summaryrefslogtreecommitdiffstats
path: root/test/functional
diff options
context:
space:
mode:
authorJean-Philippe Lang <jp_lang@yahoo.fr>2012-10-03 21:36:19 +0000
committerJean-Philippe Lang <jp_lang@yahoo.fr>2012-10-03 21:36:19 +0000
commit0178b5a2fe07e1160348b99ac56c19ebf154ca1b (patch)
tree53f762a779c95b598815864bb674463d90ef64d6 /test/functional
parentbb1563f23ffabcf948797e0d8806c3d5344d09a7 (diff)
downloadredmine-0178b5a2fe07e1160348b99ac56c19ebf154ca1b.tar.gz
redmine-0178b5a2fe07e1160348b99ac56c19ebf154ca1b.zip
Private issue notes (#1554).
Adds 2 new permissions for viewing/adding private comments to issues. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@10547 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'test/functional')
-rw-r--r--test/functional/activities_controller_test.rb14
-rw-r--r--test/functional/issues_controller_test.rb95
-rw-r--r--test/functional/issues_controller_transaction_test.rb31
-rw-r--r--test/functional/journals_controller_test.rb45
-rw-r--r--test/functional/search_controller_test.rb33
5 files changed, 184 insertions, 34 deletions
diff --git a/test/functional/activities_controller_test.rb b/test/functional/activities_controller_test.rb
index 13f44a108..234ea7c57 100644
--- a/test/functional/activities_controller_test.rb
+++ b/test/functional/activities_controller_test.rb
@@ -149,4 +149,18 @@ class ActivitiesControllerTest < ActionController::TestCase
assert_template 'common/feed'
assert_tag :tag => 'title', :content => /Issues/
end
+
+ def test_index_should_show_private_notes_with_permission_only
+ journal = Journal.create!(:journalized => Issue.find(2), :notes => 'Private notes with searchkeyword', :private_notes => true)
+ @request.session[:user_id] = 2
+
+ get :index
+ assert_response :success
+ assert_include journal, assigns(:events_by_day).values.flatten
+
+ Role.find(1).remove_permission! :view_private_notes
+ get :index
+ assert_response :success
+ assert_not_include journal, assigns(:events_by_day).values.flatten
+ end
end
diff --git a/test/functional/issues_controller_test.rb b/test/functional/issues_controller_test.rb
index e5079b5a6..7672a3e75 100644
--- a/test/functional/issues_controller_test.rb
+++ b/test/functional/issues_controller_test.rb
@@ -904,7 +904,7 @@ class IssuesControllerTest < ActionController::TestCase
assert_tag 'select', :attributes => {:name => 'issue[done_ratio]'}
assert_tag 'input', :attributes => { :name => 'issue[custom_field_values][2]' }
assert_no_tag 'input', :attributes => {:name => 'issue[watcher_user_ids][]'}
- assert_tag 'textarea', :attributes => {:name => 'notes'}
+ assert_tag 'textarea', :attributes => {:name => 'issue[notes]'}
end
def test_show_should_display_update_form_with_minimal_permissions
@@ -932,7 +932,7 @@ class IssuesControllerTest < ActionController::TestCase
assert_no_tag 'select', :attributes => {:name => 'issue[done_ratio]'}
assert_no_tag 'input', :attributes => { :name => 'issue[custom_field_values][2]' }
assert_no_tag 'input', :attributes => {:name => 'issue[watcher_user_ids][]'}
- assert_tag 'textarea', :attributes => {:name => 'notes'}
+ assert_tag 'textarea', :attributes => {:name => 'issue[notes]'}
end
def test_show_should_display_update_form_with_workflow_permissions
@@ -959,7 +959,7 @@ class IssuesControllerTest < ActionController::TestCase
assert_tag 'select', :attributes => {:name => 'issue[done_ratio]'}
assert_no_tag 'input', :attributes => { :name => 'issue[custom_field_values][2]' }
