| @@ -50,7 +50,7 class UsersController < ApplicationController | |||||
| 50 | end |
|
50 | end | |
| 51 |
|
51 | |||
| 52 | def show |
|
52 | def show | |
| 53 |
@user = User |
|
53 | @user = User.find(params[:id]) | |
| 54 | @custom_values = @user.custom_values |
|
54 | @custom_values = @user.custom_values | |
| 55 |
|
55 | |||
| 56 | # show only public projects and private projects that the logged in user is also a member of |
|
56 | # show only public projects and private projects that the logged in user is also a member of | |
| @@ -61,9 +61,11 class UsersController < ApplicationController | |||||
| 61 | events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10) |
|
61 | events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10) | |
| 62 | @events_by_day = events.group_by(&:event_date) |
|
62 | @events_by_day = events.group_by(&:event_date) | |
| 63 |
|
63 | |||
| 64 | if @user != User.current && !User.current.admin? && @memberships.empty? && events.empty? |
|
64 | unless User.current.admin? | |
| 65 | render_404 |
|
65 | if !@user.active? || (@user != User.current && @memberships.empty? && events.empty?) | |
| 66 |
re |
|
66 | render_404 | |
|
|
67 | return | |||
|
|
68 | end | |||
| 67 | end |
|
69 | end | |
| 68 | render :layout => 'base' |
|
70 | render :layout => 'base' | |
| 69 |
|
71 | |||
| @@ -103,12 +103,11 class UsersControllerTest < ActionController::TestCase | |||||
| 103 | get :show, :id => 2 |
|
103 | get :show, :id => 2 | |
| 104 | assert_response :success |
|
104 | assert_response :success | |
| 105 | end |
|
105 | end | |
| 106 |
|
||||
| 107 |
|
106 | |||
| 108 | def test_show_inactive |
|
107 | def test_show_inactive | |
|
|
108 | @request.session[:user_id] = nil | |||
| 109 | get :show, :id => 5 |
|
109 | get :show, :id => 5 | |
| 110 | assert_response 404 |
|
110 | assert_response 404 | |
| 111 | assert_nil assigns(:user) |
|
|||
| 112 | end |
|
111 | end | |
| 113 |
|
112 | |||
| 114 | def test_show_should_not_reveal_users_with_no_visible_activity_or_project |
|
113 | def test_show_should_not_reveal_users_with_no_visible_activity_or_project | |
| @@ -116,6 +115,13 class UsersControllerTest < ActionController::TestCase | |||||
| 116 | get :show, :id => 9 |
|
115 | get :show, :id => 9 | |
| 117 | assert_response 404 |
|
116 | assert_response 404 | |
| 118 | end |
|
117 | end | |
|
|
118 | ||||
|
|
119 | def test_show_inactive_by_admin | |||
|
|
120 | @request.session[:user_id] = 1 | |||
|
|
121 | get :show, :id => 5 | |||
|
|
122 | assert_response 200 | |||
|
|
123 | assert_not_nil assigns(:user) | |||
|
|
124 | end | |||
| 119 |
|
125 | |||
| 120 | def test_add_routing |
|
126 | def test_add_routing | |
| 121 | assert_routing( |
|
127 | assert_routing( | |
General Comments 0
You need to be logged in to leave comments.
Login now