--- /dev/null
+module Issues
+ class ReportersController < ApplicationController
+ layout "site"
+
+ before_action :authorize_web
+ before_action :set_locale
+ before_action :check_database_readable
+
+ authorize_resource :issue
+
+ def index
+ @issue = Issue.visible_to(current_user).find(params[:issue_id])
+
+ user_ids = @issue.reports.order(:created_at => :desc).pluck(:user_id).uniq
+ @unique_reporters = {
+ @issue.id => {
+ :count => user_ids.size,
+ :users => User.in_order_of(:id, user_ids)
+ }
+ }
+
+ render :partial => "reporters", :locals => { :issue => @issue } if turbo_frame_request?
+ rescue ActiveRecord::RecordNotFound
+ redirect_to :controller => "/errors", :action => "not_found"
+ end
+ end
+end
<td><%= link_to reportable_title(issue.reportable), reportable_url(issue.reportable) %></td>
<td><%= link_to issue.reported_user.display_name, issue.reported_user if issue.reported_user %></td>
<td class="reporting_users text-truncate">
- <% @unique_reporters[issue.id][:users].each do |reporter| %>
- <%= link_to reporter.display_name, reporter, :class => "d-block text-truncate", :title => reporter.display_name %>
- <% end %>
- <% if @unique_reporters[issue.id][:count] > 3 %>
- <p class="m-0"><%= t ".more_reporters", :count => @unique_reporters[issue.id][:count] - 3 %></p>
- <% end %>
+ <%= render :partial => "issues/reporters/reporters", :locals => { :issue => issue } %>
</td>
<td>
<% if issue.user_updated %>
--- /dev/null
+<%= turbo_frame_tag "#{dom_id(issue)}_reporters", :data => { :turbo => false } do %>
+ <% @unique_reporters[issue.id][:users].each do |reporter| %>
+ <%= link_to reporter.display_name, reporter, :class => "d-block text-truncate", :title => reporter.display_name %>
+ <% end %>
+ <% if @unique_reporters_limit && @unique_reporters[issue.id][:count] > @unique_reporters_limit %>
+ <p class="m-0">
+ <%= link_to t(".more_reporters", :count => @unique_reporters[issue.id][:count] - @unique_reporters_limit),
+ issue_reporters_path(issue),
+ :class => "link-body-emphasis",
+ :data => { :turbo => true } %>
+ </p>
+ <% end %>
+<% end %>
--- /dev/null
+require "test_helper"
+
+module Issues
+ class DataControllerTest < ActionDispatch::IntegrationTest
+ ##
+ # test all routes which lead to this controller
+ def test_routes
+ assert_routing(
+ { :path => "/issues/1/reporters", :method => :get },
+ { :controller => "issues/reporters", :action => "index", :issue_id => "1" }
+ )
+ end
+
+ def test_index_missing_issue_as_moderator
+ session_for(create(:moderator_user))
+ get issue_reporters_path(999111)
+
+ assert_redirected_to :controller => "/errors", :action => :not_found
+ end
+
+ def test_index_missing_issue_as_administrator
+ session_for(create(:administrator_user))
+ get issue_reporters_path(999111)
+
+ assert_redirected_to :controller => "/errors", :action => :not_found
+ end
+
+ def test_index_assigned_to_moderator_as_unauthorized
+ issue = create(:issue, :assigned_role => "moderator")
+
+ get issue_reporters_path(issue)
+
+ assert_redirected_to login_path(:referer => issue_reporters_path(issue))
+ end
+
+ def test_index_assigned_to_moderator_as_regular_user
+ issue = create(:issue, :assigned_role => "moderator")
+
+ session_for(create(:user))
+ get issue_reporters_path(issue)
+
+ assert_redirected_to :controller => "/errors", :action => :forbidden
+ end
+
+ def test_index_assigned_to_moderator_as_administrator
+ issue = create(:issue, :assigned_role => "moderator")
+
+ session_for(create(:administrator_user))
+ get issue_reporters_path(issue)
+
+ assert_redirected_to :controller => "/errors", :action => :not_found
+ end
+
+ def test_index_assigned_to_moderator_as_moderator
+ issue = create(:issue, :assigned_role => "moderator")
+
+ session_for(create(:moderator_user))
+ get issue_reporters_path(issue)
+
+ assert_response :success
+ end
+
+ def test_index_assigned_to_administrator_as_unauthorized
+ issue = create(:issue, :assigned_role => "administrator")
+
+ get issue_reporters_path(issue)
+
+ assert_redirected_to login_path(:referer => issue_reporters_path(issue))
+ end
+
+ def test_index_assigned_to_administrator_as_regular_user
+ issue = create(:issue, :assigned_role => "administrator")
+
+ session_for(create(:user))
+ get issue_reporters_path(issue)
+
+ assert_redirected_to :controller => "/errors", :action => :forbidden
+ end
+
+ def test_index_assigned_to_administrator_as_moderator
+ issue = create(:issue, :assigned_role => "administrator")
+
+ session_for(create(:moderator_user))
+ get issue_reporters_path(issue)
+
+ assert_redirected_to :controller => "/errors", :action => :not_found
+ end
+
+ def test_index_assigned_to_administrator_as_administrator
+ issue = create(:issue, :assigned_role => "administrator")
+
+ session_for(create(:administrator_user))
+ get issue_reporters_path(issue)
+
+ assert_response :success
+ end
+ end
+end
projects / rails.git / commitdiff