From a0774544192620a3056a09570580790c752bc46a Mon Sep 17 00:00:00 2001 From: Thiago Ribeiro Date: Wed, 23 Mar 2016 15:32:23 -0300 Subject: [PATCH] Change visibility to admins --- app/controllers/public/search_controller.rb | 6 +++++- test/functional/search_controller_test.rb | 10 ++++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/app/controllers/public/search_controller.rb b/app/controllers/public/search_controller.rb index f2420f0..f3ae44a 100644 --- a/app/controllers/public/search_controller.rb +++ b/app/controllers/public/search_controller.rb @@ -244,7 +244,11 @@ class SearchController < PublicController def visible_profiles(klass, *extra_relations) relations = [:image, :domains, :environment, :preferred_domain] relations += extra_relations - @environment.send(klass.name.underscore.pluralize).visible.includes(relations) + if current_user && current_user.person.is_admin? + @environment.send(klass.name.underscore.pluralize).includes(relations) + else + @environment.send(klass.name.underscore.pluralize).visible.includes(relations) + end end def per_page diff --git a/test/functional/search_controller_test.rb b/test/functional/search_controller_test.rb index a8f91e4..de2d222 100644 --- a/test/functional/search_controller_test.rb +++ b/test/functional/search_controller_test.rb @@ -540,6 +540,16 @@ class SearchControllerTest < ActionController::TestCase assert_equal [c2,c1,c3] , assigns(:searches)[:communities][:results] end + should "only admin can view invisible people" do + # assuming that all filters behave the same! + p1 = fast_create(Person, :visible => false) + admin = create_user('admin').person; + Environment.default.add_admin admin + login_as("admin") + get :people, :order => 'more_recent' + assert_includes assigns(:searches)[:people][:results], p1 + end + should "only include visible people in more_recent filter" do # assuming that all filters behave the same! p1 = fast_create(Person, :visible => false) -- libgit2 0.21.2