assert_no_tag 'input', :attributes => {:name => 'issue[watcher_user_ids][]'}
- assert_tag 'textarea', :attributes => {:name => 'notes'}
+ assert_tag 'textarea', :attributes => {:name => 'issue[notes]'}
end
def test_show_should_not_display_update_form_without_permissions
@@ -1321,6 +1321,20 @@ class IssuesControllerTest < ActionController::TestCase
assert_tag :td, :content => 'Dave Lopper, John Smith'
end
+ def test_show_should_display_private_notes_with_permission_only
+ journal = Journal.create!(:journalized => Issue.find(2), :notes => 'Privates notes', :private_notes => true, :user_id => 1)
+ @request.session[:user_id] = 2
+
+ get :show, :id => 2
+ assert_response :success
+ assert_include journal, assigns(:journals)
+
+ Role.find(1).remove_permission! :view_private_notes
+ get :show, :id => 2
+ assert_response :success
+ assert_not_include journal, assigns(:journals)
+ end
+
def test_show_atom
get :show, :id => 2, :format => 'atom'
assert_response :success
@@ -2178,14 +2192,14 @@ class IssuesControllerTest < ActionController::TestCase
context "#update" do
should "ignore status change" do
assert_difference 'Journal.count' do
- put :update, :id => 1, :notes => 'just trying', :issue => {:status_id => 3}
+ put :update, :id => 1, :issue => {:status_id => 3, :notes => 'just trying'}
end
assert_equal 1, Issue.find(1).status_id
end
should "ignore attributes changes" do
assert_difference 'Journal.count' do
- put :update, :id => 1, :notes => 'just trying', :issue => {:subject => 'changed', :assigned_to_id => 2}
+ put :update, :id => 1, :issue => {:subject => 'changed', :assigned_to_id => 2, :notes => 'just trying'}
end
issue = Issue.find(1)
assert_equal "Can't print recipes", issue.subject
@@ -2205,21 +2219,21 @@ class IssuesControllerTest < ActionController::TestCase
context "#update" do
should "accept authorized status" do
assert_difference 'Journal.count' do
- put :update, :id => 1, :notes => 'just trying', :issue => {:status_id => 3}
+ put :update, :id => 1, :issue => {:status_id => 3, :notes => 'just trying'}
end
assert_equal 3, Issue.find(1).status_id
end
should "ignore unauthorized status" do
assert_difference 'Journal.count' do
- put :update, :id => 1, :notes => 'just trying', :issue => {:status_id => 2}
+ put :update, :id => 1, :issue => {:status_id => 2, :notes => 'just trying'}
end
assert_equal 1, Issue.find(1).status_id
end
should "accept authorized attributes changes" do
assert_difference 'Journal.count' do
- put :update, :id => 1, :notes => 'just trying', :issue => {:assigned_to_id => 2}
+ put :update, :id => 1, :issue => {:assigned_to_id => 2, :notes => 'just trying'}
end
issue = Issue.find(1)
assert_equal 2, issue.assigned_to_id
@@ -2227,7 +2241,7 @@ class IssuesControllerTest < ActionController::TestCase
should "ignore unauthorized attributes changes" do
assert_difference 'Journal.count' do
- put :update, :id => 1, :notes => 'just trying', :issue => {:subject => 'changed'}
+ put :update, :id => 1, :issue => {:subject => 'changed', :notes => 'just trying'}
end
issue = Issue.find(1)
assert_equal "Can't print recipes", issue.subject
@@ -2241,21 +2255,21 @@ class IssuesControllerTest < ActionController::TestCase
should "accept authorized status" do
assert_difference 'Journal.count' do
- put :update, :id => 1, :notes => 'just trying', :issue => {:status_id => 3}
+ put :update, :id => 1, :issue => {:status_id => 3, :notes => 'just trying'}
end
assert_equal 3, Issue.find(1).status_id
end
should "ignore unauthorized status" do
assert_difference 'Journal.count' do
