Merged r15223 and r15225 (#22127).

git-svn-id: http://svn.redmine.org/redmine/branches/3.1-stable@15231 e93f8b46-1217-0410-a6f0-8f06a7374b81
author: Jean-Philippe Lang <jp_lang@yahoo.fr> 2016-03-13 08:21:25 +0000
committer: Jean-Philippe Lang <jp_lang@yahoo.fr> 2016-03-13 08:21:25 +0000
commit: fdc0782be1d69af8e190e4e3c167cc221010a25a (patch)
tree: 6b404d424680617317dde7d02f4fdb2e238e987e
parent: 9b8e29741966da8c50e3b3d3e379c85847f689c9 (diff)
download: redmine-fdc0782be1d69af8e190e4e3c167cc221010a25a.tar.gz
redmine-fdc0782be1d69af8e190e4e3c167cc221010a25a.zip
3 files changed, 56 insertions, 9 deletions
diff --git a/app/models/issue.rb b/app/models/issue.rb
index 20961503d..7952af2d9 100644
--- a/app/models/issue.rb
+++ b/app/models/issue.rb
@@ -470,6 +470,17 @@ class Issue < ActiveRecord::Base
         self.status_id = s
       end
     end
+    if (u = attrs.delete('assigned_to_id')) && safe_attribute?('assigned_to_id')
+      if u.blank?
+        self.assigned_to_id = nil
+      else
+        u = u.to_i
+        if assignable_users.any?{|assignable_user| assignable_user.id == u}
+          self.assigned_to_id = u
+        end
+      end
+    end
+
 
     attrs = delete_unsafe_attributes(attrs, user)
     return if attrs.empty?
diff --git a/test/functional/issues_controller_test.rb b/test/functional/issues_controller_test.rb
index 403015e61..d3943e9fd 100644
--- a/test/functional/issues_controller_test.rb
+++ b/test/functional/issues_controller_test.rb
@@ -3658,13 +3658,15 @@ class IssuesControllerTest < ActionController::TestCase
 
     @request.session[:user_id] = 2
     # update issues assignee
-    post :bulk_update, :ids => [1, 2], :notes => 'Bulk editing',
-                                     :issue => {:priority_id => '',
-                                                :assigned_to_id => group.id,
-                                                :custom_field_values => {'2' => ''}}
-
-    assert_response 302
-    assert_equal [group, group], Issue.where(:id => [1, 2]).collect {|i| i.assigned_to}
+    with_settings :issue_group_assignment => '1' do
+      post :bulk_update, :ids => [1, 2], :notes => 'Bulk editing',
+                                       :issue => {:priority_id => '',
+                                                  :assigned_to_id => group.id,
+                                                  :custom_field_values => {'2' => ''}}
+  
+      assert_response 302
+      assert_equal [group, group], Issue.where(:id => [1, 2]).collect {|i| i.assigned_to}
+    end
   end
 
   def test_bulk_update_on_different_projects
@@ -4048,7 +4050,7 @@ class IssuesControllerTest < ActionController::TestCase
       assert_no_difference 'Project.find(1).issues.count' do
         post :bulk_update, :ids => [1, 2], :copy => '1', 
              :issue => {
-               :project_id => '2', :tracker_id => '', :assigned_to_id => '4',
+               :project_id => '2', :tracker_id => '', :assigned_to_id => '2',
                :status_id => '1', :start_date => '2009-12-01', :due_date => '2009-12-31'
              }
       end
@@ -4058,7 +4060,7 @@ class IssuesControllerTest < ActionController::TestCase
     assert_equal 2, copied_issues.size
     copied_issues.each do |issue|
       assert_equal 2, issue.project_id, "Project is incorrect"
-      assert_equal 4, issue.assigned_to_id, "Assigned to is incorrect"
+      assert_equal 2, issue.assigned_to_id, "Assigned to is incorrect"
       assert_equal 1, issue.status_id, "Status is incorrect"
       assert_equal '2009-12-01', issue.start_date.to_s, "Start date is incorrect"
       assert_equal '2009-12-31', issue.due_date.to_s, "Due date is incorrect"
diff --git a/test/unit/issue_test.rb b/test/unit/issue_test.rb
index 6974dbeb1..851da83ed 100644
--- a/test/unit/issue_test.rb
+++ b/test/unit/issue_test.rb
@@ -766,6 +766,40 @@ class IssueTest < ActiveSupport::TestCase
     assert_nil issue.custom_field_value(cf2)
   end
 
+  def test_safe_attributes_should_ignore_unassignable_assignee
+    issue = Issue.new(:project_id => 1, :tracker_id => 1, :author_id => 3,
+                      :status_id => 1, :priority => IssuePriority.all.first,
+                      :subject => 'test_create')
+    assert issue.valid?
+
+    # locked user, not allowed
+    issue.safe_attributes=({'assigned_to_id' => '5'})
+    assert_nil issue.assigned_to_id
+    # no member
+    issue.safe_attributes=({'assigned_to_id' => '1'})
+    assert_nil issue.assigned_to_id
+    # user 2 is ok
+    issue.safe_attributes=({'assigned_to_id' => '2'})
+    assert_equal 2, issue.assigned_to_id
+    assert issue.save
+
+    issue.reload
+    assert_equal 2, issue.assigned_to_id
+    issue.safe_attributes=({'assigned_to_id' => '5'})
+    assert_equal 2, issue.assigned_to_id
+    issue.safe_attributes=({'assigned_to_id' => '1'})
+    assert_equal 2, issue.assigned_to_id
+    # user 3 is also ok
+    issue.safe_attributes=({'assigned_to_id' => '3'})
+    assert_equal 3, issue.assigned_to_id
+    assert issue.save
+
+    # removal of assignee
+    issue.safe_attributes=({'assigned_to_id' => ''})
+    assert_nil issue.assigned_to_id
+    assert issue.save
+  end
+
   def test_editable_custom_field_values_should_return_non_readonly_custom_values
     cf1 = IssueCustomField.create!(:name => 'Writable field', :field_format => 'string',
                                    :is_for_all => true, :tracker_ids => [1, 2])
author	Jean-Philippe Lang <jp_lang@yahoo.fr>	2016-03-13 08:21:25 +0000
committer	Jean-Philippe Lang <jp_lang@yahoo.fr>	2016-03-13 08:21:25 +0000
commit	fdc0782be1d69af8e190e4e3c167cc221010a25a (patch)
tree	6b404d424680617317dde7d02f4fdb2e238e987e
parent	9b8e29741966da8c50e3b3d3e379c85847f689c9 (diff)
download	redmine-fdc0782be1d69af8e190e4e3c167cc221010a25a.tar.gz redmine-fdc0782be1d69af8e190e4e3c167cc221010a25a.zip