diff options
| author | Go MAEDA <maeda@farend.jp> | 2022-09-17 06:14:27 +0000 |
|---|---|---|
| committer | Go MAEDA <maeda@farend.jp> | 2022-09-17 06:14:27 +0000 |
| commit | d4b7634cc6c8f992a2d466c0302eebb7ccbd30a8 (patch) | |
| tree | 05ca3c0979ba5341a2499722f32a1d601955782c | |
| parent | 12c70614168351fb9a8036ecd0366bff8504f438 (diff) | |
| download | redmine-d4b7634cc6c8f992a2d466c0302eebb7ccbd30a8.tar.gz redmine-d4b7634cc6c8f992a2d466c0302eebb7ccbd30a8.zip | |
Consider only roles with either add_issues or edit_issues permissions for any status transitions (#37635).
Patch by Holger Just.
git-svn-id: https://svn.redmine.org/redmine/trunk@21817 e93f8b46-1217-0410-a6f0-8f06a7374b81
| -rw-r--r-- | app/models/issue.rb | 11 | ||||
| -rw-r--r-- | test/unit/issue_test.rb | 22 |
2 files changed, 29 insertions, 4 deletions
diff --git a/app/models/issue.rb b/app/models/issue.rb index 84907a475..0e634bf8b 100644 --- a/app/models/issue.rb +++ b/app/models/issue.rb @@ -677,9 +677,7 @@ class Issue < ActiveRecord::Base def workflow_rule_by_attribute(user=nil) return @workflow_rule_by_attribute if @workflow_rule_by_attribute && user.nil? - user_real = user || User.current - roles = user_real.admin ? Role.all.to_a : user_real.roles_for_project(project) - roles = roles.select(&:consider_workflow?) + roles = roles_for_workflow(user || User.current) return {} if roles.empty? result = {} @@ -1066,7 +1064,7 @@ class Issue < ActiveRecord::Base statuses = [] statuses += IssueStatus.new_statuses_allowed( initial_status, - user.admin ? Role.all.to_a : user.roles_for_project(project), + roles_for_workflow(user), tracker, author == user, assignee_transitions_allowed @@ -2053,4 +2051,9 @@ class Issue < ActiveRecord::Base Project end end + + def roles_for_workflow(user) + roles = user.admin ? Role.all.to_a : user.roles_for_project(project) + roles.select(&:consider_workflow?) + end end diff --git a/test/unit/issue_test.rb b/test/unit/issue_test.rb index f054cee96..b056ffb18 100644 --- a/test/unit/issue_test.rb +++ b/test/unit/issue_test.rb @@ -859,6 +859,28 @@ class IssueTest < ActiveSupport::TestCase assert_equal expected_statuses, issue.new_statuses_allowed_to(admin) end + def test_new_statuses_allowed_to_should_only_return_transitions_of_considered_workflows + issue = Issue.find(9) + + WorkflowTransition.delete_all + WorkflowTransition.create!(:role_id => 1, :tracker_id => 1, :old_status_id => 1, :new_status_id => 2) + + developer = Role.find(2) + developer.remove_permission! :edit_issues + developer.remove_permission! :add_issues + assert !developer.consider_workflow? + WorkflowTransition.create!(:role_id => 2, :tracker_id => 1, :old_status_id => 1, :new_status_id => 3) + + # status 3 is not displayed + expected_statuses = IssueStatus.where(:id => [1, 2]) + + admin = User.find(1) + assert_equal expected_statuses, issue.new_statuses_allowed_to(admin) + + author = User.find(8) + assert_equal expected_statuses, issue.new_statuses_allowed_to(author) + end + def test_new_statuses_allowed_to_should_return_allowed_statuses_when_copying Tracker.find(1).generate_transitions! :role_id => 1, :clear => true, 0 => [1, 3] |