GitLab wurde aktualisiert. Dank regelmäßiger Updates bleibt das THM GitLab sicher und Sie profitieren von den neuesten Funktionen. Vielen Dank für Ihre Geduld.

Commit 7d2c8a02 authored by Jarka Košanová's avatar Jarka Košanová
Browse files

Remove link after issue move when no permissions

Don't show new issue link after move
when a user does not have permissions
to display the new issue
parent ce138642
......@@ -74,6 +74,7 @@ def issue_moved_email(recipient, issue, new_issue, updated_by_user, reason = nil
@new_issue = new_issue
@new_project = new_issue.project
@can_access_project = recipient.can?(:read_project, @new_project)
mail_answer_thread(issue, issue_thread_options(updated_by_user.id, recipient.id, reason))
end
......
%p
Issue was moved to another project.
%p
New issue:
= link_to project_issue_url(@new_project, @new_issue) do
= @new_issue.title
- if @can_access_project
%p
New issue:
= link_to project_issue_url(@new_project, @new_issue) do
= @new_issue.title
- else
You don't have access to the project.
Issue was moved to another project.
<% if @can_access_project %>
New issue location:
<%= project_issue_url(@new_project, @new_issue) %>
<% else %>
You don't have access to the project.
<% end %>
---
title: Don't show new issue link after move when a user does not have permissions
merge_request:
author:
type: security
......@@ -194,23 +194,53 @@
let(:new_issue) { create(:issue) }
subject { described_class.issue_moved_email(recipient, issue, new_issue, current_user) }
it_behaves_like 'an answer to an existing thread with reply-by-email enabled' do
let(:model) { issue }
end
it_behaves_like 'it should show Gmail Actions View Issue link'
it_behaves_like 'an unsubscribeable thread'
context 'when a user has permissions to access the new issue' do
before do
new_issue.project.add_developer(recipient)
end
it_behaves_like 'an answer to an existing thread with reply-by-email enabled' do
let(:model) { issue }
end
it_behaves_like 'it should show Gmail Actions View Issue link'
it_behaves_like 'an unsubscribeable thread'
it 'contains description about action taken' do
is_expected.to have_body_text 'Issue was moved to another project'
end
it 'has the correct subject and body' do
new_issue_url = project_issue_path(new_issue.project, new_issue)
it 'contains description about action taken' do
is_expected.to have_body_text 'Issue was moved to another project'
aggregate_failures do
is_expected.to have_referable_subject(issue, reply: true)
is_expected.to have_body_text(new_issue_url)
is_expected.to have_body_text(project_issue_path(project, issue))
end
end
it 'contains the issue title' do
is_expected.to have_body_text new_issue.title
end
end
it 'has the correct subject and body' do
new_issue_url = project_issue_path(new_issue.project, new_issue)
context 'when a user does not permissions to access the new issue' do
it 'has the correct subject and body' do
new_issue_url = project_issue_path(new_issue.project, new_issue)
aggregate_failures do
is_expected.to have_referable_subject(issue, reply: true)
is_expected.to have_body_text(new_issue_url)
is_expected.to have_body_text(project_issue_path(project, issue))
aggregate_failures do
is_expected.to have_referable_subject(issue, reply: true)
is_expected.not_to have_body_text(new_issue_url)
is_expected.to have_body_text(project_issue_path(project, issue))
end
end
it 'does not contain the issue title' do
is_expected.not_to have_body_text new_issue.title
end
it 'contains information about missing permissions' do
is_expected.to have_body_text "You don't have access to the project."
end
end
end
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment