uclibs / ucrate / 13685ef2-594d-45cd-93bc-cf13d4643c4f

coverage: 76.958% (+21.1%) from 55.893%
13685ef2-594d-45cd-93bc-cf13d4643c4f

push

circleci

web-flow 
Warn 993 fix distinct error sql vunlerability (#1112)

* wip - made new permissions_service file

* WIP - tests failing

* Overwrote all functions of permissions_service, added to rubocop length ignore

* Fix Rubocop error

62 of 62 new or added lines in 1 file covered. (100.0%)

180 existing lines in 9 files now uncovered.

2742 of 3563 relevant lines covered (76.96%)

178.11 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0
/app/controllers/display_users_controller.rb
1 
# frozen_string_literal: true
2 










UNCOV

3



class DisplayUsersController < Hyrax::UsersController




×








UNCOV

4



  def index




×







5



    all_users = search(params[:uq])




×







6



    filtered_users = exclude_admins_and_non_owners(all_users)




×







7



    @users = get_current_page(filtered_users)




×








UNCOV

8



  end




×







9













UNCOV

10



  def search(query)




×








UNCOV

11



    clause = query.blank? ? nil : "%" + query.downcase.strip + "%"




×








UNCOV

12



    base = ::User.where(*base_query)




×








UNCOV

13



    if clause.present?




×








UNCOV

14



      base = base.where("#{Devise.authentication_keys.first} like lower(?)




×








UNCOV

15



                           OR display_name like lower(?)




×








UNCOV

16



                           OR first_name like lower(?)




×








UNCOV

17



                           OR last_name like lower(?)", clause, clause, clause, clause)




×








UNCOV

18



    end




×








UNCOV

19



    base.where("#{Devise.authentication_keys.first} not in (?)", [::User.batch_user_key, ::User.audit_user_key])




×








UNCOV

20



        .where(guest: false)




×








UNCOV

21



        .references(:trophies)




×








UNCOV

22



        .order(sort_value)




×








UNCOV

23



  end




×







24













UNCOV

25



  protected




×







26













UNCOV

27



  def sort_value




×








UNCOV

28



    sort = params[:sort].presence || "name"




×








UNCOV

29



    case sort




×








UNCOV

30



    when 'name'




×








UNCOV

31



      'last_name'




×








UNCOV

32



    when 'name desc'




×







33



      'last_name DESC'




×








UNCOV

34



    end




×








UNCOV

35



  end




×







36













UNCOV

37



  def exclude_admins_and_non_owners(users)




×







38



    users.to_a.delete_if do |user|




×







39



      !(current_user && current_user&.admin?) && (user_work_count(user)&.zero? || user&.admin?)




×








UNCOV

40



    end




×








UNCOV

41



  end




×







42













UNCOV

43



  def get_current_page(users)




×







44



    ::User.where(id: users.map(&:id)).order(sort_value).page(params[:page]).per(10)




×








UNCOV

45



  end




×








UNCOV

46



end




×





















    

  • 

    •