Feature #38238 » 38238-3_no_anonymous_watcher.patch
| app/models/issue.rb | ||
|---|---|---|
| 2025 | 2025 |
end |
| 2026 | 2026 | |
| 2027 | 2027 |
def add_auto_watcher |
| 2028 |
if author && |
|
| 2029 |
author.allowed_to?(:add_issue_watchers, project) && |
|
| 2028 |
if author&.active? &&
|
|
| 2029 |
author&.allowed_to?(:add_issue_watchers, project) &&
|
|
| 2030 | 2030 |
author.pref.auto_watch_on?('issue_created') &&
|
| 2031 | 2031 |
self.watcher_user_ids.exclude?(author.id) |
| 2032 | 2032 |
self.set_watcher(author, true) |
| app/models/journal.rb | ||
|---|---|---|
| 336 | 336 |
end |
| 337 | 337 | |
| 338 | 338 |
def add_watcher |
| 339 |
if user && |
|
| 340 |
user.allowed_to?(:add_issue_watchers, project) && |
|
| 339 |
if user&.active? &&
|
|
| 340 |
user&.allowed_to?(:add_issue_watchers, project) &&
|
|
| 341 | 341 |
user.pref.auto_watch_on?('issue_contributed_to') &&
|
| 342 | 342 |
!Watcher.any_watched?(Array.wrap(journalized), user) |
| 343 | 343 |
journalized.set_watcher(user, true) |
| test/unit/issue_test.rb | ||
|---|---|---|
| 3479 | 3479 |
end |
| 3480 | 3480 |
end |
| 3481 | 3481 | |
| 3482 |
def test_create_should_not_add_anonymous_as_watcher |
|
| 3483 |
Role.anonymous.add_permission!(:add_issue_watchers) |
|
| 3484 | ||
| 3485 |
user = User.anonymous |
|
| 3486 |
assert user.pref.auto_watch_on?('issue_contributed_to')
|
|
| 3487 | ||
| 3488 |
journal = Journal.new(:journalized => Issue.first, :notes => 'notes', :user => user) |
|
| 3489 | ||
| 3490 |
assert_no_difference 'Watcher.count' do |
|
| 3491 |
assert journal.save |
|
| 3492 |
assert journal.valid? |
|
| 3493 |
assert journal.journalized.valid? |
|
| 3494 |
end |
|
| 3495 |
end |
|
| 3496 | ||
| 3482 | 3497 |
def test_like_should_escape_query |
| 3483 | 3498 |
issue = Issue.generate!(:subject => "asdf") |
| 3484 | 3499 |
r = Issue.like('as_f')
|
| test/unit/journal_test.rb | ||
|---|---|---|
| 142 | 142 |
end |
| 143 | 143 |
end |
| 144 | 144 | |
| 145 |
def test_create_should_not_add_anonymous_as_watcher |
|
| 146 |
Role.anonymous.add_permission!(:add_issue_watchers) |
|
| 147 | ||
| 148 |
user = User.anonymous |
|
| 149 |
assert user.pref.auto_watch_on?('issue_contributed_to')
|
|
| 150 | ||
| 151 |
journal = Journal.new(:journalized => Issue.first, :notes => 'notes', :user => user) |
|
| 152 | ||
| 153 |
assert_no_difference 'Watcher.count' do |
|
| 154 |
assert journal.save |
|
| 155 |
assert journal.valid? |
|
| 156 |
assert journal.journalized.valid? |
|
| 157 |
end |
|
| 158 |
end |
|
| 159 | ||
| 145 | 160 |
def test_visible_scope_for_anonymous |
| 146 | 161 |
# Anonymous user should see issues of public projects only |
| 147 | 162 |
journals = Journal.visible(User.anonymous).to_a |