diff --git a/app/controllers/admin/enterprises_controller.rb b/app/controllers/admin/enterprises_controller.rb index d88d30cb16..8b7efa9e1f 100644 --- a/app/controllers/admin/enterprises_controller.rb +++ b/app/controllers/admin/enterprises_controller.rb @@ -2,6 +2,10 @@ require 'open_food_network/referer_parser' module Admin class EnterprisesController < ResourceController + # These need to run before #load_resource so that @object is initialised with sanitised values + prepend_before_filter :override_owner, only: :create + prepend_before_filter :override_sells, only: :create + before_filter :load_enterprise_set, :only => :index before_filter :load_countries, :except => [:index, :register, :check_permalink] before_filter :load_methods_and_fees, :only => [:edit, :update] @@ -9,8 +13,6 @@ module Admin before_filter :load_taxons, :only => [:new, :edit, :update, :create] before_filter :check_can_change_sells, only: :update before_filter :check_can_change_bulk_sells, only: :bulk_update - before_filter :override_owner, only: :create - before_filter :override_sells, only: :create before_filter :check_can_change_owner, only: :update before_filter :check_can_change_bulk_owner, only: :bulk_update before_filter :check_can_change_managers, only: :update diff --git a/app/models/enterprise.rb b/app/models/enterprise.rb index 80414d5116..5460ecc94d 100644 --- a/app/models/enterprise.rb +++ b/app/models/enterprise.rb @@ -78,6 +78,7 @@ class Enterprise < ActiveRecord::Base validate :enforce_ownership_limit, if: lambda { owner_id_changed? && !owner_id.nil? } validates_length_of :description, :maximum => 255 + before_save :confirmation_check, if: lambda { email_changed? } before_validation :initialize_permalink, if: lambda { permalink.nil? } @@ -93,6 +94,7 @@ class Enterprise < ActiveRecord::Base after_rollback :restore_permalink + scope :by_name, order('name') scope :visible, where(visible: true) scope :confirmed, where('confirmed_at IS NOT NULL') diff --git a/spec/controllers/admin/enterprises_controller_spec.rb b/spec/controllers/admin/enterprises_controller_spec.rb index 05498010bb..94282e6c2c 100644 --- a/spec/controllers/admin/enterprises_controller_spec.rb +++ b/spec/controllers/admin/enterprises_controller_spec.rb @@ -28,6 +28,7 @@ module Admin spree_put :create, enterprise_params enterprise = Enterprise.find_by_name 'zzz' + response.should redirect_to edit_admin_enterprise_path enterprise distributor_manager.enterprise_roles.where(enterprise_id: enterprise).first.should be end @@ -37,15 +38,17 @@ module Admin spree_put :create, enterprise_params enterprise = Enterprise.find_by_name 'zzz' + response.should redirect_to edit_admin_enterprise_path enterprise admin_user.enterprise_roles.where(enterprise_id: enterprise).should be_empty end - it "overrides the owner_id submitted by the user unless current_user is super admin" do + it "overrides the owner_id submitted by the user (when not super admin)" do controller.stub spree_current_user: distributor_manager enterprise_params[:enterprise][:owner_id] = user spree_put :create, enterprise_params enterprise = Enterprise.find_by_name 'zzz' + response.should redirect_to edit_admin_enterprise_path enterprise distributor_manager.enterprise_roles.where(enterprise_id: enterprise).first.should be end @@ -58,6 +61,7 @@ module Admin spree_put :create, enterprise_params enterprise = Enterprise.find_by_name 'zzz' + response.should redirect_to edit_admin_enterprise_path enterprise enterprise.sells.should == 'any' end @@ -68,6 +72,7 @@ module Admin spree_put :create, enterprise_params enterprise = Enterprise.find_by_name 'zzz' + response.should redirect_to edit_admin_enterprise_path enterprise enterprise.sells.should == 'none' end @@ -80,6 +85,7 @@ module Admin spree_put :create, enterprise_params enterprise = Enterprise.find_by_name 'zzz' + response.should redirect_to edit_admin_enterprise_path enterprise enterprise.sells.should == 'none' end end