Patch by Yuichi HARADA. git-svn-id: http://svn.redmine.org/redmine/trunk@18081 e93f8b46-1217-0410-a6f0-8f06a7374b81

5 years ago · 1ff42ec5bc
--- a/app/models/issue.rb
+++ b/app/models/issue.rb
@@ -180,7 +180,9 @@ class Issue < ActiveRecord::Base

  # Returns true if user or current user is allowed to edit the issue
  def attributes_editable?(user=User.current)
    user_tracker_permission?(user, :edit_issues)
    user_tracker_permission?(user, :edit_issues) || (
      user_tracker_permission?(user, :edit_own_issues) && author == user
    )
  end

  # Overrides Redmine::Acts::Attachable::InstanceMethods#attachments_editable?
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -488,6 +488,7 @@ en:
  permission_view_issues: View Issues
  permission_add_issues: Add issues
  permission_edit_issues: Edit issues
  permission_edit_own_issues: Edit own issues
  permission_copy_issues: Copy issues
  permission_manage_issue_relations: Manage issue relations
  permission_set_issues_private: Set issues public or private
--- a/lib/redmine.rb
+++ b/lib/redmine.rb
@@ -102,6 +102,7 @@ Redmine::AccessControl.map do |map|
                                  :read => true
    map.permission :add_issues, {:issues => [:new, :create], :attachments => :upload}
    map.permission :edit_issues, {:issues => [:edit, :update, :bulk_edit, :bulk_update], :journals => [:new], :attachments => :upload}
    map.permission :edit_own_issues, {:issues => [:edit, :update, :bulk_edit, :bulk_update], :journals => [:new], :attachments => :upload}
    map.permission :copy_issues, {:issues => [:new, :create, :bulk_edit, :bulk_update], :attachments => :upload}
    map.permission :manage_issue_relations, {:issue_relations => [:index, :show, :create, :destroy]}
    map.permission :manage_subtasks, {}
--- a/test/unit/issue_test.rb
+++ b/test/unit/issue_test.rb
@@ -543,6 +543,23 @@ class IssueTest < ActiveSupport::TestCase
    assert_equal false, issue.deletable?(user)
  end

  def test_issue_should_editable_by_author
    Role.all.each do |r|
      r.remove_permission! :edit_issues
      r.add_permission! :edit_own_issues
    end

    issue = Issue.find(1)
    user = User.find_by_login('jsmith')

    # author
    assert_equal user, issue.author
    assert_equal true, issue.attributes_editable?(user)

    # not author
    assert_equal false, issue.attributes_editable?(User.find_by_login('dlopper'))
  end

  def test_errors_full_messages_should_include_custom_fields_errors
    field = IssueCustomField.find_by_name('Database')