30121-api-will-return-trackers-with-role-based.patch - Redmine

Defect #30121 » 30121-api-will-return-trackers-with-role-based.patch

Yuichi HARADA, 2018-12-13 02:52

       def render_api_includes(project, api)
         api.array :trackers do
           project.trackers.each do |tracker|
           project.rolled_up_trackers(false).visible.each do |tracker|
             api.tracker(:id => tracker.id, :name => tracker.name)
           end
         end if include_in_api_response?('trackers')

         assert_select 'trackers[type=array] tracker[id="2"][name="Feature request"]'
       end
       test "GET /projects/:id.xml with include=trackers should return trackers based on role-based permissioning" do
         project = Project.find(1)
         assert_equal [1, 2, 3], project.tracker_ids
         role = Role.find(3) # Reporter
         role.permissions_all_trackers = {'view_issues' => '0'}
         role.permissions_tracker_ids = {'view_issues' => ['1']}
         role.save!
         user = User.find_by_login('jsmith')
         member = project.members.detect{|m| m.user == user}
         member.roles.delete_all
         member.role_ids = [role.id]
         member.roles.reload
         assert_equal [role.id], member.role_ids
         get '/projects/1.xml?include=trackers', :headers => credentials(user.login)
         assert_response :success
         assert_equal 'application/xml', @response.content_type
         assert_select 'trackers[type=array]' do
           assert_select 'tracker[id="1"]', :count => 1
           assert_select 'tracker[id="2"]', :count => 0
           assert_select 'tracker[id="3"]', :count => 0
         end
       end
       test "GET /projects/:id.xml with include=enabled_modules should return enabled modules" do
         get '/projects/1.xml?include=enabled_modules'
         assert_response :success

(1-1/1)