Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
iv
gitlab-ce
Commits
0a8c9f72
Commit
0a8c9f72
authored
Mar 21, 2016
by
Douglas Barbosa Alexandre
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Restrict notifications for confidential issues
parent
8df6c3b9
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
105 additions
and
2 deletions
+105
-2
app/services/notification_service.rb
app/services/notification_service.rb
+11
-1
spec/services/issues/update_service_spec.rb
spec/services/issues/update_service_spec.rb
+6
-1
spec/services/notification_service_spec.rb
spec/services/notification_service_spec.rb
+88
-0
No files found.
app/services/notification_service.rb
View file @
0a8c9f72
...
@@ -162,6 +162,7 @@ class NotificationService
...
@@ -162,6 +162,7 @@ class NotificationService
recipients
=
add_subscribed_users
(
recipients
,
note
.
noteable
)
recipients
=
add_subscribed_users
(
recipients
,
note
.
noteable
)
recipients
=
reject_unsubscribed_users
(
recipients
,
note
.
noteable
)
recipients
=
reject_unsubscribed_users
(
recipients
,
note
.
noteable
)
recipients
=
reject_users_without_access
(
recipients
,
note
.
noteable
)
recipients
.
delete
(
note
.
author
)
recipients
.
delete
(
note
.
author
)
recipients
=
recipients
.
uniq
recipients
=
recipients
.
uniq
...
@@ -376,6 +377,14 @@ class NotificationService
...
@@ -376,6 +377,14 @@ class NotificationService
end
end
end
end
def
reject_users_without_access
(
recipients
,
target
)
return
recipients
unless
target
.
is_a?
(
Issue
)
recipients
.
select
do
|
user
|
user
.
can?
(
:read_issue
,
target
)
end
end
def
add_subscribed_users
(
recipients
,
target
)
def
add_subscribed_users
(
recipients
,
target
)
return
recipients
unless
target
.
respond_to?
:subscribers
return
recipients
unless
target
.
respond_to?
:subscribers
...
@@ -464,15 +473,16 @@ class NotificationService
...
@@ -464,15 +473,16 @@ class NotificationService
end
end
recipients
=
reject_unsubscribed_users
(
recipients
,
target
)
recipients
=
reject_unsubscribed_users
(
recipients
,
target
)
recipients
=
reject_users_without_access
(
recipients
,
target
)
recipients
.
delete
(
current_user
)
recipients
.
delete
(
current_user
)
recipients
.
uniq
recipients
.
uniq
end
end
def
build_relabeled_recipients
(
target
,
current_user
,
labels
:)
def
build_relabeled_recipients
(
target
,
current_user
,
labels
:)
recipients
=
add_labels_subscribers
([],
target
,
labels:
labels
)
recipients
=
add_labels_subscribers
([],
target
,
labels:
labels
)
recipients
=
reject_unsubscribed_users
(
recipients
,
target
)
recipients
=
reject_unsubscribed_users
(
recipients
,
target
)
recipients
=
reject_users_without_access
(
recipients
,
target
)
recipients
.
delete
(
current_user
)
recipients
.
delete
(
current_user
)
recipients
.
uniq
recipients
.
uniq
end
end
...
...
spec/services/issues/update_service_spec.rb
View file @
0a8c9f72
...
@@ -151,7 +151,12 @@ describe Issues::UpdateService, services: true do
...
@@ -151,7 +151,12 @@ describe Issues::UpdateService, services: true do
context
'when the issue is relabeled'
do
context
'when the issue is relabeled'
do
let!
(
:non_subscriber
)
{
create
(
:user
)
}
let!
(
:non_subscriber
)
{
create
(
:user
)
}
let!
(
:subscriber
)
{
create
(
:user
).
tap
{
|
u
|
label
.
toggle_subscription
(
u
)
}
}
let!
(
:subscriber
)
do
create
(
:user
).
tap
do
|
u
|
label
.
toggle_subscription
(
u
)
project
.
team
<<
[
u
,
:developer
]
end
end
it
'sends notifications for subscribers of newly added labels'
do
it
'sends notifications for subscribers of newly added labels'
do
opts
=
{
label_ids:
[
label
.
id
]
}
opts
=
{
label_ids:
[
label
.
id
]
}
...
...
spec/services/notification_service_spec.rb
View file @
0a8c9f72
...
@@ -111,6 +111,33 @@ describe NotificationService, services: true do
...
@@ -111,6 +111,33 @@ describe NotificationService, services: true do
end
end
end
end
context
'confidential issue note'
do
let
(
:project
)
{
create
(
:empty_project
,
:public
)
}
let
(
:author
)
{
create
(
:user
)
}
let
(
:assignee
)
{
create
(
:user
)
}
let
(
:non_member
)
{
create
(
:user
)
}
let
(
:member
)
{
create
(
:user
)
}
let
(
:admin
)
{
create
(
:admin
)
}
let
(
:confidential_issue
)
{
create
(
:issue
,
:confidential
,
project:
project
,
author:
author
,
assignee:
assignee
)
}
let
(
:note
)
{
create
(
:note_on_issue
,
noteable:
confidential_issue
,
project:
project
,
note:
"
#{
author
.
to_reference
}
#{
assignee
.
to_reference
}
#{
non_member
.
to_reference
}
#{
member
.
to_reference
}
#{
admin
.
to_reference
}
"
)
}
it
'filters out users that can not read the issue'
do
project
.
team
<<
[
member
,
:developer
]
expect
(
SentNotification
).
to
receive
(
:record
).
with
(
confidential_issue
,
any_args
).
exactly
(
4
).
times
ActionMailer
::
Base
.
deliveries
.
clear
notification
.
new_note
(
note
)
should_not_email
(
non_member
)
should_email
(
author
)
should_email
(
assignee
)
should_email
(
member
)
should_email
(
admin
)
end
end
context
'issue note mention'
do
context
'issue note mention'
do
let
(
:project
)
{
create
(
:empty_project
,
:public
)
}
let
(
:project
)
{
create
(
:empty_project
,
:public
)
}
let
(
:issue
)
{
create
(
:issue
,
project:
project
,
assignee:
create
(
:user
))
}
let
(
:issue
)
{
create
(
:issue
,
project:
project
,
assignee:
create
(
:user
))
}
...
@@ -233,6 +260,36 @@ describe NotificationService, services: true do
...
@@ -233,6 +260,36 @@ describe NotificationService, services: true do
should_email
(
subscriber
)
should_email
(
subscriber
)
end
end
context
'confidential issues'
do
let
(
:author
)
{
create
(
:user
)
}
let
(
:assignee
)
{
create
(
:user
)
}
let
(
:non_member
)
{
create
(
:user
)
}
let
(
:member
)
{
create
(
:user
)
}
let
(
:admin
)
{
create
(
:admin
)
}
let
(
:confidential_issue
)
{
create
(
:issue
,
:confidential
,
project:
project
,
title:
'Confidential issue'
,
author:
author
,
assignee:
assignee
)
}
it
"emails subscribers of the issue's labels that can read the issue"
do
project
.
team
<<
[
member
,
:developer
]
label
=
create
(
:label
,
issues:
[
confidential_issue
])
label
.
toggle_subscription
(
non_member
)
label
.
toggle_subscription
(
author
)
label
.
toggle_subscription
(
assignee
)
label
.
toggle_subscription
(
member
)
label
.
toggle_subscription
(
admin
)
ActionMailer
::
Base
.
deliveries
.
clear
notification
.
new_issue
(
confidential_issue
,
@u_disabled
)
should_not_email
(
non_member
)
should_not_email
(
author
)
should_email
(
assignee
)
should_email
(
member
)
should_email
(
admin
)
end
end
end
end
describe
:reassigned_issue
do
describe
:reassigned_issue
do
...
@@ -332,6 +389,37 @@ describe NotificationService, services: true do
...
@@ -332,6 +389,37 @@ describe NotificationService, services: true do
should_not_email
(
subscriber_to_label
)
should_not_email
(
subscriber_to_label
)
should_email
(
subscriber_to_label2
)
should_email
(
subscriber_to_label2
)
end
end
context
'confidential issues'
do
let
(
:author
)
{
create
(
:user
)
}
let
(
:assignee
)
{
create
(
:user
)
}
let
(
:non_member
)
{
create
(
:user
)
}
let
(
:member
)
{
create
(
:user
)
}
let
(
:admin
)
{
create
(
:admin
)
}
let
(
:confidential_issue
)
{
create
(
:issue
,
:confidential
,
project:
project
,
title:
'Confidential issue'
,
author:
author
,
assignee:
assignee
)
}
let!
(
:label_1
)
{
create
(
:label
,
issues:
[
confidential_issue
])
}
let!
(
:label_2
)
{
create
(
:label
)
}
it
"emails subscribers of the issue's labels that can read the issue"
do
project
.
team
<<
[
member
,
:developer
]
label_2
.
toggle_subscription
(
non_member
)
label_2
.
toggle_subscription
(
author
)
label_2
.
toggle_subscription
(
assignee
)
label_2
.
toggle_subscription
(
member
)
label_2
.
toggle_subscription
(
admin
)
ActionMailer
::
Base
.
deliveries
.
clear
notification
.
relabeled_issue
(
confidential_issue
,
[
label_2
],
@u_disabled
)
should_not_email
(
non_member
)
should_email
(
author
)
should_email
(
assignee
)
should_email
(
member
)
should_email
(
admin
)
end
end
end
end
describe
:close_issue
do
describe
:close_issue
do
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment