Workflow permissions are applied as when changing the status of a single issue. The issue is not saved (and an error is displayed) if the status transition is not allowed for the user. git-svn-id: http://redmine.rubyforge.org/svn/trunk@831 e93f8b46-1217-0410-a6f0-8f06a7374b81tags/0.6.0
@@ -340,12 +340,13 @@ class ProjectsController < ApplicationController | |||
# Bulk edit issues | |||
def bulk_edit_issues | |||
if request.post? | |||
status = IssueStatus.find_by_id(params[:status_id]) | |||
priority = Enumeration.find_by_id(params[:priority_id]) | |||
assigned_to = User.find_by_id(params[:assigned_to_id]) | |||
category = @project.issue_categories.find_by_id(params[:category_id]) | |||
fixed_version = @project.versions.find_by_id(params[:fixed_version_id]) | |||
issues = @project.issues.find_all_by_id(params[:issue_ids]) | |||
unsaved_issue_ids = [] | |||
unsaved_issue_ids = [] | |||
issues.each do |issue| | |||
journal = issue.init_journal(User.current, params[:notes]) | |||
issue.priority = priority if priority | |||
@@ -355,10 +356,12 @@ class ProjectsController < ApplicationController | |||
issue.start_date = params[:start_date] unless params[:start_date].blank? | |||
issue.due_date = params[:due_date] unless params[:due_date].blank? | |||
issue.done_ratio = params[:done_ratio] unless params[:done_ratio].blank? | |||
if issue.save | |||
# Don't save any change to the issue if the user is not authorized to apply the requested status | |||
if (status.nil? || (issue.status.new_status_allowed_to?(status, current_role, issue.tracker) && issue.status = status)) && issue.save | |||
# Send notification for each issue (if changed) | |||
Mailer.deliver_issue_edit(journal) if journal.details.any? && Setting.notified_events.include?('issue_updated') | |||
else | |||
# Keep unsaved issue ids to display them in flash error | |||
unsaved_issue_ids << issue.id | |||
end | |||
end | |||
@@ -370,6 +373,11 @@ class ProjectsController < ApplicationController | |||
redirect_to :action => 'list_issues', :id => @project | |||
return | |||
end | |||
if current_role && User.current.allowed_to?(:change_issue_status, @project) | |||
# Find potential statuses the user could be allowed to switch issues to | |||
@available_statuses = Workflow.find(:all, :include => :new_status, | |||
:conditions => {:role_id => current_role.id}).collect(&:new_status).compact.uniq | |||
end | |||
render :update do |page| | |||
page.hide 'query_form' | |||
page.replace_html 'bulk-edit', :partial => 'issues/bulk_edit_form' |
@@ -51,6 +51,12 @@ class IssueStatus < ActiveRecord::Base | |||
:conditions => ["role_id=? and tracker_id=?", role.id, tracker.id]).collect{ |w| w.new_status }.compact if role && tracker | |||
new_statuses ? new_statuses.sort{|x, y| x.position <=> y.position } : [] | |||
end | |||
def new_status_allowed_to?(status, role, tracker) | |||
status && role && tracker ? | |||
!workflows.find(:first, :conditions => {:new_status_id => status.id, :role_id => role.id, :tracker_id => tracker.id}).nil? : | |||
false | |||
end | |||
def to_s; name end | |||
@@ -2,12 +2,18 @@ | |||
<fieldset class="box"><legend><%= l(:label_bulk_edit_selected_issues) %></legend> | |||
<p> | |||
<% if @available_statuses %> | |||
<label><%= l(:field_status) %>: | |||
<%= select_tag('status_id', "<option value=\"\">#{l(:label_no_change_option)}</option>" + options_from_collection_for_select(@available_statuses, :id, :name)) %></label> | |||
<% end %> | |||
<label><%= l(:field_priority) %>: | |||
<%= select_tag('priority_id', "<option value=\"\">#{l(:label_no_change_option)}</option>" + options_from_collection_for_select(Enumeration.get_values('IPRI'), :id, :name)) %></label> | |||
<label><%= l(:field_assigned_to) %>: | |||
<%= select_tag('assigned_to_id', "<option value=\"\">#{l(:label_no_change_option)}</option>" + options_from_collection_for_select(@project.assignable_users, :id, :name)) %></label> | |||
<label><%= l(:field_category) %>: | |||
<%= select_tag('category_id', "<option value=\"\">#{l(:label_no_change_option)}</option>" + options_from_collection_for_select(@project.issue_categories, :id, :name)) %></label> | |||
</p> | |||
<p> | |||
<label><%= l(:field_assigned_to) %>: | |||
<%= select_tag('assigned_to_id', "<option value=\"\">#{l(:label_no_change_option)}</option>" + options_from_collection_for_select(@project.assignable_users, :id, :name)) %></label> | |||
<label><%= l(:field_fixed_version) %>: | |||
<%= select_tag('fixed_version_id', "<option value=\"\">#{l(:label_no_change_option)}</option>" + options_from_collection_for_select(@project.versions, :id, :name)) %></label> | |||
</p> |