Patch by Yuichi HARADA. git-svn-id: http://svn.redmine.org/redmine/trunk@18081 e93f8b46-1217-0410-a6f0-8f06a7374b81tags/4.1.0
@@ -180,7 +180,9 @@ class Issue < ActiveRecord::Base | |||
# Returns true if user or current user is allowed to edit the issue | |||
def attributes_editable?(user=User.current) | |||
user_tracker_permission?(user, :edit_issues) | |||
user_tracker_permission?(user, :edit_issues) || ( | |||
user_tracker_permission?(user, :edit_own_issues) && author == user | |||
) | |||
end | |||
# Overrides Redmine::Acts::Attachable::InstanceMethods#attachments_editable? |
@@ -488,6 +488,7 @@ en: | |||
permission_view_issues: View Issues | |||
permission_add_issues: Add issues | |||
permission_edit_issues: Edit issues | |||
permission_edit_own_issues: Edit own issues | |||
permission_copy_issues: Copy issues | |||
permission_manage_issue_relations: Manage issue relations | |||
permission_set_issues_private: Set issues public or private |
@@ -102,6 +102,7 @@ Redmine::AccessControl.map do |map| | |||
:read => true | |||
map.permission :add_issues, {:issues => [:new, :create], :attachments => :upload} | |||
map.permission :edit_issues, {:issues => [:edit, :update, :bulk_edit, :bulk_update], :journals => [:new], :attachments => :upload} | |||
map.permission :edit_own_issues, {:issues => [:edit, :update, :bulk_edit, :bulk_update], :journals => [:new], :attachments => :upload} | |||
map.permission :copy_issues, {:issues => [:new, :create, :bulk_edit, :bulk_update], :attachments => :upload} | |||
map.permission :manage_issue_relations, {:issue_relations => [:index, :show, :create, :destroy]} | |||
map.permission :manage_subtasks, {} |
@@ -543,6 +543,23 @@ class IssueTest < ActiveSupport::TestCase | |||
assert_equal false, issue.deletable?(user) | |||
end | |||
def test_issue_should_editable_by_author | |||
Role.all.each do |r| | |||
r.remove_permission! :edit_issues | |||
r.add_permission! :edit_own_issues | |||
end | |||
issue = Issue.find(1) | |||
user = User.find_by_login('jsmith') | |||
# author | |||
assert_equal user, issue.author | |||
assert_equal true, issue.attributes_editable?(user) | |||
# not author | |||
assert_equal false, issue.attributes_editable?(User.find_by_login('dlopper')) | |||
end | |||
def test_errors_full_messages_should_include_custom_fields_errors | |||
field = IssueCustomField.find_by_name('Database') | |||