Global queries can be saved from the global issue list (follows r1311 and closes...

author Jean-Philippe Lang <jp_lang@yahoo.fr>

Sun, 30 Mar 2008 14:20:07 +0000 (14:20 +0000)

committer Jean-Philippe Lang <jp_lang@yahoo.fr>

Sun, 30 Mar 2008 14:20:07 +0000 (14:20 +0000)
author Jean-Philippe Lang <jp_lang@yahoo.fr>
Sun, 30 Mar 2008 14:20:07 +0000 (14:20 +0000)
committer Jean-Philippe Lang <jp_lang@yahoo.fr>
Sun, 30 Mar 2008 14:20:07 +0000 (14:20 +0000)
diff --git a/app/controllers/queries_controller.rb b/app/controllers/queries_controller.rb

index 194b1df57beb349ed66c64c06aa9463f63625151..da2c4a2c8a610e8cd05fc417c52ecba5e9feae80 100644 (file)
--- a/app/controllers/queries_controller.rb
+++ b/app/controllers/queries_controller.rb
@@ -19,7 +19,7 @@ class QueriesController < ApplicationController
    layout 'base'
    menu_item :issues
    before_filter :find_query, :except => :new
-  before_filter :find_project, :authorize, :only => :new
+  before_filter :find_optional_project, :only => :new
    
    def new
      @query = Query.new(params[:query])
@@ -72,8 +72,9 @@ private
      render_404
    end
    
-  def find_project
-    @project = Project.find(params[:project_id])
+  def find_optional_project
+    @project = Project.find(params[:project_id]) if params[:project_id]
+    User.current.allowed_to?(:save_queries, @project, :global => true)
    rescue ActiveRecord::RecordNotFound
      render_404
    end
diff --git a/app/models/user.rb b/app/models/user.rb

index ae81d46d219a4c21b92e2be86f688dab83255055..e0b1e238c080361ae122579401ebd8818ab7b51a 100644 (file)
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -222,17 +222,26 @@ class User < ActiveRecord::Base
    # action can be:
    # * a parameter-like Hash (eg. :controller => 'projects', :action => 'edit')
    # * a permission Symbol (eg. :edit_project)
-  def allowed_to?(action, project)
-    # No action allowed on archived projects
-    return false unless project.active?
-    # No action allowed on disabled modules
-    return false unless project.allows_to?(action)
-    # Admin users are authorized for anything else
-    return true if admin?
-    
-    role = role_for_project(project)
-    return false unless role
-    role.allowed_to?(action) && (project.is_public? || role.member?)
+  def allowed_to?(action, project, options={})
+    if project
+      # No action allowed on archived projects
+      return false unless project.active?
+      # No action allowed on disabled modules
+      return false unless project.allows_to?(action)
+      # Admin users are authorized for anything else
+      return true if admin?
+      
+      role = role_for_project(project)
+      return false unless role
+      role.allowed_to?(action) && (project.is_public? || role.member?)
+      
+    elsif options[:global]
+      # authorize if user has at least one role that has this permission
+      roles = memberships.collect {|m| m.role}.uniq
+      roles.detect {|r| r.allowed_to?(action)}
+    else
+      false
+    end
    end
    
    def self.current=(user)
diff --git a/app/views/issues/_sidebar.rhtml b/app/views/issues/_sidebar.rhtml

index c269eee06f88668501904a4338c57a78b4d86751..e94d4180b080dbf386c7a89c6bac97b69cc7d4ea 100644 (file)
--- a/app/views/issues/_sidebar.rhtml
+++ b/app/views/issues/_sidebar.rhtml
@@ -1,6 +1,6 @@
-<% if @project %>
  <h3><%= l(:label_issue_plural) %></h3>
  <%= link_to l(:label_issue_view_all), { :controller => 'issues', :action => 'index', :project_id => @project, :set_filter => 1 } %><br />
+<% if @project %>
  <%= link_to l(:field_summary), :controller => 'reports', :action => 'issue_report', :id => @project %><br />
  <%= link_to l(:label_change_log), :controller => 'projects', :action => 'changelog', :id => @project %>
  <% end %>
diff --git a/app/views/issues/index.rhtml b/app/views/issues/index.rhtml

index 0123099f2521f3e7901983cdc2a39ae858ba3d59..027f3f00677ff996412e3f9d7346198f5e5b4b3b 100644 (file)
--- a/app/views/issues/index.rhtml
+++ b/app/views/issues/index.rhtml
@@ -18,7 +18,7 @@
                           :update => "content",
                         }, :class => 'icon icon-reload'  %>
                         
-    <% if current_role && current_role.allowed_to?(:save_queries) %>
+    <% if User.current.allowed_to?(:save_queries, @project, :global => true) %>
      <%= link_to l(:button_save), {}, :onclick => "$('query_form').submit(); return false;", :class => 'icon icon-save' %>
      <% end %>
      </p>
diff --git a/test/functional/queries_controller_test.rb b/test/functional/queries_controller_test.rb

index 86af8edd7599e737953ff31e550e9de6a42dc2c5..de08b424596f0db5ecb16380ee06f3a71a8732ba 100644 (file)
--- a/test/functional/queries_controller_test.rb
+++ b/test/functional/queries_controller_test.rb
@@ -31,7 +31,7 @@ class QueriesControllerTest < Test::Unit::TestCase
      User.current = nil
    end
    
