Trust level 4: add ability to edit any post and see edit history

2025-06-02 12:24:32 +08:00 · 2014-03-13 10:47:37 -04:00
parent 50cc7dedb0
commit 283dc7dd2d
8 changed files with 88 additions and 16 deletions
--- a/spec/controllers/posts_controller_spec.rb
+++ b/spec/controllers/posts_controller_spec.rb
@ -431,7 +431,13 @@ describe PostsController do

      before { SiteSetting.stubs(:edit_history_visible_to_public).returns(false) }

-      it "ensures anonymous can not see the revisions" do
+      it "ensures anonymous cannot see the revisions" do
+        xhr :get, :revisions, post_id: post_revision.post_id, revision: post_revision.number
+        response.should be_forbidden
+      end
+
+      it "ensures regular user cannot see the revisions" do
+        u = log_in(:user)
        xhr :get, :revisions, post_id: post_revision.post_id, revision: post_revision.number
        response.should be_forbidden
      end
@ -444,11 +450,18 @@ describe PostsController do

      it "ensures poster can see the revisions" do
        user = log_in(:active_user)
-        pr = Fabricate(:post_revision, user: user)
+        post = Fabricate(:post, user: user)
+        pr = Fabricate(:post_revision, user: user, post: post)
        xhr :get, :revisions, post_id: pr.post_id, revision: pr.number
        response.should be_success
      end

+      it "ensures trust level 4 can see the revisions" do
+        log_in(:elder)
+        xhr :get, :revisions, post_id: post_revision.post_id, revision: post_revision.number
+        response.should be_success
+      end
+
    end

    context "when edit history is visible to everyone" do