diff options
author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2016-08-30 19:24:03 +0000 |
---|---|---|
committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2016-08-30 19:24:03 +0000 |
commit | d5ca4a3593de4f997c3caa10ed3cd74f95307571 (patch) | |
tree | 831ddded4e67987a0b6ecb042956bcc63baba249 /test | |
parent | 650a64cb0020ac849eaefb20abbbb090abcb6b3d (diff) | |
download | redmine-d5ca4a3593de4f997c3caa10ed3cd74f95307571.tar.gz redmine-d5ca4a3593de4f997c3caa10ed3cd74f95307571.zip |
Fixed that restricted custom permissions on for non member/anonymous does not work (#23655).
git-svn-id: http://svn.redmine.org/redmine/trunk@15750 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'test')
-rw-r--r-- | test/unit/issue_test.rb | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/test/unit/issue_test.rb b/test/unit/issue_test.rb index 78a06556e..8c95023e7 100644 --- a/test/unit/issue_test.rb +++ b/test/unit/issue_test.rb @@ -319,6 +319,28 @@ class IssueTest < ActiveSupport::TestCase assert_equal false, Issue.where(:project_id => 1).first.visible?(user) end + def test_visible_scope_with_custom_non_member_role_having_restricted_permission + role = Role.generate!(:permissions => [:view_project]) + assert Role.non_member.has_permission?(:view_issues) + user = User.generate! + Member.create!(:principal => Group.non_member, :project_id => 1, :roles => [role]) + + issues = Issue.visible(user).to_a + assert issues.any? + assert_nil issues.detect {|issue| issue.project_id == 1} + end + + def test_visible_scope_with_custom_non_member_role_having_extended_permission + role = Role.generate!(:permissions => [:view_project, :view_issues]) + Role.non_member.remove_permission!(:view_issues) + user = User.generate! + Member.create!(:principal => Group.non_member, :project_id => 1, :roles => [role]) + + issues = Issue.visible(user).to_a + assert issues.any? + assert_not_nil issues.detect {|issue| issue.project_id == 1} + end + def test_visible_scope_for_member_with_groups_should_return_assigned_issues user = User.find(8) assert user.groups.any? |