'name',
'description',
'homepage',
- 'is_public',
'identifier',
'custom_field_values',
'custom_fields',
'default_issue_query_id',
'default_assigned_to_id')
+ safe_attributes(
+ 'is_public',
+ :if =>
+ lambda do |project, user|
+ if project.new_record?
+ if user.admin?
+ true
+ else
+ default_member_role&.has_permission?(:select_project_publicity)
+ end
+ else
+ user.allowed_to?(:select_project_publicity, project)
+ end
+ end
+ )
+
safe_attributes(
'enabled_module_names',
:if =>
<% end %></p>
<p><%= f.text_field :homepage, :size => 60 %></p>
<p>
- <%= f.check_box :is_public %>
+ <%= f.check_box :is_public, :disabled => !@project.safe_attribute?(:is_public) %>
<em class="info"><%= Setting.login_required? ? l(:text_project_is_public_non_member) : l(:text_project_is_public_anonymous) %></em>
</p>
permission_rename_wiki_pages: Wiki-Seiten umbenennen
permission_save_queries: Filter speichern
permission_select_project_modules: Projektmodule auswählen
+ permission_select_project_publicity: Projekt als privat oder öffentlich markieren
permission_set_issues_private: Tickets als privat oder öffentlich markieren
permission_set_notes_private: Kommentar als privat markieren
permission_set_own_issues_private: Eigene Tickets als privat oder öffentlich markieren
permission_edit_project: Edit project
permission_close_project: Close / reopen the project
permission_delete_project: Delete the project
+ permission_select_project_publicity: Set project public or private
permission_select_project_modules: Select project modules
permission_manage_members: Manage members
permission_manage_project_activities: Manage project activities
--- /dev/null
+class AddSelectProjectPublicityPermission < ActiveRecord::Migration[5.2]
+ def up
+ Role.find_each do |r|
+ r.add_permission!(:select_project_publicity) if r.permissions.include?(:edit_project)
+ end
+ end
+
+ def down
+ Role.find_each do |r|
+ r.remove_permission!(:select_project_publicity)
+ end
+ end
+
+ def run_in_request?; true end
+end
map.permission :edit_project, {:projects => [:settings, :edit, :update]}, :require => :member
map.permission :close_project, {:projects => [:close, :reopen]}, :require => :member, :read => true
map.permission :delete_project, {:projects => :destroy}, :require => :member, :read => true
+ map.permission :select_project_publicity, {}, :require => :member
map.permission :select_project_modules, {:projects => :modules}, :require => :member
map.permission :view_members, {:members => [:index, :show]}, :public => true, :read => true
map.permission :manage_members, {:projects => :settings, :members => [:index, :show, :new, :create, :edit, :update, :destroy, :autocomplete]}, :require => :member
- :edit_project
- :close_project
- :delete_project
+ - :select_project_publicity
- :select_project_modules
- :manage_members
- :manage_versions
---
- :edit_project
- :delete_project
+ - :select_project_publicity
- :manage_members
- :manage_versions
- :manage_categories
permissions: |
---
- :edit_project
+ - :select_project_publicity
- :manage_members
- :manage_versions
- :manage_categories
end
end
+ def test_new_by_non_admin_should_enable_setting_public_if_default_role_is_allowed_to_set_public
+ Role.non_member.add_permission!(:add_project)
+ default_role = Role.generate!(permissions: [:add_project])
+ user = User.generate!
+ @request.session[:user_id] = user.id
+
+ with_settings new_project_user_role_id: default_role.id.to_s do
+ get :new
+ assert_select 'input[name=?][disabled=disabled]', 'project[is_public]'
+
+ default_role.add_permission!(:select_project_publicity)
+ get :new
+ assert_select 'input[name=?]:not([disabled])', 'project[is_public]'
+ end
+ end
+
def test_new_should_not_display_invalid_search_link
@request.session[:user_id] = 1
:name => "blog",
:description => "weblog",
:identifier => "blog",
- :is_public => 1,
:custom_field_values => {
'3' => 'Beta'
},
project = Project.find_by_name('blog')
assert_kind_of Project, project
assert_equal 'weblog', project.description
- assert_equal true, project.is_public?
assert_equal [1, 3], project.trackers.map(&:id).sort
assert_equal ['issue_tracking', 'news', 'repository'], project.enabled_module_names.sort
assert_equal 1, project.members.size
end
+ test "#create by user without select_project_publicity permission should not create a new private project" do
+ Role.non_member.add_permission! :add_project
+ default_role = Project.default_member_role
+ default_role.remove_permission!(:select_project_publicity)
+ @request.session[:user_id] = 9
+
+ post(
+ :create, :params => {
+ :project => {
+ :name => "blog",
+ :identifier => "blog",
+ :enabled_module_names => ['issue_tracking', 'news', 'repository'],
+ :is_public => 0
+ }
+ }
+ )
+
+ project = Project.find_by_name('blog')
+ assert_equal true, project.is_public?
+ end
+
+ test "#create by non-admin user with add_project and select_project_publicity permission should create a new private project" do
+ @request.session[:user_id] = 2
+
+ post(
+ :create, :params => {
+ :project => {
+ :name => "blog",
+ :identifier => "blog",
+ :enabled_module_names => ['issue_tracking', 'news', 'repository'],
+ :is_public => 0
+ }
+ }
+ )
+
+ project = Project.find_by_name('blog')
+ assert_equal false, project.is_public?
+ end
+
test "#create by non-admin user with add_project permission should fail with parent_id" do
Role.non_member.add_permission! :add_project
User.find(9).update! :language => 'en'
projects / redmine.git / commitdiff