[Git][noosfero/noosfero][api] api: consider admin role when querying visible people for given person

Mon Jul 6 15:06:05 BRT 2015

Larissa Reis pushed to branch api at Noosfero / noosfero


Commits:
52ba8997 by Larissa Reis at 2015-07-04T02:46:29Z
api: consider admin role when querying visible people for given person

- - - - -


2 changed files:

- app/models/person.rb
- test/unit/person_test.rb


Changes:

=====================================
app/models/person.rb
=====================================

--- a/app/models/person.rb
+++ b/app/models/person.rb
@@ -40,9 +40,14 @@ roles] }
   }
 
   scope :visible_for_person, lambda { |person|
-    joins('LEFT JOIN "friendships" ON "friendships"."friend_id" = "profiles"."id"')
+    joins('LEFT JOIN "role_assignments" ON
+          "role_assignments"."resource_id" = "profiles"."environment_id" AND
+          "role_assignments"."resource_type" = \'Environment\'')
+    .joins('LEFT JOIN "roles" ON "role_assignments"."role_id" = "roles"."id"')
+    .joins('LEFT JOIN "friendships" ON "friendships"."friend_id" = "profiles"."id"')
     .where(
-      ['( ( friendships.person_id = ? ) OR (profiles.public_profile = ?)) AND (profiles.visible = ?)', person.id,  true, true]
+      ['( roles.key = ? AND role_assignments.accessor_type = ? AND role_assignments.accessor_id = ? ) OR (
+        ( ( friendships.person_id = ? ) OR (profiles.public_profile = ?)) AND (profiles.visible = ?) )', 'environment_administrator', Profile.name, person.id, person.id,  true, true]
     ).uniq
   }
 


=====================================
test/unit/person_test.rb
=====================================
--- a/test/unit/person_test.rb
+++ b/test/unit/person_test.rb
@@ -1663,6 +1663,9 @@ class PersonTest < ActiveSupport::TestCase
 
   should 'fetch people there are visible for a user' do
     person = create_user('some-person').person
+    admin = create_user('some-admin').person
+    Environment.default.add_admin(admin)
+
     p1 = fast_create(Person, :public_profile => true , :visible => true )
     p1.add_friend(person)
     p2 = fast_create(Person, :public_profile => true , :visible => true )
@@ -1674,13 +1677,25 @@ class PersonTest < ActiveSupport::TestCase
     p6 = fast_create(Person, :public_profile => false, :visible => false)
 
     people = Person.visible_for_person(person)
+    people_for_admin = Person.visible_for_person(admin)
 
     assert_includes     people, p1
+    assert_includes     people_for_admin, p1
+
     assert_includes     people, p2
+    assert_includes     people_for_admin, p2
+
     assert_not_includes people, p3
+    assert_includes     people_for_admin, p3
+
     assert_includes     people, p4
+    assert_includes     people_for_admin, p4
+
     assert_not_includes people, p5
+    assert_includes     people_for_admin, p5
+
     assert_not_includes people, p6
+    assert_includes     people_for_admin, p6
   end
 
   should 'vote in a comment with value greater than 1' do



View it on GitLab: https://gitlab.com/noosfero/noosfero/commit/52ba8997c85e28f65ea6e441ca1f60c19f6c6187
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listas.softwarelivre.org/pipermail/noosfero-dev/attachments/20150706/3d65c754/attachment.html>
