kolan/Redmine
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Let administrators see locked user profiles.

Browse Source 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3493 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Jean-Philippe Lang 2010-02-26 15:50:16 +00:00
parent d6f9e576e8
commit bfed36ac84
2 changed files with 14 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/controllers/users_controller.rb
View File

@ -50,7 +50,7 @@ class UsersController < ApplicationController
end end
def show def show
@user = User.active.find(params[:id]) @user = User.find(params[:id])
@custom_values = @user.custom_values @custom_values = @user.custom_values
# show only public projects and private projects that the logged in user is also a member of # show only public projects and private projects that the logged in user is also a member of
@ -61,10 +61,12 @@ class UsersController < ApplicationController
events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10) events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10)
@events_by_day = events.group_by(&:event_date) @events_by_day = events.group_by(&:event_date)
if @user != User.current && !User.current.admin? && @memberships.empty? && events.empty? unless User.current.admin?
if !@user.active? || (@user != User.current && @memberships.empty? && events.empty?)
render_404 render_404
return return
end end
end
render :layout => 'base' render :layout => 'base'
rescue ActiveRecord::RecordNotFound rescue ActiveRecord::RecordNotFound

10
test/functional/users_controller_test.rb
View File

@ -104,11 +104,10 @@ class UsersControllerTest < ActionController::TestCase
assert_response :success assert_response :success
end end
def test_show_inactive def test_show_inactive
@request.session[:user_id] = nil
get :show, :id => 5 get :show, :id => 5
assert_response 404 assert_response 404
assert_nil assigns(:user)
end end
def test_show_should_not_reveal_users_with_no_visible_activity_or_project def test_show_should_not_reveal_users_with_no_visible_activity_or_project
@ -117,6 +116,13 @@ class UsersControllerTest < ActionController::TestCase
assert_response 404 assert_response 404
end end
def test_show_inactive_by_admin
@request.session[:user_id] = 1
get :show, :id => 5
assert_response 200
assert_not_nil assigns(:user)
end
def test_add_routing def test_add_routing
assert_routing( assert_routing(
{:method => :get, :path => '/users/new'}, {:method => :get, :path => '/users/new'},