Merged r17359 and r17360 from trunk to 3.4-stable (#28693).

git-svn-id: http://svn.redmine.org/redmine/branches/3.4-stable@17361 e93f8b46-1217-0410-a6f0-8f06a7374b81

diff --git a/lib/redmine.rb b/lib/redmine.rb
index 7773e3875376441f880433935aa57d55c24183c8..75c455a074d911b3ff20c703dbc08ca101f44a96 100644 (file)
--- a/lib/redmine.rb
+++ b/lib/redmine.rb
@@ -126,7 +126,7 @@ Redmine::AccessControl.map do |map|
     map.permission :log_time, {:timelog => [:new, :create]}, :require => :loggedin
     map.permission :edit_time_entries, {:timelog => [:edit, :update, :destroy, :bulk_edit, :bulk_update]}, :require => :member
     map.permission :edit_own_time_entries, {:timelog => [:edit, :update, :destroy,:bulk_edit, :bulk_update]}, :require => :loggedin
-    map.permission :manage_project_activities, {:project_enumerations => [:update, :destroy]}, :require => :member
+    map.permission :manage_project_activities, {:projects => :settings, :project_enumerations => [:update, :destroy]}, :require => :member
   end
 
   map.project_module :news do |map|
@@ -164,7 +164,7 @@ Redmine::AccessControl.map do |map|
     map.permission :browse_repository, {:repositories => [:show, :browse, :entry, :raw, :annotate, :changes, :diff, :stats, :graph]}, :read => true
     map.permission :commit_access, {}
     map.permission :manage_related_issues, {:repositories => [:add_related_issue, :remove_related_issue]}
-    map.permission :manage_repository, {:repositories => [:new, :create, :edit, :update, :committers, :destroy]}, :require => :member
+    map.permission :manage_repository, {:projects => :settings, :repositories => [:new, :create, :edit, :update, :committers, :destroy]}, :require => :member
   end
 
   map.project_module :boards do |map|
@@ -174,7 +174,7 @@ Redmine::AccessControl.map do |map|
     map.permission :edit_own_messages, {:messages => :edit, :attachments => :upload}, :require => :loggedin
     map.permission :delete_messages, {:messages => :destroy}, :require => :member
     map.permission :delete_own_messages, {:messages => :destroy}, :require => :loggedin
-    map.permission :manage_boards, {:boards => [:new, :create, :edit, :update, :destroy]}, :require => :member
+    map.permission :manage_boards, {:projects => :settings, :boards => [:new, :create, :edit, :update, :destroy]}, :require => :member
   end
 
   map.project_module :calendar do |map|

diff --git a/test/functional/projects_controller_test.rb b/test/functional/projects_controller_test.rb
index 955ef2fb48f74243978a74b4dbbc38d2fb2cb4e4..f243af92c8285bad4612a3c23945611e12e2b46e 100644 (file)
--- a/test/functional/projects_controller_test.rb
+++ b/test/functional/projects_controller_test.rb
@@ -661,6 +661,28 @@ class ProjectsControllerTest < Redmine::ControllerTest
     assert_select "tr#member-#{member.id}"
   end
 
+  def test_settings_should_show_tabs_depending_on_permission
+    @request.session[:user_id] = 3
+    role = User.find(3).roles.first
+
+    role.permissions = []
+    role.save
+    get :settings, :params => {
+      :id => 'ecookbook'
+    }
+    assert_response 403
+
+    role.add_permission! :manage_repository, :manage_boards, :manage_project_activities
+    get :settings, :params => {
+      :id => 'ecookbook'
+    }
+    assert_response :success
+    assert_select 'a[id^=tab-]', 3
+    assert_select 'a#tab-repositories'
+    assert_select 'a#tab-boards'
+    assert_select 'a#tab-activities'
+  end
+
   def test_update
     @request.session[:user_id] = 2 # manager
     post :update, :params => {