Actions
Defect #32562
closed
Issue Private Journals deleted when accessed from api
Status:
Closed
Priority:
Normal
Assignee:
-
Category:
REST API
Target version:
-
Start date:
Due date:
% Done:
0%
Estimated time:
Resolution:
Invalid
Affected version:
Description
- An example request to trigger the issue :
/issues.json?assigned_to_id=me&include[]=journals
The journals are deleted because a select! is done on model objects retrieved from a relation with the issues table.
A fix for app/models/issue :
# Returns the journals that are visible to user with their index
# Used to display the issue history
def visible_journals_with_index(user=User.current)
result = journals.
preload(:details).
preload(:user => :email_address).
reorder(:created_on, :id).to_a
result.each_with_index {|j,i| j.indice = i+1}
unless user.allowed_to?(:view_private_notes, project)
# FIX select! deletes journals, because it comes from a relation !
result = result.select do |journal|
!journal.private_notes? || journal.user == user
end
end
Journal.preload_journals_details_custom_fields(result)
# Smile FIX select! deletes journals, because it comes from a relation !
result = result.select {|journal| journal.notes? || journal.visible_details.any?}
result
end
Updated by Jérôme BATAILLE about 5 years ago
- Status changed from New to Resolved
The problem does not come from a Redmine Core issue.
This issue can be closed !
Updated by Marius BĂLTEANU about 5 years ago
- Status changed from Resolved to Closed
- Resolution set to Invalid
Jérôme BATAILLE wrote:
The problem does not come from a Redmine Core issue.
This issue can be closed !
Thanks.
Actions