Commit 356635fa authored by Oswaldo Ferreira's avatar Oswaldo Ferreira

Extract IssuesFinder.not_restricted_by_confidentiality to Issue model

parent f8f1eb42
...@@ -23,7 +23,7 @@ class IssuesFinder < IssuableFinder ...@@ -23,7 +23,7 @@ class IssuesFinder < IssuableFinder
private private
def init_collection def init_collection
IssuesFinder.not_restricted_by_confidentiality(current_user) Issue.not_restricted_by_confidentiality(current_user)
end end
def by_assignee(items) def by_assignee(items)
...@@ -38,21 +38,6 @@ class IssuesFinder < IssuableFinder ...@@ -38,21 +38,6 @@ class IssuesFinder < IssuableFinder
end end
end end
def self.not_restricted_by_confidentiality(user)
return Issue.where('issues.confidential IS NOT TRUE') if user.blank?
return Issue.all if user.admin_or_auditor?
Issue.where('
issues.confidential IS NOT TRUE
OR (issues.confidential = TRUE
AND (issues.author_id = :user_id
OR EXISTS (SELECT TRUE FROM issue_assignees WHERE user_id = :user_id AND issue_id = issues.id)
OR issues.project_id IN(:project_ids)))',
user_id: user.id,
project_ids: user.authorized_projects(Gitlab::Access::REPORTER).select(:id))
end
def item_project_ids(items) def item_project_ids(items)
items&.reorder(nil)&.select(:project_id) items&.reorder(nil)&.select(:project_id)
end end
......
...@@ -99,6 +99,21 @@ class Issue < ActiveRecord::Base ...@@ -99,6 +99,21 @@ class Issue < ActiveRecord::Base
'#' '#'
end end
def self.not_restricted_by_confidentiality(user)
return where('issues.confidential IS NOT TRUE') if user.blank?
return all if user.admin_or_auditor?
where('
issues.confidential IS NOT TRUE
OR (issues.confidential = TRUE
AND (issues.author_id = :user_id
OR EXISTS (SELECT TRUE FROM issue_assignees WHERE user_id = :user_id AND issue_id = issues.id)
OR issues.project_id IN(:project_ids)))',
user_id: user.id,
project_ids: user.authorized_projects(Gitlab::Access::REPORTER).select(:id))
end
# Pattern used to extract `#123` issue references from text # Pattern used to extract `#123` issue references from text
# #
# This pattern supports cross-project references. # This pattern supports cross-project references.
......
...@@ -290,33 +290,4 @@ describe IssuesFinder do ...@@ -290,33 +290,4 @@ describe IssuesFinder do
end end
end end
end end
describe '.not_restricted_by_confidentiality' do
let(:authorized_user) { create(:user) }
let(:admin_user) { create(:admin) }
let(:auditor_user) { create(:user, :auditor) }
let(:project) { create(:empty_project, namespace: authorized_user.namespace) }
let!(:public_issue) { create(:issue, project: project) }
let!(:confidential_issue) { create(:issue, project: project, confidential: true) }
it 'returns non confidential issues for nil user' do
expect(described_class.send(:not_restricted_by_confidentiality, nil)).to include(public_issue)
end
it 'returns non confidential issues for user not authorized for the issues projects' do
expect(described_class.send(:not_restricted_by_confidentiality, user)).to include(public_issue)
end
it 'returns all issues for user authorized for the issues projects' do
expect(described_class.send(:not_restricted_by_confidentiality, authorized_user)).to include(public_issue, confidential_issue)
end
it 'returns all issues for an admin user' do
expect(described_class.send(:not_restricted_by_confidentiality, admin_user)).to include(public_issue, confidential_issue)
end
it 'returns all issues for an auditor user' do
expect(described_class.send(:not_restricted_by_confidentiality, auditor_user)).to include(public_issue, confidential_issue)
end
end
end end
...@@ -38,6 +38,36 @@ describe Issue, models: true do ...@@ -38,6 +38,36 @@ describe Issue, models: true do
end end
end end
describe '.not_restricted_by_confidentiality' do
let(:user) { create(:user) }
let(:authorized_user) { create(:user) }
let(:admin_user) { create(:admin) }
let(:auditor_user) { create(:user, :auditor) }
let(:project) { create(:empty_project, namespace: authorized_user.namespace) }
let!(:public_issue) { create(:issue, project: project) }
let!(:confidential_issue) { create(:issue, project: project, confidential: true) }
it 'returns non confidential issues for nil user' do
expect(described_class.not_restricted_by_confidentiality(nil)).to include(public_issue)
end
it 'returns non confidential issues for user not authorized for the issues projects' do
expect(described_class.not_restricted_by_confidentiality(user)).to include(public_issue)
end
it 'returns all issues for user authorized for the issues projects' do
expect(described_class.not_restricted_by_confidentiality(authorized_user)).to include(public_issue, confidential_issue)
end
it 'returns all issues for an admin user' do
expect(described_class.not_restricted_by_confidentiality(admin_user)).to include(public_issue, confidential_issue)
end
it 'returns all issues for an auditor user' do
expect(described_class.not_restricted_by_confidentiality(auditor_user)).to include(public_issue, confidential_issue)
end
end
describe '#card_attributes' do describe '#card_attributes' do
it 'includes the author name' do it 'includes the author name' do
allow(subject).to receive(:author).and_return(double(name: 'Robert')) allow(subject).to receive(:author).and_return(double(name: 'Robert'))
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment