meineerde/redmine
1
0
Fork 0
mirror of https://github.com/meineerde/redmine.git synced 2025-12-19 15:01:14 +00:00
Code Issues Releases Wiki Activity

Disable "Select project modules" permission does not apply to the new project form (#23470).

Browse Source 
git-svn-id: http://svn.redmine.org/redmine/trunk@15752 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Jean-Philippe Lang 2016-08-30 19:32:52 +00:00
parent 9f9232381a
commit b405a0be53
3 changed files with 63 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
app/models/project.rb
View File

@ -500,12 +500,18 @@ class Project < ActiveRecord::Base
# Adds user as a project member with the default role # Adds user as a project member with the default role
# Used for when a non-admin user creates a project # Used for when a non-admin user creates a project
def add_default_member(user) def add_default_member(user)
role = Role.givable.find_by_id(Setting.new_project_user_role_id.to_i) || Role.givable.first role = self.class.default_member_role
member = Member.new(:project => self, :principal => user, :roles => [role]) member = Member.new(:project => self, :principal => user, :roles => [role])
self.members << member self.members << member
member member
end end
# Default role that is given to non-admin users that
# create a project
def self.default_member_role
Role.givable.find_by_id(Setting.new_project_user_role_id.to_i) || Role.givable.first
end
# Deletes all project's members # Deletes all project's members
def delete_all_members def delete_all_members
me, mr = Member.table_name, MemberRole.table_name me, mr = Member.table_name, MemberRole.table_name
@ -716,7 +722,17 @@ class Project < ActiveRecord::Base
'default_version_id' 'default_version_id'
safe_attributes 'enabled_module_names', safe_attributes 'enabled_module_names',
:if => lambda {|project, user| project.new_record? || user.allowed_to?(:select_project_modules, project) } :if => lambda {|project, user|
if project.new_record?
if user.admin?
true
else
default_member_role.has_permission?(:select_project_modules)
end
else
user.allowed_to?(:select_project_modules, project)
end
}
safe_attributes 'inherit_members', safe_attributes 'inherit_members',
:if => lambda {|project, user| project.parent.nil? || project.parent.visible?(user)} :if => lambda {|project, user| project.parent.nil? || project.parent.visible?(user)}

2
app/views/projects/_form.html.erb
View File

@ -32,7 +32,7 @@
<%= call_hook(:view_projects_form, :project => @project, :form => f) %> <%= call_hook(:view_projects_form, :project => @project, :form => f) %>
</div> </div>
<% if @project.new_record? %> <% if @project.new_record? && @project.safe_attribute?('enabled_module_names') %>
<fieldset class="box tabular"><legend><%= l(:label_module_plural) %></legend> <fieldset class="box tabular"><legend><%= l(:label_module_plural) %></legend>
<% Redmine::AccessControl.available_project_modules.each do |m| %> <% Redmine::AccessControl.available_project_modules.each do |m| %>
<label class="floating"> <label class="floating">

44
test/functional/projects_controller_test.rb
View File

@ -111,6 +111,22 @@ class ProjectsControllerTest < Redmine::ControllerTest
end end
end end
def test_new_by_non_admin_should_display_modules_if_default_role_is_allowed_to_select_modules
Role.non_member.add_permission!(:add_project)
default_role = Role.generate!(:permissions => [:view_issues])
user = User.generate!
@request.session[:user_id] = user.id
with_settings :new_project_user_role_id => default_role.id.to_s do
get :new
assert_select 'input[name=?]', 'project[enabled_module_names][]', 0
default_role.add_permission!(:select_project_modules)
get :new
assert_select 'input[name=?]', 'project[enabled_module_names][]'
end
end
def test_new_should_not_display_invalid_search_link def test_new_should_not_display_invalid_search_link
@request.session[:user_id] = 1 @request.session[:user_id] = 1
@ -277,6 +293,34 @@ class ProjectsControllerTest < Redmine::ControllerTest
assert_select_error /Subproject of is invalid/ assert_select_error /Subproject of is invalid/
end end
def test_create_by_non_admin_should_accept_modules_if_default_role_is_allowed_to_select_modules
Role.non_member.add_permission!(:add_project)
default_role = Role.generate!(:permissions => [:view_issues, :add_project])
user = User.generate!
@request.session[:user_id] = user.id
with_settings :new_project_user_role_id => default_role.id.to_s, :default_projects_modules => %w(news files) do
project = new_record(Project) do
post :create, :project => {
:name => "blog1",
:identifier => "blog1",
:enabled_module_names => ["issue_tracking", "repository"]
}
end
assert_equal %w(files news), project.enabled_module_names.sort
default_role.add_permission!(:select_project_modules)
project = new_record(Project) do
post :create, :project => {
:name => "blog2",
:identifier => "blog2",
:enabled_module_names => ["issue_tracking", "repository"]
}
end
assert_equal %w(issue_tracking repository), project.enabled_module_names.sort
end
end
def test_create_subproject_with_inherit_members_should_inherit_members def test_create_subproject_with_inherit_members_should_inherit_members
Role.find_by_name('Manager').add_permission! :add_subprojects Role.find_by_name('Manager').add_permission! :add_subprojects
parent = Project.find(1) parent = Project.find(1)