diff --git a/app/controllers/photos_controller.rb b/app/controllers/photos_controller.rb
index 13fa0f488fc4b206a3c3232a5c2d9e9aa32fb442..d843be48c91be7d3f8691a65357e58b19c232000 100644
--- a/app/controllers/photos_controller.rb
+++ b/app/controllers/photos_controller.rb
@@ -122,7 +122,7 @@ class PhotosController < ApplicationController
photo = current_user.posts.where(:id => params[:id]).first
if photo
- photo.destroy
+ current_user.retract(photo)
respond_to do |format|
format.json{ render :nothing => true, :status => 204 }
diff --git a/app/controllers/status_messages_controller.rb b/app/controllers/status_messages_controller.rb
index fe941c3dc39097be36518593cfcdf9a980fe2aac..aa5914952af4be74aca78035a4e1a51d4db14aa5 100644
--- a/app/controllers/status_messages_controller.rb
+++ b/app/controllers/status_messages_controller.rb
@@ -81,7 +81,7 @@ class StatusMessagesController < ApplicationController
def destroy
@status_message = current_user.posts.where(:id => params[:id]).first
if @status_message
- @status_message.destroy
+ current_user.retract(@status_message)
render :nothing => true, :status => 200
else
Rails.logger.info "event=post_destroy status=failure user=#{current_user.diaspora_handle} reason='User does not own post'"
diff --git a/app/models/user.rb b/app/models/user.rb
index 190f5370f70f2eaafd3f5d0ed50503b0ae503c18..269533f3dd976ed6689f4d285f9a9321e2ed865e 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -218,7 +218,7 @@ class User < ActiveRecord::Base
######### Posts and Such ###############
def retract(post)
- if post.relayable
+ if post.respond_to?(:relayable?) && post.relayable?
aspects = post.parent.aspects
retraction = RelayableRetraction.build(self, post)
else
diff --git a/lib/diaspora/relayable.rb b/lib/diaspora/relayable.rb
index 2927e09921982a20c6315929da97a424bab05941..44798d242340ccab1588d1e1443d646be5242a7e 100644
--- a/lib/diaspora/relayable.rb
+++ b/lib/diaspora/relayable.rb
@@ -15,7 +15,7 @@ module Diaspora
end
end
- def relayable
+ def relayable?
true
end
diff --git a/lib/postzord/dispatch.rb b/lib/postzord/dispatch.rb
index e00200068daff6e510a88139d6f69f2e1ccd369a..275c3778667fb69832f24b2b9243cf1da8bc137b 100644
--- a/lib/postzord/dispatch.rb
+++ b/lib/postzord/dispatch.rb
@@ -22,7 +22,7 @@ class Postzord::Dispatch
unless @subscribers == nil
remote_people, local_people = @subscribers.partition{ |person| person.owner_id.nil? }
- if @object.respond_to?(:relayable) && @sender.owns?(@object.parent)
+ if @object.respond_to?(:relayable?) && @sender.owns?(@object.parent)
user_ids = [*local_people].map{|x| x.owner_id }
local_users = User.where(:id => user_ids)
self.notify_users(local_users)
diff --git a/lib/postzord/receiver.rb b/lib/postzord/receiver.rb
index c61039bf01d5e23e55f1209cd6179e6d1c89e974..eed011c4892bdc1bfd2dc344d90a633899c34020 100644
--- a/lib/postzord/receiver.rb
+++ b/lib/postzord/receiver.rb
@@ -49,7 +49,7 @@ module Postzord
end
def xml_author
- if @object.respond_to?(:relayable)
+ if @object.respond_to?(:relayable?)
#if A and B are friends, and A sends B a comment from C, we delegate the validation to the owner of the post being commented on
xml_author = @user.owns?(@object.parent) ? @object.diaspora_handle : @object.parent.author.diaspora_handle
@author = Webfinger.new(@object.diaspora_handle).fetch
@@ -71,7 +71,7 @@ module Postzord
end
# abort if we haven't received the post to a comment
- if @object.respond_to?(:relayable) && @object.parent.nil?
+ if @object.respond_to?(:relayable?) && @object.parent.nil?
