Commit 56f989e53e80fe7545a3400ba7ee98a0cd2cf259
1 parent
5a098e84
Exists in
spb-stable
and in
3 other branches
Fix wrong issues appears at Dashboard#issues page
Filtering service used klass instead of passed items. Because of this you see list of all issues intead of authorized ones. This commit fixes it so people see only issues they are authorized to see. Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Showing
3 changed files
with
10 additions
and
10 deletions
Show diff stats
app/controllers/dashboard_controller.rb
| @@ -54,12 +54,12 @@ class DashboardController < ApplicationController | @@ -54,12 +54,12 @@ class DashboardController < ApplicationController | ||
| 54 | 54 | ||
| 55 | def merge_requests | 55 | def merge_requests |
| 56 | @merge_requests = FilteringService.new.execute(MergeRequest, current_user, params) | 56 | @merge_requests = FilteringService.new.execute(MergeRequest, current_user, params) |
| 57 | - @merge_requests = @merge_requests.recent.page(params[:page]).per(20) | 57 | + @merge_requests = @merge_requests.page(params[:page]).per(20) |
| 58 | end | 58 | end |
| 59 | 59 | ||
| 60 | def issues | 60 | def issues |
| 61 | @issues = FilteringService.new.execute(Issue, current_user, params) | 61 | @issues = FilteringService.new.execute(Issue, current_user, params) |
| 62 | - @issues = @issues.recent.page(params[:page]).per(20) | 62 | + @issues = @issues.page(params[:page]).per(20) |
| 63 | @issues = @issues.includes(:author, :project) | 63 | @issues = @issues.includes(:author, :project) |
| 64 | 64 | ||
| 65 | respond_to do |format| | 65 | respond_to do |format| |
app/models/concerns/issuable.rb
| @@ -48,13 +48,13 @@ module Issuable | @@ -48,13 +48,13 @@ module Issuable | ||
| 48 | 48 | ||
| 49 | def sort(method) | 49 | def sort(method) |
| 50 | case method.to_s | 50 | case method.to_s |
| 51 | - when 'newest' then reorder('created_at DESC') | ||
| 52 | - when 'oldest' then reorder('created_at ASC') | ||
| 53 | - when 'recently_updated' then reorder('updated_at DESC') | ||
| 54 | - when 'last_updated' then reorder('updated_at ASC') | 51 | + when 'newest' then reorder("#{table_name}.created_at DESC") |
| 52 | + when 'oldest' then reorder("#{table_name}.created_at ASC") | ||
| 53 | + when 'recently_updated' then reorder("#{table_name}.updated_at DESC") | ||
| 54 | + when 'last_updated' then reorder("#{table_name}.updated_at ASC") | ||
| 55 | when 'milestone_due_soon' then joins(:milestone).reorder("milestones.due_date ASC") | 55 | when 'milestone_due_soon' then joins(:milestone).reorder("milestones.due_date ASC") |
| 56 | when 'milestone_due_later' then joins(:milestone).reorder("milestones.due_date DESC") | 56 | when 'milestone_due_later' then joins(:milestone).reorder("milestones.due_date DESC") |
| 57 | - else reorder('created_at DESC') | 57 | + else reorder("#{table_name}.created_at DESC") |
| 58 | end | 58 | end |
| 59 | end | 59 | end |
| 60 | end | 60 | end |
app/services/filtering_service.rb
| @@ -57,11 +57,11 @@ class FilteringService | @@ -57,11 +57,11 @@ class FilteringService | ||
| 57 | def by_scope(items) | 57 | def by_scope(items) |
| 58 | case params[:scope] | 58 | case params[:scope] |
| 59 | when 'created-by-me', 'authored' then | 59 | when 'created-by-me', 'authored' then |
| 60 | - klass.where(author_id: current_user.id) | 60 | + items.where(author_id: current_user.id) |
| 61 | when 'all' then | 61 | when 'all' then |
| 62 | - klass | 62 | + items |
| 63 | when 'assigned-to-me' then | 63 | when 'assigned-to-me' then |
| 64 | - klass.where(assignee_id: current_user.id) | 64 | + items.where(assignee_id: current_user.id) |
| 65 | else | 65 | else |
| 66 | raise 'You must specify default scope' | 66 | raise 'You must specify default scope' |
| 67 | end | 67 | end |