diff --git a/app/controllers/templates_controller.rb b/app/controllers/templates_controller.rb index 4f5e453..65626b3 100644 --- a/app/controllers/templates_controller.rb +++ b/app/controllers/templates_controller.rb @@ -54,6 +54,8 @@ @template = Template.includes(:org, phases: [sections: [questions: [:question_options, :question_format, :suggested_answers]]]).find(params[:id]) # check to see if this is a funder template needing customized + + authorize @template if @template.org_id != current_user.org_id # definitely need to deep_copy the given template new_customization = Template.deep_copy(@template) @@ -145,7 +147,7 @@ new_version.save! @template = new_version end - authorize @template + # once the correct template has been generated, we convert it to hash @hash = @template.to_hash end @@ -185,6 +187,8 @@ # creates a new template with version 0 and new dmptemplate_id def admin_create @template = Template.new(params[:template]) + authorize @template + @template.org_id = current_user.org_id @template.description = params['template-desc'] @template.published = false @@ -196,7 +200,7 @@ random = rand 2147483647 break random unless Template.exists?(dmptemplate_id: random) end - authorize @template + if @template.save! redirect_to admin_template_template_path(@template), notice: _('Information was successfully created.') else diff --git a/app/views/templates/_show_phases_sections.html.erb b/app/views/templates/_show_phases_sections.html.erb index 1338717..02478b4 100644 --- a/app/views/templates/_show_phases_sections.html.erb +++ b/app/views/templates/_show_phases_sections.html.erb @@ -37,22 +37,24 @@ <% (1..phase_hash[:sections].length).each do |section_no| %> <% section = phase_hash[:sections][section_no] %> - - -

<%= section[:data].title %>

- - - <% if section[:questions].present? %> - - <% end %> - - + <% if section %> + + +

