# frozen_string_literal: true # Redmine - project management software # Copyright (C) 2006-2020 Jean-Philippe Lang # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. require File.expand_path('../../../test_helper', __FILE__) class Redmine::ApiTest::IssuesTest < Redmine::ApiTest::Base fixtures( :projects, :users, :roles, :members, :member_roles, :issues, :issue_statuses, :issue_relations, :versions, :trackers, :projects_trackers, :issue_categories, :enabled_modules, :enumerations, :attachments, :workflows, :custom_fields, :custom_values, :custom_fields_projects, :custom_fields_trackers, :time_entries, :journals, :journal_details, :queries, :attachments) test "GET /issues.xml should contain metadata" do get '/issues.xml' assert_select 'issues[type=array][total_count][limit="25"][offset="0"]' end test "GET /issues.xml with nometa param should not contain metadata" do get '/issues.xml?nometa=1' assert_select 'issues[type=array]:not([total_count]):not([limit]):not([offset])' end test "GET /issues.xml with nometa header should not contain metadata" do get '/issues.xml', :headers => {'X-Redmine-Nometa' => '1'} assert_select 'issues[type=array]:not([total_count]):not([limit]):not([offset])' end test "GET /issues.xml with offset and limit" do get '/issues.xml?offset=2&limit=3' assert_select 'issues[type=array][total_count][limit="3"][offset="2"]' assert_select 'issues issue', 3 end test "GET /issues.xml with relations" do get '/issues.xml?include=relations' assert_response :success assert_equal 'application/xml', @response.media_type assert_select 'issue id', :text => '3' do assert_select '~ relations relation', 1 assert_select '~ relations relation[id="2"][issue_id="2"][issue_to_id="3"][relation_type=relates]' end assert_select 'issue id', :text => '1' do assert_select '~ relations' assert_select '~ relations relation', 0 end end test "GET /issues.xml with attachments" do get '/issues.xml?include=attachments' assert_response :success assert_equal 'application/xml', @response.media_type assert_select 'issue id', :text => '3' do assert_select '~ attachments attachment', 4 end assert_select 'issue id', :text => '1' do assert_select '~ attachments' assert_select '~ attachments attachment', 0 end end test "GET /issues.xml with invalid query params" do get '/issues.xml', :params => {:f => ['start_date'], :op => {:start_date => '='}} assert_response :unprocessable_entity assert_equal 'application/xml', @response.media_type assert_select 'errors error', :text => "Start date cannot be blank" end test "GET /issues.xml with custom field filter" do get( '/issues.xml', :params => {:set_filter => 1, :f => ['cf_1'], :op => {:cf_1 => '='}, :v => {:cf_1 => ['MySQL']}}) expected_ids = Issue.visible. joins(:custom_values). where(:custom_values => {:custom_field_id => 1, :value => 'MySQL'}).map(&:id) assert expected_ids.any? assert_select 'issues > issue > id', :count => expected_ids.count do |ids| ids.each { |id| assert expected_ids.delete(id.children.first.content.to_i) } end end test "GET /issues.xml with custom field filter (shorthand method)" do get '/issues.xml', :params => {:cf_1 => 'MySQL'} expected_ids = Issue.visible. joins(:custom_values). where(:custom_values => {:custom_field_id => 1, :value => 'MySQL'}).map(&:id) assert expected_ids.any? assert_select 'issues > issue > id', :count => expected_ids.count do |ids| ids.each { |id| assert expected_ids.delete(id.children.first.content.to_i) } end end def test_index_should_include_issue_attributes get '/issues.xml' assert_select 'issues>issue>is_private', :text => 'false' end def test_index_should_allow_timestamp_filtering Issue.delete_all Issue.generate!(:subject => '1').update_column(:updated_on, Time.parse("2014-01-02T10:25:00Z")) Issue.generate!