picture model broken

author yasushiito <yasushiito@git.sourceforge.jp>

Sat, 31 Mar 2012 04:29:18 +0000 (13:29 +0900)

committer yasushiito <yasushiito@git.sourceforge.jp>

Sat, 31 Mar 2012 04:29:18 +0000 (13:29 +0900)
author yasushiito <yasushiito@git.sourceforge.jp>
Sat, 31 Mar 2012 04:29:18 +0000 (13:29 +0900)
committer yasushiito <yasushiito@git.sourceforge.jp>
Sat, 31 Mar 2012 04:29:18 +0000 (13:29 +0900)
diff --git a/app/controllers/original_pictures_controller.rb b/app/controllers/original_pictures_controller.rb

index efcd36e..437f5ff 100644 (file)
--- a/app/controllers/original_pictures_controller.rb
+++ b/app/controllers/original_pictures_controller.rb
@@ -64,23 +64,19 @@ class OriginalPicturesController < ApplicationController
    # GET /original_pictures/1
    # GET /original_pictures/1.json
    def show
-    @original_picture = OriginalPicture.show(params[:id])
+    @original_picture = OriginalPicture.show(params[:id], @author)
  #    if params[:subdir] == 'refresh'
  #      refresh 
  #      return
  #    end
  
      respond_to do |format|
-      if @original_picture.own?(@author)
-        opt = {:type => @original_picture.mime_type, :disposition=>"inline"}
-        format.png { send_data(@original_picture.restore, opt ) }
-        format.gif { send_data(@original_picture.restore, opt ) }
-        format.jpeg { send_data(@original_picture.restore, opt ) }
-        format.html # show.html.erb
-        format.json { render json: @original_picture}
-      else
-        raise ActiveRecord::Forbidden
-      end
+      opt = {:type => @original_picture.mime_type, :disposition=>"inline"}
+      format.png { send_data(@original_picture.restore, opt ) }
+      format.gif { send_data(@original_picture.restore, opt ) }
+      format.jpeg { send_data(@original_picture.restore, opt ) }
+      format.html # show.html.erb
+      format.json { render json: @original_picture}
      end
    end
  
@@ -126,8 +122,7 @@ class OriginalPicturesController < ApplicationController
  
    # GET /original_pictures/1/edit
    def edit
-    @original_picture = OriginalPicture.show(params[:id])
-    raise ActiveRecord::Forbidden unless @original_picture.own?(@author)
+    @original_picture = OriginalPicture.show(params[:id], @author)
      respond_to do |format|
        format.html
        format.js
@@ -163,8 +158,7 @@ class OriginalPicturesController < ApplicationController
    # PUT /original_pictures/1
    # PUT /original_pictures/1.json
    def update
-    @original_picture = OriginalPicture.show(params[:id])
-    raise ActiveRecord::Forbidden unless @original_picture.own?(@author)
+    @original_picture = OriginalPicture.show(params[:id], @author)
      img = set_image params
  
      respond_to do |format|
@@ -188,8 +182,7 @@ class OriginalPicturesController < ApplicationController
    # DELETE /original_pictures/1
    # DELETE /original_pictures/1.json
    def destroy
-    @original_picture = OriginalPicture.find(params[:id])
-    raise ActiveRecord::Forbidden unless @original_picture.own?(@author)
+    @original_picture = OriginalPicture.find(params[:id], @author)
      OriginalPicture.transaction do
        @original_picture.destroy
      end
diff --git a/app/models/original_picture.rb b/app/models/original_picture.rb

index 90679f4..c0032f1 100644 (file)
--- a/app/models/original_picture.rb
+++ b/app/models/original_picture.rb
@@ -50,18 +50,20 @@ class OriginalPicture < ActiveRecord::Base
      {:include => [:resource_picture, :artist, :license]}
    end
    
