Project

General

Profile

Download (7.4 KB)

Patch #14318 » allow_watchers_and_contributers_access_to_issues_trunk_r15287.patch

Takenori TAKAKI, 2016-03-29 04:13

View differences:

app/models/issue.rb
130 130 
        when 'own'
131 131 
          user_ids = [user.id] + user.groups.map(&:id).compact
132 132 
          "(#{table_name}.author_id = #{user.id} OR #{table_name}.assigned_to_id IN (#{user_ids.join(',')}))"
133 
        when 'own_watch'
134 
          user_ids = [user.id] + user.groups.map(&:id)
135 
          "(#{table_name}.author_id = #{user.id} OR #{table_name}.assigned_to_id IN (#{user_ids.join(',')}) OR #{table_name}.id IN (SELECT watchable_id FROM watchers WHERE user_id=#{user.id} AND watchable_type = 'Issue'))"
136 
        when 'own_watch_contributed'
137 
          user_ids = [user.id] + user.groups.map(&:id)
138 
          "(#{table_name}.author_id = #{user.id} OR #{table_name}.assigned_to_id IN (#{user_ids.join(',')}) OR #{table_name}.id IN (SELECT watchable_id FROM watchers WHERE user_id=#{user.id} AND watchable_type = 'Issue') OR #{table_name}.id IN (SELECT journalized_id FROM journals where journalized_type = 'Issue' AND user_id=#{user.id} GROUP BY journalized_id))"
133 139 
        else
134 140 
          '1=0'
135 141 
        end
......
150 156 
          !self.is_private? || (self.author == user || user.is_or_belongs_to?(assigned_to))
151 157 
        when 'own'
152 158 
          self.author == user || user.is_or_belongs_to?(assigned_to)
159 
        when 'own_watch'
160 
          self.author == user || user.is_or_belongs_to?(assigned_to) || self.watched_by?(user)
161 
        when 'own_watch_contributed'
162 
          self.author == user || user.is_or_belongs_to?(assigned_to) || self.watched_by?(user) || self.journals.where('journalized_id = ?', self.id).where('user_id = ?', user).count > 0
153 163 
        else
154 164 
          false
155 165 
        end
app/models/role.rb
36 36 
  ISSUES_VISIBILITY_OPTIONS = [
37 37 
    ['all', :label_issues_visibility_all],
38 38 
    ['default', :label_issues_visibility_public],
39 
    ['own', :label_issues_visibility_own]
39 
    ['own', :label_issues_visibility_own],
40 
    ['own_watch', :label_issues_visibility_own_watch],
41 
    ['own_watch_contributed', :label_issues_visibility_own_watch_contributed]
40 42 
  ]
41 43 

  		




  42
  44
  
    
  TIME_ENTRIES_VISIBILITY_OPTIONS = [

  		












  

    
      config/locales/en.yml
    
  





  442
  442
  
    
  setting_search_results_per_page: Search results per page

  		




  443
  443
  
    
  setting_attachment_extensions_allowed: Allowed extensions

  		




  444
  444
  
    
  setting_attachment_extensions_denied: Disallowed extensions

  		




  
  445
  
    
  setting_enable_watcher_issue_visibility: Enable watcher issue visibility

  		




  445
  446
  
    

  		




  446
  447
  
    
  permission_add_project: Create project

  		




  447
  448
  
    
  permission_add_subprojects: Create subprojects

  		




  ......




  988
  989
  
    
  label_api: API

  		




  989
  990
  
    
  label_field_format_enumeration: Key/value list

  		




  990
  991
  
    
  label_default_values_for_new_users: Default values for new users

  		




  
  992
  
    
  label_issues_visibility_own_watch: Issues created by, assigned to, or watched by the user

  		




  
  993
  
    
  label_issues_visibility_own_watch_contributed: Issues created by, assigned to, watched by, or contributed to by the user

  		




  991
  994
  
    

  		




  992
  995
  
    
  button_login: Login

  		




  993
  996
  
    
  button_submit: Submit

  		












  

    
      test/unit/issue_test.rb
    
  





  277
  277
  
    
    assert_visibility_match user, issues

  		




  278
  278
  
    
  end

  		




  279
  279
  
    

  		




  
  280
  
    
  def test_visible_scope_for_non_member_with_own_watch_issues_visibility

  		




  
  281
  
    
    #Role.non_member.add_permission! :view_issues

  		




  
  282
  
    
    Role.non_member.update_attribute :issues_visibility, 'own_watch'

  		




  
  283
  
    
    user = User.find(9)

  		




  
  284
  
    
    assert user.projects.empty?

  		




  
  285
  
    
    own_issue = Issue.create!(:project_id => 1, :tracker_id => 1, :author_id => user.id, :subject => 'Issue by non member')

  		




  
  286
  
    
    watching_issue = Issue.create!(:project_id => 1, :tracker_id => 1, :author_id => 1, :subject => 'Issue watched by non member')

  		




  
  287
  
    
    watching_issue.add_watcher(user)

  		




  
  288
  
    

  		




  
  289
  
    
    #assert_equal true, own_issue.visible?(user)

  		




  
  290
  
    
    #assert_equal true, watching_issue.visible?(user)

  		




  
  291
  
    
    assert_visibility_match user, [own_issue, watching_issue]

  		




  
  292
  
    
  end

  		




  
  293
  
    

  		




  
  294
  
    
  def test_visible_scope_for_non_member_with_own_watch_contributed_issues_visibility

  		




  
  295
  
    
    #Role.non_member.add_permission! :view_issues

  		




  
  296
  
    
    Role.non_member.update_attribute :issues_visibility, 'own_watch_contributed'

  		




  
  297
  
    
    user = User.find(9)

  		




  
  298
  
    
    assert user.projects.empty?