- put :update, :id => 1, :notes => 'just trying', :issue => {:status_id => 2}
+ put :update, :id => 1, :issue => {:status_id => 2, :notes => 'just trying'}
end
assert_equal 1, Issue.find(1).status_id
end
should "accept authorized attributes changes" do
assert_difference 'Journal.count' do
- put :update, :id => 1, :notes => 'just trying', :issue => {:subject => 'changed', :assigned_to_id => 2}
+ put :update, :id => 1, :issue => {:subject => 'changed', :assigned_to_id => 2, :notes => 'just trying'}
end
issue = Issue.find(1)
assert_equal "changed", issue.subject
@@ -2750,8 +2764,7 @@ class IssuesControllerTest < ActionController::TestCase
assert_difference('TimeEntry.count', 0) do
put :update,
:id => 1,
- :issue => { :status_id => 2, :assigned_to_id => 3 },
- :notes => 'Assigned to dlopper',
+ :issue => { :status_id => 2, :assigned_to_id => 3, :notes => 'Assigned to dlopper' },
:time_entry => { :hours => '', :comments => '', :activity_id => TimeEntryActivity.first }
end
assert_redirected_to :action => 'show', :id => '1'
@@ -2772,7 +2785,7 @@ class IssuesControllerTest < ActionController::TestCase
# anonymous user
put :update,
:id => 1,
- :notes => notes
+ :issue => { :notes => notes }
assert_redirected_to :action => 'show', :id => '1'
j = Journal.find(:first, :order => 'id DESC')
assert_equal notes, j.notes
@@ -2783,13 +2796,47 @@ class IssuesControllerTest < ActionController::TestCase
assert_mail_body_match notes, mail
end
+ def test_put_update_with_private_note_only
+ notes = 'Private note'
+ @request.session[:user_id] = 2
+
+ assert_difference 'Journal.count' do
+ put :update, :id => 1, :issue => {:notes => notes, :private_notes => '1'}
+ assert_redirected_to :action => 'show', :id => '1'
+ end
+
+ j = Journal.order('id DESC').first
+ assert_equal notes, j.notes
+ assert_equal true, j.private_notes
+ end
+
+ def test_put_update_with_private_note_and_changes
+ notes = 'Private note'
+ @request.session[:user_id] = 2
+
+ assert_difference 'Journal.count', 2 do
+ put :update, :id => 1, :issue => {:subject => 'New subject', :notes => notes, :private_notes => '1'}
+ assert_redirected_to :action => 'show', :id => '1'
+ end
+
+ j = Journal.order('id DESC').first
+ assert_equal notes, j.notes
+ assert_equal true, j.private_notes
+ assert_equal 0, j.details.count
+
+ j = Journal.order('id DESC').offset(1).first
+ assert_nil j.notes
+ assert_equal false, j.private_notes
+ assert_equal 1, j.details.count
+ end
+
def test_put_update_with_note_and_spent_time
@request.session[:user_id] = 2
spent_hours_before = Issue.find(1).spent_hours
assert_difference('TimeEntry.count') do
put :update,
:id => 1,
- :notes => '2.5 hours added',
+ :issue => { :notes => '2.5 hours added' },
:time_entry => { :hours => '2.5', :comments => 'test_put_update_with_note_and_spent_time', :activity_id => TimeEntryActivity.first.id }
end
assert_redirected_to :action => 'show', :id => '1'
@@ -2816,7 +2863,7 @@ class IssuesControllerTest < ActionController::TestCase
# anonymous user
assert_difference 'Attachment.count' do
put :update, :id => 1,
- :notes => '',
+ :issue => {:notes => ''},
:attachments => {'1' => {'file' => uploaded_test_file('testfile.txt', 'text/plain'), 'description' => 'test file'}}
end
@@ -2892,7 +2939,7 @@ class IssuesControllerTest < ActionController::TestCase
assert_difference 'JournalDetail.count' do
assert_no_difference 'Attachment.count' do
put :update, :id => 1,
- :notes => 'Attachment added',
+ :issue => {:notes => 'Attachment added'},