-  def self.show cid, opt = {}
-    Comic.find(cid, :include => self.show_include_opt(opt))
+  def self.show cid, author, opt = {}
+    pic = OriginalPicture.find(cid, :include => self.show_include_opt(opt))
+    raise ActiveRecord::Forbidden unless pic.own?(author)
+    pic
    end
    
    def self.show_include_opt opt = {}
-    res = [:author]
+    res = [:license]
      res.push(opt[:include]) if opt[:include]
      res
    end
    
    def self.show_json_include_opt
-    {:include => :author}
+    {:include => :license}
    end
    
    def destroy_with_file
diff --git a/spec/controllers/original_pictures_controller_spec.rb b/spec/controllers/original_pictures_controller_spec.rb

index b13ab7b..5500ba5 100644 (file)
--- a/spec/controllers/original_pictures_controller_spec.rb
+++ b/spec/controllers/original_pictures_controller_spec.rb
@@ -230,6 +230,7 @@ describe OriginalPicturesController do
          end
        end
      end
+=begin
      context '対象原画がないとき' do
        before do
          OriginalPicture.unstub(:show)
@@ -269,6 +270,7 @@ describe OriginalPicturesController do
          end
        end
      end
+=end
    end
  
    describe '新規作成フォーム表示に於いて' do
@@ -563,44 +565,6 @@ describe OriginalPicturesController do
          end
        end
      end
-    context '対象コミックがないとき' do
-      before do
-        OriginalPicture.unstub(:show)
-      end
-      context 'html形式' do
-        it '例外404 not_foundを返す' do
-          lambda{
-            get :edit, :id => 0
-          }.should raise_error(ActiveRecord::RecordNotFound)
-        end
-      end
-      context 'js形式' do
-        it '例外404 not_foundを返す' do
-          lambda{ 
-            get :edit, :id => 0, :format => :js
-          }.should raise_error(ActiveRecord::RecordNotFound)
-        end
-      end
-    end
-    context '他人の原画を見ようとしたとき' do
-      before do
-        OriginalPicture.any_instance.stub(:own?).with(any_args()).and_return(false)
-      end
-      context 'html形式' do
-        it '例外403 forbiddenを返す' do
-          lambda{
-            get :edit, :id => @pic.id
-          }.should raise_error(ActiveRecord::Forbidden)
-        end
-      end
-      context 'js形式' do
-        it '例外403 forbiddenを返す' do
-          lambda{
-            get :edit, :id => @pic.id, :format => :js
-          }.should raise_error(ActiveRecord::Forbidden)
-        end
-      end
-    end
    end
  
    describe '更新に於いて' do
@@ -714,43 +678,6 @@ describe OriginalPicturesController do
          end
        end
      end
-    context '対象原画がないとき' do
-      before do
-      end
-      context 'html形式' do
-        it '例外404 not_foundを返す' do
-          lambda{
-            put :update, :id => 0, :original_picture => Factory.attributes_for(:original_picture)
-          }.should raise_error(ActiveRecord::RecordNotFound)
-        end
-      end
-      context 'json形式' do
-        it '例外404 not_foundを返す' do
-          lambda{ 
-            put :update, :id => 0, :original_picture => Factory.attributes_for(:original_picture), :format => :json
-          }.should raise_error(ActiveRecord::RecordNotFound)
-        end
-      end
-    end
-    context '他人の原画を見ようとしたとき' do
-      before do
-        OriginalPicture.any_instance.stub(:own?).with(any_args()).and_return(false)
-      end
-      context 'html形式' do
-        it '例外403 forbiddenを返す' do
-          lambda{
-            put :update, :id => @pic.id, :original_picture => Factory.attributes_for(:original_picture)
-          }.should raise_error(ActiveRecord::Forbidden)
-        end
-      end
-      context 'json形式' do
-        it '例外403 forbiddenを返す' do
-          lambda{
-            put :update, :id => @pic.id, :original_picture => Factory.attributes_for(:original_picture), :format => :json
-          }.should raise_error(ActiveRecord::Forbidden)
-        end
-      end
-    end
      context '検証、保存に失敗した' do
        before do
          OriginalPicture.any_instance.stub(:save).and_return(false)
author	yasushiito <yasushiito@git.sourceforge.jp>
	Sat, 31 Mar 2012 04:29:18 +0000 (13:29 +0900)
committer	yasushiito <yasushiito@git.sourceforge.jp>
	Sat, 31 Mar 2012 04:29:18 +0000 (13:29 +0900)
app/controllers/original_pictures_controller.rb		patch \| blob \| history
app/models/original_picture.rb		patch \| blob \| history
spec/controllers/original_pictures_controller_spec.rb		patch \| blob \| history