Fix autocomplete for users fails with 403 error when there are multiple objects from...

Patch by Dmitry Makurin.

git-svn-id: http://svn.redmine.org/redmine/trunk@21394 e93f8b46-1217-0410-a6f0-8f06a7374b81

diff --git a/app/controllers/watchers_controller.rb b/app/controllers/watchers_controller.rb
index 97afffe012d4a294e66a4b982273f0f6ffef3e77..9170acb3469dcb25dc8357fd5fa019dd2162b10a 100644 (file)
--- a/app/controllers/watchers_controller.rb
+++ b/app/controllers/watchers_controller.rb
@@ -134,8 +134,12 @@ class WatchersController < ApplicationController
 
   def users_for_new_watcher
     scope = nil
-    if params[:q].blank? && @project.present?
-      scope = @project.principals.assignable_watchers
+    if params[:q].blank?
+      if @project.present?
+        scope = @project.principals.assignable_watchers
+      elsif @projects.present? && @projects.size > 1
+        scope = Principal.joins(:members).where(:members => { :project_id => @projects }).assignable_watchers.distinct
+      end
     else
       scope = Principal.assignable_watchers.limit(100)
     end

diff --git a/app/views/watchers/_new.html.erb b/app/views/watchers/_new.html.erb
index bc08a3322bf3ad736eda97af672e0d6cfa96977b..dfff5516c0a0193fc301ed1fccb2eaf722f429e9 100644 (file)
--- a/app/views/watchers/_new.html.erb
+++ b/app/views/watchers/_new.html.erb
@@ -31,7 +31,7 @@ title =
                  :controller => 'watchers',
                  :action => 'autocomplete_for_user',
                  :object_type => (watchables.present? ? watchables.first.class.name.underscore : nil),
-                 :object_id => (watchables.present? && watchables.size == 1 ? watchables.first.id : nil),
+                 :object_id => (watchables.present? ? watchables.map(&:id) : nil),
                  :project_id => @project
                )
              )}'

diff --git a/test/functional/watchers_controller_test.rb b/test/functional/watchers_controller_test.rb
index 5e399b7294fa825625ab44298366ac5a6b911f88..ad5a64e893f07e70992b60431d0bf2eb43050d6e 100644 (file)
--- a/test/functional/watchers_controller_test.rb
+++ b/test/functional/watchers_controller_test.rb
@@ -191,6 +191,20 @@ class WatchersControllerTest < Redmine::ControllerTest
     assert_match /ajax-modal/, response.body
   end
 
+  def test_new_with_multiple_objects_from_different_projects
+    @request.session[:user_id] = 2
+    get :new, :params => {
+      :object_id => [7, 9],
+      :object_type => 'issue'
+    }, :xhr => true
+    assert_response :success
+
+    assert_match(
+      %r{/watchers/autocomplete_for_user\?object_id%5B%5D=7&object_id%5B%5D=9&object_type=issue},
+      response.body
+    )
+  end
+
   def test_create_as_html
     @request.session[:user_id] = 2
     assert_difference('Watcher.count') do
@@ -426,6 +440,27 @@ class WatchersControllerTest < Redmine::ControllerTest
     assert response.body.blank?
   end
 
+  def test_autocomplete_with_multiple_objects_from_different_projects
+    @request.session[:user_id] = 2
+
+    # 7 => eCookbook
+    # 9 => Private child of eCookbook
+    get :autocomplete_for_user, :params => {
+      :object_id => [7, 9],
+      :object_type => 'issue'
+    }, :xhr => true
+
+    assert_response :success
+
+    # All users from two projects eCookbook (7) and Private child of eCookbook (9)
+    assert_select 'input', :count => 5
+    assert_select 'input[name=?][value="1"]', 'watcher[user_ids][]'
+    assert_select 'input[name=?][value="2"]', 'watcher[user_ids][]'
+    assert_select 'input[name=?][value="3"]', 'watcher[user_ids][]'
+    assert_select 'input[name=?][value="8"]', 'watcher[user_ids][]'
+    assert_select 'input[name=?][value="10"]', 'watcher[user_ids][]'
+  end
+
   def test_append
     @request.session[:user_id] = 2
     assert_no_difference 'Watcher.count' do