diff options
| -rw-r--r-- | app/models/issue_query.rb | 12 | ||||
| -rw-r--r-- | app/models/project_query.rb | 7 | ||||
| -rw-r--r-- | test/functional/issues_controller_test.rb | 51 | ||||
| -rw-r--r-- | test/functional/projects_controller_test.rb | 33 | ||||
| -rw-r--r-- | test/unit/project_query_test.rb | 1 | ||||
| -rw-r--r-- | test/unit/query_test.rb | 1 |
6 files changed, 98 insertions, 7 deletions
diff --git a/app/models/issue_query.rb b/app/models/issue_query.rb index 45ffcb57c..aa8dc9034 100644 --- a/app/models/issue_query.rb +++ b/app/models/issue_query.rb @@ -78,18 +78,22 @@ class IssueQuery < Query scope :for_all_projects, ->{ where(project_id: nil) } def self.default(project: nil, user: User.current) - query = nil # user default if user&.logged? && (query_id = user.pref.default_issue_query).present? query = find_by(id: query_id) + return query if query&.visible? end + # project default - query ||= project&.default_issue_query + query = project&.default_issue_query + return query if query&.visibility == VISIBILITY_PUBLIC + # global default - if query.nil? && (query_id = Setting.default_issue_query).present? + if (query_id = Setting.default_issue_query).present? query = find_by(id: query_id) + return query if query&.visibility == VISIBILITY_PUBLIC end - query + nil end def initialize(attributes=nil, *args) diff --git a/app/models/project_query.rb b/app/models/project_query.rb index 8c6643c7b..acb518f34 100644 --- a/app/models/project_query.rb +++ b/app/models/project_query.rb @@ -38,14 +38,15 @@ class ProjectQuery < Query ] def self.default(project: nil, user: User.current) - query = nil if user&.logged? && (query_id = user.pref.default_project_query).present? query = find_by(id: query_id) + return query if query&.visible? end - if query.nil? && (query_id = Setting.default_project_query).present? + if (query_id = Setting.default_project_query).present? query = find_by(id: query_id) + return query if query&.visibility == VISIBILITY_PUBLIC end - query + nil end def initialize(attributes=nil, *args) diff --git a/test/functional/issues_controller_test.rb b/test/functional/issues_controller_test.rb index 60d1ff638..fa1b6ebd0 100644 --- a/test/functional/issues_controller_test.rb +++ b/test/functional/issues_controller_test.rb @@ -8472,4 +8472,55 @@ class IssuesControllerTest < Redmine::ControllerTest # query filters for tracker_id == 3 assert results.detect{ |i| i['tracker_id'] != 3 } end + + def test_index_should_ignore_user_default_query_if_it_is_invisible + query = IssueQuery.find(4) + + query.update(visibility: Query::VISIBILITY_PRIVATE, user_id: 2) + query.save! + + # If visible default query + @request.session[:user_id] = 2 + @request.session[:issue_query] = nil + User.find(2).pref.update(default_issue_query: query.id) + get :index + assert_select 'h2', text: query.name + + # If invisible default query + @request.session[:user_id] = 3 + @request.session[:issue_query] = nil + User.find(3).pref.update(default_issue_query: query.id) + get :index + assert_select 'h2', text: 'Issues' + end + + def test_index_should_ignore_project_default_query_if_it_is_not_public + query = IssueQuery.find(1) + query.project.update(default_issue_query: query) + + query.update(visibility: Query::VISIBILITY_PRIVATE, user_id: 2) + query.save! + + [User.find(1), User.find(2)].each do |user| + @request.session[:user_id] = user.id + @request.session[:issue_query] = nil + get :index, params: { project_id: query.project.id } + assert_select 'h2', text: 'Issues' + end + end + + def test_index_should_ignore_global_default_query_if_it_is_not_public + query = IssueQuery.find(1) + with_settings default_issue_query: query.id do + query.update(visibility: Query::VISIBILITY_PRIVATE, user_id: 2) + query.save! + + [User.find(1), User.find(2)].each do |user| + @request.session[:user_id] = user.id + @request.session[:issue_query] = nil + get :index + assert_select 'h2', text: 'Issues' + end + end + end end diff --git a/test/functional/projects_controller_test.rb b/test/functional/projects_controller_test.rb index 837de343a..edd9af700 100644 --- a/test/functional/projects_controller_test.rb +++ b/test/functional/projects_controller_test.rb @@ -273,6 +273,39 @@ class ProjectsControllerTest < Redmine::ControllerTest end end + def test_index_should_ignore_user_default_query_if_it_is_invisible + query = ProjectQuery.find(11) + + query.update(visibility: Query::VISIBILITY_PRIVATE, user_id: 2) + query.save! + + # If visible default query + @request.session[:user_id] = 2 + User.find(2).pref.update(default_project_query: query.id) + get :index + assert_select 'h2', text: query.name + + # If invisible default query + @request.session[:user_id] = 3 + User.find(3).pref.update(default_project_query: query.id) + get :index + assert_select 'h2', text: I18n.t(:label_project_plural) + end + + def test_index_should_ignore_global_default_query_if_it_is_not_public + query = ProjectQuery.find(11) + with_settings default_project_query: query.id do + query.update(visibility: Query::VISIBILITY_PRIVATE, user_id: 2) + query.save! + + [User.find(1), User.find(2)].each do |user| + @request.session[:user_id] = user.id + get :index + assert_select 'h2', text: I18n.t(:label_project_plural) + end + end + end + def test_autocomplete_js get( :autocomplete, diff --git a/test/unit/project_query_test.rb b/test/unit/project_query_test.rb index 8166e8363..a3ff930f1 100644 --- a/test/unit/project_query_test.rb +++ b/test/unit/project_query_test.rb @@ -75,6 +75,7 @@ class ProjectQueryTest < ActiveSupport::TestCase user = User.find(1) query = ProjectQuery.find(11) user_query = ProjectQuery.find(12) + user_query.update(visibility: Query::VISIBILITY_PUBLIC) [nil, user, User.anonymous].each do |u| assert_nil IssueQuery.default(user: u) diff --git a/test/unit/query_test.rb b/test/unit/query_test.rb index bb097f88a..4d6650ee8 100644 --- a/test/unit/query_test.rb +++ b/test/unit/query_test.rb @@ -2814,6 +2814,7 @@ class QueryTest < ActiveSupport::TestCase project_query = IssueQuery.find(1) query = IssueQuery.find(4) user_query = IssueQuery.find(3) + user_query.update(visibility: Query::VISIBILITY_PUBLIC) user_query.update_column :user_id, user.id [nil, user, User.anonymous].each do |u| |