From 79a6a77c5b8c51484f5dd86e583159b1cd4ae783 Mon Sep 17 00:00:00 2001 From: Go MAEDA Date: Thu, 22 Apr 2021 03:46:35 +0000 Subject: [PATCH] Merged r20959 from trunk to 4.1-stable (#35100). git-svn-id: http://svn.redmine.org/redmine/branches/4.1-stable@20961 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- app/models/mail_handler.rb | 4 ++-- test/unit/mail_handler_test.rb | 17 +++++++++++++++++ 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/app/models/mail_handler.rb b/app/models/mail_handler.rb index eccc93a2a..b29a33d80 100644 --- a/app/models/mail_handler.rb +++ b/app/models/mail_handler.rb @@ -227,7 +227,7 @@ class MailHandler < ActionMailer::Base unless handler_options[:no_permission_check] unless user.allowed_to?(:add_issue_notes, issue.project) || user.allowed_to?(:edit_issues, issue.project) - raise UnauthorizedAction, "not allowed to add notes on issues to project [#{project.name}]" + raise UnauthorizedAction, "not allowed to add notes on issues to project [#{issue.project.name}]" end end @@ -276,7 +276,7 @@ class MailHandler < ActionMailer::Base end unless handler_options[:no_permission_check] - raise UnauthorizedAction, "not allowed to add messages to project [#{project.name}]" unless user.allowed_to?(:add_messages, message.project) + raise UnauthorizedAction, "not allowed to add messages to project [#{message.project.name}]" unless user.allowed_to?(:add_messages, message.project) end if !message.locked? diff --git a/test/unit/mail_handler_test.rb b/test/unit/mail_handler_test.rb index 524b37072..3c749b329 100644 --- a/test/unit/mail_handler_test.rb +++ b/test/unit/mail_handler_test.rb @@ -1005,6 +1005,16 @@ class MailHandlerTest < ActiveSupport::TestCase end end + def test_reply_to_a_issue_without_permission + set_tmp_attachments_directory + Role.all.each {|r| r.remove_permission! :add_issue_notes, :edit_issues} + assert_no_difference 'Issue.count' do + assert_no_difference 'Journal.count' do + assert_not submit_email('ticket_reply_with_status.eml') + end + end + end + def test_reply_to_a_nonexitent_journal journal_id = Issue.find(2).journals.last.id Journal.destroy(journal_id) @@ -1056,6 +1066,13 @@ class MailHandlerTest < ActiveSupport::TestCase end end + def test_reply_to_a_topic_without_permission + Role.all.each {|r| r.remove_permission! :add_messages} + assert_no_difference('Message.count') do + assert_not submit_email('message_reply_by_subject.eml') + end + end + def test_should_convert_tags_of_html_only_emails with_settings :text_formatting => 'textile' do issue = submit_email('ticket_html_only.eml', :issue => {:project => 'ecookbook'}) -- 2.39.5