git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2988 e93f8b46-1217-0410-a6f0-8f06a7374b81tags/0.9.0
@@ -1,5 +1,5 @@ | |||
# Redmine - project management software | |||
# Copyright (C) 2006-2008 Jean-Philippe Lang | |||
# Copyright (C) 2006-2009 Jean-Philippe Lang | |||
# | |||
# This program is free software; you can redistribute it and/or | |||
# modify it under the terms of the GNU General Public License | |||
@@ -20,28 +20,7 @@ class AccountController < ApplicationController | |||
include CustomFieldsHelper | |||
# prevents login action to be filtered by check_if_login_required application scope filter | |||
skip_before_filter :check_if_login_required, :only => [:login, :lost_password, :register, :activate] | |||
# Show user's account | |||
def show | |||
@user = User.active.find(params[:id]) | |||
@custom_values = @user.custom_values | |||
# show only public projects and private projects that the logged in user is also a member of | |||
@memberships = @user.memberships.select do |membership| | |||
membership.project.is_public? || (User.current.member_of?(membership.project)) | |||
end | |||
events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10) | |||
@events_by_day = events.group_by(&:event_date) | |||
if @user != User.current && !User.current.admin? && @memberships.empty? && events.empty? | |||
render_404 and return | |||
end | |||
rescue ActiveRecord::RecordNotFound | |||
render_404 | |||
end | |||
skip_before_filter :check_if_login_required | |||
# Login request and validation | |||
def login |
@@ -1,5 +1,5 @@ | |||
# redMine - project management software | |||
# Copyright (C) 2006-2007 Jean-Philippe Lang | |||
# Redmine - project management software | |||
# Copyright (C) 2006-2009 Jean-Philippe Lang | |||
# | |||
# This program is free software; you can redistribute it and/or | |||
# modify it under the terms of the GNU General Public License | |||
@@ -16,7 +16,7 @@ | |||
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |||
class UsersController < ApplicationController | |||
before_filter :require_admin | |||
before_filter :require_admin, :except => :show | |||
helper :sort | |||
include SortHelper | |||
@@ -51,6 +51,26 @@ class UsersController < ApplicationController | |||
render :action => "list", :layout => false if request.xhr? | |||
end | |||
def show | |||
@user = User.active.find(params[:id]) | |||
@custom_values = @user.custom_values | |||
# show only public projects and private projects that the logged in user is also a member of | |||
@memberships = @user.memberships.select do |membership| | |||
membership.project.is_public? || (User.current.member_of?(membership.project)) | |||
end | |||
events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10) | |||
@events_by_day = events.group_by(&:event_date) | |||
if @user != User.current && !User.current.admin? && @memberships.empty? && events.empty? | |||
render_404 and return | |||
end | |||
rescue ActiveRecord::RecordNotFound | |||
render_404 | |||
end | |||
def add | |||
if request.get? |
@@ -47,7 +47,7 @@ module ApplicationHelper | |||
# Display a link to user's account page | |||
def link_to_user(user, options={}) | |||
if user.is_a?(User) | |||
!user.anonymous? ? link_to(user.name(options[:format]), :controller => 'account', :action => 'show', :id => user) : 'Anonymous' | |||
!user.anonymous? ? link_to(user.name(options[:format]), :controller => 'users', :action => 'show', :id => user) : 'Anonymous' | |||
else | |||
user.to_s | |||
end | |||
@@ -222,8 +222,7 @@ module ApplicationHelper | |||
end | |||
def authoring(created, author, options={}) | |||
author_tag = (author.is_a?(User) && !author.anonymous?) ? link_to(h(author), :controller => 'account', :action => 'show', :id => author) : h(author || 'Anonymous') | |||
l(options[:label] || :label_added_time_by, :author => author_tag, :age => time_tag(created)) | |||
l(options[:label] || :label_added_time_by, :author => link_to_user(author), :age => time_tag(created)) | |||
end | |||
def time_tag(time) |
@@ -159,6 +159,7 @@ ActionController::Routing::Routes.draw do |map| | |||
users.with_options :conditions => {:method => :get} do |user_views| | |||
user_views.connect 'users', :action => 'list' | |||
user_views.connect 'users', :action => 'index' | |||
user_views.connect 'users/:id', :action => 'show', :id => /\d+/ | |||
user_views.connect 'users/new', :action => 'add' | |||
user_views.connect 'users/:id/edit/:tab', :action => 'edit', :tab => nil | |||
end |
@@ -31,36 +31,6 @@ class AccountControllerTest < ActionController::TestCase | |||
User.current = nil | |||
end | |||
def test_show | |||
get :show, :id => 2 | |||
assert_response :success | |||
assert_template 'show' | |||
assert_not_nil assigns(:user) | |||
end | |||
def test_show_should_not_fail_when_custom_values_are_nil | |||
user = User.find(2) | |||
# Create a custom field to illustrate the issue | |||
custom_field = CustomField.create!(:name => 'Testing', :field_format => 'text') | |||
custom_value = user.custom_values.build(:custom_field => custom_field).save! | |||
get :show, :id => 2 | |||
assert_response :success | |||
end | |||
def test_show_inactive | |||
get :show, :id => 5 | |||
assert_response 404 | |||
assert_nil assigns(:user) | |||
end | |||
def test_show_should_not_reveal_users_with_no_visible_activity_or_project | |||
get :show, :id => 9 | |||
assert_response 404 | |||
end | |||
def test_login_should_redirect_to_back_url_param | |||
# request.uri is "test.host" in test environment | |||
post :login, :username => 'jsmith', :password => 'jsmith', :back_url => 'http%3A%2F%2Ftest.host%2Fissues%2Fshow%2F1' |
@@ -74,6 +74,49 @@ class UsersControllerTest < ActionController::TestCase | |||
assert_equal 1, users.size | |||
assert_equal 'John', users.first.firstname | |||
end | |||
def test_show_routing | |||
assert_routing( | |||
{:method => :get, :path => '/users/44'}, | |||
:controller => 'users', :action => 'show', :id => '44' | |||
) | |||
assert_recognizes( | |||
{:controller => 'users', :action => 'show', :id => '44'}, | |||
{:method => :get, :path => '/users/44'} | |||
) | |||
end | |||
def test_show | |||
@request.session[:user_id] = nil | |||
get :show, :id => 2 | |||
assert_response :success | |||
assert_template 'show' | |||
assert_not_nil assigns(:user) | |||
end | |||
def test_show_should_not_fail_when_custom_values_are_nil | |||
user = User.find(2) | |||
# Create a custom field to illustrate the issue | |||
custom_field = CustomField.create!(:name => 'Testing', :field_format => 'text') | |||
custom_value = user.custom_values.build(:custom_field => custom_field).save! | |||
get :show, :id => 2 | |||
assert_response :success | |||
end | |||
def test_show_inactive | |||
get :show, :id => 5 | |||
assert_response 404 | |||
assert_nil assigns(:user) | |||
end | |||
def test_show_should_not_reveal_users_with_no_visible_activity_or_project | |||
@request.session[:user_id] = nil | |||
get :show, :id => 9 | |||
assert_response 404 | |||
end | |||
def test_add_routing | |||
assert_routing( |