!is_private?
end
- def queried_table_name
- @queried_table_name ||= self.class.queried_class.table_name
+ # Returns true if the query is available for all projects
+ def is_global?
+ new_record? ? project_id.nil? : project_id_in_database.nil?
end
- def initialize(attributes=nil, *args)
- super attributes
- @is_for_all = project.nil?
+ def queried_table_name
+ @queried_table_name ||= self.class.queried_class.table_name
end
# Builds the query from the given params
# Admin can edit them all and regular users can edit their private queries
return true if user.admin? || (is_private? && self.user_id == user.id)
# Members can not edit public queries that are for all project (only admin is allowed to)
- is_public? && !@is_for_all && user.allowed_to?(:manage_public_queries, project)
+ is_public? && !is_global? && user.allowed_to?(:manage_public_queries, project)
end
def trackers
assert q.editable_by?(admin)
assert !q.editable_by?(manager)
assert q.editable_by?(developer)
+ end
+
+ def test_editable_by_for_global_query
+ admin = User.find(1)
+ manager = User.find(2)
+ developer = User.find(3)
- # Public query for all projects
q = IssueQuery.find(4)
+ q.project = Project.find(1)
+
+ assert q.editable_by?(admin)
+ assert !q.editable_by?(manager)
+ assert !q.editable_by?(developer)
+ end
+
+ def test_editable_by_for_global_query_with_project_set
+ admin = User.find(1)
+ manager = User.find(2)
+ developer = User.find(3)
+
+ q = IssueQuery.find(4)
+ q.project = Project.find(1)
+
assert q.editable_by?(admin)
assert !q.editable_by?(manager)
assert !q.editable_by?(developer)
projects / redmine.git / commitdiff