From 4c2e42e1c3748ca9ae3b6a7a45e77931ec8a7ce7 Mon Sep 17 00:00:00 2001 From: Go MAEDA Date: Thu, 25 Mar 2021 05:16:54 +0000 Subject: [PATCH] "Add news" button in cross-project News tab (#33167). Patch by Mizuki ISHIKAWA. git-svn-id: http://svn.redmine.org/redmine/trunk@20845 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- app/controllers/news_controller.rb | 10 +++-- app/views/news/_form.html.erb | 7 ++++ app/views/news/index.html.erb | 8 ++-- app/views/news/new.html.erb | 2 +- config/routes.rb | 2 +- test/functional/news_controller_test.rb | 49 ++++++++++++++++++++++++- test/integration/routing/news_test.rb | 2 + 7 files changed, 69 insertions(+), 11 deletions(-) diff --git a/app/controllers/news_controller.rb b/app/controllers/news_controller.rb index fa6a62244..7f752fbc2 100644 --- a/app/controllers/news_controller.rb +++ b/app/controllers/news_controller.rb @@ -22,9 +22,9 @@ class NewsController < ApplicationController model_object News before_action :find_model_object, :except => [:new, :create, :index] before_action :find_project_from_association, :except => [:new, :create, :index] - before_action :find_project_by_project_id, :only => [:new, :create] - before_action :authorize, :except => [:index] - before_action :find_optional_project, :only => :index + before_action :find_project_by_project_id, :only => :create + before_action :authorize, :except => [:index, :new] + before_action :find_optional_project, :only => [:index, :new] accept_rss_auth :index accept_api_auth :index, :show, :create, :update, :destroy @@ -72,6 +72,8 @@ class NewsController < ApplicationController end def new + raise ::Unauthorized unless User.current.allowed_to?(:manage_news, @project, :global => true) + @news = News.new(:project => @project, :author => User.current) end @@ -84,7 +86,7 @@ class NewsController < ApplicationController format.html do render_attachment_warning_if_needed(@news) flash[:notice] = l(:notice_successful_create) - redirect_to project_news_index_path(@project) + redirect_to params[:cross_project] ? news_index_path : project_news_index_path(@project) end format.api {render_api_ok} end diff --git a/app/views/news/_form.html.erb b/app/views/news/_form.html.erb index a441b671d..8ce430732 100644 --- a/app/views/news/_form.html.erb +++ b/app/views/news/_form.html.erb @@ -1,6 +1,13 @@ <%= error_messages_for @news %>
+<% if @project.nil? %> +

+ + <%= select_tag :project_id, options_for_select(project_tree_options_for_select(Project.allowed_to(:manage_news).to_a), Project.allowed_to(:manage_news).first), {:required => true} %> + <%= hidden_field_tag :cross_project, 1, id: nil %> +

+<% end %>

<%= f.text_field :title, :required => true, :size => 60 %>

<%= f.text_area :summary, :cols => 60, :rows => 2 %>

<%= f.text_area :description, :required => true, :cols => 60, :rows => 15, :class => 'wiki-edit', diff --git a/app/views/news/index.html.erb b/app/views/news/index.html.erb index 073099f56..3a8f1ccb2 100644 --- a/app/views/news/index.html.erb +++ b/app/views/news/index.html.erb @@ -1,19 +1,19 @@

<%= link_to(l(:label_news_new), - new_project_news_path(@project), + (@project ? project_news_index_path(@project) : news_index_path), :class => 'icon icon-add', - :onclick => 'showAndScrollTo("add-news", "news_title"); return false;') if @project && User.current.allowed_to?(:manage_news, @project) %> + :onclick => 'showAndScrollTo("add-news", "news_title"); return false;') if (@project.nil? || (@project && User.current.allowed_to?(:manage_news, @project))) %> <%= watcher_link(@project.enabled_module('news'), User.current) if @project && User.current.logged? %>

