From f9f617caa3dab03d4594b826effe171d65f77338 Mon Sep 17 00:00:00 2001
From: Go MAEDA <maeda@farend.jp>
Date: Thu, 19 Jan 2023 11:56:53 +0000
Subject: [PATCH] Merged r22063 from trunk to 5.0-stable (#38070).

git-svn-id: https://svn.redmine.org/redmine/branches/5.0-stable@22064 e93f8b46-1217-0410-a6f0-8f06a7374b81
---
 app/models/role.rb     |  4 +++
 test/unit/role_test.rb | 76 ++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 80 insertions(+)

diff --git a/app/models/role.rb b/app/models/role.rb
index 696beebf6..b73e69473 100644
--- a/app/models/role.rb
+++ b/app/models/role.rb
@@ -228,6 +228,8 @@ class Role < ActiveRecord::Base
   # Returns true if tracker_id belongs to the list of
   # trackers for which permission is given
   def permissions_tracker_ids?(permission, tracker_id)
+    return false unless has_permission?(permission)
+
     permissions_tracker_ids(permission).include?(tracker_id)
   end
 
@@ -241,6 +243,8 @@ class Role < ActiveRecord::Base
 
   # Returns true if permission is given for all trackers
   def permissions_all_trackers?(permission)
+    return false unless has_permission?(permission)
+
     permissions_all_trackers[permission.to_s].to_s != '0'
   end
 
diff --git a/test/unit/role_test.rb b/test/unit/role_test.rb
index 8ec078648..48fb06000 100644
--- a/test/unit/role_test.rb
+++ b/test/unit/role_test.rb
@@ -101,6 +101,82 @@ class RoleTest < ActiveSupport::TestCase
     assert_equal false, role.has_permission?(:delete_issues)
   end
 
+  def test_permissions_all_trackers?
+    role = Role.create!(:name => 'Test', :permissions => [:view_issues])
+    assert_equal true, role.permissions_all_trackers?(:view_issues)
+    assert_equal false, role.permissions_all_trackers?(:edit_issues)
+
+    role.set_permission_trackers :view_issues, [1]
+    role.set_permission_trackers :edit_issues, [1]
+    assert_equal false, role.permissions_all_trackers?(:view_issues)
+    assert_equal false, role.permissions_all_trackers?(:edit_issues)
+
+    role.set_permission_trackers :view_issues, :all
+    role.set_permission_trackers :edit_issues, :all
+    assert_equal true, role.permissions_all_trackers?(:view_issues)
+    assert_equal false, role.permissions_all_trackers?(:edit_issues)
+  end
+
+  def test_permissions_all_trackers_considers_base_permission
+    role = Role.create!(:name => 'Test', :permissions => [:view_issues])
+    assert_equal true, role.permissions_all_trackers?(:view_issues)
+
+    role.remove_permission!(:view_issues)
+    assert_equal false, role.permissions_all_trackers?(:view_issues)
+  end
+
+  def test_permissions_tracker_ids?
+    role = Role.create!(:name => 'Test', :permissions => [:view_issues])
+    assert_equal false, role.permissions_tracker_ids?(:view_issues, 1)
+    assert_equal false, role.permissions_tracker_ids?(:edit_issues, 1)
+
+    role.set_permission_trackers :view_issues, [1, 2, 3]
+    role.set_permission_trackers :edit_issues, [1, 2, 3]
+
+    assert_equal true, role.permissions_tracker_ids?(:view_issues, 1)
+    assert_equal false, role.permissions_tracker_ids?(:edit_issues, 1)
+  end
+
+  def test_permissions_tracker_ids_considers_base_permission
+    role = Role.create!(:name => 'Test', :permissions => [:view_issues])
+    role.set_permission_trackers :view_issues, [1, 2, 3]
+    assert_equal true, role.permissions_tracker_ids?(:view_issues, 1)
+
+    role.remove_permission!(:view_issues)
+    assert_equal false, role.permissions_tracker_ids?(:view_issues, 1)
+  end
+
+  def test_permissions_tracker?
+    tracker = Tracker.find(1)
+    role = Role.create!(:name => 'Test', :permissions => [:view_issues])
+    assert_equal true, role.permissions_tracker?(:view_issues, 1)
+    assert_equal false, role.permissions_tracker?(:edit_issues, 1)
+
+    role.set_permission_trackers :view_issues, [1]
+    role.set_permission_trackers :edit_issues, [1]
+    assert_equal true, role.permissions_tracker?(:view_issues, tracker)
+    assert_equal false, role.permissions_tracker?(:edit_issues, tracker)
+
+    role.set_permission_trackers :view_issues, [2]
+    role.set_permission_trackers :edit_issues, [2]
+    assert_equal false, role.permissions_tracker?(:view_issues, tracker)
+    assert_equal false, role.permissions_tracker?(:edit_issues, tracker)
+
+    role.set_permission_trackers :view_issues, :all
+    role.set_permission_trackers :edit_issues, :all
+    assert_equal true, role.permissions_tracker?(:view_issues, tracker)
+    assert_equal false, role.permissions_tracker?(:edit_issues, tracker)
+  end
+
+  def test_permissions_tracker_considers_base_permission
+    role = Role.create!(:name => 'Test', :permissions => [:edit_isues])
+    role.set_permission_trackers :view_issues, [1, 2, 3]
+    assert_equal false, role.permissions_tracker_ids?(:view_issues, 1)
+
+    role.set_permission_trackers :view_issues, :all
+    assert_equal false, role.permissions_tracker_ids?(:view_issues, 1)
+  end
+
   def test_has_permission_without_permissions
     role = Role.create!(:name => 'Test')
     assert_equal false, role.has_permission?(:delete_issues)
-- 
2.39.5