incubator-allura-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From john...@apache.org
Subject git commit: [#6677] Account for spurious ProjectRoles for non-members in User.my_projects
Date Wed, 12 Feb 2014 23:04:06 GMT
Updated Branches:
  refs/heads/cj/6677 [created] 4105b022d


[#6677] Account for spurious ProjectRoles for non-members in User.my_projects

Signed-off-by: Cory Johns <cjohns@slashdotmedia.com>


Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/4105b022
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/4105b022
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/4105b022

Branch: refs/heads/cj/6677
Commit: 4105b022d11fa9f50911ede5a66d8214898403c0
Parents: 7406ab9
Author: Cory Johns <cjohns@slashdotmedia.com>
Authored: Wed Feb 12 23:03:49 2014 +0000
Committer: Cory Johns <cjohns@slashdotmedia.com>
Committed: Wed Feb 12 23:03:49 2014 +0000

----------------------------------------------------------------------
 Allura/allura/model/auth.py            |  2 +-
 Allura/allura/tests/model/test_auth.py | 18 +++++++++++++++++-
 2 files changed, 18 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/4105b022/Allura/allura/model/auth.py
----------------------------------------------------------------------
diff --git a/Allura/allura/model/auth.py b/Allura/allura/model/auth.py
index dfbfc32..aa8e5dc 100644
--- a/Allura/allura/model/auth.py
+++ b/Allura/allura/model/auth.py
@@ -747,7 +747,7 @@ class User(MappedClass, ActivityNode, ActivityObject):
         if self.is_anonymous():
             return
         roles = g.credentials.user_roles(user_id=self._id)
-        projects = [r['project_id'] for r in roles]
+        projects = [r['project_id'] for r in roles if r['roles']]
         from .project import Project
         return Project.query.find({'_id': {'$in': projects}, 'deleted': False})
 

http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/4105b022/Allura/allura/tests/model/test_auth.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/model/test_auth.py b/Allura/allura/tests/model/test_auth.py
index 5119f68..606b3e2 100644
--- a/Allura/allura/tests/model/test_auth.py
+++ b/Allura/allura/tests/model/test_auth.py
@@ -20,7 +20,7 @@
 """
 Model tests for auth
 """
-from nose.tools import with_setup, assert_equal
+from nose.tools import with_setup, assert_equal, assert_not_in
 from pylons import tmpl_context as c, app_globals as g
 from webob import Request
 from mock import patch
@@ -255,6 +255,22 @@ def test_user_projects_by_role():
                  set(['test', 'u/test-admin', 'adobe-1', '--init--']))
 
 
+@td.with_user_project('test-admin')
+@with_setup(setUp)
+def test_user_projects_unnamed():
+    """
+    Confirm that spurious ProjectRoles associating a user with
+    a project to which they do not belong to any named group
+    don't cause the user to count as a member of the project.
+    """
+    sub1 = M.Project.query.get(shortname='test/sub1')
+    M.ProjectRole(
+        user_id=c.user._id,
+        project_id=sub1._id)
+    ThreadLocalORMSession.flush_all()
+    assert_not_in('test/sub1', [p.shortname for p in c.user.my_projects()])
+
+
 @patch.object(g, 'user_message_max_messages', 3)
 def test_check_sent_user_message_times():
     user1 = M.User.register(dict(username='test-user'), make_project=False)


Mime
View raw message