Rails.logger.info("event=receive status=abort reason='received a comment but no corresponding post' recipient=#{@user_person.diaspora_handle} sender=#{@sender.diaspora_handle} payload_type=#{@object.class})")
return false
end
diff --git a/spec/controllers/photos_controller_spec.rb b/spec/controllers/photos_controller_spec.rb
index 9b098b2dbd74bc08b43f450462b12667dac56ad4..ce02d64a0d42dc673e9707092d9d58b49647778e 100644
--- a/spec/controllers/photos_controller_spec.rb
+++ b/spec/controllers/photos_controller_spec.rb
@@ -8,14 +8,11 @@ describe PhotosController do
render_views
before do
- @alice = alice
- @bob = bob
+ @alices_photo = alice.post(:photo, :user_file => uploaded_photo, :to => alice.aspects.first.id)
+ @bobs_photo = bob.post(:photo, :user_file => uploaded_photo, :to => bob.aspects.first.id, :public => true)
- @alices_photo = @alice.post(:photo, :user_file => uploaded_photo, :to => @alice.aspects.first.id)
- @bobs_photo = @bob.post(:photo, :user_file => uploaded_photo, :to => @bob.aspects.first.id, :public => true)
-
- @controller.stub!(:current_user).and_return(@alice)
- sign_in :user, @alice
+ @controller.stub!(:current_user).and_return(alice)
+ sign_in :user, alice
request.env["HTTP_REFERER"] = ''
end
@@ -32,23 +29,23 @@ describe PhotosController do
end
it 'can set the photo as the profile photo' do
- old_url = @alice.person.profile.image_url
+ old_url = alice.person.profile.image_url
@params[:photo][:set_profile_photo] = true
post :create, @params
- @alice.reload.person.profile.image_url.should_not == old_url
+ alice.reload.person.profile.image_url.should_not == old_url
end
end
describe '#index' do
it "displays the logged in user's pictures" do
- get :index, :person_id => @alice.person.id.to_s
- assigns[:person].should == @alice.person
+ get :index, :person_id => alice.person.id.to_s
+ assigns[:person].should == alice.person
assigns[:posts].should == [@alices_photo]
end
it "displays another person's pictures" do
- get :index, :person_id => @bob.person.id.to_s
- assigns[:person].should == @bob.person
+ get :index, :person_id => bob.person.id.to_s
+ assigns[:person].should == bob.person
assigns[:posts].should == [@bobs_photo]
end
end
@@ -118,21 +115,32 @@ describe PhotosController do
it "redirects when the user does not own the photo" do
get :edit, :id => @bobs_photo.id
- response.should redirect_to(:action => :index, :person_id => @alice.person.id.to_s)
+ response.should redirect_to(:action => :index, :person_id => alice.person.id.to_s)
end
end
describe '#destroy' do
- it 'allows the user to delete his photos' do
+ it 'let a user delete his message' do
delete :destroy, :id => @alices_photo.id
Photo.find_by_id(@alices_photo.id).should be_nil
end
- it 'will not let you destory posts you do not own' do
+ it 'sends a retraction on delete' do
+ alice.should_receive(:retract).with(@alices_photo)
+ delete :destroy, :id => @alices_photo.id
+ end
+
+ it 'will not let you destroy posts visible to you' do
delete :destroy, :id => @bobs_photo.id
Photo.find_by_id(@bobs_photo.id).should be_true
end
+
+ it 'will not let you destory posts you do not own' do
+ eves_photo = eve.post(:photo, :user_file => uploaded_photo, :to => eve.aspects.first.id, :public => true)
+ delete :destroy, :id => eves_photo.id
+ Photo.find_by_id(eves_photo.id).should be_true
+ end
end
describe "#update" do
@@ -145,13 +153,13 @@ describe PhotosController do
new_user = Factory.create(:user)
params = { :text => "now with lasers!", :author_id => new_user.id }
put :update, :id => @alices_photo.id, :photo => params
- @alices_photo.reload.author_id.should == @alice.person.id
+ @alices_photo.reload.author_id.should == alice.person.id
end
it 'redirects if you do not have access to the post' do
params = { :text => "now with lasers!" }
put :update, :id => @bobs_photo.id, :photo => params
- response.should redirect_to(:action => :index, :person_id => @alice.person.id.to_s)
+ response.should redirect_to(:action => :index, :person_id => alice.person.id.to_s)
end
end
diff --git a/spec/controllers/status_messages_controller_spec.rb b/spec/controllers/status_messages_controller_spec.rb
index 4aad54724960945b4663d23c29567476e276da57..128a7a7af739e79c085c1813b9677db47e7683a5 100644
--- a/spec/controllers/status_messages_controller_spec.rb
+++ b/spec/controllers/status_messages_controller_spec.rb
@@ -8,42 +8,39 @@ describe StatusMessagesController do
render_views
before do
- @user1 = alice
- @user2 = bob
-
- @aspect1 = @user1.aspects.first
- @aspect2 = @user2.aspects.first
+ @aspect1 = alice.aspects.first
+ @aspect2 = bob.aspects.first
request.env["HTTP_REFERER"] = ""
- sign_in :user, @user1
- @controller.stub!(:current_user).and_return(@user1)
- @user1.reload
+ sign_in :user, alice
+ @controller.stub!(:current_user).and_return(alice)
+ alice.reload
end
describe '#new' do
it 'succeeds' do
get :new,
- :person_id => @user2.person.id
+ :person_id => bob.person.id
response.should be_success
end
it 'generates a jasmine fixture' do
- contact = @user1.contact_for(@user2.person)
- aspect = @user1.aspects.create(:name => 'people')
+ contact = alice.contact_for(bob.person)
+ aspect = alice.aspects.create(:name => 'people')
contact.aspects << aspect
contact.save
- get :new, :person_id => @user2.person.id, :layout => true
+ get :new, :person_id => bob.person.id, :layout => true
save_fixture(html_for("body"), "status_message_new")
end
end
describe '#show' do
before do
- @message = @user1.build_post :status_message, :text => "ohai", :to => @aspect1.id
+ @message = alice.build_post :status_message, :text => "ohai", :to => @aspect1.id
@message.save!
