Project

General

Profile

Download (4.39 KB)

Patch #23546 » 23546-watched_or_created_or_assigned_issue_visibility.patch

Felix Schäfer, 2016-08-09 09:26

View differences:

app/models/issue.rb
131 131 
        when 'own'
132 132 
          user_ids = [user.id] + user.groups.map(&:id).compact
133 133 
          "(#{table_name}.author_id = #{user.id} OR #{table_name}.assigned_to_id IN (#{user_ids.join(',')}))"
134 
        when 'watched'
135 
          user_ids = [user.id] + user.groups.map(&:id).compact
136 
          watcher_select = Watcher.where(watchable_type: self.base_class.name, user_id: user.id).select(:watchable_id).to_sql
137 
          "(#{table_name}.author_id = #{user.id} OR #{table_name}.assigned_to_id IN (#{user_ids.join(',')}) OR #{table_name}.id IN (#{watcher_select}))"
134 138 
        else
135 139 
          '1=0'
136 140 
        end
......
160 164 
          !self.is_private? || (self.author == user || user.is_or_belongs_to?(assigned_to))
161 165 
        when 'own'
162 166 
          self.author == user || user.is_or_belongs_to?(assigned_to)
167 
        when 'watched'
168 
          self.author == user || user.is_or_belongs_to?(assigned_to) || self.watched_by?(user)
163 169 
        else
164 170 
          false
165 171 
        end
app/models/role.rb
38 38 
  ISSUES_VISIBILITY_OPTIONS = [
39 39 
    ['all', :label_issues_visibility_all],
40 40 
    ['default', :label_issues_visibility_public],
41 
    ['own', :label_issues_visibility_own]
41 
    ['own', :label_issues_visibility_own],
42 
    ['watched', :label_issues_visibility_watched]
42 43 
  ]
43 44 

  		




  44
  45
  
    
  TIME_ENTRIES_VISIBILITY_OPTIONS = [

  		












  

    
      config/locales/de.yml
    
  





  595
  595
  
    
  label_issues_visibility_all: Alle Tickets

  		




  596
  596
  
    
  label_issues_visibility_own: Tickets die folgender Benutzer erstellt hat oder die ihm zugewiesen sind

  		




  597
  597
  
    
  label_issues_visibility_public: Alle öffentlichen Tickets

  		




  
  598
  
    
  label_issues_visibility_watched: "Aufgaben die folgender Benutzer beobachtet, erstellt hat oder die ihm zugewiesen sind"

  		




  598
  599
  
    
  label_item_position: "%{position}/%{count}"

  		




  599
  600
  
    
  label_jump_to_a_project: Zu einem Projekt springen...

  		




  600
  601
  
    
  label_language_based: Sprachabhängig

  		












  

    
      config/locales/en.yml
    
  





  916
  916
  
    
  label_issues_visibility_all: All issues

  		




  917
  917
  
    
  label_issues_visibility_public: All non private issues

  		




  918
  918
  
    
  label_issues_visibility_own: Issues created by or assigned to the user

  		




  
  919
  
    
  label_issues_visibility_watched: Issues watched by, created by or assigned to the user

  		




  919
  920
  
    
  label_git_report_last_commit: Report last commit for files and directories

  		




  920
  921
  
    
  label_parent_revision: Parent

  		




  921
  922
  
    
  label_child_revision: Child

  		












  

    
      test/unit/issue_test.rb
    
  





  255
  255
  
    
    assert !issue.visible?(User.anonymous)

  		




  256
  256
  
    
  end

  		




  257
  257
  
    

  		




  
  258
  
    
  def test_anonymous_should_not_see_private_issues_with_issues_visibility_set_to_watched

  		




  
  259
  
    
    assert Role.anonymous.update_attribute(:issues_visibility, 'watched')

  		




  
  260
  
    
    issue = Issue.generate!(:author => User.anonymous, :assigned_to => User.anonymous, :is_private => true)

  		




  
  261
  
    
    assert_nil Issue.where(:id => issue.id).visible(User.anonymous).first

  		




  
  262
  
    
    assert !issue.visible?(User.anonymous)

  		




  
  263
  
    
  end

  		




  
  264
  
    

  		




  258
  265
  
    
  def test_visible_scope_for_non_member

  		




  259
  266
  
    
    user = User.find(9)

  		




  260
  267
  
    
    assert user.projects.empty?

  		




  ......




  277
  284
  
    
    assert_visibility_match user, issues

  		




  278
  285
  
    
  end

  		




  279
  286
  
    

  		




  
  287
  
    
  def test_visible_scope_for_non_member_with_watched_issues_visibility

  		




  
  288
  
    
    Role.non_member.update_attribute :issues_visibility, 'watched'

  		




  
  289
  
    
    issue = Issue.generate!(:project_id => 1, :tracker_id => 1, :author => User.anonymous, :subject => 'Issue by non member')

  		




  
  290
  
    
    user = User.find(9)

  		




  
  291
  
    
    issue.add_watcher(user)

  		




  
  292
  
    

  		




  
  293
  
    
    issues = Issue.visible(user).all

  		




  
  294
  
    
    assert issues.any?

  		




  
  295
  
    
    assert_nil issues.detect {|issue| !issue.watched_by?(user) }

  		




  
  296
  
    
    assert_visibility_match user, issues

  		




  
  297
  
    
  end

  		




  
  298
  
    

  		




  280
  299
  
    
  def test_visible_scope_for_non_member_without_view_issues_permissions

  		




  281
  300
  
    
    # Non member user should not see issues without permission

  		




  282
  301
  
    
    Role.non_member.remove_permission!(:view_issues)

  		















  (1-1/2)