<%= section[:data].title %>

+ + + <% if section[:questions].present? %> + + <% end %> + + + <% end %> <% end %> diff --git a/db/seeds.rb b/db/seeds.rb index 7584852..1002c91 100644 --- a/db/seeds.rb +++ b/db/seeds.rb @@ -184,7 +184,7 @@ surname: "Admin", password: "password123", password_confirmation: "password123", - org: Org.find_by(abbreviation: 'CC'), + org: Org.find_by(abbreviation: Rails.configuration.branding[:organisation][:abbreviation]), language: Language.find_by(abbreviation: I18n.locale), perms: Perm.all, accept_terms: true, @@ -225,7 +225,7 @@ # ------------------------------------------------------- guidance_groups = [ {name: "Generic Guidance (provided by the example curation centre)", - org: Org.find_by(abbreviation: 'CC'), + org: Org.find_by(abbreviation: Rails.configuration.branding[:organisation][:abbreviation]), optional_subset: true, published: true}, {name: "Government Agency Advice (Funder specific guidance)", @@ -344,7 +344,7 @@ {title: "My Curation Center's Default Template", description: "The default template", published: true, - org: Org.find_by(abbreviation: 'CC'), + org: Org.find_by(abbreviation: Rails.configuration.branding[:organisation][:abbreviation]), is_default: true, version: 1}, diff --git a/test/functional/templates_controller_test.rb b/test/functional/templates_controller_test.rb new file mode 100644 index 0000000..8500e92 --- /dev/null +++ b/test/functional/templates_controller_test.rb @@ -0,0 +1,165 @@ +class TemplatesControllerTest < ActionDispatch::IntegrationTest + + include Devise::Test::IntegrationHelpers + + setup do + scaffold_template + + # Get the first Org Admin + @user = User.where(org: @template.org).select{|u| u.can_org_admin?}.first + end + +# TODO: The following methods SHOULD replace the old 'admin_' prefixed methods. The routes file already has +# these defined. We should remove the old routes to the 'admin_' prefixed methods as well + + # GET /admin/templates (admin_templates_path) + # ---------------------------------------------------------- + test "get list of all templates" do + # TODO: This method should replace admin_index and would ideally be `templates GET` + end + + # POST /admin/templates (admin_templates_path) + # ---------------------------------------------------------- + test "create a new template" do + # TODO: This method should replace admin_create and would ideally be `templates POST` + end + + # GET /admin/templates/new (new_admin_template_path) + # ---------------------------------------------------------- + test "get the new template page" do + # TODO: This method should replace admin_new and would ideally be `templates/new GET` + end + + # GET /admin/templates/:id/edit (edit_admin_template_path) + # ---------------------------------------------------------- + test "get the edit template page" do + # TODO: This method should replace admin_edit and would ideally be `templates/[:id]/edit GET` + end + + # GET /admin/templates/:id (admin_template_path) + # ---------------------------------------------------------- + test "get the show template page" do + # TODO: This method should replace admin_show and would ideally be `template/[:id] GET` + end + + # PUT/PATCH /admin/templates/:id (admin_template_path) + # ---------------------------------------------------------- + test "update the template" do + # TODO: This method should replace admin_update and would ideally be `template/[:id] PUT` + end + + # DELETE /admin/templates/:id (admin_template_path) + # ---------------------------------------------------------- + test "destroy the template" do + # TODO: This method should replace admin_destroy and would ideally be `template/[:id] DELETE` + end + + + + + # GET /org/admin/templates/:id/admin_index (admin_index_template_path) the :id here makes no sense! + # ---------------------------------------------------------- + test "get the list of admin templates" do + # Should redirect user to the root path if they are not logged in! + get admin_index_template_path(@user.org) + assert_unauthorized_redirect_to_root_path + + sign_in @user + + get admin_index_template_path(@user.org) + assert_response :success + + assert assigns(:templates_own) + assert assigns(:other_published_version) + assert assigns(:templates_funders) + assert assigns(:templates_customizations) + end + + # GET /org/admin/templates/:id/admin_template (admin_template_template_path) + # ---------------------------------------------------------- + test "get the admin template" do + # Should redirect user to the root path if they are not logged in! + get admin_template_template_path(@template) + assert_unauthorized_redirect_to_root_path + + sign_in @user + + get admin_template_template_path(@template) + assert_response :success + + assert assigns(:template) + assert assigns(:hash) + end + +# TODO: Why are we passing an :id here!? Its a new record but we seem to need the last template's id + # GET /org/admin/templates/:id/admin_new (admin_new_template_path) + # ---------------------------------------------------------- + test "get the new admin template page" do + # Should redirect user to the root path if they are not logged in! + get admin_new_template_path(Template.last.id) + assert_unauthorized_redirect_to_root_path + + sign_in @user + + get admin_new_template_path(Template.last.id) + assert_response :success + end + + # GET /org/admin/templates/:id/admin_template_history (admin_template_history_template_path) + # ---------------------------------------------------------- + test "get the admin template history page" do + # Should redirect user to the root path if they are not logged in! + get admin_template_history_template_path(@template) + assert_unauthorized_redirect_to_root_path + + sign_in @user + + get admin_template_history_template_path(@template) + assert_response :success + + assert assigns(:template) + assert assigns(:templates) + end + + # DELETE /org/admin/templates/:id/admin_destroy (admin_destroy_template_path) + # ---------------------------------------------------------- + test "delete the admin template" do + # Should redirect user to the root path if they are not logged in! + delete admin_destroy_template_path(@template) + assert_unauthorized_redirect_to_root_path + + sign_in @user + + delete admin_destroy_template_path(@template) + assert_response :redirect + assert_redirected_to admin_index_template_url + end + +# TODO: Why are we passing an :id here!? Its a new record but we seem to need the last template's id + # POST /org/admin/templates/:id/admin_create (admin_create_template_path) + # ---------------------------------------------------------- + test "create a admin template" do + params = {org_id: @user.org.id, version: 0, title: 'Testing create route'} + + # Should redirect user to the root path if they are not logged in! + post admin_create_template_path(Template.last.id), {template: params} + assert_unauthorized_redirect_to_root_path + + sign_in @user + + post admin_create_template_path(Template.last.id), {template: params} + assert_response :redirect + + assert_redirected_to admin_template_template_url(Template.last.id) + + assert assigns(:template) + end + + # GET /org/admin/templates/:id/admin_update (admin_update_template_path) + # ---------------------------------------------------------- + test "update the admin template" do + sign_in @user + + end + +end \ No newline at end of file