Per role visibility settings for project custom fields (#31925).

Patch by Jens Krämer and Marius BALTEANU.


git-svn-id: http://svn.redmine.org/redmine/trunk@18379 e93f8b46-1217-0410-a6f0-8f06a7374b81

app/models/project.rb

@@ -870,6 +870,13 @@ class Project < ActiveRecord::Base
     end
   end
 
+  def visible_custom_field_values(user = nil)
+    user ||= User.current
+    custom_field_values.select do |value|
+      value.custom_field.visible_by?(project, user)
+    end
+  end
+
   private
 
   def update_inherited_members

app/models/project_custom_field.rb

@@ -22,6 +22,10 @@ class ProjectCustomField < CustomField
     :label_project_plural
   end
 
+  def visible_by?(project, user=User.current)
+    super || (roles & user.roles_for_project(project)).present?
+  end
+
   def visibility_by_project_condition(project_key=nil, user=User.current, id_column=nil)
     project_key ||= "#{Project.table_name}.id"
     super(project_key, user, id_column)

app/views/custom_fields/_form.html.erb

@@ -34,7 +34,7 @@
   <div class="box tabular">
     <p><%= f.check_box :is_required %></p>
 
-    <% if %w(UserCustomField ProjectCustomField).include?(@custom_field.class.name) %>
+    <% if %w(UserCustomField).include?(@custom_field.class.name) %>
       <p><%= f.check_box :visible %></p>
     <% end %>
 
@@ -53,7 +53,7 @@
     <%= call_hook(:"view_custom_fields_form_#{@custom_field.type.to_s.underscore}", :custom_field => @custom_field, :form => f) %>
   </div>
 
-  <% if %w(IssueCustomField TimeEntryCustomField).include?(@custom_field.class.name) %>
+  <% if %w(IssueCustomField TimeEntryCustomField ProjectCustomField).include?(@custom_field.class.name) %>
     <%= render :partial => 'visibility_by_role_selector', :locals => { :f => f } %>
   <% end %>
 

app/views/projects/_form.html.erb

@@ -25,7 +25,7 @@
 
 <%= wikitoolbar_for 'project_description' %>
 
-<% @project.custom_field_values.each do |value| %>
+<% @project.visible_custom_field_values.each do |value| %>
   <p><%= custom_field_tag_with_label :project, value %></p>
 <% end %>
 <%= call_hook(:view_projects_form, :project => @project, :form => f) %>

test/functional/custom_fields_controller_test.rb

@@ -126,6 +126,26 @@ class CustomFieldsControllerTest < Redmine::ControllerTest
     end
   end
 
+  def test_new_project_custom_field
+    get :new, :params => {
+        :type => 'ProjectCustomField'
+      }
+    assert_response :success
+
+    assert_select 'form#custom_field_form' do
+      assert_select 'select#custom_field_field_format[name=?]', 'custom_field[field_format]' do
+        assert_select 'option[value=user]', :text => 'User'
+        assert_select 'option[value=version]', :text => 'Version'
+      end
+
+      # Visibility
+      assert_select 'input[type=radio][name=?]', 'custom_field[visible]', 2
+      assert_select 'input[type=checkbox][name=?]', 'custom_field[role_ids][]', 3
+
+      assert_select 'input[type=hidden][name=type][value=ProjectCustomField]'
+    end
+  end
+
   def test_new_time_entry_custom_field_should_not_show_trackers_and_projects
     get :new, :params => {
         :type => 'TimeEntryCustomField'

test/functional/projects_controller_test.rb

@@ -726,6 +726,18 @@ class ProjectsControllerTest < Redmine::ControllerTest
     assert_select 'a#tab-activities'
   end
 
+  def test_settings_should_not_display_custom_fields_not_visible_for_user
+    @request.session[:user_id] = 2
+
+    ProjectCustomField.find_by_name('Development status').update_attribute :visible, false
+    get :settings, :params => {
+        :id => 'ecookbook'
+      }
+    assert_response :success
+
+    assert_select 'select#project_custom_field_values_3', :count => 0
+  end
+
   def test_update
     @request.session[:user_id] = 2 # manager
     post :update, :params => {