Specific action for updating role permissions.

author Jean-Philippe Lang <jp_lang@yahoo.fr>

Fri, 25 Oct 2019 16:31:57 +0000 (16:31 +0000)

committer Jean-Philippe Lang <jp_lang@yahoo.fr>

Fri, 25 Oct 2019 16:31:57 +0000 (16:31 +0000)
author Jean-Philippe Lang <jp_lang@yahoo.fr>
Fri, 25 Oct 2019 16:31:57 +0000 (16:31 +0000)
committer Jean-Philippe Lang <jp_lang@yahoo.fr>
Fri, 25 Oct 2019 16:31:57 +0000 (16:31 +0000)
diff --git a/app/controllers/roles_controller.rb b/app/controllers/roles_controller.rb

index 9859533778812716c1a3491243b79c207f745948..0e29e8cfdee1a492e5c177d7f7f1841cd8df0210 100644 (file)
--- a/app/controllers/roles_controller.rb
+++ b/app/controllers/roles_controller.rb
@@ -109,14 +109,16 @@ class RolesController < ApplicationController
      end
      @roles = scope.to_a
      @permissions = Redmine::AccessControl.permissions.select { |p| !p.public? }
-    if request.post?
-      @roles.each do |role|
-        role.permissions = params[:permissions][role.id.to_s]
-        role.save
-      end
-      flash[:notice] = l(:notice_successful_update)
-      redirect_to roles_path
+  end
+
+  def update_permissions
+    @roles = Role.where(:id => params[:permissions].keys)
+    @roles.each do |role|
+      role.permissions = params[:permissions][role.id.to_s]
+      role.save
      end
+    flash[:notice] = l(:notice_successful_update)
+    redirect_to roles_path
    end
  
    private
diff --git a/app/views/roles/permissions.html.erb b/app/views/roles/permissions.html.erb

index 16e78f8778866865835bfbbedd9b07a73fb50988..34a8b8c049cc3ddf9a0eaffb75e2f70e8348a0ba 100644 (file)
--- a/app/views/roles/permissions.html.erb
+++ b/app/views/roles/permissions.html.erb
@@ -21,8 +21,9 @@
  </div>
  
  <%= form_tag(permissions_roles_path, :id => 'permissions_form') do %>
-<%= hidden_field_tag 'permissions[0]', '', :id => nil %>
-<%= hidden_field_tag 'ids[]', @roles.map(&:id) %>
+<% @roles.each do |role| %>
+    <%= hidden_field_tag "permissions[#{role.id}][]", '', :id => nil %>
+<% end %>
  <div class="autoscroll">
  <table class="list permissions">
  <thead>
diff --git a/config/routes.rb b/config/routes.rb

index 37eb86ecf020cd9dd021a2e715efd47f7c186f29..d8e5fd710636466d8ede904d9a1d518309e8cdb3 100644 (file)
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -317,7 +317,8 @@ Rails.application.routes.draw do
    end
    resources :roles do
      collection do
-      match 'permissions', :via => [:get, :post]
+      get 'permissions'
+      post 'permissions', :to => 'roles#update_permissions'
      end
    end
    resources :enumerations, :except => :show
diff --git a/test/functional/roles_controller_test.rb b/test/functional/roles_controller_test.rb

index 34be7c7b26b1a40ec27e6d53d52f1a053fd5c18d..2bce1aa52a54ce3de5b33ea73a7f8704af68dab9 100644 (file)
--- a/test/functional/roles_controller_test.rb
+++ b/test/functional/roles_controller_test.rb
@@ -228,7 +228,7 @@ class RolesControllerTest < Redmine::ControllerTest
      assert_not_nil Role.find_by_id(1)
    end
  
-  def test_get_permissions
+  def test_permissions
      get :permissions
      assert_response :success
  
@@ -236,7 +236,7 @@ class RolesControllerTest < Redmine::ControllerTest
      assert_select 'input[name=?][type=checkbox][value=delete_issues]:not([checked])', 'permissions[3][]'
    end
  
-  def test_get_permissions_with_filter
+  def test_permissions_with_filter
      get :permissions, :params => {
          :ids => ['2', '3']
        }
@@ -247,10 +247,9 @@ class RolesControllerTest < Redmine::ControllerTest
      assert_select 'input[name=?][type=checkbox][value=delete_issues]:not([checked])', 'permissions[3][]'
    end
  
-  def test_post_permissions
-    post :permissions, :params => {
+  def test_update_permissions
+    post :update_permissions, :params => {
        :permissions => {
-        '0' => '',
          '1' => ['edit_issues'],
          '3' => ['add_issues', 'delete_issues']
        }
@@ -259,13 +258,18 @@ class RolesControllerTest < Redmine::ControllerTest
  
      assert_equal [:edit_issues], Role.find(1).permissions
      assert_equal [:add_issues, :delete_issues], Role.find(3).permissions
-    assert Role.find(2).permissions.empty?
    end
  
-  def test_clear_all_permissions
-    post :permissions, :params => {:permissions => { '0' => '' }}
-    assert_redirected_to '/roles'
-    assert Role.find(1).permissions.empty?
+  def test_update_permissions_should_not_update_other_roles
+    assert_no_changes -> { Role.find(2).permissions } do
+      assert_changes -> { Role.find(1).permissions } do
+        post :update_permissions, :params => {
+            :permissions => {
+              '1' => ['edit_issues']
+            }
+          }
+      end
+    end
    end
  
    def test_move_highest
diff --git a/test/integration/routing/roles_test.rb b/test/integration/routing/roles_test.rb

index 40d99599270aa480a0d16565faa68670c159de06..1928c7ef5bf6c71d09ee9adde4c60f021acbf1ea 100644 (file)
--- a/test/integration/routing/roles_test.rb
+++ b/test/integration/routing/roles_test.rb
@@ -30,6 +30,6 @@ class RoutingRolesTest < Redmine::RoutingTest
      should_route 'DELETE /roles/2' => 'roles#destroy', :id => '2'
  
      should_route 'GET /roles/permissions' => 'roles#permissions'
-    should_route 'POST /roles/permissions' => 'roles#permissions'
+    should_route 'POST /roles/permissions' => 'roles#update_permissions'
    end
  end
author	Jean-Philippe Lang <jp_lang@yahoo.fr>
	Fri, 25 Oct 2019 16:31:57 +0000 (16:31 +0000)
committer	Jean-Philippe Lang <jp_lang@yahoo.fr>
	Fri, 25 Oct 2019 16:31:57 +0000 (16:31 +0000)
app/controllers/roles_controller.rb		patch \| blob \| history
app/views/roles/permissions.html.erb		patch \| blob \| history
config/routes.rb		patch \| blob \| history
test/functional/roles_controller_test.rb		patch \| blob \| history
test/integration/routing/roles_test.rb		patch \| blob \| history