diff options
| author | Marius Balteanu <marius.balteanu@zitec.com> | 2024-07-08 21:28:24 +0000 |
|---|---|---|
| committer | Marius Balteanu <marius.balteanu@zitec.com> | 2024-07-08 21:28:24 +0000 |
| commit | 2d20811f406ab4f9b6ac27a935f27c721833f882 (patch) | |
| tree | 26d2a90a0a66777a40c76adfbdeb42a268d8bc94 /test/functional/wiki_controller_test.rb | |
| parent | fe38f5e83f7b2269d685db484732dd81ca0fa5f5 (diff) | |
| download | redmine-2d20811f406ab4f9b6ac27a935f27c721833f882.tar.gz redmine-2d20811f406ab4f9b6ac27a935f27c721833f882.zip | |
Improve watcher list permissions check to explicitly require @view_issue_watchers@ permission (#40946).
Patch by Felix Schäfer (@felix).
git-svn-id: https://svn.redmine.org/redmine/trunk@22913 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'test/functional/wiki_controller_test.rb')
| -rw-r--r-- | test/functional/wiki_controller_test.rb | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/test/functional/wiki_controller_test.rb b/test/functional/wiki_controller_test.rb index be62dcc8e..fdfaaf805 100644 --- a/test/functional/wiki_controller_test.rb +++ b/test/functional/wiki_controller_test.rb @@ -150,6 +150,17 @@ class WikiControllerTest < Redmine::ControllerTest end end + def test_show_should_not_display_watchers_without_permission + @request.session[:user_id] = 2 + Role.find(1).remove_permission! :view_wiki_page_watchers + page = Project.find(1).wiki.find_page('Another_page') + page.add_watcher User.find(2) + page.add_watcher Group.find(10) + get(:show, :params => {:project_id => 1, :id => 'Another_page'}) + assert_select 'div#watchers ul', 0 + assert_select 'h3', {text: /Watchers \(\d*\)/, count: 0} + end + def test_show_should_display_section_edit_links with_settings :text_formatting => 'textile' do @request.session[:user_id] = 2 |