[#42] fix access to issues

This commit is contained in:
Alexander Machehin 2013-04-17 23:32:04 +06:00
parent f15e465263
commit a1f29588ed
4 changed files with 80 additions and 74 deletions

View File

@ -15,21 +15,19 @@ class Api::V1::IssuesController < Api::V1::BaseController
end
def all_index
project_ids = Project.accessible_by(current_ability, :membered).pluck(:id)
@issues = Issue.where('issues.project_id IN (?) OR issues.assignee_id = ? OR issues.user_id = ?',
project_ids, current_user, current_user)
project_ids = get_all_project_ids Project.accessible_by(current_ability, :membered)
@issues = Issue.where('issues.project_id IN (?)', project_ids)
render_issues_list
end
def user_index
project_ids = current_user.projects.pluck(:id)
@issues = Issue.where('issues.project_id IN (?) OR issues.assignee_id = ? OR issues.user_id = ?',
project_ids, current_user, current_user)
project_ids = get_all_project_ids current_user.projects
@issues = Issue.where('issues.project_id IN (?)', project_ids)
render_issues_list
end
def group_index
project_ids = @group.projects.pluck(:id)
project_ids = @group.projects.pluck(:id).uniq
@issues = Issue.where(:project_id => project_ids)
render_issues_list
end
@ -98,11 +96,13 @@ class Api::V1::IssuesController < Api::V1::BaseController
respond_with @issues
end
def render_json(action_name, action_method = nil)
if @build_list.try("can_#{action_name}?") && @build_list.send(action_method || action_name)
render_json_response @build_list, t("layout.build_lists.#{action_name}_success")
else
render_validation_error @build_list, t("layout.build_lists.#{action_name}_fail")
def get_all_project_ids default_projects
project_ids = []
if ['created', 'all'].include? params[:filter]
# add own issues
project_ids = Project.accessible_by(current_ability, :show).joins(:issues).
where(:issues => {:user_id => current_user.id}).pluck('projects.id').uniq
end
project_ids |= default_projects.pluck(:id).uniq
end
end

View File

@ -0,0 +1,5 @@
class AddUserIndexToIssue < ActiveRecord::Migration
def change
add_index :issues, :user_id
end
end

