summaryrefslogtreecommitdiffstats
path: root/app/models/journal.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/models/journal.rb')
-rw-r--r--app/models/journal.rb13
1 files changed, 10 insertions, 3 deletions
diff --git a/app/models/journal.rb b/app/models/journal.rb
index 447cbe4b5..7d1a6eb34 100644
--- a/app/models/journal.rb
+++ b/app/models/journal.rb
@@ -47,10 +47,11 @@ class Journal < ActiveRecord::Base
scope :visible, lambda {|*args|
user = args.shift || User.current
- private_notes_condition = Project.allowed_to_condition(user, :view_private_notes, *args)
+ options = args.shift || {}
+
joins(:issue => :project).
- where(Issue.visible_condition(user, *args)).
- where("(#{Journal.table_name}.private_notes = ? OR #{Journal.table_name}.user_id = ? OR (#{private_notes_condition}))", false, user.id)
+ where(Issue.visible_condition(user, options)).
+ where(Journal.visible_notes_condition(user, :skip_pre_condition => true))
}
safe_attributes 'notes',
@@ -58,6 +59,12 @@ class Journal < ActiveRecord::Base
safe_attributes 'private_notes',
:if => lambda {|journal, user| user.allowed_to?(:set_notes_private, journal.project)}
+ # Returns a SQL condition to filter out journals with notes that are not visible to user
+ def self.visible_notes_condition(user=User.current, options={})
+ private_notes_permission = Project.allowed_to_condition(user, :view_private_notes, options)
+ sanitize_sql_for_conditions(["(#{table_name}.private_notes = ? OR #{table_name}.user_id = ? OR (#{private_notes_permission}))", false, user.id])
+ end
+
def initialize(*args)
super
if journalized
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-13 06:19:12 +0000