Adds buit-in groups to give specific permissions to anonymous and non members users per project (#17976).

git-svn-id: http://svn.redmine.org/redmine/trunk@13417 e93f8b46-1217-0410-a6f0-8f06a7374b81
author: Jean-Philippe Lang <jp_lang@yahoo.fr> 2014-09-28 14:51:08 +0000
committer: Jean-Philippe Lang <jp_lang@yahoo.fr> 2014-09-28 14:51:08 +0000
commit: 7e7ac5340a281ed767066af0b5f4dd45a3d7076f (patch)
tree: 891640b0548c0d3063daddb219006d120fa312c3 /test/unit
parent: 9a7fb0ad7be0ee3403f5b89eb0c16b68c991d519 (diff)
download: redmine-7e7ac5340a281ed767066af0b5f4dd45a3d7076f.tar.gz
redmine-7e7ac5340a281ed767066af0b5f4dd45a3d7076f.zip
5 files changed, 86 insertions, 17 deletions
diff --git a/test/unit/group_test.rb b/test/unit/group_test.rb
index 188e9468a..d3b5d20ec 100644
--- a/test/unit/group_test.rb
+++ b/test/unit/group_test.rb
@@ -133,4 +133,20 @@ class GroupTest < ActiveSupport::TestCase
 
     assert_equal nil, Issue.find(1).assigned_to_id
   end
+
+  def test_builtin_id_with_anonymous_user_should_return_anonymous_group
+    assert_equal 13, Group.builtin_id(User.anonymous)
+  end
+
+  def test_builtin_id_with_anonymous_role_should_return_anonymous_group
+    assert_equal 13, Group.builtin_id(Role.anonymous)
+  end
+
+  def test_builtin_id_with_user_should_return_non_member_group
+    assert_equal 12, Group.builtin_id(User.find(1))
+  end
+
+  def test_builtin_id_with_non_member_role_should_return_non_member_group
+    assert_equal 12, Group.builtin_id(Role.non_member)
+  end
 end
diff --git a/test/unit/issue_test.rb b/test/unit/issue_test.rb
index c4cf77c79..3454c71f5 100644
--- a/test/unit/issue_test.rb
+++ b/test/unit/issue_test.rb
@@ -219,6 +219,16 @@ class IssueTest < ActiveSupport::TestCase
     assert_visibility_match User.anonymous, issues
   end
 
+  def test_visible_scope_for_anonymous_without_view_issues_permissions_and_membership
+    Role.anonymous.remove_permission!(:view_issues)
+    Member.create!(:project_id => 1, :principal => Group.anonymous, :role_ids => [2])
+
+    issues = Issue.visible(User.anonymous).all
+    assert issues.any?
+    assert_equal [1], issues.map(&:project_id).uniq.sort
+    assert_visibility_match User.anonymous, issues
+  end
+
   def test_anonymous_should_not_see_private_issues_with_issues_visibility_set_to_default
     assert Role.anonymous.update_attribute(:issues_visibility, 'default')
     issue = Issue.generate!(:author => User.anonymous, :assigned_to => User.anonymous, :is_private => true)
@@ -265,6 +275,17 @@ class IssueTest < ActiveSupport::TestCase
     assert_visibility_match user, issues
   end
 
+  def test_visible_scope_for_non_member_without_view_issues_permissions_and_membership
+    Role.non_member.remove_permission!(:view_issues)
+    Member.create!(:project_id => 1, :principal => Group.non_member, :role_ids => [2])
+    user = User.find(9)
+
+    issues = Issue.visible(user).all
+    assert issues.any?
+    assert_equal [1], issues.map(&:project_id).uniq.sort
+    assert_visibility_match user, issues
+  end
+
   def test_visible_scope_for_member
     user = User.find(9)
     # User should see issues of projects for which user has view_issues permissions only
@@ -1724,6 +1745,16 @@ class IssueTest < ActiveSupport::TestCase
     end
   end
 
+  def test_assignable_users_should_not_include_builtin_groups
+    Member.create!(:project_id => 1, :principal => Group.non_member, :role_ids => [1])
+    Member.create!(:project_id => 1, :principal => Group.anonymous, :role_ids => [1])
+    issue = Issue.new(:project => Project.find(1))
+
+    with_settings :issue_group_assignment => '1' do
+      assert_nil issue.assignable_users.detect {|u| u.is_a?(GroupBuiltin)}
+    end
+  end
+
   def test_create_should_send_email_notification
     ActionMailer::Base.deliveries.clear
     issue = Issue.new(:project_id => 1, :tracker_id => 1,
diff --git a/test/unit/principal_test.rb b/test/unit/principal_test.rb
index 2ddcc8b1c..b37f781a3 100644
--- a/test/unit/principal_test.rb
+++ b/test/unit/principal_test.rb
@@ -55,17 +55,11 @@ class PrincipalTest < ActiveSupport::TestCase
   end
 
