[#42] fix access to issues
This commit is contained in:
parent
f15e465263
commit
a1f29588ed
|
@ -15,21 +15,19 @@ class Api::V1::IssuesController < Api::V1::BaseController
|
|||
end
|
||||
|
||||
def all_index
|
||||
project_ids = Project.accessible_by(current_ability, :membered).pluck(:id)
|
||||
@issues = Issue.where('issues.project_id IN (?) OR issues.assignee_id = ? OR issues.user_id = ?',
|
||||
project_ids, current_user, current_user)
|
||||
project_ids = get_all_project_ids Project.accessible_by(current_ability, :membered)
|
||||
@issues = Issue.where('issues.project_id IN (?)', project_ids)
|
||||
render_issues_list
|
||||
end
|
||||
|
||||
def user_index
|
||||
project_ids = current_user.projects.pluck(:id)
|
||||
@issues = Issue.where('issues.project_id IN (?) OR issues.assignee_id = ? OR issues.user_id = ?',
|
||||
project_ids, current_user, current_user)
|
||||
project_ids = get_all_project_ids current_user.projects
|
||||
@issues = Issue.where('issues.project_id IN (?)', project_ids)
|
||||
render_issues_list
|
||||
end
|
||||
|
||||
def group_index
|
||||
project_ids = @group.projects.pluck(:id)
|
||||
project_ids = @group.projects.pluck(:id).uniq
|
||||
@issues = Issue.where(:project_id => project_ids)
|
||||
render_issues_list
|
||||
end
|
||||
|
@ -98,11 +96,13 @@ class Api::V1::IssuesController < Api::V1::BaseController
|
|||
respond_with @issues
|
||||
end
|
||||
|
||||
def render_json(action_name, action_method = nil)
|
||||
if @build_list.try("can_#{action_name}?") && @build_list.send(action_method || action_name)
|
||||
render_json_response @build_list, t("layout.build_lists.#{action_name}_success")
|
||||
else
|
||||
render_validation_error @build_list, t("layout.build_lists.#{action_name}_fail")
|
||||
def get_all_project_ids default_projects
|
||||
project_ids = []
|
||||
if ['created', 'all'].include? params[:filter]
|
||||
# add own issues
|
||||
project_ids = Project.accessible_by(current_ability, :show).joins(:issues).
|
||||
where(:issues => {:user_id => current_user.id}).pluck('projects.id').uniq
|
||||
end
|
||||
project_ids |= default_projects.pluck(:id).uniq
|
||||
end
|
||||
end
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
class AddUserIndexToIssue < ActiveRecord::Migration
|
||||
def change
|
||||
add_index :issues, :user_id
|
||||
end
|
||||
end
|
107
db/schema.rb
107
db/schema.rb
|
@ -11,14 +11,14 @@
|
|||
#
|
||||
# It's strongly recommended to check this file into your version control system.
|
||||
|
||||
ActiveRecord::Schema.define(:version => 20130328112110) do
|
||||
ActiveRecord::Schema.define(:version => 20130417162427) do
|
||||
|
||||
create_table "activity_feeds", :force => true do |t|
|
||||
t.integer "user_id", :null => false
|
||||
t.string "kind"
|
||||
t.text "data"
|
||||
t.datetime "created_at"
|
||||
t.datetime "updated_at"
|
||||
t.datetime "created_at", :null => false
|
||||
t.datetime "updated_at", :null => false
|
||||
end
|
||||
|
||||
create_table "advisories", :force => true do |t|
|
||||
|
@ -53,8 +53,8 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
|
|||
|
||||
create_table "arches", :force => true do |t|
|
||||
t.string "name", :null => false
|
||||
t.datetime "created_at"
|
||||
t.datetime "updated_at"
|
||||
t.datetime "created_at", :null => false
|
||||
t.datetime "updated_at", :null => false
|
||||
end
|
||||
|
||||
add_index "arches", ["name"], :name => "index_arches_on_name", :unique => true
|
||||
|
@ -63,8 +63,8 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
|
|||
t.integer "user_id"
|
||||
t.string "provider"
|
||||
t.string "uid"
|
||||
t.datetime "created_at"
|
||||
t.datetime "updated_at"
|
||||
t.datetime "created_at", :null => false
|
||||
t.datetime "updated_at", :null => false
|
||||
end
|
||||
|
||||
add_index "authentications", ["provider", "uid"], :name => "index_authentications_on_provider_and_uid", :unique => true