:attachments => {'p0' => {'token' => attachment.token}}
assert_redirected_to '/issues/1'
end
@@ -2920,7 +2967,7 @@ class IssuesControllerTest < ActionController::TestCase
# anonymous user
put :update,
:id => 1,
- :notes => '',
+ :issue => {:notes => ''},
:attachments => {'1' => {'file' => uploaded_test_file('testfile.txt', 'text/plain')}}
assert_redirected_to :action => 'show', :id => '1'
assert_equal '1 file(s) could not be saved.', flash[:warning]
@@ -2933,7 +2980,7 @@ class IssuesControllerTest < ActionController::TestCase
put :update,
:id => 1,
- :notes => ''
+ :issue => {:notes => ''}
assert_redirected_to :action => 'show', :id => '1'
issue.reload
@@ -2963,14 +3010,14 @@ class IssuesControllerTest < ActionController::TestCase
assert_no_difference('Journal.count') do
put :update,
:id => 1,
- :notes => notes,
+ :issue => {:notes => notes},
:time_entry => {"comments"=>"", "activity_id"=>"", "hours"=>"2z"}
end
assert_response :success
assert_template 'edit'
assert_error_tag :descendant => {:content => /Activity can&#x27;t be blank/}
- assert_tag :textarea, :attributes => { :name => 'notes' }, :content => "\n"+notes
+ assert_tag :textarea, :attributes => { :name => 'issue[notes]' }, :content => "\n"+notes
assert_tag :input, :attributes => { :name => 'time_entry[hours]', :value => "2z" }
end
@@ -2981,7 +3028,7 @@ class IssuesControllerTest < ActionController::TestCase
assert_no_difference('Journal.count') do
put :update,
:id => 1,
- :notes => notes,
+ :issue => {:notes => notes},
:time_entry => {"comments"=>"this is my comment", "activity_id"=>"", "hours"=>""}
end
assert_response :success
@@ -2989,7 +3036,7 @@ class IssuesControllerTest < ActionController::TestCase
assert_error_tag :descendant => {:content => /Activity can&#x27;t be blank/}
assert_error_tag :descendant => {:content => /Hours can&#x27;t be blank/}
- assert_tag :textarea, :attributes => { :name => 'notes' }, :content => "\n"+notes
+ assert_tag :textarea, :attributes => { :name => 'issue[notes]' }, :content => "\n"+notes
assert_tag :input, :attributes => { :name => 'time_entry[comments]', :value => "this is my comment" }
end
diff --git a/test/functional/issues_controller_transaction_test.rb b/test/functional/issues_controller_transaction_test.rb
index 84f9adc91..7e1fa0d00 100644
--- a/test/functional/issues_controller_transaction_test.rb
+++ b/test/functional/issues_controller_transaction_test.rb
@@ -62,9 +62,9 @@ class IssuesControllerTransactionTest < ActionController::TestCase
:id => issue.id,
:issue => {
:fixed_version_id => 4,
+ :notes => 'My notes',
:lock_version => (issue.lock_version - 1)
},
- :notes => 'My notes',
:time_entry => { :hours => '2.5', :comments => '', :activity_id => TimeEntryActivity.first.id }
end
end
@@ -93,9 +93,9 @@ class IssuesControllerTransactionTest < ActionController::TestCase
:id => issue.id,
:issue => {
:fixed_version_id => 4,
+ :notes => 'My notes',
:lock_version => (issue.lock_version - 1)
},
- :notes => 'My notes',
:attachments => {'1' => {'file' => uploaded_test_file('testfile.txt', 'text/plain')}},
:time_entry => { :hours => '2.5', :comments => '', :activity_id => TimeEntryActivity.first.id }
end
@@ -116,15 +116,14 @@ class IssuesControllerTransactionTest < ActionController::TestCase
put :update, :id => issue.id,
:issue => {
:fixed_version_id => 4,
+ :notes => '',
:lock_version => (issue.lock_version - 1)
- },
- :notes => ''
+ }
assert_tag 'div', :attributes => {:class => 'conflict'}
assert_tag 'input', :attributes => {:name => 'conflict_resolution', :value => 'overwrite'}
