diff --git a/app/controllers/tag_controller.rb b/app/controllers/tag_controller.rb
index 255c26c31b..ba445fbba5 100644
--- a/app/controllers/tag_controller.rb
+++ b/app/controllers/tag_controller.rb
@@ -144,7 +144,7 @@ def create
# should delete only the term_node/node_tag (instance), not the term_data (class)
def delete
node_tag = DrupalNodeCommunityTag.where(nid: params[:nid], tid: params[:tid]).first
- # check for community tag too...
+ # only admins, mods, and tag authors can delete other peoples' tags
if node_tag.uid == current_user.uid || current_user.role == "admin" || current_user.role == "moderator"
node_tag.delete
diff --git a/app/models/drupal_node.rb b/app/models/drupal_node.rb
index 7ef96fa1a5..39445b9fab 100644
--- a/app/models/drupal_node.rb
+++ b/app/models/drupal_node.rb
@@ -785,16 +785,18 @@ def self.upgrades(tagname)
def can_tag(tagname, user, errors = false)
if tagname[0..4] == "with:"
if User.find_by_username(tagname.split(':')[1]).nil?
- return errors ? I18n.t('tag_controller.cannot_find_username') : false
+ return errors ? I18n.t('drupal_node.cannot_find_username') : false
elsif self.author.uid != user.uid
- return errors ? I18n.t('tag_controller.only_author_use_powertag') : false
+ return errors ? I18n.t('drupal_node.only_author_use_powertag') : false
elsif tagname.split(':')[1] == user.username
- return errors ? I18n.t('tag_controller.cannot_add_yourself_coauthor') : false
+ return errors ? I18n.t('drupal_node.cannot_add_yourself_coauthor') : false
else
return true
end
elsif tagname[0..4] == "rsvp:" && user.username != tagname.split(":")[1]
- return errors ? I18n.t('tag_controller.only_RSVP_for_yourself') : false
+ return errors ? I18n.t('drupal_node.only_RSVP_for_yourself') : false
+ elsif tagname == "locked" && user.role != "admin"
+ return errors ? I18n.t('drupal_node.only_admins_can_lock') : false
else
return true
end
diff --git a/config/locales/controllers/tag_controller/de.yml b/config/locales/controllers/tag_controller/de.yml
index a8ff9ad210..f9b8a6cadf 100644
--- a/config/locales/controllers/tag_controller/de.yml
+++ b/config/locales/controllers/tag_controller/de.yml
@@ -6,11 +6,7 @@ de:
tag_already_exists: "Fehler: dass Tag existiert bereits."
barnstar_not_created: "Die Barnstar konnte nicht erstellt werden."
barnstar_awarded: "Sie vergab den %{star} barnstar %{awardee}"
- only_author_use_powertag: "Fehler: nur der Autor kann diese PowerTag verwenden."
- cannot_find_username: "Fehler: kann nicht, dass Benutzernamen finden."
- cannot_add_yourself_coauthor: "Fehler: Sie selbst als Co-Autor nicht hinzufügen können."
- only_RSVP_for_yourself: "Fehler: Sie können nur für sich selbst RSVP."
error_tags: "Fehler: Tags "
tags_created_error: "%{tag_count} Tags erstellt, %{error_count} Fehler."
tag_deleted: "Tag gelöscht."
- must_own_tag_to_delete: "Sie müssen den Tag besitzen, um es zu löschen."
\ No newline at end of file
+ must_own_tag_to_delete: "Sie müssen den Tag besitzen, um es zu löschen."
diff --git a/config/locales/controllers/tag_controller/en.yml b/config/locales/controllers/tag_controller/en.yml
index 6ba5f65bc6..efc8cb9f57 100644
--- a/config/locales/controllers/tag_controller/en.yml
+++ b/config/locales/controllers/tag_controller/en.yml
@@ -6,11 +6,7 @@ en:
tag_already_exists: "Error: that tag already exists."
barnstar_not_created: "The barnstar could not be created."
barnstar_awarded: "You awarded the %{star} barnstar to %{awardee}"
- only_author_use_powertag: "Error: only the author may use that powertag."
- cannot_find_username: "Error: cannot find that username."
- cannot_add_yourself_coauthor: "Error: you cannot add yourself as coauthor."
- only_RSVP_for_yourself: "Error: you can only RSVP for yourself."
error_tags: "Error: tags "
tags_created_error: "%{tag_count} tags created, %{error_count} errors."
tag_deleted: "Tag deleted."
- must_own_tag_to_delete: "You must own the tag to delete it."
\ No newline at end of file
+ must_own_tag_to_delete: "You must own the tag to delete it."
diff --git a/config/locales/models/drupal_node/de.yml b/config/locales/models/drupal_node/de.yml
new file mode 100644
index 0000000000..69d78b847f
--- /dev/null
+++ b/config/locales/models/drupal_node/de.yml
@@ -0,0 +1,8 @@
+# See https://github.com/svenfuchs/rails-i18n/tree/master/rails%2Flocale for starting points.
