#108 Activity.latest still allows users to view all tasks of other users - Fat Free CRM

Type	To find
responsible:me	tickets assigned to you
tagged:"@high"	tickets tagged @high
milestone:next	tickets in the upcoming milestone
state:invalid	tickets with the state invalid
created:"last week"	tickets created last week
sort:number, importance, updated	tickets sorted by #, importance or updated
Combine keywords for powerful searching.
Use advanced searching »

#108 new

Activity.latest still allows users to view all tasks of other users

Reported by Mike Dvorkin | October 4th, 2009 @ 09:27 PM | in Feature Requests

From alexp: Just a quick thought, tasks are still displayed as recent activity in the dashboard for all users regardless of who they are assigned to, would it make sense to keep tasks private (left sidebar panel works Activity.for is correct - only finds the current users items) e.g for a new user the dashboard should be empty, but Activity.latest finds all of the other users tasks even though they are assigned to another user.

get_activities in home_controller calls the named scope Activity.latest for the index page of the dashboard, Activity.latest could be modified:

named_scope :latest, lambda { |options|  {
  :conditions => [ "#{options[:asset] ? "subject_type = ?" : "0=?"}
    AND user_id = ? AND activities.created_at >= ?", options[:asset] || 0,
    options[:user] || @current_user, Time.now, options[:duration] || 2.days) ],
  :include => :user,
  :order => "activities.created_at DESC"
} }

It still works in assigning tasks to other users and I cant see any immediate knock on effects, Michael, maybe you had some reason for the original logic, but this allows tasks to be viewed only by the setter and the associated user.

Comments and changes to this ticket

Mike Dvorkin January 12th, 2010 @ 08:40 PM
- Milestone changed from “0.9.7 "Steinitz"” to “Feature Requests”
You flagged this item as spam.
alex hale January 21st, 2022 @ 02:52 AM
It’s encouraging to see that some people are still working hard to keep their websites up to date. I’ll make a point of returning to see you shortly. It’s very amazing motorcycle tow NYC http://nycmanhattantowing.com/
You flagged this item as spam.
josakar863 July 22nd, 2023 @ 03:32 AM
I've been browsing online more than three hours today, yet I never found any interesting article like yours. It's pretty worth enough for me. In my view, if all site owners and bloggers made good content as you did, the net will be much more useful than ever before. http://www.pearltrees.com/costo85/item528053745

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile »

Ruby on Rails CRM platform for Web 2.0 and beyond

People watching this ticket

Mike Dvorkin

Fatfreecrm Fat Free CRM → Feature Requests