| @@ -53,10 +53,8 class UsersController < ApplicationController | |||
|
|
53 | 53 | @user = User.find(params[:id]) |
|
|
54 | 54 | @custom_values = @user.custom_values |
|
|
55 | 55 | |
|
|
56 | # show only public projects and private projects that the logged in user is also a member of | |
|
|
57 |
@memberships = @user.memberships. |
|
|
|
58 | membership.project.is_public? || (User.current.member_of?(membership.project)) | |
|
|
59 | end | |
|
|
56 | # show projects based on current user visibility | |
|
|
57 | @memberships = @user.memberships.all(:conditions => Project.visible_by(User.current)) | |
|
|
60 | 58 | |
|
|
61 | 59 | events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10) |
|
|
62 | 60 | @events_by_day = events.group_by(&:event_date) |
| @@ -97,6 +97,16 class UsersControllerTest < ActionController::TestCase | |||
|
|
97 | 97 | assert_not_nil assigns(:user) |
|
|
98 | 98 | end |
|
|
99 | 99 | |
|
|
100 | def test_show_displays_memberships_based_on_project_visibility | |
|
|
101 | @request.session[:user_id] = 1 | |
|
|
102 | get :show, :id => 2 | |
|
|
103 | assert_response :success | |
|
|
104 | memberships = assigns(:memberships) | |
|
|
105 | assert_not_nil memberships | |
|
|
106 | project_ids = memberships.map(&:project_id) | |
|
|
107 | assert project_ids.include?(2) #private project admin can see | |
|
|
108 | end | |
|
|
109 | ||
|
|
100 | 110 | def test_edit |
|
|
101 | 111 | ActionMailer::Base.deliveries.clear |
|
|
102 | 112 | post :edit, :id => 2, :user => {:firstname => 'Changed'} |
General Comments 0
You need to be logged in to leave comments.
Login now