23546-watched_or_created_or_assigned_issue_visibility_3.4.1.patch

Marius BALTEANU, 2017-07-10 20:04

Download (5.32 KB)

View differences:

app/models/issue.rb
132 132
        when 'own'
133 133
          user_ids = [user.id] + user.groups.map(&:id).compact
134 134
          "(#{table_name}.author_id = #{user.id} OR #{table_name}.assigned_to_id IN (#{user_ids.join(',')}))"
135
        when 'watched'
136
          user_ids = [user.id] + user.groups.map(&:id).compact
137
          watcher_select = Watcher.where(watchable_type: self.base_class.name, user_id: user.id).select(:watchable_id).to_sql
138
          "(#{table_name}.author_id = #{user.id} OR #{table_name}.assigned_to_id IN (#{user_ids.join(',')}) OR #{table_name}.id IN (#{watcher_select}))"
135 139
        else
136 140
          '1=0'
137 141
        end
......
161 165
          !self.is_private? || (self.author == user || user.is_or_belongs_to?(assigned_to))
162 166
        when 'own'
163 167
          self.author == user || user.is_or_belongs_to?(assigned_to)
168
        when 'watched'
169
          self.author == user || user.is_or_belongs_to?(assigned_to) || self.watched_by?(user)
164 170
        else
165 171
          false
166 172
        end
app/models/role.rb
38 38
  ISSUES_VISIBILITY_OPTIONS = [
39 39
    ['all', :label_issues_visibility_all],
40 40
    ['default', :label_issues_visibility_public],
41
    ['own', :label_issues_visibility_own]
41
    ['own', :label_issues_visibility_own],
42
    ['watched', :label_issues_visibility_watched]
42 43
  ]
43 44

  
44 45
  TIME_ENTRIES_VISIBILITY_OPTIONS = [
app/views/messages/show.html.erb
80 80
<% if !@topic.locked? && authorize_for('messages', 'reply') %>
81 81
<p><%= toggle_link l(:button_reply), "reply", :focus => 'message_content' %></p>
82 82
<div id="reply" style="display:none;">
83
<%= form_for @reply, :as => :reply, :url => {:action => 'reply', :id => @topic}, :html => {:multipart => true, :id => 'message-form'} do |f| %>
83
<%= form_for @reply, :as => :reply, :url => {:action => 'reply', :id => @topic}, :html => {:multipart => true, :id => 'messages-form'} do |f| %>
84 84
  <%= render :partial => 'form', :locals => {:f => f, :replying => true} %>
85 85
  <%= submit_tag l(:button_submit) %>
86 86
  <%= preview_link({:controller => 'messages', :action => 'preview', :board_id => @board}, 'message-form') %>
config/locales/de.yml
595 595
  label_issues_visibility_all: Alle Tickets
596 596
  label_issues_visibility_own: Tickets die folgender Benutzer erstellt hat oder die ihm zugewiesen sind
597 597
  label_issues_visibility_public: Alle öffentlichen Tickets
598
  label_issues_visibility_watched: "Aufgaben die folgender Benutzer beobachtet, erstellt hat oder die ihm zugewiesen sind"
598 599
  label_item_position: "%{position}/%{count}"
599 600
  label_jump_to_a_project: Zu einem Projekt springen...
600 601
  label_language_based: Sprachabhängig
config/locales/en.yml
933 933
  label_issues_visibility_all: All issues
934 934
  label_issues_visibility_public: All non private issues
935 935
  label_issues_visibility_own: Issues created by or assigned to the user
936
  label_issues_visibility_watched: Issues watched by, created by or assigned to the user
936 937
  label_git_report_last_commit: Report last commit for files and directories
937 938
  label_parent_revision: Parent
938 939
  label_child_revision: Child
test/unit/issue_test.rb
255 255
    assert !issue.visible?(User.anonymous)
256 256
  end
257 257

  
258
  def test_anonymous_should_not_see_private_issues_with_issues_visibility_set_to_watched
259
    assert Role.anonymous.update_attribute(:issues_visibility, 'watched')
260
    issue = Issue.generate!(:author => User.anonymous, :is_private => true)
261
    assert_nil Issue.where(:id => issue.id).visible(User.anonymous).first
262
    assert !issue.visible?(User.anonymous)
263
  end
264

  
258 265
  def test_visible_scope_for_non_member
259 266
    user = User.find(9)
260 267
    assert user.projects.empty?
......
277 284
    assert_visibility_match user, issues
278 285
  end
279 286

  
287
  def test_visible_scope_for_non_member_with_watched_issues_visibility
288
    Role.non_member.update_attribute :issues_visibility, 'watched'
289
    issue = Issue.generate!(:project_id => 1, :tracker_id => 1, :author => User.anonymous, :subject => 'Issue by non member')
290
    user = User.find(9)
291
    issue.add_watcher(user)
292

  
293
    issues = Issue.visible(user).all
294
    assert issues.any?
295
    assert_nil issues.detect {|issue| !issue.watched_by?(user) }
296
    assert_visibility_match user, issues
297
  end
298

  
280 299
  def test_visible_scope_for_non_member_without_view_issues_permissions
281 300
    # Non member user should not see issues without permission
282 301
    Role.non_member.remove_permission!(:view_issues)