diff --git a/app/controllers/plans_controller.rb b/app/controllers/plans_controller.rb index ab877e2..e3a8548 100644 --- a/app/controllers/plans_controller.rb +++ b/app/controllers/plans_controller.rb @@ -171,24 +171,6 @@ authorize @plan if (user_signed_in? && @plan.readable_by(current_user.id)) then - generate_export - - elsif !user_signed_in? then - respond_to do |format| - format.html { redirect_to edit_user_registration_path } - end - - elsif !@plan.editable_by(current_user.id) then - respond_to do |format| - format.html { redirect_to projects_url, notice: I18n.t('helpers.settings.plans.errors.no_access_account') } - end - end - end - - - # ============================================================== - private - def generate_export @exported_plan = ExportedPlan.new.tap do |ep| ep.plan = @plan ep.user = current_user ||= nil @@ -223,5 +205,16 @@ } end end - end + + elsif !user_signed_in? then + respond_to do |format| + format.html { redirect_to edit_user_registration_path } + end + + elsif !@plan.editable_by(current_user.id) then + respond_to do |format| + format.html { redirect_to projects_url, notice: I18n.t('helpers.settings.plans.errors.no_access_account') } + end + end + end end diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index 604a124..96c0cc8 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -123,6 +123,9 @@ format.html { redirect_to edit_user_registration_path } end else + # REPLACE THIS WITH CALL To LOCAL generate_export + # AFTER DATA MODEL REFACTOR WHEN WE COLLAPSE Projects and Plans + respond_to do |format| format.html { render action: "export" } @@ -135,18 +138,22 @@ def public_export @project = Project.find(params[:id]) + # Force PDF response + + request.format = :pdf + + # if the project is designated as public if @project.is_public? -puts "ITS PUBLIC" - render action: "export" + generate_export else - authorize @project - if user_signed_in? -puts "SIGNED IN" - render action: "export" + # If the user is signed in and this is their plan + if user_signed_in? && @project.readable_by(current_user) + generate_export else -puts "NOT SIGNED IN" + + # Otherwise redirect to the home page with an unauthorized message redirect_to root_path, notice: I18n.t('helpers.settings.plans.errors.no_access_account') end end @@ -411,4 +418,44 @@ GuidanceGroup.where(id: guidance_groups) end + + # ----------------------------------------------------------- + def generate_export + plan = @project.plans.first + + @exported_plan = ExportedPlan.new.tap do |ep| + ep.plan = plan + ep.user = current_user ||= nil + #ep.format = request.format.try(:symbol) + ep.format = request.format.to_sym + plan_settings = plan.settings(:export) + + Settings::Dmptemplate::DEFAULT_SETTINGS.each do |key, value| + ep.settings(:export).send("#{key}=", plan_settings.send(key)) + end + end + + @exported_plan.save! # FIXME: handle invalid request types without erroring? + file_name = @exported_plan.project_name + + respond_to do |format| + format.html + format.xml + format.json + format.csv { send_data @exported_plan.as_csv, filename: "#{file_name}.csv" } + format.text { send_data @exported_plan.as_txt, filename: "#{file_name}.txt" } + format.docx { headers["Content-Disposition"] = "attachment; filename=\"#{file_name}.docx\""} + format.pdf do + @formatting = plan.settings(:export).formatting + render pdf: file_name, + margin: @formatting[:margin], + footer: { + center: t('helpers.plan.export.pdf.generated_by'), + font_size: 8, + spacing: (@formatting[:margin][:bottom] / 2) - 4, + right: '[page] of [topage]' + } + end + end + end end diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb index 60c76fd..9ca5bcc 100644 --- a/app/policies/project_policy.rb +++ b/app/policies/project_policy.rb @@ -39,4 +39,5 @@ def possible_guidance? true end + end \ No newline at end of file diff --git a/test/functional/projects_controller_test.rb b/test/functional/projects_controller_test.rb index 0a29264..3626c0a 100644 --- a/test/functional/projects_controller_test.rb +++ b/test/functional/projects_controller_test.rb @@ -10,11 +10,23 @@ # ---------------------------------------------------------- test "should export the publicly available plan" do + @project.is_public = true + @project.save! + + get public_export_project_path(locale: I18n.locale, id: @project) + # Should be redirected to the plans controller's export function + assert_redirected_to "#{export_project_plan_path(@project, @project.plans.first)}", "expected to be redirected to the exported plan" + follow_redirect! + + assert_redirected_to "blah" + assert_response :success + assert_equal Mime::PDF, response.content_type end # ---------------------------------------------------------- test "should NOT export a non-public plan to unauthorized users" do + # Set the is_public flag to false and try to access it when not logged in @project.is_public = false @project.save! @@ -22,6 +34,17 @@ assert_redirected_to "#{root_path}?locale=#{I18n.locale}", "expected to be redirected to the home page!" assert_equal I18n.t('helpers.settings.plans.errors.no_access_account'), flash[:notice], "Expected an unauthorized message when trying to export a plan (via the public_export route) when the plan is not actually public" + + # Set the is_public flag to false and assign ownership to a different user and then try to access it as a non-owner + @project.assign_creator(User.last) + @project.save! + + sign_in User.first + + get public_export_project_path(locale: I18n.locale, id: @project) + + assert_redirected_to "#{root_path}?locale=#{I18n.locale}", "expected to be redirected to the home page!" + assert_equal I18n.t('helpers.settings.plans.errors.no_access_account'), flash[:notice], "Expected an unauthorized message when trying to export a plan (via the public_export route) when the plan is not actually public" end =begin