summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJean-Philippe Lang <jp_lang@yahoo.fr>2019-03-30 07:14:22 +0000
committerJean-Philippe Lang <jp_lang@yahoo.fr>2019-03-30 07:14:22 +0000
commitdcbbee1c745ac1ef9b1608daf1cf53d40cda7c7d (patch)
treefed8c1d82cf8872b655ae562ffbc2418cbc287f0
parent1d6258250ccfadb3213a300db63afaeb9ef38441 (diff)
downloadredmine-dcbbee1c745ac1ef9b1608daf1cf53d40cda7c7d.tar.gz
redmine-dcbbee1c745ac1ef9b1608daf1cf53d40cda7c7d.zip
Merged r18013 to 4.0-stable (#30731).
git-svn-id: http://svn.redmine.org/redmine/branches/4.0-stable@18017 e93f8b46-1217-0410-a6f0-8f06a7374b81
-rw-r--r--app/views/repositories/_revisions.html.erb2
-rw-r--r--test/functional/repositories_controller_test.rb19
2 files changed, 20 insertions, 1 deletions
diff --git a/app/views/repositories/_revisions.html.erb b/app/views/repositories/_revisions.html.erb
index 914999b34..514380791 100644
--- a/app/views/repositories/_revisions.html.erb
+++ b/app/views/repositories/_revisions.html.erb
@@ -20,7 +20,7 @@ end %>
:repository_id => @repository.identifier_param, :path => to_path_param(path)},
:method => :get
) do %>
-<% show_diff = revisions.size > 1 %>
+<% show_diff = revisions.size > 1 && User.current.allowed_to?(:browse_repository, @repository.project) %>
<%= submit_tag(l(:label_view_diff), :name => nil) if show_diff %>
<table class="list changesets">
<thead><tr>
diff --git a/test/functional/repositories_controller_test.rb b/test/functional/repositories_controller_test.rb
index 8338b8987..5d8172cf3 100644
--- a/test/functional/repositories_controller_test.rb
+++ b/test/functional/repositories_controller_test.rb
@@ -180,6 +180,25 @@ class RepositoriesControllerTest < Redmine::RepositoryControllerTest
end
end
+ def test_show_should_show_diff_button_depending_on_browse_repository_permission
+ @request.session[:user_id] = 2
+ role = Role.find(1)
+
+ role.add_permission! :browse_repository
+ get :show, :params => {
+ :id => 1
+ }
+ assert_response :success
+ assert_select 'input[value="View differences"]'
+
+ role.remove_permission! :browse_repository
+ get :show, :params => {
+ :id => 1
+ }
+ assert_response :success
+ assert_select 'input[value="View differences"]', :count => 0
+ end
+
def test_revisions
get :revisions, :params => {
:id => 1,