Per role visibility settings for project custom fields (#31925).

author Go MAEDA <maeda@farend.jp>

Tue, 20 Aug 2019 01:44:44 +0000 (01:44 +0000)

committer Go MAEDA <maeda@farend.jp>

Tue, 20 Aug 2019 01:44:44 +0000 (01:44 +0000)
author Go MAEDA <maeda@farend.jp>
Tue, 20 Aug 2019 01:44:44 +0000 (01:44 +0000)
committer Go MAEDA <maeda@farend.jp>
Tue, 20 Aug 2019 01:44:44 +0000 (01:44 +0000)
diff --git a/app/models/project.rb b/app/models/project.rb

index 30f3be5bafc4004f0843da4f21ba096e7652ac4e..88d1c6eb59627064594d36280bc9b26cada53c3d 100644 (file)
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -870,6 +870,13 @@ class Project < ActiveRecord::Base
      end
    end
  
+  def visible_custom_field_values(user = nil)
+    user ||= User.current
+    custom_field_values.select do |value|
+      value.custom_field.visible_by?(project, user)
+    end
+  end
+
    private
  
    def update_inherited_members
diff --git a/app/models/project_custom_field.rb b/app/models/project_custom_field.rb

index 92e7c9a569158d1e830998ffaa8455a4abf850e8..a4dde39d54efab70778da426ab6dc02bf720d6b2 100644 (file)
--- a/app/models/project_custom_field.rb
+++ b/app/models/project_custom_field.rb
@@ -22,6 +22,10 @@ class ProjectCustomField < CustomField
      :label_project_plural
    end
  
+  def visible_by?(project, user=User.current)
+    super || (roles & user.roles_for_project(project)).present?
+  end
+
    def visibility_by_project_condition(project_key=nil, user=User.current, id_column=nil)
      project_key ||= "#{Project.table_name}.id"
      super(project_key, user, id_column)
diff --git a/app/views/custom_fields/_form.html.erb b/app/views/custom_fields/_form.html.erb

index 97d39f96b17b5fae74a49d5accd0a81208b33fe7..deb000297fadd126804b503c7e771a41fd3e1ede 100644 (file)
--- a/app/views/custom_fields/_form.html.erb
+++ b/app/views/custom_fields/_form.html.erb
@@ -34,7 +34,7 @@
    <div class="box tabular">
      <p><%= f.check_box :is_required %></p>
  
-    <% if %w(UserCustomField ProjectCustomField).include?(@custom_field.class.name) %>
+    <% if %w(UserCustomField).include?(@custom_field.class.name) %>
        <p><%= f.check_box :visible %></p>
      <% end %>
  
@@ -53,7 +53,7 @@
      <%= call_hook(:"view_custom_fields_form_#{@custom_field.type.to_s.underscore}", :custom_field => @custom_field, :form => f) %>
    </div>
  
-  <% if %w(IssueCustomField TimeEntryCustomField).include?(@custom_field.class.name) %>
+  <% if %w(IssueCustomField TimeEntryCustomField ProjectCustomField).include?(@custom_field.class.name) %>
      <%= render :partial => 'visibility_by_role_selector', :locals => { :f => f } %>
    <% end %>
  
diff --git a/app/views/projects/_form.html.erb b/app/views/projects/_form.html.erb

index fc758f4e92af98f5590506a34b4aa8890360f55b..7c988fb0e2f372c576dcb11bf871b1bc2c3de0bf 100644 (file)
--- a/app/views/projects/_form.html.erb
+++ b/app/views/projects/_form.html.erb
@@ -25,7 +25,7 @@
  
  <%= wikitoolbar_for 'project_description' %>
  
-<% @project.custom_field_values.each do |value| %>
+<% @project.visible_custom_field_values.each do |value| %>
    <p><%= custom_field_tag_with_label :project, value %></p>
  <% end %>
  <%= call_hook(:view_projects_form, :project => @project, :form => f) %>
diff --git a/test/functional/custom_fields_controller_test.rb b/test/functional/custom_fields_controller_test.rb

index e59d408ef5ca0a91c08c379d955e37ffcf923acb..101a4c34fca87ea471f6432cce415b0865bd2cbc 100644 (file)
--- a/test/functional/custom_fields_controller_test.rb
+++ b/test/functional/custom_fields_controller_test.rb
@@ -126,6 +126,26 @@ class CustomFieldsControllerTest < Redmine::ControllerTest
      end
    end
  
+  def test_new_project_custom_field
+    get :new, :params => {
+        :type => 'ProjectCustomField'
+      }
+    assert_response :success
+
+    assert_select 'form#custom_field_form' do
+      assert_select 'select#custom_field_field_format[name=?]', 'custom_field[field_format]' do
+        assert_select 'option[value=user]', :text => 'User'
+        assert_select 'option[value=version]', :text => 'Version'
+      end
+
+      # Visibility
+      assert_select 'input[type=radio][name=?]', 'custom_field[visible]', 2
+      assert_select 'input[type=checkbox][name=?]', 'custom_field[role_ids][]', 3
+
+      assert_select 'input[type=hidden][name=type][value=ProjectCustomField]'
+    end
+  end
+
    def test_new_time_entry_custom_field_should_not_show_trackers_and_projects
      get :new, :params => {
          :type => 'TimeEntryCustomField'
diff --git a/test/functional/projects_controller_test.rb b/test/functional/projects_controller_test.rb

index 389ad6c8a632e358db2e4a49cabc6f6c0fb6165f..63159ab90f2bed9da7c6de5f881f68314a53a9b1 100644 (file)
--- a/test/functional/projects_controller_test.rb
+++ b/test/functional/projects_controller_test.rb
@@ -726,6 +726,18 @@ class ProjectsControllerTest < Redmine::ControllerTest
      assert_select 'a#tab-activities'
    end
  
+  def test_settings_should_not_display_custom_fields_not_visible_for_user
+    @request.session[:user_id] = 2
+
+    ProjectCustomField.find_by_name('Development status').update_attribute :visible, false
+    get :settings, :params => {
+        :id => 'ecookbook'
+      }
+    assert_response :success
+
+    assert_select 'select#project_custom_field_values_3', :count => 0
+  end
+
    def test_update
      @request.session[:user_id] = 2 # manager
      post :update, :params => {
author	Go MAEDA <maeda@farend.jp>
	Tue, 20 Aug 2019 01:44:44 +0000 (01:44 +0000)
committer	Go MAEDA <maeda@farend.jp>
	Tue, 20 Aug 2019 01:44:44 +0000 (01:44 +0000)
app/models/project.rb		patch \| blob \| history
app/models/project_custom_field.rb		patch \| blob \| history
app/views/custom_fields/_form.html.erb		patch \| blob \| history
app/views/projects/_form.html.erb		patch \| blob \| history
test/functional/custom_fields_controller_test.rb		patch \| blob \| history
test/functional/projects_controller_test.rb		patch \| blob \| history