diff options
author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2016-06-05 11:50:09 +0000 |
---|---|---|
committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2016-06-05 11:50:09 +0000 |
commit | a23450fe08f367a1d4a03e937c3f8e90f83383fe (patch) | |
tree | b01dc8f2f8df96e0b6e1a8a81c1abb7978a95402 /test/unit/issue_test.rb | |
parent | 79df68e17fc09a4d8bc87cad8efb4bc31c085dcd (diff) | |
download | redmine-a23450fe08f367a1d4a03e937c3f8e90f83383fe.tar.gz redmine-a23450fe08f367a1d4a03e937c3f8e90f83383fe.zip |
Adds issue visibility by role/tracker (#285).
git-svn-id: http://svn.redmine.org/redmine/trunk@15465 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'test/unit/issue_test.rb')
-rw-r--r-- | test/unit/issue_test.rb | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/test/unit/issue_test.rb b/test/unit/issue_test.rb index f7f7003d2..3b7391a3c 100644 --- a/test/unit/issue_test.rb +++ b/test/unit/issue_test.rb @@ -342,6 +342,69 @@ class IssueTest < ActiveSupport::TestCase assert_include issue, issues end + def test_visible_scope_for_member_with_limited_tracker_ids + role = Role.find(1) + role.set_permission_trackers :view_issues, [2] + role.save! + user = User.find(2) + + issues = Issue.where(:project_id => 1).visible(user).to_a + assert issues.any? + assert_equal [2], issues.map(&:tracker_id).uniq + + assert Issue.where(:project_id => 1).all? {|issue| issue.visible?(user) ^ issue.tracker_id != 2} + end + + def test_visible_scope_should_consider_tracker_ids_on_each_project + user = User.generate! + + project1 = Project.generate! + role1 = Role.generate! + role1.add_permission! :view_issues + role1.set_permission_trackers :view_issues, :all + role1.save! + User.add_to_project(user, project1, role1) + + project2 = Project.generate! + role2 = Role.generate! + role2.add_permission! :view_issues + role2.set_permission_trackers :view_issues, [2] + role2.save! + User.add_to_project(user, project2, role2) + + visible_issues = [ + Issue.generate!(:project => project1, :tracker_id => 1), + Issue.generate!(:project => project1, :tracker_id => 2), + Issue.generate!(:project => project2, :tracker_id => 2) + ] + hidden_issue = Issue.generate!(:project => project2, :tracker_id => 1) + + issues = Issue.where(:project_id => [project1.id, project2.id]).visible(user) + assert_equal visible_issues.map(&:id), issues.ids.sort + + assert visible_issues.all? {|issue| issue.visible?(user)} + assert !hidden_issue.visible?(user) + end + + def test_visible_scope_should_not_consider_roles_without_view_issues_permission + user = User.generate! + role1 = Role.generate! + role1.remove_permission! :view_issues + role1.set_permission_trackers :view_issues, :all + role1.save! + role2 = Role.generate! + role2.add_permission! :view_issues + role2.set_permission_trackers :view_issues, [2] + role2.save! + User.add_to_project(user, Project.find(1), [role1, role2]) + + issues = Issue.where(:project_id => 1).visible(user).to_a + assert issues.any? + assert_equal [2], issues.map(&:tracker_id).uniq + + assert Issue.where(:project_id => 1).all? {|issue| issue.visible?(user) ^ issue.tracker_id != 2} + end + def test_visible_scope_for_admin user = User.find(1) user.members.each(&:destroy) |