Andreas/tracks
1
0
Fork 0
mirror of https://github.com/TracksApp/tracks.git synced 2025-12-16 23:30:12 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix #1194 by checking the project_id and context_id

Browse source
This commit is contained in:
Reinier Balt 2011-09-10 02:31:53 +02:00
parent cdff38995c
commit f5cabbf74d
2 changed files with 43 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

26
app/controllers/todos_controller.rb
View file

@ -74,6 +74,9 @@ class TodosController < ApplicationController
project = current_user.projects.find_or_create_by_name(p.project_name) project = current_user.projects.find_or_create_by_name(p.project_name)
@new_project_created = project.new_record_before_save? @new_project_created = project.new_record_before_save?
@todo.project_id = project.id @todo.project_id = project.id
elsif !p.project_id.nil?
project = current_user.projects.find_by_id(p.project_id)
@todo.errors.add(:project, "unknown") if project.nil?
end end
if p.context_specified_by_name? if p.context_specified_by_name?
@ -81,15 +84,20 @@ class TodosController < ApplicationController
@new_context_created = context.new_record_before_save? @new_context_created = context.new_record_before_save?
@not_done_todos = [@todo] if @new_context_created @not_done_todos = [@todo] if @new_context_created
@todo.context_id = context.id @todo.context_id = context.id
elsif !p.context_id.nil?
context = current_user.contexts.find_by_id(p.context_id)
@todo.errors.add(:context, "unknown") if context.nil?
end end
@todo.starred= (params[:new_todo_starred]||"").include? "true" if @saved
@todo.starred= (params[:new_todo_starred]||"").include? "true"
@todo.add_predecessor_list(predecessor_list) @todo.add_predecessor_list(predecessor_list)
# Fix for #977 because AASM overrides @state on creation # Fix for #977 because AASM overrides @state on creation
specified_state = @todo.state specified_state = @todo.state
@saved = @todo.save @saved = @todo.save
end
@todo.update_state_from_project if @saved @todo.update_state_from_project if @saved
@ -1457,10 +1465,18 @@ class TodosController < ApplicationController
@params['project_name'].strip unless @params['project_name'].nil? @params['project_name'].strip unless @params['project_name'].nil?
end end
def project_id
@attributes['project_id']
end
def context_name def context_name
@params['context_name'].strip unless @params['context_name'].nil? @params['context_name'].strip unless @params['context_name'].nil?
end end
def context_id
@attributes['context_id']
end
def tag_list def tag_list
@params['todo_tag_list'] @params['todo_tag_list']
end end

16
test/integration/todo_xml_api_test.rb
View file

@ -34,4 +34,20 @@ class TodoXmlApiTest < ActionController::IntegrationTest
assert_no_tag :tag => "user_id" assert_no_tag :tag => "user_id"
end end
def test_post_create_todo_with_wrong_project_and_context_id
authenticated_post_xml_to_todo_create "<todo><description>this will fail</description><context_id type='integer'>-16</context_id><project_id type='integer'>-11</project_id></todo>"
assert_response 422
end
private
def authenticated_post_xml_to_todo_create(postdata = @@valid_postdata, user = users(:other_user).login, password = 'sesame')
authenticated_post_xml "/todos", user, password, postdata
assert_xml_select 'errors' do
assert_select 'error', 2, 'Project unknown'
assert_select 'error', 2, 'Context unknown'
end
end
end end