[49726] Validate query filters with the right user (#13512)

* Make test run faster

From 12 seconds to 3 seconds

* [49726] Validate query filters with the right user

Fix https://community.openproject.org/wp/49726

modules/calendar/app/services/calendar/ical_response_service.rb

@@ -43,11 +43,13 @@ def perform(ical_token_string:, query_id:)
 
       ical_string = nil
 
-      success, errors = validate_and_yield(query, user, options: { ical_token: ical_token_instance }) do
-        ical_string = ical_generation(query, user)
-      end
+      User.execute_as(user) do
+        success, errors = validate_and_yield(query, user, options: { ical_token: ical_token_instance }) do
+          ical_string = ical_generation(query, user)
+        end
 
-      ServiceResult.new(success:, result: ical_string, errors:)
+        ServiceResult.new(success:, result: ical_string, errors:)
+      end
     end
 
     protected

modules/calendar/spec/controllers/ical_controller_spec.rb

@@ -29,37 +29,30 @@
 require 'spec_helper'
 
 RSpec.describe Calendar::ICalController do
-  let(:project) { create(:project) }
-  let(:user) do
-    create(:user,
-           member_in_project: project,
-           member_with_permissions: sufficient_permissions)
-  end
-  let(:sufficient_permissions) { %i[view_work_packages share_calendars] }
-  let(:insufficient_permissions) { %i[view_work_packages] }
+  shared_let(:project) { create(:project) }
 
-  let(:work_package_with_due_date) do
+  shared_let(:work_package_with_due_date) do
     create(:work_package, project:,
                           due_date: Time.zone.today + 7.days)
   end
-  let(:work_package_with_start_date) do
+  shared_let(:work_package_with_start_date) do
     create(:work_package, project:,
                           start_date: Time.zone.today + 14.days)
   end
-  let(:work_package_with_start_and_due_date) do
+  shared_let(:work_package_with_start_and_due_date) do
     create(:work_package, project:,
                           start_date: Date.tomorrow,
                           due_date: Time.zone.today + 7.days)
   end
-  let(:work_package_with_due_date_far_in_past) do
+  shared_let(:work_package_with_due_date_far_in_past) do
     create(:work_package, project:,
                           due_date: Time.zone.today - 180.days)
   end
-  let(:work_package_with_due_date_far_in_future) do
+  shared_let(:work_package_with_due_date_far_in_future) do
     create(:work_package, project:,
                           due_date: Time.zone.today + 180.days)
   end
-  let!(:work_packages) do
+  shared_let(:work_packages) do
     [
       work_package_with_due_date,
       work_package_with_start_date,
@@ -68,6 +61,13 @@
       work_package_with_due_date_far_in_future
     ]
   end
+  let(:user) do
+    create(:user,
+           member_in_project: project,
+           member_with_permissions: sufficient_permissions)
+  end
+  let(:sufficient_permissions) { %i[view_work_packages share_calendars] }
+  let(:insufficient_permissions) { %i[view_work_packages] }
   let(:query) do
     create(:query,
            project:,
@@ -133,6 +133,24 @@
       it_behaves_like 'success'
     end
 
+    context 'with valid params and permissions with a query having a parent filter (bug #49726)' do
+      before do
+        User.execute_as(user) do
+          parent_work_package = create(:work_package, project:, children: work_packages)
+          query.add_filter(:parent, "=", [parent_work_package.id.to_s])
+          query.save!
+        end
+
+        get :show, params: {
+          project_id: project.id,
+          id: query.id,
+          ical_token: valid_ical_token_value
+        }
+      end
+
+      it_behaves_like 'success'
+    end
+
     context 'with valid params and permissions when targeting own query when globally disabled',
             with_settings: { ical_enabled: false } do
       before do