if new_record? && !statuses_allowed.include?(status)
self.status = statuses_allowed.first || default_status
end
+ if (u = attrs.delete('assigned_to_id')) && safe_attribute?('assigned_to_id')
+ if u.blank?
+ self.assigned_to_id = nil
+ else
+ u = u.to_i
+ if assignable_users.any?{|assignable_user| assignable_user.id == u}
+ self.assigned_to_id = u
+ end
+ end
+ end
+
attrs = delete_unsafe_attributes(attrs, user)
return if attrs.empty?
@request.session[:user_id] = 2
# update issues assignee
- post :bulk_update, :ids => [1, 2], :notes => 'Bulk editing',
- :issue => {:priority_id => '',
- :assigned_to_id => group.id,
- :custom_field_values => {'2' => ''}}
-
- assert_response 302
- assert_equal [group, group], Issue.where(:id => [1, 2]).collect {|i| i.assigned_to}
+ with_settings :issue_group_assignment => '1' do
+ post :bulk_update, :ids => [1, 2], :notes => 'Bulk editing',
+ :issue => {:priority_id => '',
+ :assigned_to_id => group.id,
+ :custom_field_values => {'2' => ''}}
+
+ assert_response 302
+ assert_equal [group, group], Issue.where(:id => [1, 2]).collect {|i| i.assigned_to}
+ end
end
def test_bulk_update_on_different_projects
assert_no_difference 'Project.find(1).issues.count' do
post :bulk_update, :ids => [1, 2], :copy => '1',
:issue => {
- :project_id => '2', :tracker_id => '', :assigned_to_id => '4',
+ :project_id => '2', :tracker_id => '', :assigned_to_id => '2',
:status_id => '1', :start_date => '2009-12-01', :due_date => '2009-12-31'
}
end
assert_equal 2, copied_issues.size
copied_issues.each do |issue|
assert_equal 2, issue.project_id, "Project is incorrect"
- assert_equal 4, issue.assigned_to_id, "Assigned to is incorrect"
+ assert_equal 2, issue.assigned_to_id, "Assigned to is incorrect"
assert_equal 1, issue.status_id, "Status is incorrect"
assert_equal '2009-12-01', issue.start_date.to_s, "Start date is incorrect"
assert_equal '2009-12-31', issue.due_date.to_s, "Due date is incorrect"
assert_nil issue.custom_field_value(cf2)
end
+ def test_safe_attributes_should_ignore_unassignable_assignee
+ issue = Issue.new(:project_id => 1, :tracker_id => 1, :author_id => 3,
+ :status_id => 1, :priority => IssuePriority.all.first,
+ :subject => 'test_create')
+ assert issue.valid?
+
+ # locked user, not allowed
+ issue.safe_attributes=({'assigned_to_id' => '5'})
+ assert_nil issue.assigned_to_id
+ # no member
+ issue.safe_attributes=({'assigned_to_id' => '1'})
+ assert_nil issue.assigned_to_id
+ # user 2 is ok
+ issue.safe_attributes=({'assigned_to_id' => '2'})
+ assert_equal 2, issue.assigned_to_id
+ assert issue.save
+
+ issue.reload
+ assert_equal 2, issue.assigned_to_id
+ issue.safe_attributes=({'assigned_to_id' => '5'})
+ assert_equal 2, issue.assigned_to_id
+ issue.safe_attributes=({'assigned_to_id' => '1'})
+ assert_equal 2, issue.assigned_to_id
+ # user 3 is also ok
+ issue.safe_attributes=({'assigned_to_id' => '3'})
+ assert_equal 3, issue.assigned_to_id
+ assert issue.save
+
+ # removal of assignee
+ issue.safe_attributes=({'assigned_to_id' => ''})
+ assert_nil issue.assigned_to_id
+ assert issue.save
+ end
+
def test_editable_custom_field_values_should_return_non_readonly_custom_values
cf1 = IssueCustomField.create!(:name => 'Writable field', :field_format => 'string',
:is_for_all => true, :tracker_ids => [1, 2])
projects / redmine.git / commitdiff