-  def test_get_new
+  def test_get_new_project_query
      @request.session[:user_id] = 2
      get :new, :project_id => 1
      assert_response :success
@@ -45,6 +45,19 @@ class QueriesControllerTest < Test::Unit::TestCase
                                                   :disabled => nil }
    end
    
+  def test_get_new_global_query
+    @request.session[:user_id] = 2
+    get :new
+    assert_response :success
+    assert_template 'new'
+    assert_no_tag :tag => 'input', :attributes => { :type => 'checkbox',
+                                                    :name => 'query[is_public]' } 
+    assert_tag :tag => 'input', :attributes => { :type => 'checkbox',
+                                                 :name => 'query_is_for_all',
+                                                 :checked => 'checked',
+                                                 :disabled => nil }
+  end
+  
    def test_new_project_public_query
      @request.session[:user_id] = 2
      post :new,
@@ -54,8 +67,7 @@ class QueriesControllerTest < Test::Unit::TestCase
           :fields => ["status_id", "assigned_to_id"],
           :operators => {"assigned_to_id" => "=", "status_id" => "o"},
           :values => { "assigned_to_id" => ["1"], "status_id" => ["1"]},
-         :query => {"name" => "test_new_project_public_query", "is_public" => "1"},
-         :column_names => ["", "tracker", "status", "priority", "subject", "updated_on", "category"]
+         :query => {"name" => "test_new_project_public_query", "is_public" => "1"}
           
      q = Query.find_by_name('test_new_project_public_query')
      assert_redirected_to :controller => 'issues', :action => 'index', :query_id => q
@@ -73,8 +85,7 @@ class QueriesControllerTest < Test::Unit::TestCase
           :fields => ["status_id", "assigned_to_id"],
           :operators => {"assigned_to_id" => "=", "status_id" => "o"},
           :values => { "assigned_to_id" => ["1"], "status_id" => ["1"]},
-         :query => {"name" => "test_new_project_private_query", "is_public" => "1"},
-         :column_names => ["", "tracker", "status", "priority", "subject", "updated_on", "category"]
+         :query => {"name" => "test_new_project_private_query", "is_public" => "1"}
           
      q = Query.find_by_name('test_new_project_private_query')
      assert_redirected_to :controller => 'issues', :action => 'index', :query_id => q
@@ -83,6 +94,23 @@ class QueriesControllerTest < Test::Unit::TestCase
      assert q.valid?
    end
    
+  def test_new_global_private_query_with_custom_columns
+    @request.session[:user_id] = 3
+    post :new,
+         :confirm => '1',
+         :fields => ["status_id", "assigned_to_id"],
+         :operators => {"assigned_to_id" => "=", "status_id" => "o"},
+         :values => { "assigned_to_id" => ["me"], "status_id" => ["1"]},
+         :query => {"name" => "test_new_global_private_query", "is_public" => "1", "column_names" => ["", "tracker", "subject", "priority", "category"]}
+         
+    q = Query.find_by_name('test_new_global_private_query')
+    assert_redirected_to :controller => 'issues', :action => 'index', :query_id => q
+    assert !q.is_public?
+    assert !q.has_default_columns?
+    assert_equal [:tracker, :subject, :priority, :category], q.columns.collect {|c| c.name}
+    assert q.valid?
+  end
+  
    def test_get_edit_global_public_query
      @request.session[:user_id] = 1
      get :edit, :id => 4
@@ -106,8 +134,7 @@ class QueriesControllerTest < Test::Unit::TestCase
           :fields => ["status_id", "assigned_to_id"],
           :operators => {"assigned_to_id" => "=", "status_id" => "o"},
           :values => { "assigned_to_id" => ["1"], "status_id" => ["1"]},
-         :query => {"name" => "test_edit_global_public_query", "is_public" => "1"},
-         :column_names => ["", "tracker", "status", "priority", "subject", "updated_on", "category"]
+         :query => {"name" => "test_edit_global_public_query", "is_public" => "1"}
           
      assert_redirected_to :controller => 'issues', :action => 'index', :query_id => 4
      q = Query.find_by_name('test_edit_global_public_query')
@@ -138,8 +165,7 @@ class QueriesControllerTest < Test::Unit::TestCase
           :fields => ["status_id", "assigned_to_id"],
           :operators => {"assigned_to_id" => "=", "status_id" => "o"},
           :values => { "assigned_to_id" => ["me"], "status_id" => ["1"]},
-         :query => {"name" => "test_edit_global_private_query", "is_public" => "1"},
-         :column_names => ["", "tracker", "status", "priority", "subject", "updated_on", "category"]
+         :query => {"name" => "test_edit_global_private_query", "is_public" => "1"}
           
      assert_redirected_to :controller => 'issues', :action => 'index', :query_id => 3
      q = Query.find_by_name('test_edit_global_private_query')
author	Jean-Philippe Lang <jp_lang@yahoo.fr>
	Sun, 30 Mar 2008 14:20:07 +0000 (14:20 +0000)
committer	Jean-Philippe Lang <jp_lang@yahoo.fr>
	Sun, 30 Mar 2008 14:20:07 +0000 (14:20 +0000)
app/controllers/queries_controller.rb		patch \| blob \| history
app/models/user.rb		patch \| blob \| history
app/views/issues/_sidebar.rhtml		patch \| blob \| history
app/views/issues/index.rhtml		patch \| blob \| history
test/functional/queries_controller_test.rb		patch \| blob \| history