Fix search for administrators and projects

Closes SCI-958.
2025-01-02 21:51:51 +08:00 · 2017-02-13 14:15:53 +01:00 · 2017-02-13 14:15:53 +01:00 · 3313d14316
commit 3313d14316
parent c6ed73bc82
1 changed files with 36 additions and 33 deletions
--- a/app/models/project.rb
+++ b/app/models/project.rb
@ -41,14 +41,19 @@ class Project < ActiveRecord::Base
    end
    if current_team
-      new_query = Project
+      new_query =
-                  .distinct
+        Project
-                  .joins(:user_projects)
+        .distinct
-                  .where('projects.team_id = ?',
+        .joins(:user_projects)
-                         current_team.id)
+        .where('projects.team_id = ?', current_team.id)
-                  .where('projects.visibility = 1 OR user_projects.user_id = ?',
+      unless user.user_teams.find_by(team: current_team).try(:admin?)
-                         user.id)
+        # Admins see all projects in the team
-                  .where_attributes_like(:name, a_query)
+        new_query = new_query.where(
          'projects.visibility = 1 OR user_projects.user_id = ?',
          user.id
        )
      end
      new_query = new_query.where_attributes_like(:name, a_query)
      if include_archived
        return new_query
@ -56,35 +61,33 @@ class Project < ActiveRecord::Base
        return new_query.where('projects.archived = ?', false)
      end
    else
-      team_ids =
+      new_query = Project
-        Team
+                  .distinct
-        .joins(:user_teams)
+                  .joins(team: :user_teams)
-        .where('user_teams.user_id = ?', user.id)
+                  .where('user_teams.user_id = ?', user.id)
        .select('id')
        .distinct
      if include_archived
-        new_query = Project
+        new_query =
-                    .distinct
+          new_query
-                    .joins(:user_projects)
+          .joins(:user_projects)
-                    .where('projects.team_id IN (?)', team_ids)
+          .where(
-                    .where(
+            'user_teams.role = 2 OR projects.visibility = 1 OR ' \
-                      'projects.visibility = 1 OR user_projects.user_id = ?',
+            'user_projects.user_id = ?',
-                      user.id
+            user.id
-                    )
+          )
-                    .where_attributes_like(:name, a_query)
+          .where_attributes_like('projects.name', a_query)
      else
-        new_query = Project
+        new_query =
-                    .distinct
+          new_query
-                    .joins(:user_projects)
+          .joins(:user_projects)
-                    .where('projects.team_id IN (?)', team_ids)
+          .where(
-                    .where(
+            'user_teams.role = 2 OR projects.visibility = 1 OR ' \
-                      'projects.visibility = 1 OR user_projects.user_id = ?',
+            'user_projects.user_id = ?',
-                      user.id
+            user.id
-                    )
+          )
-                    .where_attributes_like(:name, a_query)
+          .where_attributes_like('projects.name', a_query)
-                    .where('projects.archived = ?', false)
+          .where('projects.archived = ?', false)
      end
    end