create(:moderator_user))
+ relation = create_redacted_relation
+ get old_relation_path(relation, 1, :params => { :show_redactions => true })
+ assert_response :success
+ assert_select "td", :text => "TOP SECRET", :count => 1
+ assert_select ".secondary-actions a[href='#{old_relation_path relation, 1}']", :count => 1
+ end
+
def test_not_found
get old_relation_path(0, 0)
assert_response :not_found
assert_template :layout => "map"
assert_select "#sidebar_content", /relation #0 version 0 could not be found/
end
+
+ private
+
+ def create_redacted_relation
+ create(:relation, :with_history, :version => 2) do |relation|
+ relation_v1 = relation.old_relations.find_by(:version => 1)
+ create(:old_relation_tag, :old_relation => relation_v1, :k => "name", :v => "TOP SECRET")
+ relation_v1.redact!(create(:redaction))
+ end
+ end
end
end
assert_select ".secondary-actions a[href='#{way_version_path way, 1}']", :count => 1
assert_select ".secondary-actions a[href='#{way_path way}']", :count => 1
+ assert_select ".secondary-actions a[href='#{old_way_path way, 1, :params => { :show_redactions => true }}']", :count => 0
assert_select ".secondary-actions a[href='#{way_history_path way}']", :count => 1
end
assert_template :layout => "map"
end
- def test_redacted
- way = create(:way, :with_history, :deleted, :version => 2)
- way_v1 = way.old_ways.find_by(:version => 1)
- way_v1.redact!(create(:redaction))
+ test "show unrevealed redacted versions to anonymous users" do
+ way = create_redacted_way
get old_way_path(way, 1)
assert_response :success
assert_template "old_ways/show"
assert_template :layout => "map"
+ assert_select "td", :text => "TOP SECRET", :count => 0
assert_select ".secondary-actions a[href='#{way_path way}']", :count => 1
+ assert_select ".secondary-actions a[href='#{old_way_path way, 1, :params => { :show_redactions => true }}']", :count => 0
assert_select ".secondary-actions a[href='#{old_way_path way, 1}']", :count => 0
assert_select ".secondary-actions a[href='#{way_version_path way, 1}']", :count => 0
end
+ test "show unrevealed redacted versions to regular users" do
+ session_for(create(:user))
+ way = create_redacted_way
+ get old_way_path(way, 1)
+ assert_response :success
+ assert_template "old_ways/show"
+ assert_template :layout => "map"
+ assert_select "td", :text => "TOP SECRET", :count => 0
+ assert_select ".secondary-actions a[href='#{way_path way}']", :count => 1
+ assert_select ".secondary-actions a[href='#{old_way_path way, 1, :params => { :show_redactions => true }}']", :count => 0
+ assert_select ".secondary-actions a[href='#{old_way_path way, 1}']", :count => 0
+ assert_select ".secondary-actions a[href='#{way_version_path way, 1}']", :count => 0
+ end
+
+ test "show unrevealed redacted versions to moderators" do
+ session_for(create(:moderator_user))
+ way = create_redacted_way
+ get old_way_path(way, 1)
+ assert_response :success
+ assert_template "old_ways/show"
+ assert_template :layout => "map"
+ assert_select "td", :text => "TOP SECRET", :count => 0
+ assert_select ".secondary-actions a[href='#{way_path way}']", :count => 1
+ assert_select ".secondary-actions a[href='#{old_way_path way, 1, :params => { :show_redactions => true }}']", :count => 1
+ assert_select ".secondary-actions a[href='#{old_way_path way, 1}']", :count => 0
+ assert_select ".secondary-actions a[href='#{way_version_path way, 1}']", :count => 0
+ end
+
+ test "don't reveal redacted versions to anonymous users" do
+ way = create_redacted_way
+ get old_way_path(way, 1, :params => { :show_redactions => true })
+ assert_response :redirect
+ end
+
+ test "don't reveal redacted versions to regular users" do
+ session_for(create(:user))
+ way = create_redacted_way
+ get old_way_path(way, 1, :params => { :show_redactions => true })
+ assert_response :redirect
+ end
+
+ test "reveal redacted versions to moderators" do
+ session_for(create(:moderator_user))
+ way = create_redacted_way
+ get old_way_path(way, 1, :params => { :show_redactions => true })
+ assert_response :success
+ assert_select "td", :text => "TOP SECRET", :count => 1
+ assert_select ".secondary-actions a[href='#{old_way_path way, 1}']", :count => 1
+ end
+
def test_not_found
get old_way_path(0, 0)
assert_response :not_found
assert_template :layout => "map"
assert_select "#sidebar_content", /way #0 version 0 could not be found/
end
+
+ private
+
+ def create_redacted_way
+ create(:way, :with_history, :version => 2) do |way|
+ way_v1 = way.old_ways.find_by(:version => 1)
+ create(:old_way_tag, :old_way => way_v1, :k => "name", :v => "TOP SECRET")
+ way_v1.redact!(create(:redaction))
+ end
+ end
end
projects / rails.git / commitdiff