|
||||
|
@ -75,8 +75,8 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
|
|||
t.integer "level"
|
||||
t.integer "status"
|
||||
t.integer "build_list_id"
|
||||
t.datetime "created_at"
|
||||
t.datetime "updated_at"
|
||||
t.datetime "created_at", :null => false
|
||||
t.datetime "updated_at", :null => false
|
||||
t.string "version"
|
||||
end
|
||||
|
||||
|
@ -110,8 +110,8 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
|
|||
t.integer "project_id"
|
||||
t.integer "arch_id"
|
||||
t.datetime "notified_at"
|
||||
t.datetime "created_at"
|
||||
t.datetime "updated_at"
|
||||
t.datetime "created_at", :null => false
|
||||
t.datetime "updated_at", :null => false
|
||||
t.boolean "is_circle", :default => false
|
||||
t.text "additional_repos"
|
||||
t.string "name"
|
||||
|
@ -150,8 +150,8 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
|
|||
t.string "commentable_type"
|
||||
t.integer "user_id"
|
||||
t.text "body"
|
||||
t.datetime "created_at"
|
||||
t.datetime "updated_at"
|
||||
t.datetime "created_at", :null => false
|
||||
t.datetime "updated_at", :null => false
|
||||
t.decimal "commentable_id", :precision => 50, :scale => 0
|
||||
t.integer "project_id"
|
||||
t.text "data"
|
||||
|
@ -169,8 +169,8 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
|
|||
t.string "controller"
|
||||
t.string "action"
|
||||
t.text "message"
|
||||
t.datetime "created_at"
|
||||
t.datetime "updated_at"
|
||||
t.datetime "created_at", :null => false
|
||||
t.datetime "updated_at", :null => false
|
||||
end
|
||||
|
||||
create_table "flash_notifies", :force => true do |t|
|
||||
|
@ -184,8 +184,8 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
|
|||
|
||||
create_table "groups", :force => true do |t|
|
||||
t.integer "owner_id"
|
||||
t.datetime "created_at"
|
||||
t.datetime "updated_at"
|
||||
t.datetime "created_at", :null => false
|
||||
t.datetime "updated_at", :null => false
|
||||
t.string "uname"
|
||||
t.integer "own_projects_count", :default => 0, :null => false
|
||||
t.text "description"
|
||||
|
@ -202,14 +202,15 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
|
|||
t.string "title"
|
||||
t.text "body"
|
||||
t.string "status", :default => "open"
|
||||
t.datetime "created_at"
|
||||
t.datetime "updated_at"
|
||||
t.datetime "created_at", :null => false
|
||||
t.datetime "updated_at", :null => false
|
||||
t.integer "user_id"
|
||||
t.datetime "closed_at"
|
||||
t.integer "closed_by"
|
||||
end
|
||||
|
||||
add_index "issues", ["project_id", "serial_id"], :name => "index_issues_on_project_id_and_serial_id", :unique => true
|
||||
add_index "issues", ["user_id"], :name => "index_issues_on_user_id"
|
||||
|
||||
create_table "key_pairs", :force => true do |t|
|
||||
t.text "public", :null => false
|
||||
|
@ -280,14 +281,14 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
|
|||
t.string "description"
|
||||
t.string "name", :null => false
|
||||
t.integer "parent_platform_id"
|
||||
t.datetime "created_at"
|
||||
t.datetime "updated_at"
|
||||
t.datetime "created_at", :null => false
|
||||
t.datetime "updated_at", :null => false
|
||||
t.boolean "released", :default => false, :null => false
|
||||
t.integer "owner_id"
|
||||
t.string "owner_type"
|
||||
t.string "visibility", :default => "open", :null => false
|
||||
t.string "platform_type", :default => "main", :null => false
|
||||
t.string "distrib_type", :null => false
|
||||
t.string "distrib_type"
|
||||
end
|
||||
|
||||
add_index "platforms", ["name"], :name => "index_platforms_on_name", :unique => true, :case_sensitive => false
|
||||
|
@ -296,16 +297,16 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
|
|||
t.integer "platform_id"
|
||||
t.string "login"
|
||||
t.string "password"
|
||||
t.datetime "created_at"
|
