diff options
author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2016-08-30 19:32:52 +0000 |
---|---|---|
committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2016-08-30 19:32:52 +0000 |
commit | b405a0be535b365276dfdfbf092107bb07c70713 (patch) | |
tree | 8133315a6bef62314521b3d723c5adbadaf421ed | |
parent | 9f9232381ab6fc11a1d8a06bdbfb33d54d4e3623 (diff) | |
download | redmine-b405a0be535b365276dfdfbf092107bb07c70713.tar.gz redmine-b405a0be535b365276dfdfbf092107bb07c70713.zip |
Disable "Select project modules" permission does not apply to the new project form (#23470).
git-svn-id: http://svn.redmine.org/redmine/trunk@15752 e93f8b46-1217-0410-a6f0-8f06a7374b81
-rw-r--r-- | app/models/project.rb | 20 | ||||
-rw-r--r-- | app/views/projects/_form.html.erb | 2 | ||||
-rw-r--r-- | test/functional/projects_controller_test.rb | 44 |
3 files changed, 63 insertions, 3 deletions
diff --git a/app/models/project.rb b/app/models/project.rb index b6ca8a095..2fc35ec4d 100644 --- a/app/models/project.rb +++ b/app/models/project.rb @@ -500,12 +500,18 @@ class Project < ActiveRecord::Base # Adds user as a project member with the default role # Used for when a non-admin user creates a project def add_default_member(user) - role = Role.givable.find_by_id(Setting.new_project_user_role_id.to_i) || Role.givable.first + role = self.class.default_member_role member = Member.new(:project => self, :principal => user, :roles => [role]) self.members << member member end + # Default role that is given to non-admin users that + # create a project + def self.default_member_role + Role.givable.find_by_id(Setting.new_project_user_role_id.to_i) || Role.givable.first + end + # Deletes all project's members def delete_all_members me, mr = Member.table_name, MemberRole.table_name @@ -716,7 +722,17 @@ class Project < ActiveRecord::Base 'default_version_id' safe_attributes 'enabled_module_names', - :if => lambda {|project, user| project.new_record? || user.allowed_to?(:select_project_modules, project) } + :if => lambda {|project, user| + if project.new_record? + if user.admin? + true + else + default_member_role.has_permission?(:select_project_modules) + end + else + user.allowed_to?(:select_project_modules, project) + end + } safe_attributes 'inherit_members', :if => lambda {|project, user| project.parent.nil? || project.parent.visible?(user)} diff --git a/app/views/projects/_form.html.erb b/app/views/projects/_form.html.erb index b75ce82d6..1e5917e88 100644 --- a/app/views/projects/_form.html.erb +++ b/app/views/projects/_form.html.erb @@ -32,7 +32,7 @@ <%= call_hook(:view_projects_form, :project => @project, :form => f) %> </div> -<% if @project.new_record? %> +<% if @project.new_record? && @project.safe_attribute?('enabled_module_names') %> <fieldset class="box tabular"><legend><%= l(:label_module_plural) %></legend> <% Redmine::AccessControl.available_project_modules.each do |m| %> <label class="floating"> diff --git a/test/functional/projects_controller_test.rb b/test/functional/projects_controller_test.rb index 2a2cbbde3..423a4a045 100644 --- a/test/functional/projects_controller_test.rb +++ b/test/functional/projects_controller_test.rb @@ -111,6 +111,22 @@ class ProjectsControllerTest < Redmine::ControllerTest end end + def test_new_by_non_admin_should_display_modules_if_default_role_is_allowed_to_select_modules + Role.non_member.add_permission!(:add_project) + default_role = Role.generate!(:permissions => [:view_issues]) + user = User.generate! + @request.session[:user_id] = user.id + + with_settings :new_project_user_role_id => default_role.id.to_s do + get :new + assert_select 'input[name=?]', 'project[enabled_module_names][]', 0 + + default_role.add_permission!(:select_project_modules) + get :new + assert_select 'input[name=?]', 'project[enabled_module_names][]' + end + end + def test_new_should_not_display_invalid_search_link @request.session[:user_id] = 1 @@ -277,6 +293,34 @@ class ProjectsControllerTest < Redmine::ControllerTest assert_select_error /Subproject of is invalid/ end + def test_create_by_non_admin_should_accept_modules_if_default_role_is_allowed_to_select_modules + Role.non_member.add_permission!(:add_project) + default_role = Role.generate!(:permissions => [:view_issues, :add_project]) + user = User.generate! + @request.session[:user_id] = user.id + + with_settings :new_project_user_role_id => default_role.id.to_s, :default_projects_modules => %w(news files) do + project = new_record(Project) do + post :create, :project => { + :name => "blog1", + :identifier => "blog1", + :enabled_module_names => ["issue_tracking", "repository"] + } + end + assert_equal %w(files news), project.enabled_module_names.sort + + default_role.add_permission!(:select_project_modules) + project = new_record(Project) do + post :create, :project => { + :name => "blog2", + :identifier => "blog2", + :enabled_module_names => ["issue_tracking", "repository"] + } + end + assert_equal %w(issue_tracking repository), project.enabled_module_names.sort + end + end + def test_create_subproject_with_inherit_members_should_inherit_members Role.find_by_name('Manager').add_permission! :add_subprojects parent = Project.find(1) |