  		




  
  299
  
    
    own_issue = Issue.create!(:project_id => 1, :tracker_id => 1, :author_id => user.id, :subject => 'Issue by non member')

  		




  
  300
  
    
    watching_issue = Issue.create!(:project_id => 1, :tracker_id => 1, :author_id => 1, :subject => 'Issue watched by non member')

  		




  
  301
  
    
    watching_issue.add_watcher(user)

  		




  
  302
  
    
    watching_issue.reload

  		




  
  303
  
    
    contributed_issue = Issue.create!(:project_id => 1, :tracker_id => 1, :author_id => 1, :subject => 'Issue contributed by non member')

  		




  
  304
  
    
    journal = contributed_issue.init_journal(user)

  		




  
  305
  
    
    journal.notes = 'journal notes'

  		




  
  306
  
    
    journal.save!

  		




  
  307
  
    

  		




  
  308
  
    
    #assert_equal true, own_issue.visible?(user)

  		




  
  309
  
    
    #assert_equal true, watching_issue.visible?(user)

  		




  
  310
  
    
    #assert_equal true, contributed_issue.visible?(user)

  		




  
  311
  
    
    assert_visibility_match user, [own_issue, watching_issue, contributed_issue]

  		




  
  312
  
    
  end

  		




  
  313
  
    

  		




  280
  314
  
    
  def test_visible_scope_for_non_member_without_view_issues_permissions

  		




  281
  315
  
    
    # Non member user should not see issues without permission

  		




  282
  316
  
    
    Role.non_member.remove_permission!(:view_issues)

  		




  ......




  331
  365
  
    
      :assigned_to => user.groups.first,

  		




  332
  366
  
    
      :is_private => true)

  		




  333
  367
  
    

  		




  334
  
  
    
    Role.find(2).update_attribute :issues_visibility, 'default'

  		




  335
  
  
    
    issues = Issue.visible(User.find(8)).to_a

  		




  336
  
  
    
    assert issues.any?

  		




  337
  
  
    
    assert issues.include?(issue)

  		




  
  368
  
    
    ['default', 'own', 'own_watch', 'own_watch_contributed'].each do |issue_visibility|

  		




  
  369
  
    
      Role.find(2).update_attribute :issues_visibility, issue_visibility

  		




  
  370
  
    
      issues = Issue.visible(User.find(8)).to_a

  		




  
  371
  
    
      assert issues.any?

  		




  
  372
  
    
      assert_include issue, issues

  		




  
  373
  
    
    end

  		




  
  374
  
    
  end

  		




  338
  375
  
    

  		




  339
  
  
    
    Role.find(2).update_attribute :issues_visibility, 'own'

  		




  340
  
  
    
    issues = Issue.visible(User.find(8)).to_a

  		




  
  376
  
    
  def test_visible_scope_for_non_member_and_watcher_should_return_watching_issues

  		




  
  377
  
    
    user = User.find(9)

  		




  
  378
  
    
    assert user.projects.empty?

  		




  
  379
  
    
    Role.non_member.add_permission!(:view_issues)

  		




  
  380
  
    

  		




  
  381
  
    
    issue = Issue.create!(:project_id => 1, :tracker_id => 1, :author_id => 1, :subject => 'Issue visible to watcher', :is_private => true)

  		




  
  382
  
    
    issue.add_watcher(user)

  		




  
  383
  
    

  		




  
  384
  
    
    ['own_watch', 'own_watch_contributed'].each do |issue_visibility|

  		




  
  385
  
    
      Role.non_member.update_attribute :issues_visibility, issue_visibility

  		




  
  386
  
    
      issues = Issue.visible(user).to_a

  		




  
  387
  
    
      assert issues.any?

  		




  
  388
  
    
      assert_include issue, issues

  		




  
  389
  
    
    end

  		




  
  390
  
    
  end

  		




  
  391
  
    

  		




  
  392
  
    
  def test_visible_scope_for_non_member_and_contributer_should_return_contributing_issues

  		




  
  393
  
    
    user = User.find(9)

  		




  
  394
  
    
    assert user.projects.empty?

  		




  
  395
  
    
    Role.non_member.add_permission!(:view_issues)

  		




  
  396
  
    

  		




  
  397
  
    
    issue = Issue.create!(:project_id => 1, :tracker_id => 1, :author_id => 1, :subject => 'Issue visible to watcher', :is_private => true)

  		




  
  398
  
    
    journal = issue.init_journal(user)

  		




  
  399
  
    
    journal.notes = 'journal notes'

  		




  
  400
  
    
    journal.save!

  		




  
  401
  
    

  		




  
  402
  
    
    Role.non_member.update_attribute :issues_visibility, 'own_watch_contributed'

  		




  
  403
  
    
    issues = Issue.visible(user).to_a

  		




  341
  404
  
    
    assert issues.any?

  		




  342
  405
  
    
    assert_include issue, issues

  		




  343
  406
  
    
  end

  		















  (4-4/15)