(:subject => '2').update_column(:updated_on, Time.parse("2014-01-02T12:13:00Z")) get( '/issues.xml', :params => { :set_filter => 1, :f => ['updated_on'], :op => {:updated_on => '<='}, :v => {:updated_on => ['2014-01-02T12:00:00Z']} } ) assert_select 'issues>issue', :count => 1 assert_select 'issues>issue>subject', :text => '1' get( '/issues.xml', :params => { :set_filter => 1, :f => ['updated_on'], :op => {:updated_on => '>='}, :v => {:updated_on => ['2014-01-02T12:00:00Z']} } ) assert_select 'issues>issue', :count => 1 assert_select 'issues>issue>subject', :text => '2' get( '/issues.xml', :params => { :set_filter => 1, :f => ['updated_on'], :op => {:updated_on => '>='}, :v => {:updated_on => ['2014-01-02T08:00:00Z']} } ) assert_select 'issues>issue', :count => 2 end test "GET /issues.xml with filter" do get '/issues.xml?status_id=5' expected_ids = Issue.visible.where(:status_id => 5).map(&:id) assert expected_ids.any? assert_select 'issues > issue > id', :count => expected_ids.count do |ids| ids.each { |id| assert expected_ids.delete(id.children.first.content.to_i) } end end test "GET /issues.json with filter" do get '/issues.json?status_id=5' json = ActiveSupport::JSON.decode(response.body) status_ids_used = json['issues'].collect {|j| j['status']['id'] } assert_equal 3, status_ids_used.length assert status_ids_used.all? {|id| id == 5 } end test "GET /issues/:id.xml with journals" do Journal.find(2).update_attribute(:private_notes, true) get '/issues/1.xml?include=journals', :headers => credentials('jsmith') assert_select 'issue journals[type=array]' do assert_select 'journal[id="1"]' do assert_select 'private_notes', :text => 'false' assert_select 'details[type=array]' do assert_select 'detail[name=status_id]' do assert_select 'old_value', :text => '1' assert_select 'new_value', :text => '2' end end end assert_select 'journal[id="2"]' do assert_select 'private_notes', :text => 'true' assert_select 'details[type=array]' end end end test "GET /issues/:id.xml with journals should format timestamps in ISO 8601" do get '/issues/1.xml?include=journals' issue = Issue.find(1) assert_select 'issue>created_on', :text => issue.created_on.iso8601 assert_select 'issue>updated_on', :text => issue.updated_on.iso8601 assert_select 'issue journal>created_on', :text => issue.journals[0].created_on.iso8601 end test "GET /issues/:id.xml with custom fields" do get '/issues/3.xml' assert_select 'issue custom_fields[type=array]' do assert_select 'custom_field[id="1"]' do assert_select 'value', :text => 'MySQL' end end assert_nothing_raised do Hash.from_xml(response.body).to_xml end end test "GET /issues/:id.xml with multi custom fields" do field = CustomField.find(1) field.update_attribute :multiple, true issue = Issue.find(3) issue.custom_field_values = {1 => ['MySQL', 'Oracle']} issue.save! get '/issues/3.xml' assert_response :success assert_select 'issue custom_fields[type=array]' do assert_select 'custom_field[id="1"]' do assert_select 'value[type=array] value', 2 end end xml = Hash.from_xml(response.body) custom_fields = xml['issue']['custom_fields'] assert_kind_of Array, custom_fields field = custom_fields.detect {|f| f['id'] == '1'} assert_kind_of Hash, field assert_equal ['MySQL', 'Oracle'], field['value'].sort end test "GET /issues/:id.json with multi custom fields" do field = CustomField.find(1) field.update_attribute :multiple, true issue = Issue.find(3) issue.custom_field_values = {1 => ['MySQL', 'Oracle']} issue.save! get '/issues/3.json' assert_response :success json = ActiveSupport::JSON.decode(response.body) custom_fields = json['issue']['custom_fields'] assert_kind_of Array, custom_fields field = custom_fields.detect {|f| f['id'] == 1} assert_kind_of Hash, field assert_equal ['MySQL', 'Oracle'], field['value'].sort end test "GET /issues/:id.xml with empty value for multi custom field" do field = CustomField.find(1) field.update_attribute :multiple, true issue = Issue.find(3) issue.custom_field_values = {1 => ['']} issue.save! get '/issues/3.xml' assert_select 'issue custom_fields[type=array]' do assert_select 'custom_field[id="1"]' do assert_select 'value[type=array]:empty' end end xml = Hash.from_xml(response.body) custom_fields = xml['issue']['custom_fields'] assert_kind_of Array, custom_fields field = custom_fields.detect {|f| f['id'] == '1'} assert_kind_of Hash, field assert_equal [], field['value'] end test "GET /issues/:id.json with empty value for multi custom field" do field = CustomField.find(1) field.update_attribute :multiple, true issue = Issue.find(3) issue.custom_field_values = {1 => ['']} issue.save! get '/issues/3.json' assert_response :success json = ActiveSupport::JSON.decode(response.body) custom_fields = json['issue']['custom_fields'] assert_kind_of Array, custom_fields field = custom_fields.detect {|f| f['id'] == 1} assert_kind_of Hash, field assert_equal [], field['value'].sort end test "GET /issues/:id.xml with attachments" do get '/issues/3.xml?include=attachments' assert_select 'issue attachments[type=array]' do assert_select 'attachment', 4 assert_select 'attachment id', :text => '1' do assert_select '~ filename', :text => 'error281.txt' assert_select '~ content_url', :text => 'http://www.example.com/attachments/download/1/error281.txt' end end end test "GET /issues/:id.xml with subtasks" do issue = Issue.generate_with_descendants!(:project_id => 1) get "/issues/#{issue.id}.xml?include=children" assert_select 'issue id', :text => issue.id.to_s do assert_select '~ children[type=array] > issue', 2 assert_select '~ children[type=array] > issue > children', 1 end end test "GET /issues/:id.json with subtasks" do issue = Issue.generate_with_descendants!(:project_id => 1) get "/issues/#{issue.id}.json?include=children" json = ActiveSupport::JSON.decode(response.body) assert_equal 2, json['issue']['children'].size assert_equal 1, json['issue']['children'].count {|child| child.key?('children')} end test "GET /issues/:id.json with no spent time should return floats" do issue = Issue.generate! get "/issues/#{issue.id}.json" json = ActiveSupport::JSON.decode(response.body) assert_kind_of Float, json['issue']['spent_hours'] assert_kind_of Float, json['issue']['total_spent_hours'] end def test_show_should_include_issue_attributes get '/issues/1.xml' assert_select 'issue>is_private', :text => 'false' end test "GET /issues/:id.xml?include=watchers should include watchers" do Watcher.create!(:user_id => 3, :watchable => Issue.find(1)) get '/issues/1.xml?include=watchers', :headers => credentials('jsmith') assert_response :ok assert_equal 'application/xml', response.media_type assert_select 'issue' do assert_select 'watchers', Issue.find(1).watchers.count assert_select 'watchers' do assert_select 'user[id="3"]' end end end test "GET /issues/:id.xml should not disclose associated changesets from projects the user has no access to" do project = Project.generate!(:is_public => false) repository = Repository::Subversion.create!(:project => project, :url => "svn://localhost") Issue.find(1).changesets << Changeset.generate!(:repository => repository) assert Issue.find(1).changesets.any? get '/issues/1.xml?include=changesets', :headers => credentials('jsmith') # the user jsmith has no permission to view the associated changeset assert_select 'issue changesets[type=array]' do assert_select 'changeset', 0 end end test "GET /issues/:id.xml should contains total_estimated_hours and total_spent_hours" do parent = Issue.find(3) parent.update_columns :estimated_hours => 2.0 child = Issue.generate!(:parent_issue_id => parent.id, :estimated_hours => 3.0) TimeEntry.create!(:project => child.project, :issue => child, :user => child.author, :spent_on => child.author.today, :hours => '2.5', :comments => '', :activity_id => TimeEntryActivity.first.id) get '/issues/3.xml' assert_equal 'application/xml', response.media_type assert_select 'issue' do assert_select 'estimated_hours', parent.estimated_hours.to_s assert_select 'total_estimated_hours', (parent.estimated_hours.to_f + 3.0).to_s assert_select 'spent_hours', parent.spent_hours.to_s assert_select 'total_spent_hours', (parent.spent_hours.to_f + 2.5).to_s end end test "GET /issues/:id.xml should contains total_estimated_hours, and should not contains spent_hours and total_spent_hours when permission does not exists" do parent = Issue.find(3) parent.update_columns :estimated_hours => 2.0 child = Issue.generate!(:parent_issue_id => parent.id, :estimated_hours => 3.0) Role.anonymous.remove_permission! :view_time_entries get '/issues/3.xml' assert_equal 'application/xml', response.media_type assert_select 'issue' do assert_select 'estimated_hours', parent.estimated_hours.to_s assert_select 'total_estimated_hours', (parent.estimated_hours.to_f + 3.0).to_s assert_select 'spent_hours', false assert_select 'total_spent_hours', false end end test "GET /issues/:id.xml should contains visible spent_hours only" do user = User.find_by_login('jsmith') Role.find(1).update(:time_entries_visibility => 'own') parent = Issue.find(3) child = Issue.generate!