||||
t.datetime "updated_at"
|
||||
t.datetime "created_at", :null => false
|
||||
t.datetime "updated_at", :null => false
|
||||
t.integer "user_id"
|
||||
end
|
||||
|
||||
create_table "product_build_lists", :force => true do |t|
|
||||
t.integer "product_id"
|
||||
t.integer "status", :default => 2, :null => false
|
||||
t.datetime "created_at"
|
||||
t.datetime "updated_at"
|
||||
t.integer "status", :default => 3, :null => false
|
||||
t.datetime "created_at", :null => false
|
||||
t.datetime "updated_at", :null => false
|
||||
t.integer "project_id"
|
||||
t.string "project_version"
|
||||
t.string "commit_hash"
|
||||
|
@ -324,8 +325,8 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
|
|||
create_table "products", :force => true do |t|
|
||||
t.string "name", :null => false
|
||||
t.integer "platform_id", :null => false
|
||||
t.datetime "created_at"
|
||||
t.datetime "updated_at"
|
||||
t.datetime "created_at", :null => false
|
||||
t.datetime "updated_at", :null => false
|
||||
t.text "description"
|
||||
t.integer "project_id"
|
||||
t.string "params"
|
||||
|
@ -340,8 +341,8 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
|
|||
t.string "name"
|
||||
t.string "version"
|
||||
t.datetime "file_mtime"
|
||||
t.datetime "created_at"
|
||||
t.datetime "updated_at"
|
||||
t.datetime "created_at", :null => false
|
||||
t.datetime "updated_at", :null => false
|
||||
t.integer "platform_id"
|
||||
end
|
||||
|
||||
|
@ -360,27 +361,27 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
|
|||
create_table "project_to_repositories", :force => true do |t|
|
||||
t.integer "project_id"
|
||||
t.integer "repository_id"
|
||||
t.datetime "created_at"
|
||||
t.datetime "updated_at"
|
||||
t.datetime "created_at", :null => false
|
||||
t.datetime "updated_at", :null => false
|
||||
end
|
||||
|
||||
add_index "project_to_repositories", ["repository_id", "project_id"], :name => "index_project_to_repositories_on_repository_id_and_project_id", :unique => true
|
||||
|
||||
create_table "projects", :force => true do |t|
|
||||
t.string "name"
|
||||
t.datetime "created_at"
|
||||
t.datetime "updated_at"
|
||||
t.datetime "created_at", :null => false
|
||||
t.datetime "updated_at", :null => false
|
||||
t.integer "owner_id"
|
||||
t.string "owner_type"
|
||||
t.string "visibility", :default => "open"
|
||||
t.text "description"
|
||||
t.string "ancestry"
|
||||
t.boolean "has_issues", :default => true
|
||||
t.boolean "has_wiki", :default => false
|
||||
t.string "srpm_file_name"
|
||||
t.string "srpm_content_type"
|
||||
t.integer "srpm_file_size"
|
||||
t.datetime "srpm_updated_at"
|
||||
t.string "srpm_content_type"
|
||||
t.boolean "has_wiki", :default => false
|
||||
t.string "default_branch", :default => "master"
|
||||
t.boolean "is_package", :default => true, :null => false
|
||||
t.integer "average_build_time", :default => 0, :null => false
|
||||
|
@ -411,8 +412,8 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
|
|||
t.string "token"
|
||||
t.boolean "approved", :default => false
|
||||
t.boolean "rejected", :default => false
|
||||
t.datetime "created_at"
|
||||
t.datetime "updated_at"
|
||||
t.datetime "created_at", :null => false
|
||||
t.datetime "updated_at", :null => false
|
||||
t.string "interest"
|
||||
t.text "more"
|
||||
t.string "language"
|
||||
|
@ -426,16 +427,16 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
|
|||
t.string "actor_type"
|
||||
t.integer "target_id"
|
||||
t.string "target_type"
|
||||
t.datetime "created_at"
|
||||
t.datetime "updated_at"
|
||||
t.datetime "created_at", :null => false
|
||||
t.datetime "updated_at", :null => false
|
||||
t.string "role"
|
||||
end
|
||||
|
||||
create_table "repositories", :force => true do |t|
|
||||
t.string "description", :null => false
|
||||
t.integer "platform_id", :null => false
