0
0
Fork 1
Spiegel von https://github.com/paviliondev/discourse-custom-wizard.git synchronisiert 2024-11-22 01:10:28 +01:00

FIX: ensure user is not redirected to single-submission wizard they have completed

Dieser Commit ist enthalten in:
Angus McLeod 2024-10-10 10:19:43 +02:00
Ursprung b78f3aad09
Commit d4148ebd3f
6 geänderte Dateien mit 87 neuen und 17 gelöschten Zeilen

Datei anzeigen

@ -32,6 +32,7 @@ export default {
redirectToWizard && redirectToWizard &&
!data.url.includes("ignore_redirect") && !data.url.includes("ignore_redirect") &&
data.currentRouteName !== "customWizardStep" && data.currentRouteName !== "customWizardStep" &&
data.currentRouteName !== "customWizard.index" &&
!excludedPaths.find((p) => { !excludedPaths.find((p) => {
return data.currentRouteName.indexOf(p) > -1; return data.currentRouteName.indexOf(p) > -1;
}) })

Datei anzeigen

@ -203,7 +203,7 @@ class CustomWizard::Wizard
context: id context: id
) )
if after_time if after_time && multiple_submissions
history = history.where("updated_at > ?", after_time_scheduled) history = history.where("updated_at > ?", after_time_scheduled)
end end
@ -244,8 +244,12 @@ class CustomWizard::Wizard
end end
end end
def can_access? def can_submit?
permitted? && (user&.admin? || (multiple_submissions || !completed?)) multiple_submissions || !completed?
end
def can_access?(always_allow_admin: true)
permitted?(always_allow_admin: always_allow_admin) && can_submit?
end end
def reset def reset
@ -321,7 +325,7 @@ class CustomWizard::Wizard
end end
def remove_user_redirect def remove_user_redirect
return unless user.present? return if user.blank?
if id == user.redirect_to_wizard if id == user.redirect_to_wizard
user.custom_fields.delete('redirect_to_wizard') user.custom_fields.delete('redirect_to_wizard')
@ -384,7 +388,7 @@ class CustomWizard::Wizard
def self.set_user_redirect(wizard_id, user) def self.set_user_redirect(wizard_id, user)
wizard = self.create(wizard_id, user) wizard = self.create(wizard_id, user)
if wizard.permitted?(always_allow_admin: false) if wizard.can_access?(always_allow_admin: false)
user.custom_fields['redirect_to_wizard'] = wizard_id user.custom_fields['redirect_to_wizard'] = wizard_id
user.save_custom_fields(true) user.save_custom_fields(true)
else else

Datei anzeigen

@ -1,7 +1,7 @@
# frozen_string_literal: true # frozen_string_literal: true
# name: discourse-custom-wizard # name: discourse-custom-wizard
# about: Forms for Discourse. Better onboarding, structured posting, data enrichment, automated actions and much more. # about: Forms for Discourse. Better onboarding, structured posting, data enrichment, automated actions and much more.
# version: 2.8.7 # version: 2.8.8
# authors: Angus McLeod, Faizaan Gagan, Robert Barrow, Keegan George, Kaitlin Maddever, Juan Marcos Gutierrez Ramos # authors: Angus McLeod, Faizaan Gagan, Robert Barrow, Keegan George, Kaitlin Maddever, Juan Marcos Gutierrez Ramos
# url: https://github.com/paviliondev/discourse-custom-wizard # url: https://github.com/paviliondev/discourse-custom-wizard
# contact_emails: development@pavilion.tech # contact_emails: development@pavilion.tech
@ -181,7 +181,7 @@ after_initialize do
end end
wizard = CustomWizard::Wizard.create(wizard_id, current_user) wizard = CustomWizard::Wizard.create(wizard_id, current_user)
redirect_to "/w/#{wizard_id.dasherize}" if wizard.permitted?(always_allow_admin: false) redirect_to "/w/#{wizard_id.dasherize}" if wizard.can_access?(always_allow_admin: false)
end end
end end
end end

Datei anzeigen

@ -1,7 +1,7 @@
# frozen_string_literal: true # frozen_string_literal: true
describe CustomWizard::Wizard do describe CustomWizard::Wizard do
fab!(:user) { Fabricate(:user) } fab!(:user)
fab!(:trusted_user) { Fabricate(:user, trust_level: TrustLevel[3]) } fab!(:trusted_user) { Fabricate(:user, trust_level: TrustLevel[3]) }
fab!(:admin_user) { Fabricate(:user, admin: true) } fab!(:admin_user) { Fabricate(:user, admin: true) }
let(:template_json) { get_wizard_fixture("wizard") } let(:template_json) { get_wizard_fixture("wizard") }
@ -125,7 +125,8 @@ describe CustomWizard::Wizard do
expect(@wizard.completed?).to eq(true) expect(@wizard.completed?).to eq(true)
end end
it "is not completed if steps submitted before after time" do context "without mutliple submissions" do
it "is completed if steps submitted before after time" do
append_steps append_steps
progress_step("step_1") progress_step("step_1")
@ -135,9 +136,27 @@ describe CustomWizard::Wizard do
template_json['after_time'] = true template_json['after_time'] = true
template_json['after_time_scheduled'] = Time.now + 3.hours template_json['after_time_scheduled'] = Time.now + 3.hours
wizard = CustomWizard::Wizard.new(template_json, user)
expect(wizard.completed?).to eq(true)
end
end
context "with multiple submissions" do
it "is completed if steps submitted before after time" do
append_steps
progress_step("step_1")
progress_step("step_2")
progress_step("step_3")
template_json['after_time'] = true
template_json['multiple_submissions'] = true
template_json['after_time_scheduled'] = Time.now + 3.hours
wizard = CustomWizard::Wizard.new(template_json, user) wizard = CustomWizard::Wizard.new(template_json, user)
expect(wizard.completed?).to eq(false) expect(wizard.completed?).to eq(false)
end end
end
context "with subscription" do context "with subscription" do
before do before do

Datei anzeigen

@ -50,4 +50,31 @@ describe Jobs::SetAfterTimeWizard do
).to eq(1) ).to eq(1)
end end
end end
context "when user has completed the wizard" do
before do
@after_time_template[:steps].each do |step|
CustomWizard::UserHistory.create!(
action: CustomWizard::UserHistory.actions[:step],
actor_id: user1.id,
context: @after_time_template[:id],
subject: step[:id]
)
end
end
it "does not redirect to user" do
messages = MessageBus.track_publish("/redirect_to_wizard") do
described_class.new.execute(wizard_id: 'super_mega_fun_wizard')
end
expect(messages.first.data).to eq("super_mega_fun_wizard")
expect(messages.first.user_ids).to match_array([user2.id, user3.id])
expect(
UserCustomField.where(
name: 'redirect_to_wizard',
value: 'super_mega_fun_wizard'
).length
).to eq(2)
end
end
end end

Datei anzeigen

@ -123,6 +123,25 @@ describe ApplicationController do
end end
end end
end end
context "when user has completed the wizard" do
before do
@template[:steps].each do |step|
CustomWizard::UserHistory.create!(
action: CustomWizard::UserHistory.actions[:step],
actor_id: user.id,
context: @template[:id],
subject: step[:id]
)
end
end
it "does not redirect" do
travel_to Time.now + 4.hours
get "/"
expect(response).not_to redirect_to("/w/super-mega-fun-wizard")
end
end
end end
end end
end end