   def test_sorted_scope_should_sort_users_before_groups
-    scope = Principal.where("type <> ?", 'AnonymousUser')
-    expected_order = scope.all.sort do |a, b|
-      if a.is_a?(User) && b.is_a?(Group)
-        -1
-      elsif a.is_a?(Group) && b.is_a?(User)
-        1
-      else
-        a.name.downcase <=> b.name.downcase
-      end
-    end
-    assert_equal expected_order.map(&:name).map(&:downcase),
+    scope = Principal.where(:type => ['User', 'Group'])
+    users = scope.select {|p| p.is_a?(User)}.sort
+    groups = scope.select {|p| p.is_a?(Group)}.sort
+
+    assert_equal (users + groups).map(&:name).map(&:downcase),
                  scope.sorted.map(&:name).map(&:downcase)
   end
 
diff --git a/test/unit/query_test.rb b/test/unit/query_test.rb
index 084e91a82..102efd4de 100644
--- a/test/unit/query_test.rb
+++ b/test/unit/query_test.rb
@@ -1240,7 +1240,7 @@ class QueryTest < ActiveSupport::TestCase
     assert query.available_filters.keys.include?("member_of_group")
     assert_equal :list_optional, query.available_filters["member_of_group"][:type]
     assert query.available_filters["member_of_group"][:values].present?
-    assert_equal Group.all.sort.map {|g| [g.name, g.id.to_s]},
+    assert_equal Group.givable.sort.map {|g| [g.name, g.id.to_s]},
       query.available_filters["member_of_group"][:values].sort
   end
 
diff --git a/test/unit/user_test.rb b/test/unit/user_test.rb
index 69753960a..187ec7c8b 100644
--- a/test/unit/user_test.rb
+++ b/test/unit/user_test.rb
@@ -838,14 +838,42 @@ class UserTest < ActiveSupport::TestCase
     assert_nil membership
   end
 
-  def test_roles_for_project
-    # user with a role
+  def test_roles_for_project_with_member_on_public_project_should_return_roles_and_non_member
     roles = @jsmith.roles_for_project(Project.find(1))
     assert_kind_of Role, roles.first
-    assert_equal "Manager", roles.first.name
+    assert_equal ["Manager"], roles.map(&:name)
+  end
+
+  def test_roles_for_project_with_member_on_private_project_should_return_roles
+    Project.find(1).update_attribute :is_public, false
+
+    roles = @jsmith.roles_for_project(Project.find(1))
+    assert_kind_of Role, roles.first
+    assert_equal ["Manager"], roles.map(&:name)
+  end
+
+  def test_roles_for_project_with_non_member_with_public_project_should_return_non_member
+    roles = User.find(8).roles_for_project(Project.find(1))
+    assert_equal ["Non member"], roles.map(&:name)
+  end
+
+  def test_roles_for_project_with_non_member_with_public_project_should_return_no_roles
+    Project.find(1).update_attribute :is_public, false
+  
+    roles = User.find(8).roles_for_project(Project.find(1))
+    assert_equal [], roles.map(&:name)
+  end
+
+  def test_roles_for_project_with_anonymous_with_public_project_should_return_anonymous
+    roles = User.anonymous.roles_for_project(Project.find(1))
+    assert_equal ["Anonymous"], roles.map(&:name)
+  end
 
-    # user with no role
-    assert_nil @dlopper.roles_for_project(Project.find(2)).detect {|role| role.member?}
+  def test_roles_for_project_with_anonymous_with_public_project_should_return_no_roles
+    Project.find(1).update_attribute :is_public, false
+  
+    roles = User.anonymous.roles_for_project(Project.find(1))
+    assert_equal [], roles.map(&:name)
   end
 
   def test_projects_by_role_for_user_with_role
author	Jean-Philippe Lang <jp_lang@yahoo.fr>	2014-09-28 14:51:08 +0000
committer	Jean-Philippe Lang <jp_lang@yahoo.fr>	2014-09-28 14:51:08 +0000
commit	7e7ac5340a281ed767066af0b5f4dd45a3d7076f (patch)
tree	891640b0548c0d3063daddb219006d120fa312c3 /test/unit
parent	9a7fb0ad7be0ee3403f5b89eb0c16b68c991d519 (diff)
download	redmine-7e7ac5340a281ed767066af0b5f4dd45a3d7076f.tar.gz redmine-7e7ac5340a281ed767066af0b5f4dd45a3d7076f.zip