Merge branch 'bug/filtering_service' into 'master'

Fix wrong issues appears at Dashboard#issues page Fixes #1028

Merge branch 'bug/filtering_service' into 'master'
Fix wrong issues appears at Dashboard#issues page Fixes #1028
Dmitriy Zaporozhets
2 parents c10a35c4 5e30f4d5
Showing 5 changed files with 31 additions and 10 deletions Show diff stats
app/controllers/dashboard_controller.rb
app/models/concerns/issuable.rb
app/services/filtering_service.rb
spec/features/atom/dashboard_issues_spec.rb
spec/services/filtering_service_spec.rb
@@ -54,12 +54,12 @@ class DashboardController &lt; ApplicationController
  
   def merge_requests
     @merge_requests = FilteringService.new.execute(MergeRequest, current_user, params)
-    @merge_requests = @merge_requests.recent.page(params[:page]).per(20)
+    @merge_requests = @merge_requests.page(params[:page]).per(20)
   end
  
   def issues
     @issues = FilteringService.new.execute(Issue, current_user, params)
-    @issues = @issues.recent.page(params[:page]).per(20)
+    @issues = @issues.page(params[:page]).per(20)
     @issues = @issues.includes(:author, :project)
  
     respond_to do |format|
@@ -48,13 +48,13 @@ module Issuable
  
     def sort(method)
       case method.to_s
-      when 'newest' then reorder('created_at DESC')
-      when 'oldest' then reorder('created_at ASC')
-      when 'recently_updated' then reorder('updated_at DESC')
-      when 'last_updated' then reorder('updated_at ASC')
+      when 'newest' then reorder("#{table_name}.created_at DESC")
+      when 'oldest' then reorder("#{table_name}.created_at ASC")
+      when 'recently_updated' then reorder("#{table_name}.updated_at DESC")
+      when 'last_updated' then reorder("#{table_name}.updated_at ASC")
       when 'milestone_due_soon' then joins(:milestone).reorder("milestones.due_date ASC")
       when 'milestone_due_later' then joins(:milestone).reorder("milestones.due_date DESC")
-      else reorder('created_at DESC')
+      else reorder("#{table_name}.created_at DESC")
       end
     end
   end
@@ -57,11 +57,11 @@ class FilteringService
   def by_scope(items)
     case params[:scope]
     when 'created-by-me', 'authored' then
-      klass.where(author_id: current_user.id)
+      items.where(author_id: current_user.id)
     when 'all' then
-      klass
+      items
     when 'assigned-to-me' then
-      klass.where(assignee_id: current_user.id)
+      items.where(assignee_id: current_user.id)
     else
       raise 'You must specify default scope'
     end
@@ -8,6 +8,11 @@ describe &quot;Dashboard Issues Feed&quot; do
     let!(:issue1)   { create(:issue, author: user, assignee: user, project: project1) }
     let!(:issue2)   { create(:issue, author: user, assignee: user, project: project2) }
  
+    before do
+      project1.team << [user, :master]
+      project2.team << [user, :master]
+    end
+
     describe "atom feed" do
       it "should render atom feed via private token" do
         visit issues_dashboard_path(:atom, private_token: user.private_token)
@@ -15,6 +15,7 @@ describe FilteringService do
   before do
     project1.team << [user, :master]
     project2.team << [user, :developer]
+    project2.team << [user2, :developer]
   end
  
