diff options
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Alert.pm | 14 | ||||
| -rwxr-xr-x | perllib/FixMyStreet/App/Controller/Questionnaire.pm | 32 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Report/Update.pm | 4 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Tokens.pm | 4 | ||||
| -rw-r--r-- | t/app/controller/alert_new.t | 51 | ||||
| -rw-r--r-- | t/app/controller/report_updates.t | 173 | ||||
| -rw-r--r-- | templates/web/default/alert/list.html | 2 |
7 files changed, 225 insertions, 55 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Alert.pm b/perllib/FixMyStreet/App/Controller/Alert.pm index db9602ff5..b8b7cce40 100644 --- a/perllib/FixMyStreet/App/Controller/Alert.pm +++ b/perllib/FixMyStreet/App/Controller/Alert.pm @@ -58,9 +58,14 @@ sub subscribe : Path('subscribe') : Args(0) { if ( $c->req->param('rss') ) { $c->detach('rss'); } - elsif ( $c->req->param('rznvy') ) { + # if it exists then it's been submitted so we should + # go to subscribe email and let it work out the next step + elsif ( exists $c->req->params->{'rznvy'} ) { $c->detach('subscribe_email'); } + + # shouldn't get to here but if we have then do something sensible + $c->go('index'); } =head2 rss @@ -194,7 +199,10 @@ sub create_alert : Private { unless ($alert) { $options->{cobrand} = $c->cobrand->moniker(); $options->{cobrand_data} = $c->cobrand->extra_update_data(); - $options->{confirmed} = 1 if $c->stash->{alert_user}->in_storage; + + if ( $c->user && $c->user->id == $c->stash->{alert_user}->id ) { + $options->{confirmed} = 1; + } $alert = $c->model('DB::Alert')->new($options); $alert->insert(); @@ -221,7 +229,6 @@ sub set_update_alert_options : Private { }; $c->stash->{alert_options} = $options; - $c->forward('create_alert'); } =head2 set_local_alert_options @@ -255,7 +262,6 @@ sub set_local_alert_options : Private { push @params, $1, $2; } - my $options = { user => $c->stash->{alert_user}, alert_type => $type diff --git a/perllib/FixMyStreet/App/Controller/Questionnaire.pm b/perllib/FixMyStreet/App/Controller/Questionnaire.pm index 001578196..766c886f7 100755 --- a/perllib/FixMyStreet/App/Controller/Questionnaire.pm +++ b/perllib/FixMyStreet/App/Controller/Questionnaire.pm @@ -46,9 +46,7 @@ sub load_questionnaire : Private { } unless ( $questionnaire->problem->state eq 'confirmed' || $questionnaire->problem->state eq 'fixed' ) { - $c->stash->{message} = _("I'm afraid we couldn't locate your problem in the database.\n"); - $c->stash->{template} = 'questionnaire/error.html'; - $c->detach; + $c->detach('missing_problem'); } $c->stash->{problem} = $questionnaire->problem; @@ -84,6 +82,19 @@ sub submit : Path('submit') { return 1; } +=head2 missing_problem + +Display couldn't locate problem error message + +=cut + +sub missing_problem : Private { + my ( $self, $c ) = @_; + + $c->stash->{message} = _("I'm afraid we couldn't locate your problem in the database.\n"); + $c->stash->{template} = 'questionnaire/error.html'; +} + sub submit_creator_fixed : Private { my ( $self, $c ) = @_; @@ -91,6 +102,21 @@ sub submit_creator_fixed : Private { map { $c->stash->{$_} = $c->req->params->{$_} || '' } qw(reported problem); + # should only be able to get to here if we are logged and we have a + # problem + unless ( $c->user && $c->stash->{problem} ) { + $c->detach('missing_problem'); + } + + my $problem = $c->model('DB::Problem')->find( { id => + $c->stash->{problem} } ); + + # you should not be able to answer questionnaires about problems + # that you've not submitted + if ( $c->user->id != $problem->user->id ) { + $c->detach('missing_problem'); + } + push @errors, _('Please say whether you\'ve ever reported a problem to your council before') unless $c->stash->{reported}; $c->stash->{problem_id} = $c->stash->{problem}; diff --git a/perllib/FixMyStreet/App/Controller/Report/Update.pm b/perllib/FixMyStreet/App/Controller/Report/Update.pm index be0f8dc16..e8bb0f70d 100644 --- a/perllib/FixMyStreet/App/Controller/Report/Update.pm +++ b/perllib/FixMyStreet/App/Controller/Report/Update.pm @@ -20,6 +20,10 @@ Creates an update to a report sub report_update : Path : Args(0) { my ( $self, $c ) = @_; + # if there's no id then we should just stop now + $c->detach( '/page_error_404_not_found', [ _('Unknown problem ID') ] ) + unless $c->req->param('id'); + $c->forward('setup_page') && $c->forward('process_user') && $c->forward('process_update') diff --git a/perllib/FixMyStreet/App/Controller/Tokens.pm b/perllib/FixMyStreet/App/Controller/Tokens.pm index 7053edc95..5d1d9eafb 100644 --- a/perllib/FixMyStreet/App/Controller/Tokens.pm +++ b/perllib/FixMyStreet/App/Controller/Tokens.pm @@ -149,10 +149,10 @@ sub confirm_update : Path('/C') { return; } - $c->forward('/report/update/confirm'); - $c->authenticate( { email => $comment->user->email }, 'no_password' ); + $c->forward('/report/update/confirm'); + return 1; } diff --git a/t/app/controller/alert_new.t b/t/app/controller/alert_new.t index 3d06594de..91e86bd46 100644 --- a/t/app/controller/alert_new.t +++ b/t/app/controller/alert_new.t @@ -153,7 +153,9 @@ foreach my $test ( } ) { - subtest "use existing user in a alert" => sub { + subtest "use existing unlogged in user in a alert" => sub { + $mech->log_out_ok(); + my $type = $test->{type} . '_problems'; my $user = @@ -170,7 +172,7 @@ foreach my $test ( ); # clear existing data so we can be sure we're creating it - $alert->delete() if $alert; + ok $alert->delete() if $alert; } $mech->get_ok( $test->{uri} ); @@ -181,41 +183,61 @@ foreach my $test ( alert_type => $type, parameter => $test->{param1}, parameter2 => $test->{param2}, - confirmed => 1, + confirmed => 0, } ); + $mech->content_contains( 'Now check your email' ); + ok $alert, 'New alert created with existing user'; }; } foreach my $test ( { + desc => 'logged in user signing up', + user => 'test-login@example.com', + email => 'test-login@example.com', + type => 'council', + content => 'your alert will not be activated', + email_text => 'confirm the alert', + param1 => 2651, + param2 => 2651, + confirmed => 1, + }, + { + desc => 'logged in user signing up with different email', + user => 'loggedin@example.com', email => 'test-login@example.com', type => 'council', content => 'your alert will not be activated', email_text => 'confirm the alert', param1 => 2651, param2 => 2651, + confirmed => 0, } ) { - subtest "use logged in user in an alert" => sub { + subtest $test->{desc} => sub { my $type = $test->{type} . '_problems'; my $user = FixMyStreet::App->model('DB::User') - ->find_or_create( { email => $test->{email} } ); + ->find_or_create( { email => $test->{user} } ); + + my $alert_user = + FixMyStreet::App->model('DB::User') + ->find( { email => $test->{email} } ); - $mech->log_in_ok( $test->{email} ); + $mech->log_in_ok( $test->{user} ); $mech->clear_emails_ok; my $alert; - if ($user) { + if ($alert_user) { $alert = FixMyStreet::App->model('DB::Alert')->find( { - user => $user, + user => $alert_user, alert_type => $type } ); @@ -227,25 +249,26 @@ foreach my $test ( $mech->get_ok('/alert/list?pc=EH991SP'); my $form_values = $mech->visible_form_values(); - ok $form_values->{rznvy} eq $test->{email}, + ok $form_values->{rznvy} eq $test->{user}, 'auto filled in correct email'; - $mech->set_visible( [ radio => 'council:2651:City_of_Edinburgh' ] ); + $mech->set_visible( [ radio => 'council:2651:City_of_Edinburgh' ], + [ text => $test->{email} ] ); $mech->click('alert'); $alert = FixMyStreet::App->model('DB::Alert')->find( { - user => $user, + user => $alert_user, alert_type => $type, parameter => $test->{param1}, parameter2 => $test->{param2}, - confirmed => 1, + confirmed => $test->{confirmed}, } ); - ok $alert, 'New alert created with existing user'; + ok $alert, 'New alert created with logged in user'; - $mech->email_count_is(0); + $mech->email_count_is( $test->{confirmed} ? 