Commit ba78dbcb authored by jplang's avatar jplang
Browse files

Don't consider roles without issue add/edit permissions for determining fields...

Don't consider roles without issue add/edit permissions for determining fields permissions (#15988).

git-svn-id: https://svn.redmine.org/redmine/trunk@13747 e93f8b46-1217-0410-a6f0-8f06a7374b81
parent 5c094502
......@@ -539,6 +539,7 @@ class Issue < ActiveRecord::Base
user_real = user || User.current
roles = user_real.admin ? Role.all.to_a : user_real.roles_for_project(project)
roles = roles.select(&:consider_workflow?)
return {} if roles.empty?
result = {}
......
......@@ -113,6 +113,10 @@ class Role < ActiveRecord::Base
!permissions.nil? && permissions.include?(perm.to_sym)
end
def consider_workflow?
has_permission?(:add_issues) || has_permission?(:edit_issues)
end
def <=>(role)
if role
if builtin == role.builtin
......
......@@ -914,6 +914,29 @@ class IssueTest < ActiveSupport::TestCase
assert_equal %w(due_date), issue.read_only_attribute_names(user)
end
def test_workflow_rules_should_ignore_roles_without_issue_permissions
role = Role.generate! :permissions => [:view_issues, :edit_issues]
ignored_role = Role.generate! :permissions => [:view_issues]
WorkflowPermission.delete_all
WorkflowPermission.create!(:old_status_id => 1, :tracker_id => 1,
:role => role, :field_name => 'due_date',
:rule => 'required')
WorkflowPermission.create!(:old_status_id => 1, :tracker_id => 1,
:role => role, :field_name => 'start_date',
:rule => 'readonly')
WorkflowPermission.create!(:old_status_id => 1, :tracker_id => 1,
:role => role, :field_name => 'done_ratio',
:rule => 'readonly')
user = User.generate!
User.add_to_project user, Project.find(1), [role, ignored_role]
issue = Issue.new(:project_id => 1, :tracker_id => 1, :status_id => 1)
assert_equal %w(due_date), issue.required_attribute_names(user)
assert_equal %w(done_ratio start_date), issue.read_only_attribute_names(user).sort
end
def test_copy
issue = Issue.new.copy_from(1)
assert issue.copy?
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment