Reporter role can manage issue tracker now

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

Reporter role can manage issue tracker now
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
a5b54f91 · Dmitriy Zaporozhets · 8e6efc5e · a5b54f91 · a5b54f91 · a5b54f91
Commit a5b54f91 authored Jun 30, 2015 by Dmitriy Zaporozhets
6 changed files
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -22,6 +22,7 @@ v 7.13.0 (unreleased)
  - Explicit error when commit not found in the CI
  - Improve performance for issue and merge request pages 
  - Users with guest access level can not set assignee, labels or milestones for issue and merge request
+  - Reporter role can manage issue tracker now: edit any issue, set assignee or milestone and manage labels

 v 7.12.0 (unreleased)
  - Fix Error 500 when one user attempts to access a personal, internal snippet (Stan Hu)

--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -155,7 +155,10 @@ class Ability
      project_guest_rules + [
        :download_code,
        :fork_project,
-        :create_project_snippet
+        :create_project_snippet,
+        :update_issue,
+        :admin_issue,
+        :admin_label,
      ]
    end

@@ -163,9 +166,6 @@ class Ability
      project_report_rules + [
        :create_merge_request,
        :create_wiki,
-        :update_issue,
-        :admin_issue,
-        :admin_label,
        :push_code
      ]
    end

--- a/doc/permissions/permissions.md
+++ b/doc/permissions/permissions.md
@@ -15,6 +15,8 @@ If a user is a GitLab administrator they receive all permissions.
 | Pull project code                     |         | ✓          | ✓           | ✓        | ✓      |
 | Download project                      |         | ✓          | ✓           | ✓        | ✓      |
 | Create code snippets                  |         | ✓          | ✓           | ✓        | ✓      |
+| Manage issue tracker                  |         | ✓          | ✓           | ✓        | ✓      |
+| Manage labels                         |         | ✓          | ✓           | ✓        | ✓      |
 | Create new merge request              |         |            | ✓           | ✓        | ✓      |
 | Create new branches                   |         |            | ✓           | ✓        | ✓      |
 | Push to non-protected branches        |         |            | ✓           | ✓        | ✓      |
@@ -22,8 +24,6 @@ If a user is a GitLab administrator they receive all permissions.
 | Remove non-protected branches         |         |            | ✓           | ✓        | ✓      |
 | Add tags                              |         |            | ✓           | ✓        | ✓      |
 | Write a wiki                          |         |            | ✓           | ✓        | ✓      |
-| Manage issue tracker                  |         |            | ✓           | ✓        | ✓      |
-| Manage labels                         |         |            | ✓           | ✓        | ✓      |
 | Create new milestones                 |         |            |             | ✓        | ✓      |
 | Add new team members                  |         |            |             | ✓        | ✓      |
 | Push to protected branches            |         |            |             | ✓        | ✓      |

--- a/spec/features/security/project/internal_access_spec.rb
+++ b/spec/features/security/project/internal_access_spec.rb
@@ -138,6 +138,18 @@ describe "Internal Project Access", feature: true  do
    it { is_expected.to be_denied_for :visitor }
  end

+  describe "GET /:project_path/issues/:id/edit" do
+    let(:issue) { create(:issue, project: project) }
+    subject { edit_namespace_project_issue_path(project.namespace, project, issue) }
+
+    it { is_expected.to be_allowed_for master }
+    it { is_expected.to be_allowed_for reporter }
+    it { is_expected.to be_allowed_for :admin }
+    it { is_expected.to be_denied_for guest }
+    it { is_expected.to be_denied_for :user }
+    it { is_expected.to be_denied_for :visitor }
+  end
+
  describe "GET /:project_path/snippets" do
    subject { namespace_project_snippets_path(project.namespace, project) }


--- a/spec/features/security/project/private_access_spec.rb
+++ b/spec/features/security/project/private_access_spec.rb
@@ -138,6 +138,18 @@ describe "Private Project Access", feature: true  do
    it { is_expected.to be_denied_for :visitor }
  end

+  describe "GET /:project_path/issues/:id/edit" do
+    let(:issue) { create(:issue, project: project) }
+    subject { edit_namespace_project_issue_path(project.namespace, project, issue) }
+
+    it { is_expected.to be_allowed_for master }
+    it { is_expected.to be_allowed_for reporter }
+    it { is_expected.to be_allowed_for :admin }
+    it { is_expected.to be_denied_for guest }
+    it { is_expected.to be_denied_for :user }
+    it { is_expected.to be_denied_for :visitor }
+  end
+
  describe "GET /:project_path/snippets" do
    subject { namespace_project_snippets_path(project.namespace, project) }


--- a/spec/features/security/project/public_access_spec.rb
+++ b/spec/features/security/project/public_access_spec.rb
@@ -143,6 +143,18 @@ describe "Public Project Access", feature: true  do
    it { is_expected.to be_allowed_for :visitor }
  end

+  describe "GET /:project_path/issues/:id/edit" do
+    let(:issue) { create(:issue, project: project) }
+    subject { edit_namespace_project_issue_path(project.namespace, project, issue) }
+
+    it { is_expected.to be_allowed_for master }
+    it { is_expected.to be_allowed_for reporter }
+    it { is_expected.to be_allowed_for :admin }
+    it { is_expected.to be_denied_for guest }
+    it { is_expected.to be_denied_for :user }
+    it { is_expected.to be_denied_for :visitor }
+  end
+
  describe "GET /:project_path/snippets" do
    subject { namespace_project_snippets_path(project.namespace, project) }