nil
when 'default'
user_ids = [user.id] + user.groups.map(&:id)
- "(#{table_name}.is_private = #{connection.quoted_false} OR #{table_name}.author_id = #{user.id} OR #{table_name}.assigned_to_id IN (#{user_ids}))"
+ "(#{table_name}.is_private = #{connection.quoted_false} OR #{table_name}.author_id = #{user.id} OR #{table_name}.assigned_to_id IN (#{user_ids.join(',')}))"
when 'own'
user_ids = [user.id] + user.groups.map(&:id)
- "(#{table_name}.author_id = #{user.id} OR #{table_name}.assigned_to_id IN (#{user_ids}))"
+ "(#{table_name}.author_id = #{user.id} OR #{table_name}.assigned_to_id IN (#{user_ids.join(',')}))"
else
'1=0'
end
assert_visibility_match user, issues
end
+ def test_visible_scope_for_member_with_groups_should_return_assigned_issues
+ user = User.find(8)
+ assert user.groups.any?
+ Member.create!(:principal => user.groups.first, :project_id => 1, :role_ids => [2])
+ Role.non_member.remove_permission!(:view_issues)
+
+ issue = Issue.create(:project_id => 1, :tracker_id => 1, :author_id => 3,
+ :status_id => 1, :priority => IssuePriority.all.first,
+ :subject => 'Assignment test',
+ :assigned_to => user.groups.first,
+ :is_private => true)
+
+ Role.find(2).update_attribute :issues_visibility, 'default'
+ issues = Issue.visible(User.find(8)).all
+ assert issues.any?
+ assert issues.include?(issue)
+
+ Role.find(2).update_attribute :issues_visibility, 'own'
+ issues = Issue.visible(User.find(8)).all
+ assert issues.any?
+ assert issues.include?(issue)
+ end
+
def test_visible_scope_for_admin
user = User.find(1)
user.members.each(&:destroy)