kolan
/
obsolete.ChilliProject
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fixed: assigned_to and author filters in cross project issues view should be based on user's project visibility. #5760 

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3916 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Jean-Baptiste Barth 2010-08-04 21:01:56 +00:00
parent 8a2bc5772e
commit 0bcde4ab28
2 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/models/query.rb
View File

@ -187,7 +187,7 @@ class Query < ActiveRecord::Base
if project if project
user_values += project.users.sort.collect{|s| [s.name, s.id.to_s] } user_values += project.users.sort.collect{|s| [s.name, s.id.to_s] }
else else
project_ids = User.current.projects.collect(&:id) project_ids = Project.all(:conditions => Project.visible_by(User.current)).collect(&:id)
if project_ids.any? if project_ids.any?
# members of the user's projects # members of the user's projects
user_values += User.active.find(:all, :conditions => ["#{User.table_name}.id IN (SELECT DISTINCT user_id FROM members WHERE project_id IN (?))", project_ids]).sort.collect{|s| [s.name, s.id.to_s] } user_values += User.active.find(:all, :conditions => ["#{User.table_name}.id IN (SELECT DISTINCT user_id FROM members WHERE project_id IN (?))", project_ids]).sort.collect{|s| [s.name, s.id.to_s] }

9
test/unit/query_test.rb
View File

@ -351,4 +351,13 @@ class QueryTest < ActiveSupport::TestCase
assert !q.editable_by?(manager) assert !q.editable_by?(manager)
assert !q.editable_by?(developer) assert !q.editable_by?(developer)
end end
context "#available_filters" do
should "include users of visible projects in cross-project view" do
query = Query.new(:name => "_")
users = query.available_filters["assigned_to_id"]
assert_not_nil users
assert users[:values].map{|u|u[1]}.include?("3")
end
end
end end