The CE posts_controller.rb has this line: before_filter :require_ownership_or_moderator, :only => [:edit, :update, :destroy, :create, :manage, :new]
And the tests use login_as :quentin, who has the :member role in the test fixtures. This is a problem in the "create" tests I have a couple of questions: 1) Why do these tests pass (and by the way, they DON'T pass for me now, but when I installed CE all the tests pass)? Clearly, the :quentin should not be able to pass the :require_ownership_or_moderator filter when doing a post :create call, because he isn't a moderator and when calling create there is no post to own 2) furthermore, the code makes no sense. Why should moderators be required for the :create method? These are posts, not forums. Any suggestions? -- You received this message because you are subscribed to the Google Groups "CommunityEngine" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/communityengine?hl=en.
