4179_show_login_attribute_in_user_show_v3.patch

Marius BALTEANU, 2017-05-14 09:17

Download (2.29 KB)

View differences:

app/views/users/show.api.rsb
1 1
api.user do
2 2
  api.id         @user.id
3
  api.login      @user.login if User.current.admin? || (User.current == @user)
3
  api.login      @user.login
4 4
  api.firstname  @user.firstname
5 5
  api.lastname   @user.lastname
6 6
  api.mail       @user.mail if User.current.admin? || !@user.pref.hide_mail
......
28 28
              attrs = {:id => member_role.role.id, :name => member_role.role.name}
29 29
              attrs.merge!(:inherited => true) if member_role.inherited_from.present?
30 30
              api.role attrs
31
            end 
31
            end
32 32
          end
33 33
        end
34 34
      end if membership.project
app/views/users/show.html.erb
6 6

  
7 7
<div class="splitcontentleft">
8 8
<ul>
9
  <% if User.current.admin? %>
10
    <li><%=l(:field_login)%>: <%= @user.login %></li>
11
  <% end %>
9
  <li><%=l(:field_login)%>: <%= @user.login %></li>
12 10
  <% unless @user.pref.hide_mail %>
13 11
    <li><%=l(:field_mail)%>: <%= mail_to(@user.mail, nil, :encode => 'javascript') %></li>
14 12
  <% end %>
test/integration/api_test/users_test.rb
89 89
    assert_select 'user id', :text => '2'
90 90
  end
91 91

  
92
  test "GET /users/:id should not return login for other user" do
92
  test "GET /users/:id should return login for visible user" do
93 93
    get '/users/3.xml', {}, credentials('jsmith')
94 94
    assert_response :success
95
    assert_select 'user login', 0
96
  end
97

  
98
  test "GET /users/:id should return login for current user" do
99
    get '/users/2.xml', {}, credentials('jsmith')
100
    assert_response :success
101
    assert_select 'user login', :text => 'jsmith'
95
    assert_select 'user login', :text => 'dlopper'
102 96
  end
103 97

  
104 98
  test "GET /users/:id should not return api_key for other user" do