   describe 'merge requests' do
@@ -61,5 +62,20 @@ describe FilteringService do
       issues = FilteringService.new.execute(Issue, user, params)
       issues.size.should == 1
     end
+
+    it 'should be empty for unauthorized user' do
+      params = { scope: "all", state: 'opened' }
+      issues = FilteringService.new.execute(Issue, nil, params)
+      issues.size.should be_zero
+    end
+
+    it 'should not include unauthorized issues' do
+      params = { scope: "all", state: 'opened' }
+      issues = FilteringService.new.execute(Issue, user2, params)
+      issues.size.should == 2
+      issues.should_not include(issue1)
+      issues.should include(issue2)
+      issues.should include(issue3)
+    end
   end
 end
...	...	@@ -54,12 +54,12 @@ class DashboardController < ApplicationController
54	54
55	55	def merge_requests
56	56	@merge_requests = FilteringService.new.execute(MergeRequest, current_user, params)
57		- @merge_requests = @merge_requests.recent.page(params[:page]).per(20)
	57	+ @merge_requests = @merge_requests.page(params[:page]).per(20)
58	58	end
59	59
60	60	def issues
61	61	@issues = FilteringService.new.execute(Issue, current_user, params)
62		- @issues = @issues.recent.page(params[:page]).per(20)
	62	+ @issues = @issues.page(params[:page]).per(20)
63	63	@issues = @issues.includes(:author, :project)
64	64
65	65	respond_to do \|format\|
...	...
...	...	@@ -48,13 +48,13 @@ module Issuable
48	48
49	49	def sort(method)
50	50	case method.to_s
51		- when 'newest' then reorder('created_at DESC')
52		- when 'oldest' then reorder('created_at ASC')
53		- when 'recently_updated' then reorder('updated_at DESC')
54		- when 'last_updated' then reorder('updated_at ASC')
	51	+ when 'newest' then reorder("#{table_name}.created_at DESC")
	52	+ when 'oldest' then reorder("#{table_name}.created_at ASC")
	53	+ when 'recently_updated' then reorder("#{table_name}.updated_at DESC")
	54	+ when 'last_updated' then reorder("#{table_name}.updated_at ASC")
55	55	when 'milestone_due_soon' then joins(:milestone).reorder("milestones.due_date ASC")
56	56	when 'milestone_due_later' then joins(:milestone).reorder("milestones.due_date DESC")
57		- else reorder('created_at DESC')
	57	+ else reorder("#{table_name}.created_at DESC")
58	58	end
59	59	end
60	60	end
...	...
...	...	@@ -57,11 +57,11 @@ class FilteringService
57	57	def by_scope(items)
58	58	case params[:scope]
59	59	when 'created-by-me', 'authored' then
60		- klass.where(author_id: current_user.id)
	60	+ items.where(author_id: current_user.id)
61	61	when 'all' then
62		- klass
	62	+ items
63	63	when 'assigned-to-me' then
64		- klass.where(assignee_id: current_user.id)
	64	+ items.where(assignee_id: current_user.id)
65	65	else
66	66	raise 'You must specify default scope'
67	67	end
...	...
...	...	@@ -8,6 +8,11 @@ describe "Dashboard Issues Feed" do
8	8	let!(:issue1) { create(:issue, author: user, assignee: user, project: project1) }
9	9	let!(:issue2) { create(:issue, author: user, assignee: user, project: project2) }
10	10
	11	+ before do
	12	+ project1.team << [user, :master]
	13	+ project2.team << [user, :master]
	14	+ end
	15	+
11	16	describe "atom feed" do
12	17	it "should render atom feed via private token" do
13	18	visit issues_dashboard_path(:atom, private_token: user.private_token)
...	...
...	...	@@ -15,6 +15,7 @@ describe FilteringService do
15	15	before do
16	16	project1.team << [user, :master]
17	17	project2.team << [user, :developer]
	18	+ project2.team << [user2, :developer]
18	19	end
19	20
20	21	describe 'merge requests' do
...	...	@@ -61,5 +62,20 @@ describe FilteringService do
61	62	issues = FilteringService.new.execute(Issue, user, params)
62	63	issues.size.should == 1
63	64	end
	65	+
	66	+ it 'should be empty for unauthorized user' do
	67	+ params = { scope: "all", state: 'opened' }
	68	+ issues = FilteringService.new.execute(Issue, nil, params)
	69	+ issues.size.should be_zero
	70	+ end
	71	+
	72	+ it 'should not include unauthorized issues' do
	73	+ params = { scope: "all", state: 'opened' }
	74	+ issues = FilteringService.new.execute(Issue, user2, params)
	75	+ issues.size.should == 2
	76	+ issues.should_not include(issue1)
	77	+ issues.should include(issue2)
	78	+ issues.should include(issue3)
	79	+ end
64	80	end
65	81	end
...	...