]> source.dussan.org Git - redmine.git/commitdiff
Permission check of the setting button on the issues page mismatches button semantics...
authorGo MAEDA <maeda@farend.jp>
Mon, 10 Jan 2022 07:11:14 +0000 (07:11 +0000)
committerGo MAEDA <maeda@farend.jp>
Mon, 10 Jan 2022 07:11:14 +0000 (07:11 +0000)
Patch by Takenori TAKAKI.

git-svn-id: http://svn.redmine.org/redmine/trunk@21357 e93f8b46-1217-0410-a6f0-8f06a7374b81

app/views/issues/index.html.erb
test/functional/issues_controller_test.rb

index 880c953eaa2cfeba4e31e4f23b1d70338836cba8..b05b6ccf2dd53c0cf38579c087be1fb2fd90626a 100644 (file)
@@ -13,7 +13,7 @@
 
     <%= link_to_if_authorized l(:label_settings),
               {:controller => 'projects', :action => 'settings', :id => @project, :tab => 'issues'},
-              :class => 'icon icon-settings' if User.current.allowed_to?(:manage_categories, @project) %>
+              :class => 'icon icon-settings' if User.current.allowed_to?(:edit_project, @project) %>
   <% end %>
 </div>
 
index 8074ca3f292cdd3535497be2c4043b4cc381e271..2af871d54db02b57f567726bdf63658f719d6c91 100644 (file)
@@ -2005,6 +2005,22 @@ class IssuesControllerTest < Redmine::ControllerTest
     assert_select '#content a.new-issue[href="/issues/new"]', :text => 'New issue'
   end
 
+  def test_index_should_show_setting_link_with_edit_project_permission
+    role = Role.find(1)
+    role.add_permission! :edit_project
+    @request.session[:user_id] = 2
+    get(:index, :params => {:project_id => 1})
+    assert_select '#content a.icon-settings[href="/projects/ecookbook/settings/issues"]', 1
+  end
+
+  def test_index_should_not_show_setting_link_without_edit_project_permission
+    role = Role.find(1)
+    role.remove_permission! :edit_project
+    @request.session[:user_id] = 2
+    get(:index, :params => {:project_id => 1})
+    assert_select '#content a.icon-settings[href="/projects/ecookbook/settings/issues"]', 0
+  end
+
   def test_index_should_not_include_new_issue_tab_when_disabled
     with_settings :new_item_menu_tab => '0' do
       @request.session[:user_id] = 2