<%=l(:label_news_plural)%>

diff --git a/app/views/news/new.html.erb b/app/views/news/new.html.erb index cf57140b8..6ac32008d 100644 --- a/app/views/news/new.html.erb +++ b/app/views/news/new.html.erb @@ -1,6 +1,6 @@

<%=l(:label_news_new)%>

-<%= labelled_form_for @news, :url => project_news_index_path(@project), +<%= labelled_form_for @news, :url => (@project ? project_news_index_path(@project) : news_index_path), :html => { :id => 'news-form', :multipart => true } do |f| %> <%= render :partial => 'news/form', :locals => { :f => f } %> <%= submit_tag l(:button_create) %> diff --git a/config/routes.rb b/config/routes.rb index 40c1d5f50..93ca77b5c 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -229,7 +229,7 @@ Rails.application.routes.draw do resources :queries, :except => [:show] get '/queries/filter', :to => 'queries#filter', :as => 'queries_filter' - resources :news, :only => [:index, :show, :edit, :update, :destroy] + resources :news, :only => [:index, :show, :edit, :update, :destroy, :create, :new] match '/news/:id/comments', :to => 'comments#create', :via => :post match '/news/:id/comments/:comment_id', :to => 'comments#destroy', :via => :delete diff --git a/test/functional/news_controller_test.rb b/test/functional/news_controller_test.rb index 76517e1a1..c6545fa15 100644 --- a/test/functional/news_controller_test.rb +++ b/test/functional/news_controller_test.rb @@ -87,13 +87,32 @@ class NewsControllerTest < Redmine::ControllerTest assert_response 404 end - def test_get_new + def test_get_new_with_project_id @request.session[:user_id] = 2 get(:new, :params => {:project_id => 1}) assert_response :success + assert_select 'select[name=project_id]', false assert_select 'input[name=?]', 'news[title]' end + def test_get_new_without_project_id + @request.session[:user_id] = 2 + get(:new) + assert_response :success + assert_select 'select[name=project_id]' + assert_select 'input[name=?]', 'news[title]' + end + + def test_get_new_if_user_does_not_have_permission + @request.session[:user_id] = 2 + User.find(2).roles.each{|u| u.remove_permission! :manage_news } + + get(:new) + assert_response :forbidden + assert_select 'select[name=project_id]', false + assert_select 'input[name=?]', 'news[title]', count: 0 + end + def test_post_create ActionMailer::Base.deliveries.clear @request.session[:user_id] = 2 @@ -121,6 +140,34 @@ class NewsControllerTest < Redmine::ControllerTest assert_equal 2, ActionMailer::Base.deliveries.size end + def test_post_create_with_cross_project_param + ActionMailer::Base.deliveries.clear + @request.session[:user_id] = 2 + + with_settings :notified_events => %w(news_added) do + post( + :create, + :params => { + :project_id => 1, + :cross_project => '1', + :news => { + :title => 'NewsControllerTest', + :description => 'This is the description', + :summary => '' + } + } + ) + end + assert_redirected_to '/news' + + news = News.find_by(title: 'NewsControllerTest') + assert_not_nil news + assert_equal 'This is the description', news.description + assert_equal User.find(2), news.author + assert_equal Project.find(1), news.project + assert_equal 2, ActionMailer::Base.deliveries.size + end + def test_post_create_with_attachment set_tmp_attachments_directory ActionMailer::Base.deliveries.clear diff --git a/test/integration/routing/news_test.rb b/test/integration/routing/news_test.rb index 8e62da774..7863fad5f 100644 --- a/test/integration/routing/news_test.rb +++ b/test/integration/routing/news_test.rb @@ -29,6 +29,8 @@ class RoutingNewsTest < Redmine::RoutingTest def test_news should_route 'GET /news' => 'news#index' + should_route 'GET /news/new' => 'news#new' + should_route 'POST /news' => 'news#create' should_route 'GET /news.atom' => 'news#index', :format => 'atom' should_route 'GET /news/2' => 'news#show', :id => '2' should_route 'GET /news/2/edit' => 'news#edit', :id => '2' -- 2.39.5