- @user1.add_to_streams(@message, [@aspect1])
- @user1.dispatch_post @message, :to => @aspect1.id
+ alice.add_to_streams(@message, [@aspect1])
+ alice.dispatch_post @message, :to => @aspect1.id
end
it 'succeeds' do
@@ -97,30 +94,30 @@ describe StatusMessagesController do
it "dispatches the post to the specified services" do
s1 = Services::Facebook.new
- @user1.services << s1
- @user1.services << Services::Twitter.new
+ alice.services << s1
+ alice.services << Services::Twitter.new
status_message_hash[:services] = ['facebook']
- @user1.should_receive(:dispatch_post).with(anything(), hash_including(:services => [s1]))
+ alice.should_receive(:dispatch_post).with(anything(), hash_including(:services => [s1]))
post :create, status_message_hash
end
it "doesn't overwrite author_id" do
- status_message_hash[:status_message][:author_id] = @user2.person.id
+ status_message_hash[:status_message][:author_id] = bob.person.id
post :create, status_message_hash
new_message = StatusMessage.find_by_text(status_message_hash[:status_message][:text])
- new_message.author_id.should == @user1.person.id
+ new_message.author_id.should == alice.person.id
end
it "doesn't overwrite id" do
- old_status_message = @user1.post(:status_message, :text => "hello", :to => @aspect1.id)
+ old_status_message = alice.post(:status_message, :text => "hello", :to => @aspect1.id)
status_message_hash[:status_message][:id] = old_status_message.id
post :create, status_message_hash
old_status_message.reload.text.should == 'hello'
end
it 'calls dispatch post once subscribers is set' do
- @user1.should_receive(:dispatch_post){|post, opts|
- post.subscribers(@user1).should == [@user2.person]
+ alice.should_receive(:dispatch_post){|post, opts|
+ post.subscribers(alice).should == [bob.person]
}
post :create, status_message_hash
end
@@ -135,8 +132,8 @@ describe StatusMessagesController do
fixture_filename = 'button.png'
fixture_name = File.join(File.dirname(__FILE__), '..', 'fixtures', fixture_filename)
- @photo1 = @user1.build_post(:photo, :pending => true, :user_file=> File.open(fixture_name), :to => @aspect1.id)
- @photo2 = @user1.build_post(:photo, :pending => true, :user_file=> File.open(fixture_name), :to => @aspect1.id)
+ @photo1 = alice.build_post(:photo, :pending => true, :user_file=> File.open(fixture_name), :to => @aspect1.id)
+ @photo2 = alice.build_post(:photo, :pending => true, :user_file=> File.open(fixture_name), :to => @aspect1.id)
@photo1.save!
@photo2.save!
@@ -150,7 +147,7 @@ describe StatusMessagesController do
response.should be_redirect
end
it "dispatches all referenced photos" do
- @user1.should_receive(:dispatch_post).exactly(3).times
+ alice.should_receive(:dispatch_post).exactly(3).times
post :create, @hash
end
it "sets the pending bit of referenced photos" do
@@ -166,22 +163,30 @@ describe StatusMessagesController do
end
describe '#destroy' do
- let!(:message) {@user1.post(:status_message, :text => "hey", :to => @aspect1.id)}
- let!(:message2) {@user2.post(:status_message, :text => "hey", :to => @aspect2.id)}
+ before do
+ @message = alice.post(:status_message, :text => "hey", :to => @aspect1.id)
+ @message2 = bob.post(:status_message, :text => "hey", :to => @aspect2.id)
+ @message3 = eve.post(:status_message, :text => "hey", :to => eve.aspects.first.id)
+ end
+
+ it 'let a user delete his message' do
+ delete :destroy, :id => @message.id
+ StatusMessage.find_by_id(@message.id).should be_nil
+ end
- it 'let a user delete his photos' do
- delete :destroy, :id => message.id
- StatusMessage.find_by_id(message.id).should be_nil
+ it 'sends a retraction on delete' do
+ alice.should_receive(:retract).with(@message)
+ delete :destroy, :id => @message.id
end
it 'will not let you destroy posts visible to you' do
- delete :destroy, :id => message2.id
- StatusMessage.find_by_id(message2.id).should be_true
+ delete :destroy, :id => @message2.id
+ StatusMessage.find_by_id(@message2.id).should be_true
end
it 'will not let you destory posts you do not own' do
- delete :destroy, :id => message2.id
- StatusMessage.find_by_id(message2.id).should be_true
+ delete :destroy, :id => @message3.id
+ StatusMessage.find_by_id(@message3.id).should be_true
end
end
end