From 83df013f47e6794f574d650716f7545f0725abd9 Mon Sep 17 00:00:00 2001 From: Jean-Philippe Lang Date: Tue, 15 Mar 2011 17:16:45 +0000 Subject: Adds a visible scope to the Journal model. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@5142 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- test/unit/journal_test.rb | 48 +++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 44 insertions(+), 4 deletions(-) (limited to 'test/unit/journal_test.rb') diff --git a/test/unit/journal_test.rb b/test/unit/journal_test.rb index 67e719df7..2a1c28427 100644 --- a/test/unit/journal_test.rb +++ b/test/unit/journal_test.rb @@ -1,5 +1,5 @@ -# redMine - project management software -# Copyright (C) 2006-2007 Jean-Philippe Lang +# Redmine - project management software +# Copyright (C) 2006-2011 Jean-Philippe Lang # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -18,7 +18,7 @@ require File.expand_path('../../test_helper', __FILE__) class JournalTest < ActiveSupport::TestCase - fixtures :issues, :issue_statuses, :journals, :journal_details + fixtures :projects, :issues, :issue_statuses, :journals, :journal_details, :users, :members, :member_roles def setup @journal = Journal.find 1 @@ -46,5 +46,45 @@ class JournalTest < ActiveSupport::TestCase assert journal.save assert_equal 1, ActionMailer::Base.deliveries.size end - + + def test_visible_scope_for_anonymous + # Anonymous user should see issues of public projects only + journals = Journal.visible(User.anonymous).all + assert journals.any? + assert_nil journals.detect {|journal| !journal.issue.project.is_public?} + # Anonymous user should not see issues without permission + Role.anonymous.remove_permission!(:view_issues) + journals = Journal.visible(User.anonymous).all + assert journals.empty? + end + + def test_visible_scope_for_user + user = User.find(9) + assert user.projects.empty? + # Non member user should see issues of public projects only + journals = Journal.visible(user).all + assert journals.any? + assert_nil journals.detect {|journal| !journal.issue.project.is_public?} + # Non member user should not see issues without permission + Role.non_member.remove_permission!(:view_issues) + user.reload + journals = Journal.visible(user).all + assert journals.empty? + # User should see issues of projects for which he has view_issues permissions only + Member.create!(:principal => user, :project_id => 1, :role_ids => [1]) + user.reload + journals = Journal.visible(user).all + assert journals.any? + assert_nil journals.detect {|journal| journal.issue.project_id != 1} + end + + def test_visible_scope_for_admin + user = User.find(1) + user.members.each(&:destroy) + assert user.projects.empty? + journals = Journal.visible(user).all + assert journals.any? + # Admin should see issues on private projects that he does not belong to + assert journals.detect {|journal| !journal.issue.project.is_public?} + end end -- cgit v1.2.3