@query = IssueQuery.new
@query.user = User.current
@query.project = @project
- @query.visibility = IssueQuery::VISIBILITY_PRIVATE unless User.current.allowed_to?(:manage_public_queries, @project) || User.current.admin?
@query.build_from_params(params)
end
def create
- @query = IssueQuery.new(params[:query])
+ @query = IssueQuery.new
@query.user = User.current
- @query.project = params[:query_is_for_all] ? nil : @project
- @query.visibility = IssueQuery::VISIBILITY_PRIVATE unless User.current.allowed_to?(:manage_public_queries, @project) || User.current.admin?
- @query.build_from_params(params)
- @query.column_names = nil if params[:default_columns]
+ @query.project = @project
+ update_query_from_params
if @query.save
flash[:notice] = l(:notice_successful_create)
end
def update
- @query.attributes = params[:query]
- @query.project = nil if params[:query_is_for_all]
- @query.visibility = IssueQuery::VISIBILITY_PRIVATE unless User.current.allowed_to?(:manage_public_queries, @project) || User.current.admin?
- @query.build_from_params(params)
- @query.column_names = nil if params[:default_columns]
+ update_query_from_params
if @query.save
flash[:notice] = l(:notice_successful_update)
render_404
end
+ def update_query_from_params
+ @query.project = params[:query_is_for_all] ? nil : @project
+ @query.build_from_params(params)
+ @query.column_names = nil if params[:default_columns]
+ @query.sort_criteria = params[:query] && params[:query][:sort_criteria]
+ @query.name = params[:query] && params[:query][:name]
+ if User.current.allowed_to?(:manage_public_queries, @query.project) || User.current.admin?
+ @query.visibility = (params[:query] && params[:query][:visibility]) || IssueQuery::VISIBILITY_PRIVATE
+ else
+ @query.visibility = IssueQuery::VISIBILITY_PRIVATE
+ end
+ @query
+ end
+
def redirect_to_issues(options)
if params[:gantt]
if @project
<p><label for="query_name"><%=l(:field_name)%></label>
<%= text_field 'query', 'name', :size => 80 %></p>
-<% if User.current.admin? || User.current.allowed_to?(:manage_public_queries, @project) %>
+<% if User.current.admin? || User.current.allowed_to?(:manage_public_queries, @query.project) %>
<p><label><%=l(:field_visible)%></label>
<label class="block"><%= radio_button 'query', 'visibility', Query::VISIBILITY_PRIVATE %> <%= l(:label_visibility_private) %></label>
+ <label class="block"><%= radio_button 'query', 'visibility', Query::VISIBILITY_PUBLIC %> <%= l(:label_visibility_public) %></label>
<label class="block"><%= radio_button 'query', 'visibility', Query::VISIBILITY_ROLES %> <%= l(:label_visibility_roles) %>:</label>
<% Role.givable.sorted.each do |role| %>
<label class="block role-visibility"><%= check_box_tag 'query[role_ids][]', role.id, @query.roles.include?(role), :id => nil %> <%= role.name %></label>
<% end %>
- <label class="block"><%= radio_button 'query', 'visibility', Query::VISIBILITY_PUBLIC %> <%= l(:label_visibility_public) %></label>
<%= hidden_field_tag 'query[role_ids][]', '' %>
</p>
<% end %>
<p><label for="query_is_for_all"><%=l(:field_is_for_all)%></label>
-<%= check_box_tag 'query_is_for_all', 1, @query.project.nil?,
- :disabled => (!@query.new_record? && (@query.project.nil? || (@query.is_public? && !User.current.admin?))) %></p>
+<%= check_box_tag 'query_is_for_all', 1, @query.project.nil?, :class => (User.current.admin? ? '' : 'disable-unless-private') %></p>
<% unless params[:gantt] %>
<fieldset><legend><%= l(:label_options) %></legend>
<%= javascript_tag do %>
$(document).ready(function(){
$("input[name='query[visibility]']").change(function(){
- var checked = $('#query_visibility_1').is(':checked');
- $("input[name='query[role_ids][]'][type=checkbox]").attr('disabled', !checked);
+ var roles_checked = $('#query_visibility_1').is(':checked');
+ var private_checked = $('#query_visibility_0').is(':checked');
+ $("input[name='query[role_ids][]'][type=checkbox]").attr('disabled', !roles_checked);
+ if (!private_checked) $("input.disable-unless-private").attr('checked', false);
+ $("input.disable-unless-private").attr('disabled', !private_checked);
}).trigger('change');
});
<% end %>
:fields => ["status_id", "assigned_to_id"],
:operators => {"assigned_to_id" => "=", "status_id" => "o"},
:values => { "assigned_to_id" => ["1"], "status_id" => ["1"]},
- :query => {"name" => "test_new_project_private_query", "visibility" => "2"}
+ :query => {"name" => "test_new_project_private_query", "visibility" => "0"}
q = Query.find_by_name('test_new_project_private_query')
assert_redirected_to :controller => 'issues', :action => 'index', :project_id => 'ecookbook', :query_id => q
:fields => ["status_id", "assigned_to_id"],
:operators => {"assigned_to_id" => "=", "status_id" => "o"},
:values => { "assigned_to_id" => ["me"], "status_id" => ["1"]},
- :query => {"name" => "test_new_global_private_query", "visibility" => "2"},
+ :query => {"name" => "test_new_global_private_query", "visibility" => "0"},
:c => ["", "tracker", "subject", "priority", "category"]
q = Query.find_by_name('test_new_global_private_query')
q = Query.find_by_name('test_new_global_query')
assert_redirected_to :controller => 'issues', :action => 'index', :project_id => nil, :query_id => q
+ assert !q.is_public?
