##// END OF EJS Templates
jro_apps » redmine
RSS
Let user always see his private notes (#17632)....
Jean-Philippe Lang -
r15799:7b32a0371d55
parent child
Show More
Side by Side Unified
Context file:
r15799:7b32a0371d55 Loading diff...:
Show file before | Show file after | Hide comments
@@ -32,11 +32,6 class Issue < ActiveRecord::Base
32 belongs_to :category, :class_name => 'IssueCategory'
32 belongs_to :category, :class_name => 'IssueCategory'
33
33
34 has_many :journals, :as => :journalized, :dependent => :destroy, :inverse_of => :journalized
34 has_many :journals, :as => :journalized, :dependent => :destroy, :inverse_of => :journalized
35 has_many :visible_journals,
36 lambda {where(["(#{Journal.table_name}.private_notes = ? OR (#{Project.allowed_to_condition(User.current, :view_private_notes)}))", false])},
37 :class_name => 'Journal',
38 :as => :journalized
39
40 has_many :time_entries, :dependent => :destroy
35 has_many :time_entries, :dependent => :destroy
41 has_and_belongs_to_many :changesets, lambda {order("#{Changeset.table_name}.committed_on ASC, #{Changeset.table_name}.id ASC")}
36 has_and_belongs_to_many :changesets, lambda {order("#{Changeset.table_name}.committed_on ASC, #{Changeset.table_name}.id ASC")}
42
37
@@ -822,7 +817,12 class Issue < ActiveRecord::Base
822 reorder(:created_on, :id).to_a
817 reorder(:created_on, :id).to_a
823
818
824 result.each_with_index {|j,i| j.indice = i+1}
819 result.each_with_index {|j,i| j.indice = i+1}
825 result.reject!(&:private_notes?) unless User.current.allowed_to?(:view_private_notes, project)
820
821 unless user.allowed_to?(:view_private_notes, project)
822 result.select! do |journal|
823 !journal.private_notes? || journal.user == user
824 end
825 end
826 Journal.preload_journals_details_custom_fields(result)
826 Journal.preload_journals_details_custom_fields(result)
827 result.select! {|journal| journal.notes? || journal.visible_details.any?}
827 result.select! {|journal| journal.notes? || journal.visible_details.any?}
828 result
828 result
Show file before | Show file after | Hide comments
@@ -47,9 +47,10 class Journal < ActiveRecord::Base
47
47
48 scope :visible, lambda {|*args|
48 scope :visible, lambda {|*args|
49 user = args.shift || User.current
49 user = args.shift || User.current
50 private_notes_condition = Project.allowed_to_condition(user, :view_private_notes, *args)
50 joins(:issue => :project).
51 joins(:issue => :project).
51 where(Issue.visible_condition(user, *args)).
52 where(Issue.visible_condition(user, *args)).
52 where("(#{Journal.table_name}.private_notes = ? OR (#{Project.allowed_to_condition(user, :view_private_notes, *args)}))", false)
53 where("(#{Journal.table_name}.private_notes = ? OR #{Journal.table_name}.user_id = ? OR (#{private_notes_condition}))", false, user.id)
53 }
54 }
54
55
55 safe_attributes 'notes',
56 safe_attributes 'notes',
Show file before | Show file after | Hide comments
@@ -1605,6 +1605,20 class IssuesControllerTest < Redmine::ControllerTest
1605 assert_select "#change-#{journal.id}", 0
1605 assert_select "#change-#{journal.id}", 0
1606 end
1606 end
1607
1607
1608 def test_show_should_display_private_notes_created_by_current_user
1609 User.find(3).roles_for_project(Project.find(1)).each do |role|
1610 role.remove_permission! :view_private_notes
1611 end
1612 visible = Journal.create!(:journalized => Issue.find(2), :notes => 'Private notes', :private_notes => true, :user_id => 3)
1613 not_visible = Journal.create!(:journalized => Issue.find(2), :notes => 'Private notes', :private_notes => true, :user_id => 1)
1614 @request.session[:user_id] = 3
1615
1616 get :show, :id => 2
1617 assert_response :success
1618 assert_select "#change-#{visible.id}", 1
1619 assert_select "#change-#{not_visible.id}", 0
1620 end
1621
1608 def test_show_atom
1622 def test_show_atom
1609 get :show, :id => 2, :format => 'atom'
1623 get :show, :id => 2, :format => 'atom'
1610 assert_response :success
1624 assert_response :success
General Comments 0
You need to be logged in to leave comments. Login now