Adds a visible scope to the Journal model.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@5142 e93f8b46-1217-0410-a6f0-8f06a7374b81

Adds a visible scope to the Journal model.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@5142 e93f8b46-1217-0410-a6f0-8f06a7374b81
27177def · Jean-Philippe Lang · Eric Davis · 7c2a3dc5 · 27177def · 27177def
Commit 27177def authored Mar 15, 2011 by Jean-Philippe Lang Committed by Eric Davis Apr 16, 2011
Hide whitespace changes
Inline Side-by-side

Showing with 51 additions and 6 deletions

journal.rb app/models/journal.rb +7 -2

journal_test.rb test/unit/journal_test.rb +44 -4

No files found.
--- a/app/models/journal.rb
+++ b/app/models/journal.rb
-# redMine - project management software
-# Copyright (C) 2006  Jean-Philippe Lang
+# Redmine - project management software
+# Copyright (C) 2006-2011  Jean-Philippe Lang
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License
@@ -38,6 +38,11 @@ class Journal < ActiveRecord::Base
                                              :conditions => "#{Journal.table_name}.journalized_type = 'Issue' AND" +
                                                             " (#{JournalDetail.table_name}.prop_key = 'status_id' OR #{Journal.table_name}.notes <> '')"}
  
+  named_scope :visible, lambda {|*args| {
+    :include => {:issue => :project},
+    :conditions => Issue.visible_condition(args.first || User.current)
+  }}
+  
  def save(*args)
    # Do not save an empty journal
    (details.empty? && notes.blank?) ? false : super

--- a/test/unit/journal_test.rb
+++ b/test/unit/journal_test.rb
-# redMine - project management software
-# Copyright (C) 2006-2007  Jean-Philippe Lang
+# Redmine - project management software
+# Copyright (C) 2006-2011  Jean-Philippe Lang
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License
@@ -18,7 +18,7 @@
 require File.expand_path('../../test_helper', __FILE__)

 class JournalTest < ActiveSupport::TestCase
-  fixtures :issues, :issue_statuses, :journals, :journal_details
+  fixtures :projects, :issues, :issue_statuses, :journals, :journal_details, :users, :members, :member_roles

  def setup
    @journal = Journal.find 1
@@ -46,5 +46,45 @@ class JournalTest < ActiveSupport::TestCase
    assert journal.save
    assert_equal 1, ActionMailer::Base.deliveries.size
  end
-
+  
+  def test_visible_scope_for_anonymous
+    # Anonymous user should see issues of public projects only
+    journals = Journal.visible(User.anonymous).all
+    assert journals.any?
+    assert_nil journals.detect {|journal| !journal.issue.project.is_public?}
+    # Anonymous user should not see issues without permission
+    Role.anonymous.remove_permission!(:view_issues)
+    journals = Journal.visible(User.anonymous).all
+    assert journals.empty?
+  end
+  
+  def test_visible_scope_for_user
+    user = User.find(9)
+    assert user.projects.empty?
+    # Non member user should see issues of public projects only
+    journals = Journal.visible(user).all
+    assert journals.any?
+    assert_nil journals.detect {|journal| !journal.issue.project.is_public?}
+    # Non member user should not see issues without permission
+    Role.non_member.remove_permission!(:view_issues)
+    user.reload
+    journals = Journal.visible(user).all
+    assert journals.empty?
+    # User should see issues of projects for which he has view_issues permissions only
+    Member.create!(:principal => user, :project_id => 1, :role_ids => [1])
+    user.reload
+    journals = Journal.visible(user).all
+    assert journals.any?
+    assert_nil journals.detect {|journal| journal.issue.project_id != 1}
+  end
+  
+  def test_visible_scope_for_admin
+    user = User.find(1)
+    user.members.each(&:destroy)
+    assert user.projects.empty?
+    journals = Journal.visible(user).all
+    assert journals.any?
+    # Admin should see issues on private projects that he does not belong to
+    assert journals.detect {|journal| !journal.issue.project.is_public?}
+  end
 end