jro_apps/redmine Commit - r13513:886b9c14d0cb

Fixed that Redmine::Activity::Fetcher should consider activity provider permission option if given (#18832)....

Jean-Philippe Lang -

r13513:886b9c14d0cb

parent child

Context file:

r13513:886b9c14d0cb

Collapse all files

lib/redmine/activity.rb +6 0

                      @@default_event_types << event_type unless options[:default] == false
                      @@providers[event_type] += providers
                    end
+                   def delete(event_type)
+                     @@available_event_types.delete event_type
+                     @@default_event_types.delete event_type
+                     @@providers.delete(event_type)
+                   end
                  end
                end
              end

lib/redmine/activity/fetcher.rb +20 -5

                  class Fetcher
                    attr_reader :user, :project, :scope
-                   # Needs to be unloaded in development mode
-                   @@constantized_providers = Hash.new {|h,k| h[k] = Redmine::Activity.providers[k].collect {|t| t.constantize } }
                    def initialize(user, options={})
                      options.assert_valid_keys(:project, :with_subprojects, :author)
                      @user = user
                      return @event_types unless @event_types.nil?
                      @event_types = Redmine::Activity.available_event_types
-                     @event_types = @event_types.select {|o| @project.self_and_descendants.detect {|p| @user.allowed_to?("view_#{o}".to_sym, p)}} if @project
+                     if @project
+                       projects = @project.self_and_descendants
+                       @event_types = @event_types.select do |event_type|
+                         keep = false
+                         constantized_providers(event_type).each do |provider|
+                           options = provider.activity_provider_options[event_type]
+                           permission = options[:permission]
+                           unless options.key?(:permission)
+                             permission ||= "view_#{event_type}".to_sym
+                           end
+                           if permission
+                             keep |= projects.any? {|p| @user.allowed_to?(permission, p)}
+                           else
+                             keep = true
+                           end
+                         end
+                         keep
+                       end
+                     end
                      @event_types
                    end
                    private
                    def constantized_providers(event_type)
-                     @@constantized_providers[event_type]
+                     Redmine::Activity.providers[event_type].map(&:constantize)
                    end
                  end
                end

test/unit/activity_test.rb +60 0

		@@ -121,6 +121,66 class ActivityTest < ActiveSupport::TestCase
121	121	assert_equal content.page, content.event_group
122	122	end
123	123
	124	class TestActivityProviderWithPermission
	125	def self.activity_provider_options
	126	{'test' => {:permission => :custom_permission}}
	127	end
	128	end
	129
	130	class TestActivityProviderWithNilPermission
	131	def self.activity_provider_options
	132	{'test' => {:permission => nil}}
	133	end
	134	end
	135
	136	class TestActivityProviderWithoutPermission
	137	def self.activity_provider_options
	138	{'test' => {}}
	139	end
	140	end
	141
	142	class MockUser
	143	def initialize(*permissions)
	144	@permissions = permissions
	145	end
	146
	147	def allowed_to?(permission, *args)
	148	@permissions.include?(permission)
	149	end
	150	end
	151
	152	def test_event_types_should_consider_activity_provider_permission
	153	Redmine::Activity.register 'test', :class_name => 'ActivityTest::TestActivityProviderWithPermission'
	154	user = MockUser.new(:custom_permission)
	155	f = Redmine::Activity::Fetcher.new(user, :project => Project.find(1))
	156	assert_include 'test', f.event_types
	157	ensure
	158	Redmine::Activity.delete 'test'
	159	end
	160
	161	def test_event_types_should_include_activity_provider_with_nil_permission
	162	Redmine::Activity.register 'test', :class_name => 'ActivityTest::TestActivityProviderWithNilPermission'
	163	user = MockUser.new()
	164	f = Redmine::Activity::Fetcher.new(user, :project => Project.find(1))
	165	assert_include 'test', f.event_types
	166	ensure
	167	Redmine::Activity.delete 'test'
	168	end
	169
	170	def test_event_types_should_use_default_permission_for_activity_provider_without_permission
	171	Redmine::Activity.register 'test', :class_name => 'ActivityTest::TestActivityProviderWithoutPermission'
	172
	173	user = MockUser.new()
	174	f = Redmine::Activity::Fetcher.new(user, :project => Project.find(1))
	175	assert_not_include 'test', f.event_types
	176
	177	user = MockUser.new(:view_test)
	178	f = Redmine::Activity::Fetcher.new(user, :project => Project.find(1))
	179	assert_include 'test', f.event_types
	180	ensure
	181	Redmine::Activity.delete 'test'
	182	end
	183
124	184	private
125	185
126	186	def find_events(user, options={})

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages