From 21eef7e65c5972cd65c183bf17e261fa67e34867 Mon Sep 17 00:00:00 2001 From: Go MAEDA Date: Thu, 19 Jan 2023 11:54:03 +0000 Subject: [PATCH] Ensure that the base permission is set for Role#permissions_tracker? and related (#38070). Patch by Holger Just. git-svn-id: https://svn.redmine.org/redmine/trunk@22063 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- app/models/role.rb | 4 +++ test/unit/role_test.rb | 76 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 80 insertions(+) diff --git a/app/models/role.rb b/app/models/role.rb index e67f30054..604bcd712 100644 --- a/app/models/role.rb +++ b/app/models/role.rb @@ -231,6 +231,8 @@ class Role < ActiveRecord::Base # Returns true if tracker_id belongs to the list of # trackers for which permission is given def permissions_tracker_ids?(permission, tracker_id) + return false unless has_permission?(permission) + permissions_tracker_ids(permission).include?(tracker_id) end @@ -244,6 +246,8 @@ class Role < ActiveRecord::Base # Returns true if permission is given for all trackers def permissions_all_trackers?(permission) + return false unless has_permission?(permission) + permissions_all_trackers[permission.to_s].to_s != '0' end diff --git a/test/unit/role_test.rb b/test/unit/role_test.rb index ea8d8b29d..209202f47 100644 --- a/test/unit/role_test.rb +++ b/test/unit/role_test.rb @@ -101,6 +101,82 @@ class RoleTest < ActiveSupport::TestCase assert_equal false, role.has_permission?(:delete_issues) end + def test_permissions_all_trackers? + role = Role.create!(:name => 'Test', :permissions => [:view_issues]) + assert_equal true, role.permissions_all_trackers?(:view_issues) + assert_equal false, role.permissions_all_trackers?(:edit_issues) + + role.set_permission_trackers :view_issues, [1] + role.set_permission_trackers :edit_issues, [1] + assert_equal false, role.permissions_all_trackers?(:view_issues) + assert_equal false, role.permissions_all_trackers?(:edit_issues) + + role.set_permission_trackers :view_issues, :all + role.set_permission_trackers :edit_issues, :all + assert_equal true, role.permissions_all_trackers?(:view_issues) + assert_equal false, role.permissions_all_trackers?(:edit_issues) + end + + def test_permissions_all_trackers_considers_base_permission + role = Role.create!(:name => 'Test', :permissions => [:view_issues]) + assert_equal true, role.permissions_all_trackers?(:view_issues) + + role.remove_permission!(:view_issues) + assert_equal false, role.permissions_all_trackers?(:view_issues) + end + + def test_permissions_tracker_ids? + role = Role.create!(:name => 'Test', :permissions => [:view_issues]) + assert_equal false, role.permissions_tracker_ids?(:view_issues, 1) + assert_equal false, role.permissions_tracker_ids?(:edit_issues, 1) + + role.set_permission_trackers :view_issues, [1, 2, 3] + role.set_permission_trackers :edit_issues, [1, 2, 3] + + assert_equal true, role.permissions_tracker_ids?(:view_issues, 1) + assert_equal false, role.permissions_tracker_ids?(:edit_issues, 1) + end + + def test_permissions_tracker_ids_considers_base_permission + role = Role.create!(:name => 'Test', :permissions => [:view_issues]) + role.set_permission_trackers :view_issues, [1, 2, 3] + assert_equal true, role.permissions_tracker_ids?(:view_issues, 1) + + role.remove_permission!(:view_issues) + assert_equal false, role.permissions_tracker_ids?(:view_issues, 1) + end + + def test_permissions_tracker? + tracker = Tracker.find(1) + role = Role.create!(:name => 'Test', :permissions => [:view_issues]) + assert_equal true, role.permissions_tracker?(:view_issues, 1) + assert_equal false, role.permissions_tracker?(:edit_issues, 1) + + role.set_permission_trackers :view_issues, [1] + role.set_permission_trackers :edit_issues, [1] + assert_equal true, role.permissions_tracker?(:view_issues, tracker) + assert_equal false, role.permissions_tracker?(:edit_issues, tracker) + + role.set_permission_trackers :view_issues, [2] + role.set_permission_trackers :edit_issues, [2] + assert_equal false, role.permissions_tracker?(:view_issues, tracker) + assert_equal false, role.permissions_tracker?(:edit_issues, tracker) + + role.set_permission_trackers :view_issues, :all + role.set_permission_trackers :edit_issues, :all + assert_equal true, role.permissions_tracker?(:view_issues, tracker) + assert_equal false, role.permissions_tracker?(:edit_issues, tracker) + end + + def test_permissions_tracker_considers_base_permission + role = Role.create!(:name => 'Test', :permissions => [:edit_isues]) + role.set_permission_trackers :view_issues, [1, 2, 3] + assert_equal false, role.permissions_tracker_ids?(:view_issues, 1) + + role.set_permission_trackers :view_issues, :all + assert_equal false, role.permissions_tracker_ids?(:view_issues, 1) + end + def test_has_permission_without_permissions role = Role.create!(:name => 'Test') assert_equal false, role.has_permission?(:delete_issues) -- 2.39.5