From 52b19aca3c4d7d1e8a08ca901cdfa3dd30478c82 Mon Sep 17 00:00:00 2001
From: Jean-Philippe Lang <jp_lang@yahoo.fr>
Date: Sat, 8 Oct 2016 07:05:15 +0000
Subject: [PATCH] Merged r15879 (#23969).

git-svn-id: http://svn.redmine.org/redmine/branches/3.3-stable@15889 e93f8b46-1217-0410-a6f0-8f06a7374b81
---
 app/models/issue.rb                       |  5 +++++
 test/functional/issues_controller_test.rb | 19 +++++++++++++++++++
 test/unit/issue_test.rb                   | 16 ++++++++++++++++
 3 files changed, 40 insertions(+)

diff --git a/app/models/issue.rb b/app/models/issue.rb
index 1b9f21631..58d51e139 100644
--- a/app/models/issue.rb
+++ b/app/models/issue.rb
@@ -1428,6 +1428,11 @@ class Issue < ActiveRecord::Base
   private
 
   def user_tracker_permission?(user, permission)
+    if project && !project.active?
+      perm = Redmine::AccessControl.permission(permission)
+      return false unless perm && perm.read?
+    end
+
     if user.admin?
       true
     else
diff --git a/test/functional/issues_controller_test.rb b/test/functional/issues_controller_test.rb
index deed445ef..f3812a936 100644
--- a/test/functional/issues_controller_test.rb
+++ b/test/functional/issues_controller_test.rb
@@ -1755,6 +1755,25 @@ class IssuesControllerTest < ActionController::TestCase
     assert_response 404
   end
 
+  def test_show_on_active_project_should_display_edit_links
+    @request.session[:user_id] = 1
+
+    get :show, :id => 1
+    assert_response :success
+    assert_select 'a', :text => 'Edit'
+    assert_select 'a', :text => 'Delete'
+  end
+
+  def test_show_on_closed_project_should_not_display_edit_links
+    Issue.find(1).project.close
+    @request.session[:user_id] = 1
+
+    get :show, :id => 1
+    assert_response :success
+    assert_select 'a', :text => 'Edit', :count => 0
+    assert_select 'a', :text => 'Delete', :count => 0
+  end
+
   def test_get_new
     @request.session[:user_id] = 2
     get :new, :project_id => 1, :tracker_id => 1
diff --git a/test/unit/issue_test.rb b/test/unit/issue_test.rb
index d7efda784..f41368a48 100644
--- a/test/unit/issue_test.rb
+++ b/test/unit/issue_test.rb
@@ -519,6 +519,22 @@ class IssueTest < ActiveSupport::TestCase
     assert_equal [issue], Issue.assigned_to(user).to_a
   end
 
+  def test_issue_should_be_readonly_on_closed_project
+    issue = Issue.find(1)
+    user = User.find(1)
+
+    assert_equal true, issue.visible?(user)
+    assert_equal true, issue.editable?(user)
+    assert_equal true, issue.deletable?(user)
+
+    issue.project.close
+    issue.reload
+
+    assert_equal true, issue.visible?(user)
+    assert_equal false, issue.editable?(user)
+    assert_equal false, issue.deletable?(user)
+  end
+
   def test_errors_full_messages_should_include_custom_fields_errors
     field = IssueCustomField.find_by_name('Database')
 
-- 
2.39.5