|
||||
t.datetime "created_at"
|
||||
t.datetime "updated_at"
|
||||
t.datetime "created_at", :null => false
|
||||
t.datetime "updated_at", :null => false
|
||||
t.string "name", :null => false
|
||||
t.boolean "publish_without_qa", :default => true
|
||||
end
|
||||
|
@ -449,8 +450,8 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
|
|||
t.boolean "new_comment_reply", :default => true
|
||||
t.boolean "new_issue", :default => true
|
||||
t.boolean "issue_assign", :default => true
|
||||
t.datetime "created_at"
|
||||
t.datetime "updated_at"
|
||||
t.datetime "created_at", :null => false
|
||||
t.datetime "updated_at", :null => false
|
||||
t.boolean "new_comment_commit_owner", :default => true
|
||||
t.boolean "new_comment_commit_repo_owner", :default => true
|
||||
t.boolean "new_comment_commit_commentor", :default => true
|
||||
|
@ -473,8 +474,8 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
|
|||
create_table "subscribes", :force => true do |t|
|
||||
t.string "subscribeable_type"
|
||||
t.integer "user_id"
|
||||
t.datetime "created_at"
|
||||
t.datetime "updated_at"
|
||||
t.datetime "created_at", :null => false
|
||||
t.datetime "updated_at", :null => false
|
||||
t.boolean "status", :default => true
|
||||
t.integer "project_id"
|
||||
t.decimal "subscribeable_id", :precision => 50, :scale => 0
|
||||
|
@ -483,17 +484,20 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
|
|||
create_table "users", :force => true do |t|
|
||||
t.string "name"
|
||||
t.string "email", :default => "", :null => false
|
||||
t.string "encrypted_password", :limit => 128, :default => "", :null => false
|
||||
t.string "encrypted_password", :default => "", :null => false
|
||||
t.string "reset_password_token"
|
||||
t.datetime "reset_password_sent_at"
|
||||
t.datetime "remember_created_at"
|
||||
t.datetime "created_at"
|
||||
t.datetime "updated_at"
|
||||
t.datetime "created_at", :null => false
|
||||
t.datetime "updated_at", :null => false
|
||||
t.text "ssh_key"
|
||||
t.string "uname"
|
||||
t.string "role"
|
||||
t.string "language", :default => "en"
|
||||
t.integer "own_projects_count", :default => 0, :null => false
|
||||
t.string "confirmation_token"
|
||||
t.datetime "confirmed_at"
|
||||
t.datetime "confirmation_sent_at"
|
||||
t.text "professional_experience"
|
||||
t.string "site"
|
||||
t.string "company"
|
||||
|
@ -505,9 +509,6 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
|
|||
t.integer "failed_attempts", :default => 0
|
||||
t.string "unlock_token"
|
||||
t.datetime "locked_at"
|
||||
t.string "confirmation_token"
|
||||
t.datetime "confirmed_at"
|
||||
t.datetime "confirmation_sent_at"
|
||||
t.string "authentication_token"
|
||||
t.integer "build_priority", :default => 50
|
||||
end
|
||||
|
|
|
@ -19,7 +19,7 @@ describe Api::V1::IssuesController do
|
|||
|
||||
@own_hidden_project = FactoryGirl.create(:project, :owner => @issue.user)
|
||||
@own_hidden_project.update_column :visibility, 'hidden'
|
||||
@own_hidden_issue = FactoryGirl.create(:issue, :project => @own_hidden_project)
|
||||
@own_hidden_issue = FactoryGirl.create(:issue, :project => @own_hidden_project, :assignee => @issue.user)
|
||||
|
||||
@hidden_issue = FactoryGirl.create(:issue)
|
||||
@hidden_project = @hidden_issue.project
|
||||
|
@ -62,10 +62,10 @@ describe Api::V1::IssuesController do
|
|||
assigns[:issues].should include(@membered_issue)
|
||||
end
|
||||
|
||||
it 'should return only assigneed issue' do
|
||||
http_login(@issue.assignee)
|
||||
it 'should return only assigned issue' do
|
||||
http_login(@issue.user)
|
||||
get :user_index, :format => :json
|
||||
assigns[:issues].should include(@issue)
|
||||
assigns[:issues].should include(@own_hidden_issue)
|
||||
assigns[:issues].count.should == 1
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue