From 58c8c1ca9f4515d08204aca21d1d735dd49f611f Mon Sep 17 00:00:00 2001
From: Jean-Philippe Lang <jp_lang@yahoo.fr>
Date: Tue, 30 Aug 2016 21:46:22 +0000
Subject: [PATCH] Fixed that new role does not have non member permissions as
 default (#23633).

git-svn-id: http://svn.redmine.org/redmine/trunk@15764 e93f8b46-1217-0410-a6f0-8f06a7374b81
---
 lib/redmine/safe_attributes.rb           |  2 +-
 test/functional/roles_controller_test.rb | 12 ++++++++++++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/lib/redmine/safe_attributes.rb b/lib/redmine/safe_attributes.rb
index 363048d29..1d2a3d6e1 100644
--- a/lib/redmine/safe_attributes.rb
+++ b/lib/redmine/safe_attributes.rb
@@ -74,7 +74,7 @@ module Redmine
     #   # => {'title' => 'My book'}
     def delete_unsafe_attributes(attrs, user=User.current)
       safe = safe_attribute_names(user)
-      attrs.dup.delete_if {|k,v| !safe.include?(k)}
+      attrs.dup.delete_if {|k,v| !safe.include?(k.to_s)}
     end
 
     # Sets attributes from attrs that are safe
diff --git a/test/functional/roles_controller_test.rb b/test/functional/roles_controller_test.rb
index ba26e0c63..ea2ccb018 100644
--- a/test/functional/roles_controller_test.rb
+++ b/test/functional/roles_controller_test.rb
@@ -39,6 +39,18 @@ class RolesControllerTest < Redmine::ControllerTest
     get :new
     assert_response :success
     assert_select 'input[name=?]', 'role[name]'
+    assert_select 'input[name=?]', 'role[permissions][]'
+  end
+
+  def test_new_should_prefill_permissions_with_non_member_permissions
+    role = Role.non_member
+    role.permissions = [:view_issues, :view_documents]
+    role.save!
+
+    get :new
+    assert_response :success
+    assert_equal %w(view_documents view_issues),
+      css_select('input[name="role[permissions][]"][checked=checked]').map {|e| e.attr('value')}.sort
   end
 
   def test_new_with_copy
-- 
2.39.5