diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2016-08-30 19:32:52 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2016-08-30 19:32:52 +0000 |
| commit | b405a0be535b365276dfdfbf092107bb07c70713 (patch) | |
| tree | 8133315a6bef62314521b3d723c5adbadaf421ed /app | |
| parent | 9f9232381ab6fc11a1d8a06bdbfb33d54d4e3623 (diff) | |
| download | redmine-b405a0be535b365276dfdfbf092107bb07c70713.tar.gz redmine-b405a0be535b365276dfdfbf092107bb07c70713.zip | |
Disable "Select project modules" permission does not apply to the new project form (#23470).
git-svn-id: http://svn.redmine.org/redmine/trunk@15752 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app')
| -rw-r--r-- | app/models/project.rb | 20 | ||||
| -rw-r--r-- | app/views/projects/_form.html.erb | 2 |
2 files changed, 19 insertions, 3 deletions
diff --git a/app/models/project.rb b/app/models/project.rb index b6ca8a095..2fc35ec4d 100644 --- a/app/models/project.rb +++ b/app/models/project.rb @@ -500,12 +500,18 @@ class Project < ActiveRecord::Base # Adds user as a project member with the default role # Used for when a non-admin user creates a project def add_default_member(user) - role = Role.givable.find_by_id(Setting.new_project_user_role_id.to_i) || Role.givable.first + role = self.class.default_member_role member = Member.new(:project => self, :principal => user, :roles => [role]) self.members << member member end + # Default role that is given to non-admin users that + # create a project + def self.default_member_role + Role.givable.find_by_id(Setting.new_project_user_role_id.to_i) || Role.givable.first + end + # Deletes all project's members def delete_all_members me, mr = Member.table_name, MemberRole.table_name @@ -716,7 +722,17 @@ class Project < ActiveRecord::Base 'default_version_id' safe_attributes 'enabled_module_names', - :if => lambda {|project, user| project.new_record? || user.allowed_to?(:select_project_modules, project) } + :if => lambda {|project, user| + if project.new_record? + if user.admin? + true + else + default_member_role.has_permission?(:select_project_modules) + end + else + user.allowed_to?(:select_project_modules, project) + end + } safe_attributes 'inherit_members', :if => lambda {|project, user| project.parent.nil? || project.parent.visible?(user)} diff --git a/app/views/projects/_form.html.erb b/app/views/projects/_form.html.erb index b75ce82d6..1e5917e88 100644 --- a/app/views/projects/_form.html.erb +++ b/app/views/projects/_form.html.erb @@ -32,7 +32,7 @@ <%= call_hook(:view_projects_form, :project => @project, :form => f) %> </div> -<% if @project.new_record? %> +<% if @project.new_record? && @project.safe_attribute?('enabled_module_names') %> <fieldset class="box tabular"><legend><%= l(:label_module_plural) %></legend> <% Redmine::AccessControl.available_project_modules.each do |m| %> <label class="floating"> |