Changeset 734

Show
Ignore:
Timestamp:
11/22/07 13:52:33 (1 year ago)
Author:
markku
Message:

Closes #514

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • trunk/app/models/asset.rb

    r721 r734  
    267267  # 
    268268  def users(exclude_user_id = nil) 
    269     return [] if self.user_groups.empty? 
    270     where_sql = "users.type = 'User' AND users.id = user_groups_users.user_id AND user_groups_users.user_group_id IN (#{self.user_groups.map {|g| g.id }.join(',')})" 
    271     where_sql = "users.id != #{exclude_user_id} AND " + where_sql if exclude_user_id.is_a?(Integer) 
    272  
    273     User.find_by_sql("SELECT DISTINCT users.* FROM users, user_groups_users WHERE (#{where_sql})") 
     269    if Setting.enable_user_permissions 
     270      return [] if self.user_groups.empty? 
     271      sql = ['SELECT DISTINCT users.* FROM users, user_groups_users WHERE ('] 
     272      if exclude_user_id.is_a?(Integer) 
     273        sql[0] += 'users.id != ? AND ' 
     274        sql.push(exclude_user_id) 
     275      end 
     276      sql[0] += 'users.type = ? AND users.id = user_groups_users.user_id AND user_groups_users.user_group_id IN (?)' 
     277      sql.push('User', self.user_groups.map {|g| g.id }) 
     278      sql[0] += ') ORDER BY id' 
     279 
     280      User.find_by_sql(sql) 
     281    else 
     282      options = { :order => 'id' } 
     283      options[:conditions] = ['id != ?', exclude_user_id] if exclude_user_id.is_a?(Integer) 
     284      User.find(:all, options) 
     285    end 
    274286  end 
    275287 

  • trunk/test/unit/asset_test.rb

    r721 r734  
    891891    assert_equal false, users.include?(unauthorized) 
    892892    # Exclude user who doesn't belong to asset has no effect 
     893    users = @root.users(unauthorized.id) 
     894    assert_equal true, users.include?(@user) 
     895    assert_equal true, users.include?(another_admin) 
     896    assert_equal true, users.include?(user) 
     897    assert_equal false, users.include?(unauthorized) 
     898 
     899    # When tye asset permissions are disabled all users are returned 
     900    # except the optionally excluded user with given id. 
     901    # 
     902    # Disable permissions 
     903    setup_settings(false) 
     904    # All users 
     905    users = @root.users 
     906    assert_equal true, users.include?(@user) 
     907    assert_equal true, users.include?(another_admin) 
     908    assert_equal true, users.include?(user) 
     909    assert_equal true, users.include?(unauthorized) 
     910    # Exclude user @user 
    893911    users = @root.users(@user.id) 
     912    assert_equal false, users.include?(@user) 
     913    assert_equal true, users.include?(another_admin) 
     914    assert_equal true, users.include?(user) 
     915    assert_equal true, users.include?(unauthorized) 
    894916  end 
    895917 

© 2004-2007 Norfello Oy All Rights Reserved