assert_no_tag 'input', :attributes => {:name => 'conflict_resolution', :value => 'add_notes'}
assert_tag 'input', :attributes => {:name => 'conflict_resolution', :value => 'cancel'}
-
end
def test_update_stale_issue_should_show_conflicting_journals
@@ -133,9 +132,9 @@ class IssuesControllerTransactionTest < ActionController::TestCase
put :update, :id => 1,
:issue => {
:fixed_version_id => 4,
+ :notes => '',
:lock_version => 2
},
- :notes => '',
:last_journal_id => 1
assert_not_nil assigns(:conflict_journals)
@@ -151,9 +150,9 @@ class IssuesControllerTransactionTest < ActionController::TestCase
put :update, :id => 1,
:issue => {
:fixed_version_id => 4,
+ :notes => '',
:lock_version => 2
},
- :notes => '',
:last_journal_id => ''
assert_not_nil assigns(:conflict_journals)
@@ -164,6 +163,18 @@ class IssuesControllerTransactionTest < ActionController::TestCase
:descendant => {:content => /Journal notes/}
end
+ def test_update_stale_issue_should_show_private_journals_with_permission_only
+ journal = Journal.create!(:journalized => Issue.find(1), :notes => 'Privates notes', :private_notes => true, :user_id => 1)
+
+ @request.session[:user_id] = 2
+ put :update, :id => 1, :issue => {:fixed_version_id => 4, :lock_version => 2}, :last_journal_id => ''
+ assert_include journal, assigns(:conflict_journals)
+
+ Role.find(1).remove_permission! :view_private_notes
+ put :update, :id => 1, :issue => {:fixed_version_id => 4, :lock_version => 2}, :last_journal_id => ''
+ assert_not_include journal, assigns(:conflict_journals)
+ end
+
def test_update_stale_issue_with_overwrite_conflict_resolution_should_update
@request.session[:user_id] = 2
@@ -171,9 +182,9 @@ class IssuesControllerTransactionTest < ActionController::TestCase
put :update, :id => 1,
:issue => {
:fixed_version_id => 4,
+ :notes => 'overwrite_conflict_resolution',
:lock_version => 2
},
- :notes => 'overwrite_conflict_resolution',
:conflict_resolution => 'overwrite'
end
@@ -192,9 +203,9 @@ class IssuesControllerTransactionTest < ActionController::TestCase
put :update, :id => 1,
:issue => {
:fixed_version_id => 4,
+ :notes => 'add_notes_conflict_resolution',
:lock_version => 2
},
- :notes => 'add_notes_conflict_resolution',
:conflict_resolution => 'add_notes'
end
@@ -213,9 +224,9 @@ class IssuesControllerTransactionTest < ActionController::TestCase
put :update, :id => 1,
:issue => {
:fixed_version_id => 4,
+ :notes => 'add_notes_conflict_resolution',
:lock_version => 2
},
- :notes => 'add_notes_conflict_resolution',
:conflict_resolution => 'cancel'
end
diff --git a/test/functional/journals_controller_test.rb b/test/functional/journals_controller_test.rb
index 652edf68d..5ba4725eb 100644
--- a/test/functional/journals_controller_test.rb
+++ b/test/functional/journals_controller_test.rb
@@ -39,6 +39,20 @@ class JournalsControllerTest < ActionController::TestCase
assert_equal 'application/atom+xml', @response.content_type
end
+ def test_index_should_return_privates_notes_with_permission_only
+ journal = Journal.create!(:journalized => Issue.find(2), :notes => 'Privates notes', :private_notes => true, :user_id => 1)
+ @request.session[:user_id] = 2
+
+ get :index, :project_id => 1
+ assert_response :success
+ assert_include journal, assigns(:journals)
+
+ Role.find(1).remove_permission! :view_private_notes
+ get :index, :project_id => 1
+ assert_response :success
+ assert_not_include journal, assigns(:journals)
+ end
+
def test_diff
get :diff, :id => 3, :detail_id => 4
assert_response :success
@@ -76,6 +90,21 @@ class JournalsControllerTest < ActionController::TestCase
assert_include '> A comment with a private version', response.body
end
+ def test_reply_to_private_note_should_fail_without_permission
+ journal = Journal.create!(:journalized => Issue.find(2), :notes => 'Privates notes', :private_notes => true)
+ @request.session[:user_id] = 2
+
+ xhr :get, :new, :id => 2, :journal_id => journal.id
+ assert_response :success
+ assert_template 'new'
+ assert_equal 'text/javascript', response.content_type
+ assert_include '> Privates notes', response.body
+
+ Role.find(1).remove_permission! :view_private_notes
+ xhr :get, :new, :id => 2, :journal_id => journal.id
+ assert_response 404
+ end
+
def test_edit_xhr
@request.session[:user_id] = 1
xhr :get, :edit, :id => 2
@@ -85,6 +114,22 @@ class JournalsControllerTest < ActionController::TestCase
assert_include 'textarea', response.body
end
+ def test_edit_private_note_should_fail_without_permission
+ journal = Journal.create!(:journalized => Issue.find(2), :notes => 'Privates notes', :private_notes => true)
+ @request.session[:user_id] = 2
+ Role.find(1).add_permission! :edit_issue_notes
+
+ xhr :get, :edit, :id => journal.id
+ assert_response :success
+ assert_template 'edit'
+ assert_equal 'text/javascript', response.content_type
+ assert_include 'textarea', response.body
+
+ Role.find(1).remove_permission! :view_private_notes
+ xhr :get, :edit, :id => journal.id
+ assert_response 404
+ end
+
def test_update_xhr
@request.session[:user_id] = 1
xhr :post, :edit, :id => 2, :notes => 'Updated notes'
diff --git a/test/functional/search_controller_test.rb b/test/functional/search_controller_test.rb
index 9491750bb..9bcb72dbd 100644
--- a/test/functional/search_controller_test.rb
+++ b/test/functional/search_controller_test.rb
@@ -58,6 +58,39 @@ class SearchControllerTest < ActionController::TestCase
:child => { :tag => 'a', :content => /Closed/ }
end
+ def test_search_issues_should_search_notes
+ Journal.create!(:journalized => Issue.find(2), :notes => 'Issue notes with searchkeyword')
+
+ get :index, :q => 'searchkeyword', :issues => 1
+ assert_response :success
+ assert_include Issue.find(2), assigns(:results)
+ end
+
+ def test_search_issues_with_multiple_matches_in_journals_should_return_issue_once
+ Journal.create!(:journalized => Issue.find(2), :notes => 'Issue notes with searchkeyword')
+ Journal.create!(:journalized => Issue.find(2), :notes => 'Issue notes with searchkeyword')
+
+ get :index, :q => 'searchkeyword', :issues => 1
+ assert_response :success
+ assert_include Issue.find(2), assigns(:results)
+ assert_equal 1, assigns(:results).size
+ end
+
+ def test_search_issues_should_search_private_notes_with_permission_only
+ Journal.create!(:journalized => Issue.find(2), :notes => 'Private notes with searchkeyword', :private_notes => true)
+ @request.session[:user_id] = 2
+
+ Role.find(1).add_permission! :view_private_notes
+ get :index, :q => 'searchkeyword', :issues => 1
+ assert_response :success
+ assert_include Issue.find(2), assigns(:results)
+
+ Role.find(1).remove_permission! :view_private_notes
+ get :index, :q => 'searchkeyword', :issues => 1
+ assert_response :success
+ assert_not_include Issue.find(2), assigns(:results)
+ end
+
def test_search_all_projects_with_scope_param
get :index, :q => 'issue', :scope => 'all'
assert_response :success
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-22 07:13:47 +0000