mirrors
/
redmine
mirror of https://github.com/redmine/redmine.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 201 Wiki Activity
Browse Source

Consider only roles with either add_issues or edit_issues permissions for any status transitions (#37635). 

Patch by Holger Just.


git-svn-id: https://svn.redmine.org/redmine/trunk@21817 e93f8b46-1217-0410-a6f0-8f06a7374b81
tags/5.1.0
Go MAEDA 1 year ago
parent
12c7061416
commit
d4b7634cc6
2 changed files with 29 additions and 4 deletions
Split View Show Diff Stats
  1. 7
    4
      app/models/issue.rb
  2. 22
    0
      test/unit/issue_test.rb

+ 7
- 4
app/models/issue.rb View File

@@ -677,9 +677,7 @@ class Issue < ActiveRecord::Base
def workflow_rule_by_attribute(user=nil)
return @workflow_rule_by_attribute if @workflow_rule_by_attribute && user.nil?

user_real = user || User.current
roles = user_real.admin ? Role.all.to_a : user_real.roles_for_project(project)
roles = roles.select(&:consider_workflow?)
roles = roles_for_workflow(user || User.current)
return {} if roles.empty?

result = {}
@@ -1066,7 +1064,7 @@ class Issue < ActiveRecord::Base
statuses = []
statuses += IssueStatus.new_statuses_allowed(
initial_status,
user.admin ? Role.all.to_a : user.roles_for_project(project),
roles_for_workflow(user),
tracker,
author == user,
assignee_transitions_allowed
@@ -2053,4 +2051,9 @@ class Issue < ActiveRecord::Base
Project
end
end

def roles_for_workflow(user)
roles = user.admin ? Role.all.to_a : user.roles_for_project(project)
roles.select(&:consider_workflow?)
end
end

+ 22
- 0
test/unit/issue_test.rb View File

@@ -859,6 +859,28 @@ class IssueTest < ActiveSupport::TestCase
assert_equal expected_statuses, issue.new_statuses_allowed_to(admin)
end

def test_new_statuses_allowed_to_should_only_return_transitions_of_considered_workflows
issue = Issue.find(9)

WorkflowTransition.delete_all
WorkflowTransition.create!(:role_id => 1, :tracker_id => 1, :old_status_id => 1, :new_status_id => 2)

developer = Role.find(2)
developer.remove_permission! :edit_issues
developer.remove_permission! :add_issues
assert !developer.consider_workflow?
WorkflowTransition.create!(:role_id => 2, :tracker_id => 1, :old_status_id => 1, :new_status_id => 3)

# status 3 is not displayed
expected_statuses = IssueStatus.where(:id => [1, 2])

admin = User.find(1)
assert_equal expected_statuses, issue.new_statuses_allowed_to(admin)

author = User.find(8)
assert_equal expected_statuses, issue.new_statuses_allowed_to(author)
end

def test_new_statuses_allowed_to_should_return_allowed_statuses_when_copying
Tracker.find(1).generate_transitions! :role_id => 1, :clear => true, 0 => [1, 3]


Write Preview
Loading…
Cancel
Save