View File

@ -11,14 +11,14 @@
#
# It's strongly recommended to check this file into your version control system.
ActiveRecord::Schema.define(:version => 20130328112110) do
ActiveRecord::Schema.define(:version => 20130417162427) do
create_table "activity_feeds", :force => true do |t|
t.integer "user_id", :null => false
t.string "kind"
t.text "data"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
end
create_table "advisories", :force => true do |t|
@ -53,8 +53,8 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
create_table "arches", :force => true do |t|
t.string "name", :null => false
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
end
add_index "arches", ["name"], :name => "index_arches_on_name", :unique => true
@ -63,8 +63,8 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
t.integer "user_id"
t.string "provider"
t.string "uid"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
end
add_index "authentications", ["provider", "uid"], :name => "index_authentications_on_provider_and_uid", :unique => true
@ -75,8 +75,8 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
t.integer "level"
t.integer "status"
t.integer "build_list_id"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.string "version"
end
@ -110,8 +110,8 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
t.integer "project_id"
t.integer "arch_id"
t.datetime "notified_at"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.boolean "is_circle", :default => false
t.text "additional_repos"
t.string "name"
@ -150,8 +150,8 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
t.string "commentable_type"
t.integer "user_id"
t.text "body"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.decimal "commentable_id", :precision => 50, :scale => 0
t.integer "project_id"
t.text "data"
@ -169,8 +169,8 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
t.string "controller"
t.string "action"
t.text "message"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
end
create_table "flash_notifies", :force => true do |t|
@ -184,8 +184,8 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
create_table "groups", :force => true do |t|
t.integer "owner_id"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.string "uname"
t.integer "own_projects_count", :default => 0, :null => false
t.text "description"
@ -202,14 +202,15 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
t.string "title"
t.text "body"
t.string "status", :default => "open"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.integer "user_id"
t.datetime "closed_at"
t.integer "closed_by"
end
add_index "issues", ["project_id", "serial_id"], :name => "index_issues_on_project_id_and_serial_id", :unique => true
add_index "issues", ["user_id"], :name => "index_issues_on_user_id"
create_table "key_pairs", :force => true do |t|
t.text "public", :null => false
@ -280,14 +281,14 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
t.string "description"
t.string "name", :null => false
t.integer "parent_platform_id"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.boolean "released", :default => false, :null => false
t.integer "owner_id"
t.string "owner_type"
t.string "visibility", :default => "open", :null => false
t.string "platform_type", :default => "main", :null => false
t.string "distrib_type", :null => false
t.string "distrib_type"
end
add_index "platforms", ["name"], :name => "index_platforms_on_name", :unique => true, :case_sensitive => false
@ -296,16 +297,16 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
t.integer "platform_id"
t.string "login"
t.string "password"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.integer "user_id"
end
create_table "product_build_lists", :force => true do |t|
t.integer "product_id"
t.integer "status", :default => 2, :null => false
t.datetime "created_at"
t.datetime "updated_at"
t.integer "status", :default => 3, :null => false
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.integer "project_id"
t.string "project_version"
t.string "commit_hash"
@ -324,8 +325,8 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
create_table "products", :force => true do |t|
t.string "name", :null => false
t.integer "platform_id", :null => false
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.text "description"
t.integer "project_id"
t.string "params"
@ -340,8 +341,8 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
t.string "name"
t.string "version"
t.datetime "file_mtime"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.integer "platform_id"
end
@ -360,27 +361,27 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
create_table "project_to_repositories", :force => true do |t|
t.integer "project_id"
t.integer "repository_id"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
end
add_index "project_to_repositories", ["repository_id", "project_id"], :name => "index_project_to_repositories_on_repository_id_and_project_id", :unique => true
create_table "projects", :force => true do |t|
t.string "name"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.integer "owner_id"
t.string "owner_type"
t.string "visibility", :default => "open"
t.text "description"
t.string "ancestry"
t.boolean "has_issues", :default => true
t.boolean "has_wiki", :default => false
t.string "srpm_file_name"
t.string "srpm_content_type"
t.integer "srpm_file_size"
t.datetime "srpm_updated_at"
t.string "srpm_content_type"
t.boolean "has_wiki", :default => false
t.string "default_branch", :default => "master"
t.boolean "is_package", :default => true, :null => false
t.integer "average_build_time", :default => 0, :null => false
@ -411,8 +412,8 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
t.string "token"
t.boolean "approved", :default => false
t.boolean "rejected", :default => false
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.string "interest"
t.text "more"
t.string "language"
@ -426,16 +427,16 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
t.string "actor_type"
t.integer "target_id"
t.string "target_type"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.string "role"
end
create_table "repositories", :force => true do |t|
t.string "description", :null => false
t.integer "platform_id", :null => false
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.string "name", :null => false
t.boolean "publish_without_qa", :default => true
end
@ -449,8 +450,8 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
t.boolean "new_comment_reply", :default => true
t.boolean "new_issue", :default => true
t.boolean "issue_assign", :default => true
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.boolean "new_comment_commit_owner", :default => true
t.boolean "new_comment_commit_repo_owner", :default => true
t.boolean "new_comment_commit_commentor", :default => true
@ -473,8 +474,8 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
create_table "subscribes", :force => true do |t|
t.string "subscribeable_type"
t.integer "user_id"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.boolean "status", :default => true
t.integer "project_id"
t.decimal "subscribeable_id", :precision => 50, :scale => 0
@ -483,17 +484,20 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
create_table "users", :force => true do |t|
t.string "name"
t.string "email", :default => "", :null => false
t.string "encrypted_password", :limit => 128, :default => "", :null => false
t.string "encrypted_password", :default => "", :null => false
t.string "reset_password_token"
t.datetime "reset_password_sent_at"
t.datetime "remember_created_at"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.text "ssh_key"
t.string "uname"
t.string "role"
t.string "language", :default => "en"
t.integer "own_projects_count", :default => 0, :null => false
t.string "confirmation_token"
t.datetime "confirmed_at"
t.datetime "confirmation_sent_at"
t.text "professional_experience"
t.string "site"
t.string "company"
@ -505,9 +509,6 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
t.integer "failed_attempts", :default => 0
t.string "unlock_token"
t.datetime "locked_at"
t.string "confirmation_token"
t.datetime "confirmed_at"
t.datetime "confirmation_sent_at"
t.string "authentication_token"
t.integer "build_priority", :default => 50
end

View File

@ -19,7 +19,7 @@ describe Api::V1::IssuesController do
@own_hidden_project = FactoryGirl.create(:project, :owner => @issue.user)
@own_hidden_project.update_column :visibility, 'hidden'
@own_hidden_issue = FactoryGirl.create(:issue, :project => @own_hidden_project)
@own_hidden_issue = FactoryGirl.create(:issue, :project => @own_hidden_project, :assignee => @issue.user)
@hidden_issue = FactoryGirl.create(:issue)
@hidden_project = @hidden_issue.project
@ -62,10 +62,10 @@ describe Api::V1::IssuesController do
assigns[:issues].should include(@membered_issue)
end
it 'should return only assigneed issue' do
http_login(@issue.assignee)
it 'should return only assigned issue' do
http_login(@issue.user)
get :user_index, :format => :json
assigns[:issues].should include(@issue)
assigns[:issues].should include(@own_hidden_issue)
assigns[:issues].count.should == 1
end
end