Ah, my bad I was confusing posts with sb_posts...these are the blog/category posts, not forum posts!
It was failing because in our app only admins will be able to make posts, but I was thinking that I was testing forum posts, lol On Apr 14, 2010, at 11:57 AM, Bruno Bornsztein wrote: > Look at line 50 of posts_controller.rb: > > def require_ownership_or_moderator > @user ||= User.find(params[:user_id]) > @post ||= Post.find(params[:id]) if params[:id] > unless admin? || moderator? || (@post && (@post.user.eql?(current_user))) > || (!...@post && @user && @user.eql?(current_user)) > redirect_to :controller => 'sessions', :action => 'new' and return false > end > return @user > end > > Specifically: (!...@post && @user && @user.eql?(current_user)) > If there's no post and there is a @user (set on line 51) and the @user is the > same as the logged in user (current_user), then the method returns true. This > prevents you from logging in as quentin and going to /aaron/posts/new and > creating a post for aaron. > > 1) Why do these tests pass (and by the way, they DON'T pass for me now, but > when I installed CE all the tests pass)? > If you have failing tests on a blank CE install from master, please report > them in lighthouse. > > 2) furthermore, the code makes no sense. Why should moderators be required > for the :create method? These are posts, not forums. > It makes perfect sense. Admins and mods can create posts for other users (so > an admin/mod can go to /anyuser/posts/new), but normal users can only create > posts for themselves (/myusername/posts/new). > > > > -- > You received this message because you are subscribed to the Google Groups > "CommunityEngine" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/communityengine?hl=en. -- You received this message because you are subscribed to the Google Groups "CommunityEngine" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/communityengine?hl=en.
