Commit a0774544192620a3056a09570580790c752bc46a
Committed by
Sabryna Pessoa
Sabryna Pessoa
1 parent
753770b3
Change visibility to admins
- Admins now can be see secret profiles Signed-off-by: Sabryna <sabryna.sousa1323@gmail.com> Signed-off-by: Artur Bersan de Faria <arturbersan@gmail.com>
Showing
2 changed files
with
15 additions
and
1 deletions
Show diff stats
app/controllers/public/search_controller.rb
| @@ -244,7 +244,11 @@ class SearchController < PublicController | @@ -244,7 +244,11 @@ class SearchController < PublicController | ||
| 244 | def visible_profiles(klass, *extra_relations) | 244 | def visible_profiles(klass, *extra_relations) |
| 245 | relations = [:image, :domains, :environment, :preferred_domain] | 245 | relations = [:image, :domains, :environment, :preferred_domain] |
| 246 | relations += extra_relations | 246 | relations += extra_relations |
| 247 | - @environment.send(klass.name.underscore.pluralize).visible.includes(relations) | 247 | + if current_user && current_user.person.is_admin? |
| 248 | + @environment.send(klass.name.underscore.pluralize).includes(relations) | ||
| 249 | + else | ||
| 250 | + @environment.send(klass.name.underscore.pluralize).visible.includes(relations) | ||
| 251 | + end | ||
| 248 | end | 252 | end |
| 249 | 253 | ||
| 250 | def per_page | 254 | def per_page |
test/functional/search_controller_test.rb
| @@ -540,6 +540,16 @@ class SearchControllerTest < ActionController::TestCase | @@ -540,6 +540,16 @@ class SearchControllerTest < ActionController::TestCase | ||
| 540 | assert_equal [c2,c1,c3] , assigns(:searches)[:communities][:results] | 540 | assert_equal [c2,c1,c3] , assigns(:searches)[:communities][:results] |
| 541 | end | 541 | end |
| 542 | 542 | ||
| 543 | + should "only admin can view invisible people" do | ||
| 544 | + # assuming that all filters behave the same! | ||
| 545 | + p1 = fast_create(Person, :visible => false) | ||
| 546 | + admin = create_user('admin').person; | ||
| 547 | + Environment.default.add_admin admin | ||
| 548 | + login_as("admin") | ||
| 549 | + get :people, :order => 'more_recent' | ||
| 550 | + assert_includes assigns(:searches)[:people][:results], p1 | ||
| 551 | + end | ||
| 552 | + | ||
| 543 | should "only include visible people in more_recent filter" do | 553 | should "only include visible people in more_recent filter" do |
| 544 | # assuming that all filters behave the same! | 554 | # assuming that all filters behave the same! |
| 545 | p1 = fast_create(Person, :visible => false) | 555 | p1 = fast_create(Person, :visible => false) |