Fixed that Redmine::Activity::Fetcher should consider activity provider permission...

author Jean-Philippe Lang <jp_lang@yahoo.fr>

Sun, 18 Jan 2015 09:07:42 +0000 (09:07 +0000)

committer Jean-Philippe Lang <jp_lang@yahoo.fr>

Sun, 18 Jan 2015 09:07:42 +0000 (09:07 +0000)
author Jean-Philippe Lang <jp_lang@yahoo.fr>
Sun, 18 Jan 2015 09:07:42 +0000 (09:07 +0000)
committer Jean-Philippe Lang <jp_lang@yahoo.fr>
Sun, 18 Jan 2015 09:07:42 +0000 (09:07 +0000)
diff --git a/lib/redmine/activity.rb b/lib/redmine/activity.rb

index d2b683b7f71399d5f750cd5705bf0cf929c2f7aa..af8d94ec011b5274c1a442322d0dcfe51c57563e 100644 (file)
--- a/lib/redmine/activity.rb
+++ b/lib/redmine/activity.rb
@@ -41,6 +41,12 @@ module Redmine
          @@default_event_types << event_type unless options[:default] == false
          @@providers[event_type] += providers
        end
+
+      def delete(event_type)
+        @@available_event_types.delete event_type
+        @@default_event_types.delete event_type
+        @@providers.delete(event_type)
+      end
      end
    end
  end
diff --git a/lib/redmine/activity/fetcher.rb b/lib/redmine/activity/fetcher.rb

index 85f31e2e9b2d839740c928d6205a3f39f47d36d8..1ae8c109193017753993bfaf4f48df2713340ac2 100644 (file)
--- a/lib/redmine/activity/fetcher.rb
+++ b/lib/redmine/activity/fetcher.rb
@@ -21,9 +21,6 @@ module Redmine
      class Fetcher
        attr_reader :user, :project, :scope
  
-      # Needs to be unloaded in development mode
-      @@constantized_providers = Hash.new {|h,k| h[k] = Redmine::Activity.providers[k].collect {|t| t.constantize } }
-
        def initialize(user, options={})
          options.assert_valid_keys(:project, :with_subprojects, :author)
          @user = user
@@ -38,7 +35,25 @@ module Redmine
          return @event_types unless @event_types.nil?
  
          @event_types = Redmine::Activity.available_event_types
-        @event_types = @event_types.select {|o| @project.self_and_descendants.detect {|p| @user.allowed_to?("view_#{o}".to_sym, p)}} if @project
+        if @project
+          projects = @project.self_and_descendants
+          @event_types = @event_types.select do |event_type|
+            keep = false
+            constantized_providers(event_type).each do |provider|
+              options = provider.activity_provider_options[event_type]
+              permission = options[:permission]
+              unless options.key?(:permission)
+                permission ||= "view_#{event_type}".to_sym
+              end
+              if permission
+                keep |= projects.any? {|p| @user.allowed_to?(permission, p)}
+              else
+                keep = true
+              end
+            end
+            keep
+          end
+        end
          @event_types
        end
  
@@ -88,7 +103,7 @@ module Redmine
        private
  
        def constantized_providers(event_type)
-        @@constantized_providers[event_type]
+        Redmine::Activity.providers[event_type].map(&:constantize)
        end
      end
    end
diff --git a/test/unit/activity_test.rb b/test/unit/activity_test.rb

index a66d632dde5d79dab50faf6bfc83070cdcce9b60..afb5a111cda311614824ce1e2e1e09a7169d270a 100644 (file)
--- a/test/unit/activity_test.rb
+++ b/test/unit/activity_test.rb
@@ -121,6 +121,66 @@ class ActivityTest < ActiveSupport::TestCase
      assert_equal content.page, content.event_group
    end
  
+  class TestActivityProviderWithPermission
+    def self.activity_provider_options
+      {'test' => {:permission => :custom_permission}}
+    end
+  end
+
+  class TestActivityProviderWithNilPermission
+    def self.activity_provider_options
+      {'test' => {:permission => nil}}
+    end
+  end
+
+  class TestActivityProviderWithoutPermission
+    def self.activity_provider_options
+      {'test' => {}}
+    end
+  end
+
+  class MockUser
+    def initialize(*permissions)
+      @permissions = permissions
+    end
+
+    def allowed_to?(permission, *args)
+      @permissions.include?(permission)
+    end
+  end
+
+  def test_event_types_should_consider_activity_provider_permission
+    Redmine::Activity.register 'test', :class_name => 'ActivityTest::TestActivityProviderWithPermission'
+    user = MockUser.new(:custom_permission)
+    f = Redmine::Activity::Fetcher.new(user, :project => Project.find(1))
+    assert_include 'test', f.event_types
+  ensure
+    Redmine::Activity.delete 'test'
+  end
+
+  def test_event_types_should_include_activity_provider_with_nil_permission
+    Redmine::Activity.register 'test', :class_name => 'ActivityTest::TestActivityProviderWithNilPermission'
+    user = MockUser.new()
+    f = Redmine::Activity::Fetcher.new(user, :project => Project.find(1))
+    assert_include 'test', f.event_types
+  ensure
+    Redmine::Activity.delete 'test'
+  end
+
+  def test_event_types_should_use_default_permission_for_activity_provider_without_permission
+    Redmine::Activity.register 'test', :class_name => 'ActivityTest::TestActivityProviderWithoutPermission'
+
+    user = MockUser.new()
+    f = Redmine::Activity::Fetcher.new(user, :project => Project.find(1))
+    assert_not_include 'test', f.event_types
+
+    user = MockUser.new(:view_test)
+    f = Redmine::Activity::Fetcher.new(user, :project => Project.find(1))
+    assert_include 'test', f.event_types
+  ensure
+    Redmine::Activity.delete 'test'
+  end
+
    private
  
    def find_events(user, options={})
author	Jean-Philippe Lang <jp_lang@yahoo.fr>
	Sun, 18 Jan 2015 09:07:42 +0000 (09:07 +0000)
committer	Jean-Philippe Lang <jp_lang@yahoo.fr>
	Sun, 18 Jan 2015 09:07:42 +0000 (09:07 +0000)
lib/redmine/activity.rb		patch \| blob \| history
lib/redmine/activity/fetcher.rb		patch \| blob \| history
test/unit/activity_test.rb		patch \| blob \| history