diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2010-02-26 15:50:16 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2010-02-26 15:50:16 +0000 |
| commit | bfed36ac84122e1856e18a4d1e7cb3e3753b2fa8 (patch) | |
| tree | 09d4afecee7087d9e29aa5d7a375cdc637e657eb | |
| parent | d6f9e576e88dae3aeec6a4997d1dcf00c9821878 (diff) | |
| download | redmine-bfed36ac84122e1856e18a4d1e7cb3e3753b2fa8.tar.gz redmine-bfed36ac84122e1856e18a4d1e7cb3e3753b2fa8.zip | |
Let administrators see locked user profiles.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3493 e93f8b46-1217-0410-a6f0-8f06a7374b81
| -rw-r--r-- | app/controllers/users_controller.rb | 10 | ||||
| -rw-r--r-- | test/functional/users_controller_test.rb | 10 |
2 files changed, 14 insertions, 6 deletions
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 99b01c30f..14930e338 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -50,7 +50,7 @@ class UsersController < ApplicationController end def show - @user = User.active.find(params[:id]) + @user = User.find(params[:id]) @custom_values = @user.custom_values # show only public projects and private projects that the logged in user is also a member of @@ -61,9 +61,11 @@ class UsersController < ApplicationController events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10) @events_by_day = events.group_by(&:event_date) - if @user != User.current && !User.current.admin? && @memberships.empty? && events.empty? - render_404 - return + unless User.current.admin? + if !@user.active? || (@user != User.current && @memberships.empty? && events.empty?) + render_404 + return + end end render :layout => 'base' diff --git a/test/functional/users_controller_test.rb b/test/functional/users_controller_test.rb index 74cfb656d..6823eb307 100644 --- a/test/functional/users_controller_test.rb +++ b/test/functional/users_controller_test.rb @@ -103,12 +103,11 @@ class UsersControllerTest < ActionController::TestCase get :show, :id => 2 assert_response :success end - def test_show_inactive + @request.session[:user_id] = nil get :show, :id => 5 assert_response 404 - assert_nil assigns(:user) end def test_show_should_not_reveal_users_with_no_visible_activity_or_project @@ -116,6 +115,13 @@ class UsersControllerTest < ActionController::TestCase get :show, :id => 9 assert_response 404 end + + def test_show_inactive_by_admin + @request.session[:user_id] = 1 + get :show, :id => 5 + assert_response 200 + assert_not_nil assigns(:user) + end def test_add_routing assert_routing( |