assert !q.has_filter?(:status_id)
assert_equal ['assigned_to_id'], q.filters.keys
assert q.valid?
assert_equal false, query.draw_progress_line
end
+ def test_create_project_public_query_should_force_private_without_manage_public_queries_permission
+ @request.session[:user_id] = 3
+ query = new_record(Query) do
+ post :create,
+ :project_id => 'ecookbook',
+ :query => {"name" => "name", "visibility" => "2"}
+ assert_response 302
+ end
+ assert_not_nil query.project
+ assert_equal Query::VISIBILITY_PRIVATE, query.visibility
+ end
+
+ def test_create_global_public_query_should_force_private_without_manage_public_queries_permission
+ @request.session[:user_id] = 3
+ query = new_record(Query) do
+ post :create,
+ :project_id => 'ecookbook', :query_is_for_all => '1',
+ :query => {"name" => "name", "visibility" => "2"}
+ assert_response 302
+ end
+ assert_nil query.project
+ assert_equal Query::VISIBILITY_PRIVATE, query.visibility
+ end
+
+ def test_create_project_public_query_with_manage_public_queries_permission
+ @request.session[:user_id] = 2
+ query = new_record(Query) do
+ post :create,
+ :project_id => 'ecookbook',
+ :query => {"name" => "name", "visibility" => "2"}
+ assert_response 302
+ end
+ assert_not_nil query.project
+ assert_equal Query::VISIBILITY_PUBLIC, query.visibility
+ end
+
+ def test_create_global_public_query_should_force_private_with_manage_public_queries_permission
+ @request.session[:user_id] = 2
+ query = new_record(Query) do
+ post :create,
+ :project_id => 'ecookbook', :query_is_for_all => '1',
+ :query => {"name" => "name", "visibility" => "2"}
+ assert_response 302
+ end
+ assert_nil query.project
+ assert_equal Query::VISIBILITY_PRIVATE, query.visibility
+ end
+
+ def test_create_global_public_query_by_admin
+ @request.session[:user_id] = 1
+ query = new_record(Query) do
+ post :create,
+ :project_id => 'ecookbook', :query_is_for_all => '1',
+ :query => {"name" => "name", "visibility" => "2"}
+ assert_response 302
+ end
+ assert_nil query.project
+ assert_equal Query::VISIBILITY_PUBLIC, query.visibility
+ end
+
def test_edit_global_public_query
@request.session[:user_id] = 1
get :edit, :id => 4
assert_response :success
assert_template 'edit'
assert_select 'input[name=?][value="2"][checked=checked]', 'query[visibility]'
- assert_select 'input[name=query_is_for_all][type=checkbox][checked=checked][disabled=disabled]'
+ assert_select 'input[name=query_is_for_all][type=checkbox][checked=checked]'
end
def test_edit_global_private_query
assert_response :success
assert_template 'edit'
assert_select 'input[name=?]', 'query[visibility]', 0
- assert_select 'input[name=query_is_for_all][type=checkbox][checked=checked][disabled=disabled]'
+ assert_select 'input[name=query_is_for_all][type=checkbox][checked=checked]'
end
def test_edit_project_private_query
assert_response :success
assert_template 'edit'
assert_select 'input[name=?]', 'query[visibility]', 0
- assert_select 'input[name=query_is_for_all][type=checkbox]:not([checked]):not([disabled])'
+ assert_select 'input[name=query_is_for_all][type=checkbox]:not([checked])'
end
def test_edit_project_public_query
assert_response :success
assert_template 'edit'
assert_select 'input[name=?][value="2"][checked=checked]', 'query[visibility]'
- assert_select 'input[name=query_is_for_all][type=checkbox][disabled=disabled]:not([checked])'
+ assert_select 'input[name=query_is_for_all][type=checkbox]:not([checked])'
end
def test_edit_sort_criteria
projects / redmine.git / commitdiff