+
+de:
+ drupal_node:
+ only_author_use_powertag: "Fehler: nur der Autor kann diese PowerTag verwenden."
+ cannot_find_username: "Fehler: kann nicht, dass Benutzernamen finden."
+ cannot_add_yourself_coauthor: "Fehler: Sie selbst als Co-Autor nicht hinzufügen können."
+ only_RSVP_for_yourself: "Fehler: Sie können nur für sich selbst RSVP."
diff --git a/config/locales/models/drupal_node/en.yml b/config/locales/models/drupal_node/en.yml
new file mode 100644
index 0000000000..58d4263e33
--- /dev/null
+++ b/config/locales/models/drupal_node/en.yml
@@ -0,0 +1,9 @@
+# See https://github.com/svenfuchs/rails-i18n/tree/master/rails%2Flocale for starting points.
+
+en:
+ drupal_node:
+ only_author_use_powertag: "Error: only the author may use that powertag."
+ cannot_find_username: "Error: cannot find that username."
+ cannot_add_yourself_coauthor: "Error: you cannot add yourself as coauthor."
+ only_RSVP_for_yourself: "Error: you can only RSVP for yourself."
+ only_admins_can_lock: "Error: only admins can lock pages."
diff --git a/test/functional/tag_controller_test.rb b/test/functional/tag_controller_test.rb
index 77cd01befe..a1073d1223 100644
--- a/test/functional/tag_controller_test.rb
+++ b/test/functional/tag_controller_test.rb
@@ -63,7 +63,7 @@ def setup
nid: node(:one).nid # authored by jeff, not bob
assert_redirected_to(node(:one).path)
- assert_equal I18n.t('tag_controller.only_author_use_powertag'), assigns['output']['errors'][0]
+ assert_equal I18n.t('drupal_node.only_author_use_powertag'), assigns['output']['errors'][0]
end
test "admins can add disallowed tags" do
diff --git a/test/unit/drupal_node_tag_test.rb b/test/unit/drupal_node_tag_test.rb
index 58219b30ce..a076fcb21c 100644
--- a/test/unit/drupal_node_tag_test.rb
+++ b/test/unit/drupal_node_tag_test.rb
@@ -122,7 +122,7 @@ class DrupalNodeTagTest < ActiveSupport::TestCase
test "can't powertag with: yourself" do
user = node(:blog).author
tagname = "with:#{user.username}"
- assert_equal I18n.t('tag_controller.cannot_add_yourself_coauthor'), node(:blog).can_tag(tagname, user, true)
+ assert_equal I18n.t('drupal_node.cannot_add_yourself_coauthor'), node(:blog).can_tag(tagname, user, true)
assert_false node(:blog).can_tag(tagname, user)
end
@@ -136,7 +136,7 @@ class DrupalNodeTagTest < ActiveSupport::TestCase
test "can't tag with: a nonexistent user" do
user = rusers(:bob)
tagname = "with:steven"
- assert_equal I18n.t('tag_controller.cannot_find_username'), node(:blog).can_tag(tagname, user, true)
+ assert_equal I18n.t('drupal_node.cannot_find_username'), node(:blog).can_tag(tagname, user, true)
assert_false node(:blog).can_tag(tagname, user)
end
@@ -149,7 +149,7 @@ class DrupalNodeTagTest < ActiveSupport::TestCase
title: 'My research note'
})
tagname = "with:#{jeff.username}"
- assert_equal I18n.t('tag_controller.only_author_use_powertag'), node.can_tag(tagname, bob, true)
+ assert_equal I18n.t('drupal_node.only_author_use_powertag'), node.can_tag(tagname, bob, true)
assert_false node.can_tag(tagname, bob)
end
@@ -171,8 +171,14 @@ class DrupalNodeTagTest < ActiveSupport::TestCase
tagname = "rsvp:#{jeff.username}"
assert_not_equal true, node.can_tag(tagname, user, true) # return errors with optional 3rd parameter
assert_not_equal false, node.can_tag(tagname, user, true)
- assert_equal I18n.t('tag_controller.only_RSVP_for_yourself'), node.can_tag(tagname, user, true)
+ assert_equal I18n.t('drupal_node.only_RSVP_for_yourself'), node.can_tag(tagname, user, true)
assert_false node.can_tag(tagname, user) # default is true/false
end
+ test "only admins can lock pages" do
+ assert_false node(:blog).can_tag('locked', rusers(:bob))
+ assert node(:blog).can_tag('locked', rusers(:admin))
+ assert_equal I18n.t('drupal_node.only_admins_can_lock'), node(:blog).can_tag('locked', rusers(:bob), true)
+ end
+
end