sql_params += [uuid_list]
end
+ if sql_table == "collections" and users_list.any?
+ # There is a 'name' link going from a readable group to the collection.
+ name_links = "(SELECT head_uuid FROM links WHERE link_class='name' AND tail_uuid IN (#{sanitized_uuid_list}))"
+ sql_conds += ["#{sql_table}.uuid IN #{name_links}"]
+ end
+
# Link head points to this row, or to the owner of this row (the thing to be read)
#
# Link tail originates from this user, or a group that is readable by this
name: can_read
tail_uuid: zzzzz-j7d0g-anonymouspublic
head_uuid: d41d8cd98f00b204e9800998ecf8427e+0
+
+baz_collection_name_in_asubproject:
+ uuid: zzzzz-o0j2j-bazprojectname2
+ owner_uuid: zzzzz-tpzed-xurymjxw79nv3jz
+ created_at: 2014-04-21 15:37:48 -0400
+ modified_by_client_uuid: zzzzz-ozdt8-brczlopd8u8d0jr
+ modified_by_user_uuid: zzzzz-tpzed-xurymjxw79nv3jz
+ modified_at: 2014-04-21 15:37:48 -0400
+ updated_at: 2014-04-21 15:37:48 -0400
+ tail_uuid: zzzzz-j7d0g-axqo7eu9pwvna1x
+ head_uuid: ea10d51bcf88862dbcc36eb292017dfd+45
+ link_class: name
+ # This should resemble the default name assigned when a
+ # Collection is added to a Project.
+ name: "ea10d51bcf88862dbcc36eb292017dfd+45 added sometime"
+ properties: {}
check_project_contents_response
end
+ test "user with project read permission can see project collections" do
+ authorize_with :project_viewer
+ get :contents, {
+ id: groups(:asubproject).uuid,
+ format: :json,
+ include_linked: true,
+ }
+ ids = json_response['items'].map { |item| item["uuid"] }
+ assert_includes ids, collections(:baz_file).uuid
+ end
+
test 'list objects across multiple projects' do
authorize_with :project_viewer
get :contents, {