0 : 1 ); }; } diff --git a/t/app/controller/report_updates.t b/t/app/controller/report_updates.t index a1c630716..72a120b0e 100644 --- a/t/app/controller/report_updates.t +++ b/t/app/controller/report_updates.t @@ -271,6 +271,7 @@ for my $test ( } subtest "submit an update for a non registered user" => sub { + $mech->log_out_ok(); $mech->clear_emails_ok(); $mech->get_ok("/report/$report_id"); @@ -473,6 +474,8 @@ for my $test ( }, ) { subtest $test->{desc} => sub { + $mech->log_out_ok(); + # clear out comments for this problem to make # checking details easier later ok( $_->delete, 'deleted comment ' . $_->id ) @@ -579,20 +582,104 @@ foreach my $test ( path => '/report/' . $report->id, content => $report->title, }, + ) +{ + subtest $test->{desc} => sub { + + # double check + $mech->log_out_ok(); + + # clear out comments for this problem to make + # checking details easier later + ok( $_->delete, 'deleted comment ' . $_->id ) for $report->comments; + + $report->discard_changes; + $report->state('confirmed'); + $report->update; + + my $questionnaire; + if ( $test->{answered} ) { + $questionnaire = + FixMyStreet::App->model('DB::Questionnaire')->create( + { + problem_id => $report_id, + ever_reported => 'y', + whensent => \'ms_current_timestamp()', + } + ); + + ok $questionnaire, 'added questionnaire'; + } + + $report->discard_changes; + + $mech->clear_emails_ok(); + + $mech->log_in_ok( $test->{fields}->{rznvy} ); + $mech->get_ok("/report/$report_id"); + + my $values = $mech->visible_form_values('updateForm'); + + is_deeply $values, $test->{initial_values}, 'initial form values'; + + is $mech->extract_problem_banner->{text}, $test->{initial_banner}, + 'initial banner'; + + $mech->submit_form_ok( { with_fields => $test->{fields}, }, + 'submit update' ); + + is $mech->uri->path, $test->{path}, "page after submission"; + + $mech->content_contains( $test->{content} ); + + $mech->email_count_is(0); + + my $results = { %{ $test->{fields} }, %{ $test->{changed} }, }; + + my $update = $report->comments->first; + ok $update, 'found update'; + is $update->text, $results->{update}, 'update text'; + is $update->user->email, $test->{fields}->{rznvy}, 'update user'; + is $update->state, 'confirmed', 'update confirmed'; + is $update->anonymous, $test->{anonymous}, 'user anonymous'; + + SKIP: { + skip( 'not answering questionnaire', 5 ) if $questionnaire; + + $mech->submit_form_ok( ); + + my @errors = @{ $mech->page_errors }; + ok scalar @errors, 'displayed error messages'; + is $errors[0], "Please say whether you've ever reported a problem to your council before", 'error message'; + + $mech->submit_form_ok( { with_fields => { reported => 'Yes' } } ); + + $mech->content_contains( 'Thank you — you can' ); + + $questionnaire = FixMyStreet::App->model( 'DB::Questionnaire' )->find( + { problem_id => $report_id } + ); + + ok $questionnaire, 'questionnaire exists'; + ok $questionnaire->ever_reported, 'ever reported is yes'; + }; + + if ($questionnaire) { + $questionnaire->delete; + ok !$questionnaire->in_storage, 'questionnaire deleted'; + } + }; +} + + +for my $test ( { desc => 'reporter submits update and marks problem fixed', - initial_values => { - name => 'Test User', - rznvy => 'test@example.com', - may_show_name => 1, - add_alert => 1, - photo => '', - update => '', - fixed => undef, - }, fields => { submit_update => 1, + name => 'Test User', rznvy => 'test@example.com', + may_show_name => 1, update => 'update from owner', add_alert => undef, fixed => 1, @@ -602,7 +689,6 @@ foreach my $test ( alert => 1, # we signed up for alerts before, do not unsign us anonymous => 0, answered => 0, - login => 0, path => '/report/update', content => "Thanks, glad to hear it's been fixed! Could we just ask if you have ever reported a problem to a council before?", @@ -610,17 +696,10 @@ foreach my $test ( { desc => 'reporter submits update and marks problem fixed and has answered questionnaire', - initial_values => { - name => 'Test User', - rznvy => 'test@example.com', - may_show_name => 1, - add_alert => 1, - photo => '', - update => '', - fixed => undef, - }, fields => { submit_update => 1, + name => 'Test User', + may_show_name => 1, rznvy => 'test@example.com', update => 'update from owner', add_alert => undef, @@ -631,14 +710,16 @@ foreach my $test ( alert => 1, # we signed up for alerts before, do not unsign us anonymous => 0, answered => 1, - login => 0, - path => '/report/' . $report->id, - content => $report->title, + path => '/report/update', + content => "You have successfully confirmed your update", }, ) { subtest $test->{desc} => sub { + # double check + $mech->log_out_ok(); + # clear out comments for this problem to make # checking details easier later ok( $_->delete, 'deleted comment ' . $_->id ) for $report->comments; @@ -665,16 +746,10 @@ foreach my $test ( $mech->clear_emails_ok(); - SKIP: { - skip 'not logging user in', 1 unless $test->{login}; - $mech->log_in_ok( $test->{fields}->{rznvy} ); - }; $mech->get_ok("/report/$report_id"); my $values = $mech->visible_form_values('updateForm'); - is_deeply $values, $test->{initial_values}, 'initial form values'; - is $mech->extract_problem_banner->{text}, $test->{initial_banner}, 'initial banner'; @@ -683,9 +758,9 @@ foreach my $test ( is $mech->uri->path, $test->{path}, "page after submission"; - $mech->content_contains( $test->{content} ); + $mech->content_contains( 'Now check your email' ); - $mech->email_count_is(0); + $mech->email_count_is(1); my $results = { %{ $test->{fields} }, %{ $test->{changed} }, }; @@ -693,9 +768,28 @@ foreach my $test ( ok $update, 'found update'; is $update->text, $results->{update}, 'update text'; is $update->user->email, $test->{fields}->{rznvy}, 'update user'; - is $update->state, 'confirmed', 'update confirmed'; + is $update->state, 'unconfirmed', 'update confirmed'; is $update->anonymous, $test->{anonymous}, 'user anonymous'; + my $email = $mech->get_email; + ok $email, "got an email"; + like $email->body, qr/confirm the update you/i, "Correct email text"; + + my ( $url, $url_token ) = $email->body =~ m{(http://\S+/C/)(\S+)}; + ok $url, "extracted confirm url '$url'"; + + my $token = FixMyStreet::App->model('DB::Token')->find( + { + token => $url_token, + scope => 'comment' + } + ); + ok $token, 'Token found in database'; + + $mech->get_ok( '/C/' . $url_token ); + + $mech->content_contains( $test->{content} ); + SKIP: { skip( 'not answering questionnaire', 5 ) if $questionnaire; @@ -724,6 +818,23 @@ foreach my $test ( }; } +subtest 'check have to be logged in for creator fixed questionnaire' => sub { + $mech->log_out_ok(); + + $mech->get_ok( "/questionnaire/submit?problem=$report_id&reported=Yes" ); + + $mech->content_contains( "I'm afraid we couldn't locate your problem in the database." ) +}; + +subtest 'check cannot answer other user\'s creator fixed questionnaire' => sub { + $mech->log_out_ok(); + $mech->log_in_ok( $user2->email ); + + $mech->get_ok( "/questionnaire/submit?problem=$report_id&reported=Yes" ); + + $mech->content_contains( "I'm afraid we couldn't locate your problem in the database." ) +}; + ok $comment->delete, 'deleted comment'; $mech->delete_user('commenter@example.com'); $mech->delete_user('test@example.com'); diff --git a/templates/web/default/alert/list.html b/templates/web/default/alert/list.html index 3eb28788a..5b1677e8b 100644 --- a/templates/web/default/alert/list.html +++ b/templates/web/default/alert/list.html @@ -36,7 +36,7 @@ </p> <p id="rss_local"> - <input type="radio" name="feed" id="[% rss_feed_id %]" value="[% rss_feed_id %]"[% IF rss_feed_id == selected_feed %] checked[% END %]> + <input type="radio" name="feed" id="[% rss_feed_id %]" value="[% rss_feed_id %]"[% IF rss_feed_id == selected_feed || selected_feed == '' %] checked[% END %]> <label for="[% rss_feed_id %]">[% tprintf( loc('Problems within %.1fkm of this location'), population_radius ) %]</label> ([% loc('a default distance which covers roughly 200,000 people') %]) <a href='[% rss_feed_uri %]'> <img src='/i/feed.png' width='16' height='16' title='[% loc('RSS feed of nearby problems') %]' alt='[% loc('RSS feed') %]' border='0'></a> |