Chris@1464: # Redmine - project management software Chris@1494: # Copyright (C) 2006-2014 Jean-Philippe Lang Chris@1464: # Chris@1464: # This program is free software; you can redistribute it and/or Chris@1464: # modify it under the terms of the GNU General Public License Chris@1464: # as published by the Free Software Foundation; either version 2 Chris@1464: # of the License, or (at your option) any later version. Chris@1464: # Chris@1464: # This program is distributed in the hope that it will be useful, Chris@1464: # but WITHOUT ANY WARRANTY; without even the implied warranty of Chris@1464: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the Chris@1464: # GNU General Public License for more details. Chris@1464: # Chris@1464: # You should have received a copy of the GNU General Public License Chris@1464: # along with this program; if not, write to the Free Software Chris@1464: # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. Chris@1464: Chris@1464: require File.expand_path('../../test_helper', __FILE__) Chris@1464: Chris@1464: class TimelogCustomFieldsVisibilityTest < ActionController::TestCase Chris@1464: tests TimelogController Chris@1464: fixtures :projects, Chris@1464: :users, Chris@1464: :roles, Chris@1464: :members, Chris@1464: :member_roles, Chris@1464: :issue_statuses, Chris@1464: :trackers, Chris@1464: :projects_trackers, Chris@1464: :enabled_modules, Chris@1464: :enumerations, Chris@1464: :workflows Chris@1464: Chris@1464: def setup Chris@1464: field_attributes = {:field_format => 'string', :is_for_all => true, :is_filter => true, :trackers => Tracker.all} Chris@1464: @fields = [] Chris@1464: @fields << (@field1 = IssueCustomField.create!(field_attributes.merge(:name => 'Field 1', :visible => true))) Chris@1464: @fields << (@field2 = IssueCustomField.create!(field_attributes.merge(:name => 'Field 2', :visible => false, :role_ids => [1, 2]))) Chris@1464: @fields << (@field3 = IssueCustomField.create!(field_attributes.merge(:name => 'Field 3', :visible => false, :role_ids => [1, 3]))) Chris@1464: @issue = Issue.generate!( Chris@1464: :author_id => 1, Chris@1464: :project_id => 1, Chris@1464: :tracker_id => 1, Chris@1464: :custom_field_values => {@field1.id => 'Value0', @field2.id => 'Value1', @field3.id => 'Value2'} Chris@1464: ) Chris@1464: TimeEntry.generate!(:issue => @issue) Chris@1464: Chris@1464: @user_with_role_on_other_project = User.generate! Chris@1464: User.add_to_project(@user_with_role_on_other_project, Project.find(2), Role.find(3)) Chris@1464: Chris@1464: @users_to_test = { Chris@1464: User.find(1) => [@field1, @field2, @field3], Chris@1464: User.find(3) => [@field1, @field2], Chris@1464: @user_with_role_on_other_project => [@field1], # should see field1 only on Project 1 Chris@1464: User.generate! => [@field1], Chris@1464: User.anonymous => [@field1] Chris@1464: } Chris@1464: Chris@1464: Member.where(:project_id => 1).each do |member| Chris@1464: member.destroy unless @users_to_test.keys.include?(member.principal) Chris@1464: end Chris@1464: end Chris@1464: Chris@1464: def test_index_should_show_visible_custom_fields_only Chris@1464: @users_to_test.each do |user, fields| Chris@1464: @request.session[:user_id] = user.id Chris@1464: get :index, :project_id => 1, :issue_id => @issue.id, :c => (['hours'] + @fields.map{|f| "issue.cf_#{f.id}"}) Chris@1464: @fields.each_with_index do |field, i| Chris@1464: if fields.include?(field) Chris@1464: assert_select 'td', {:text => "Value#{i}", :count => 1}, "User #{user.id} was not able to view #{field.name}" Chris@1464: else Chris@1464: assert_select 'td', {:text => "Value#{i}", :count => 0}, "User #{user.id} was able to view #{field.name}" Chris@1464: end Chris@1464: end Chris@1464: end Chris@1464: end Chris@1464: Chris@1464: def test_index_as_csv_should_show_visible_custom_fields_only Chris@1464: @users_to_test.each do |user, fields| Chris@1464: @request.session[:user_id] = user.id Chris@1464: get :index, :project_id => 1, :issue_id => @issue.id, :c => (['hours'] + @fields.map{|f| "issue.cf_#{f.id}"}), :format => 'csv' Chris@1464: @fields.each_with_index do |field, i| Chris@1464: if fields.include?(field) Chris@1464: assert_include "Value#{i}", response.body, "User #{user.id} was not able to view #{field.name} in CSV" Chris@1464: else Chris@1464: assert_not_include "Value#{i}", response.body, "User #{user.id} was able to view #{field.name} in CSV" Chris@1464: end Chris@1464: end Chris@1464: end Chris@1464: end Chris@1464: Chris@1464: def test_index_with_partial_custom_field_visibility_should_show_visible_custom_fields_only Chris@1464: Issue.delete_all Chris@1464: TimeEntry.delete_all Chris@1464: p1 = Project.generate! Chris@1464: p2 = Project.generate! Chris@1464: user = User.generate! Chris@1464: User.add_to_project(user, p1, Role.find_all_by_id(1,3)) Chris@1464: User.add_to_project(user, p2, Role.find_all_by_id(3)) Chris@1464: TimeEntry.generate!(:issue => Issue.generate!(:project => p1, :tracker_id => 1, :custom_field_values => {@field2.id => 'ValueA'})) Chris@1464: TimeEntry.generate!(:issue => Issue.generate!(:project => p2, :tracker_id => 1, :custom_field_values => {@field2.id => 'ValueB'})) Chris@1464: TimeEntry.generate!(:issue => Issue.generate!(:project => p1, :tracker_id => 1, :custom_field_values => {@field2.id => 'ValueC'})) Chris@1464: Chris@1464: @request.session[:user_id] = user.id Chris@1464: get :index, :c => ["hours", "issue.cf_#{@field2.id}"] Chris@1464: assert_select 'td', :text => 'ValueA' Chris@1464: assert_select 'td', :text => 'ValueB', :count => 0 Chris@1464: assert_select 'td', :text => 'ValueC' Chris@1464: Chris@1464: get :index, :set_filter => '1', "issue.cf_#{@field2.id}" => '*' Chris@1464: assert_equal %w(ValueA ValueC), assigns(:entries).map{|i| i.issue.custom_field_value(@field2)}.sort Chris@1464: end Chris@1464: end