pulibrary / pdc_describe / d2dd8577-37c1-492c-a1f6-4059fe110b4b

coverage: 96.233% (-0.1%) from 96.333%
d2dd8577-37c1-492c-a1f6-4059fe110b4b

Pull #1661

circleci

web-flow 
Merge branch 'main' into 1541-report
Pull Request #1661: Datasets report

20 of 24 new or added lines in 2 files covered. (83.33%)

3142 of 3265 relevant lines covered (96.23%)

209.22 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

78.95
/app/controllers/reports_controller.rb
1 
# frozen_string_literal: true
2 
class ReportsController < ApplicationController
1
3 
  def dataset_list
1
4 
    if current_user.super_admin? || current_user.moderator?
5
5 
      @works = Work.where(sql_where(params))
4
6 
    else
7 
      redirect_to "/"
1
8 
    end
9 
  end
10 










11



  private




1





12













13



    def sql_where(params)




1






14



      sql_where = []




4






15



      if params["status"] == "finished"




4






NEW


16



        sql_where << "state = 'approved'"




×








17



      elsif params["status"] == "unfinished"




4






NEW


18



        sql_where << "state != 'approved'"




×







19



      end










20













21



      if params["group"].present? && params["group"] != "ALL"




4






22



        group_id = Group.where(code: params["group"]).first.id




1






23



        sql_where << "group_id = #{group_id}"




1





24



      end










25













26



      if params["year"].present? && params["year"] != "ALL"




4






NEW


27



        year = params["year"].to_i # Force to int to guard against SQL injection




×








NEW


28



        sql_where << "metadata->>'publication_year' = '#{year}'"




×







29



      end











30



      sql_where.join(" AND ")




4





31



    end










32



end
























    

  • 

    •