diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2017-06-26 19:40:16 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2017-06-26 19:40:16 +0000 |
| commit | d5bec063e7b656974b09f9d5f9bf29326a041b7c (patch) | |
| tree | f2e0822e8a625c0c22ccc106ff1d83d931713bec /test/functional/queries_controller_test.rb | |
| parent | f3523f25fd9714c462076ce202d5d6d09e192c26 (diff) | |
| download | redmine-d5bec063e7b656974b09f9d5f9bf29326a041b7c.tar.gz redmine-d5bec063e7b656974b09f9d5f9bf29326a041b7c.zip | |
Use ApplicationController#find_optional_project instead.
git-svn-id: http://svn.redmine.org/redmine/trunk@16720 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'test/functional/queries_controller_test.rb')
| -rw-r--r-- | test/functional/queries_controller_test.rb | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/test/functional/queries_controller_test.rb b/test/functional/queries_controller_test.rb index 4aac31540..5149a447d 100644 --- a/test/functional/queries_controller_test.rb +++ b/test/functional/queries_controller_test.rb @@ -244,6 +244,31 @@ class QueriesControllerTest < Redmine::ControllerTest assert_select 'input[name=?]', 'query[name]' end + def test_create_query_without_permission_should_fail + Role.all.each {|r| r.remove_permission! :save_queries, :manage_public_queries} + + @request.session[:user_id] = 2 + assert_no_difference '::Query.count' do + post :create, :params => { + :project_id => 'ecookbook', + :query => {:name => 'Foo'} + } + end + assert_response 403 + end + + def test_create_global_query_without_permission_should_fail + Role.all.each {|r| r.remove_permission! :save_queries, :manage_public_queries} + + @request.session[:user_id] = 2 + assert_no_difference '::Query.count' do + post :create, :params => { + :query => {:name => 'Foo'} + } + end + assert_response 403 + end + def test_create_global_query_from_gantt @request.session[:user_id] = 1 assert_difference 'IssueQuery.count' do |