From: Jean-Philippe Lang Date: Sun, 18 Jan 2015 09:07:42 +0000 (+0000) Subject: Fixed that Redmine::Activity::Fetcher should consider activity provider permission... X-Git-Tag: 3.0.0~127 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=886b9c14d0cb16e5ae132bdea545ddea771f7284;p=redmine.git Fixed that Redmine::Activity::Fetcher should consider activity provider permission option if given (#18832). git-svn-id: http://svn.redmine.org/redmine/trunk@13895 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- diff --git a/lib/redmine/activity.rb b/lib/redmine/activity.rb index d2b683b7f..af8d94ec0 100644 --- a/lib/redmine/activity.rb +++ b/lib/redmine/activity.rb @@ -41,6 +41,12 @@ module Redmine @@default_event_types << event_type unless options[:default] == false @@providers[event_type] += providers end + + def delete(event_type) + @@available_event_types.delete event_type + @@default_event_types.delete event_type + @@providers.delete(event_type) + end end end end diff --git a/lib/redmine/activity/fetcher.rb b/lib/redmine/activity/fetcher.rb index 85f31e2e9..1ae8c1091 100644 --- a/lib/redmine/activity/fetcher.rb +++ b/lib/redmine/activity/fetcher.rb @@ -21,9 +21,6 @@ module Redmine class Fetcher attr_reader :user, :project, :scope - # Needs to be unloaded in development mode - @@constantized_providers = Hash.new {|h,k| h[k] = Redmine::Activity.providers[k].collect {|t| t.constantize } } - def initialize(user, options={}) options.assert_valid_keys(:project, :with_subprojects, :author) @user = user @@ -38,7 +35,25 @@ module Redmine return @event_types unless @event_types.nil? @event_types = Redmine::Activity.available_event_types - @event_types = @event_types.select {|o| @project.self_and_descendants.detect {|p| @user.allowed_to?("view_#{o}".to_sym, p)}} if @project + if @project + projects = @project.self_and_descendants + @event_types = @event_types.select do |event_type| + keep = false + constantized_providers(event_type).each do |provider| + options = provider.activity_provider_options[event_type] + permission = options[:permission] + unless options.key?(:permission) + permission ||= "view_#{event_type}".to_sym + end + if permission + keep |= projects.any? {|p| @user.allowed_to?(permission, p)} + else + keep = true + end + end + keep + end + end @event_types end @@ -88,7 +103,7 @@ module Redmine private def constantized_providers(event_type) - @@constantized_providers[event_type] + Redmine::Activity.providers[event_type].map(&:constantize) end end end diff --git a/test/unit/activity_test.rb b/test/unit/activity_test.rb index a66d632dd..afb5a111c 100644 --- a/test/unit/activity_test.rb +++ b/test/unit/activity_test.rb @@ -121,6 +121,66 @@ class ActivityTest < ActiveSupport::TestCase assert_equal content.page, content.event_group end + class TestActivityProviderWithPermission + def self.activity_provider_options + {'test' => {:permission => :custom_permission}} + end + end + + class TestActivityProviderWithNilPermission + def self.activity_provider_options + {'test' => {:permission => nil}} + end + end + + class TestActivityProviderWithoutPermission + def self.activity_provider_options + {'test' => {}} + end + end + + class MockUser + def initialize(*permissions) + @permissions = permissions + end + + def allowed_to?(permission, *args) + @permissions.include?(permission) + end + end + + def test_event_types_should_consider_activity_provider_permission + Redmine::Activity.register 'test', :class_name => 'ActivityTest::TestActivityProviderWithPermission' + user = MockUser.new(:custom_permission) + f = Redmine::Activity::Fetcher.new(user, :project => Project.find(1)) + assert_include 'test', f.event_types + ensure + Redmine::Activity.delete 'test' + end + + def test_event_types_should_include_activity_provider_with_nil_permission + Redmine::Activity.register 'test', :class_name => 'ActivityTest::TestActivityProviderWithNilPermission' + user = MockUser.new() + f = Redmine::Activity::Fetcher.new(user, :project => Project.find(1)) + assert_include 'test', f.event_types + ensure + Redmine::Activity.delete 'test' + end + + def test_event_types_should_use_default_permission_for_activity_provider_without_permission + Redmine::Activity.register 'test', :class_name => 'ActivityTest::TestActivityProviderWithoutPermission' + + user = MockUser.new() + f = Redmine::Activity::Fetcher.new(user, :project => Project.find(1)) + assert_not_include 'test', f.event_types + + user = MockUser.new(:view_test) + f = Redmine::Activity::Fetcher.new(user, :project => Project.find(1)) + assert_include 'test', f.event_types + ensure + Redmine::Activity.delete 'test' + end + private def find_events(user, options={})