(:parent_issue_id => parent.id) TimeEntry.generate!(:user => user, :hours => 5.5, :issue_id => parent.id) TimeEntry.generate!(:user => user, :hours => 2, :issue_id => child.id) TimeEntry.generate!(:user => User.find(1), :hours => 100, :issue_id => child.id) get '/issues/3.xml', :headers => credentials(user.login) assert_equal 'application/xml', response.media_type assert_select 'issue' do assert_select 'spent_hours', '5.5' assert_select 'total_spent_hours', '7.5' end end test "GET /issues/:id.json should contains total_estimated_hours and total_spent_hours" do parent = Issue.find(3) parent.update_columns :estimated_hours => 2.0 child = Issue.generate!(:parent_issue_id => parent.id, :estimated_hours => 3.0) TimeEntry.create!(:project => child.project, :issue => child, :user => child.author, :spent_on => child.author.today, :hours => '2.5', :comments => '', :activity_id => TimeEntryActivity.first.id) get '/issues/3.json' assert_equal 'application/json', response.media_type json = ActiveSupport::JSON.decode(response.body) assert_equal parent.estimated_hours, json['issue']['estimated_hours'] assert_equal (parent.estimated_hours.to_f + 3.0), json['issue']['total_estimated_hours'] assert_equal parent.spent_hours, json['issue']['spent_hours'] assert_equal (parent.spent_hours.to_f + 2.5), json['issue']['total_spent_hours'] end test "GET /issues/:id.json should contains total_estimated_hours, and should not contains spent_hours and total_spent_hours when permission does not exists" do parent = Issue.find(3) parent.update_columns :estimated_hours => 2.0 child = Issue.generate!(:parent_issue_id => parent.id, :estimated_hours => 3.0) Role.anonymous.remove_permission! :view_time_entries get '/issues/3.json' assert_equal 'application/json', response.media_type json = ActiveSupport::JSON.decode(response.body) assert_equal parent.estimated_hours, json['issue']['estimated_hours'] assert_equal (parent.estimated_hours.to_f + 3.0), json['issue']['total_estimated_hours'] assert_nil json['issue']['spent_hours'] assert_nil json['issue']['total_spent_hours'] end test "GET /issues/:id.json should contains visible spent_hours only" do user = User.find_by_login('jsmith') Role.find(1).update(:time_entries_visibility => 'own') parent = Issue.find(3) child = Issue.generate!(:parent_issue_id => parent.id) TimeEntry.generate!(:user => user, :hours => 5.5, :issue_id => parent.id) TimeEntry.generate!(:user => user, :hours => 2, :issue_id => child.id) TimeEntry.generate!(:user => User.find(1), :hours => 100, :issue_id => child.id) get '/issues/3.json', :headers =>pre { line-height: 125%; } td.linenos .normal { color: inherit; background-color: transparent; padding-left: 5px; padding-right: 5px; } span.linenos { color: inherit; background-color: transparent; padding-left: 5px; padding-right: 5px; } td.linenos .special { color: #000000; background-color: #ffffc0; padding-left: 5px; padding-right: 5px; } span.linenos.special { color: #000000; background-color: #ffffc0; padding-left: 5px; padding-right: 5px; } .highlight .hll { background-color: #ffffcc } .highlight .c { color: #888888 } /* Comment */ .highlight .err { color: #a61717; background-color: #e3d2d2 } /* Error */ .highlight .k { color: #008800; font-weight: bold } /* Keyword */ .highlight .ch { color: #888888 } /* Comment.Hashbang */ .highlight .cm { color: #888888 } /* Comment.Multiline */ .highlight .cp { color: #cc0000; font-weight: bold } /* Comment.Preproc */ .highlight .cpf { color: #888888 } /* Comment.PreprocFile */ .highlight .c1 { color: #888888 } /* Comment.Single */ .highlight .cs { color: #cc0000; font-weight: bold; background-color: #fff0f0 } /* Comment.Special */ .highlight .gd { color: #000000; background-color: #ffdddd } /* Generic.Deleted */ .highlight .ge { font-style: italic } /* Generic.Emph */ .highlight .gr { color: #aa0000 } /* Generic.Error */ .highlight .gh { color: #333333 } /* Generic.Heading */ .highlight .gi { color: #000000; background-color: #ddffdd } /* Generic.Inserted */ .highlight .go { color: #888888 } /* Generic.Output */ .highlight .gp { color: #555555 } /* Generic.Prompt */ .highlight .gs { font-weight: bold } /* Generic.Strong */ .highlight .gu { color: #666666 } /* Generic.Subheading */ .highlight .gt { color: #aa0000 } /* Generic.Traceback */ .highlight .kc { color: #008800; font-weight: bold } /* Keyword.Constant */ .highlight .kd { color: #008800; font-weight: bold } /* Keyword.Declaration */ .highlight .kn { color: #008800; font-weight: bold } /* Keyword.Namespace */ .highlight .kp { color: #008800 } /* Keyword.Pseudo */ .highlight .kr { color: #008800; font-weight: bold } /* Keyword.Reserved */ .highlight .kt { color: #888888; font-weight: bold } /* Keyword.Type */ .highlight .m { color: #0000DD; font-weight: bold } /* Literal.Number */ .highlight .s { color: #dd2200; background-color: #fff0f0 } /* Literal.String */ .highlight .na { color: #336699 } /* Name.Attribute */ .highlight .nb { color: #003388 } /* Name.Builtin */ .highlight .nc { color: #bb0066; font-weight: bold } /* Name.Class */ .highlight .no { color: #003366; font-weight: bold } /* Name.Constant */ .highlight .nd { color: #555555 } /* Name.Decorator */ .highlight .ne { color: #bb0066; font-weight: bold } /* Name.Exception */ .highlight .nf { color: #0066bb; font-weight: bold } /* Name.Function */ .highlight .nl { color: #336699; font-style: italic } /* Name.Label */ .highlight .nn { color: #bb0066; font-weight: bold } /* Name.Namespace */ .highlight .py { color: #336699; font-weight: bold } /* Name.Property */ .highlight .nt { color: #bb0066; font-weight: bold } /* Name.Tag */ .highlight .nv { color: #336699 } /* Name.Variable */ .highlight .ow { color: #008800 } /* Operator.Word */ .highlight .w { color: #bbbbbb } /* Text.Whitespace */ .highlight .mb { color: #0000DD; font-weight: bold } /* Literal.Number.Bin */ .highlight .mf { color: #0000DD; font-weight: bold } /* Literal.Number.Float */ .highlight .mh { color: #0000DD; font-weight: bold } /* Literal.Number.Hex */ .highlight .mi { color: #0000DD; font-weight: bold } /* Literal.Number.Integer */ .highlight .mo { color: #0000DD; font-weight: bold } /* Literal.Number.Oct */ .highlight .sa { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Affix */ .highlight .sb { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Backtick */ .highlight .sc { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Char */ .highlight .dl { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Delimiter */ .highlight .sd { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Doc */ .highlight .s2 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Double */ .highlight .se { color: #0044dd; background-color: #fff0f0 } /* Literal.String.Escape */ .highlight .sh { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Heredoc */ .highlight .si { color: #3333bb; background-color: #fff0f0 } /* Literal.String.Interpol */ .highlight .sx { color: #22bb22; background-color: #f0fff0 } /* Literal.String.Other */ .highlight .sr { color: #008800; background-color: #fff0ff } /* Literal.String.Regex */ .highlight .s1 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Single */ .highlight .ss { color: #aa6600; background-color: #fff0f0 } /* Literal.String.Symbol */ .highlight .bp { color: #003388 } /* Name.Builtin.Pseudo */ .highlight .fm { color: #0066bb; font-weight: bold } /* Name.Function.Magic */ .highlight .vc { color: #336699 } /* Name.Variable.Class */ .highlight .vg { color: #dd7700 } /* Name.Variable.Global */ .highlight .vi { color: #3333bb } /* Name.Variable.Instance */ .highlight .vm { color: #336699 } /* Name.Variable.Magic */ .highlight .il { color: #0000DD; font-weight: bold } /* Literal.Number.Integer.Long */# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors # SPDX-License-Identifier: AGPL-3.0-or-later # Ignoring folders for eslint node_modules/ 3rdparty/ **/vendor/ **/l10n/ **/js/* *.config.js tests/lib/ apps-extra # TODO: remove when comments files is not using handlebar templates anymore apps/comments/src/templates.js
# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors # SPDX-License-Identifier: AGPL-3.0-or-later # Ignoring folders for eslint node_modules/ 3rdparty/ **/vendor/ **/l10n/ **/js/* *.config.js tests/lib/ apps-extra # TODO: remove when comments files is not using handlebar templates anymore apps/comments/src/templates.js
