summaryrefslogtreecommitdiffstats
path: root/test/integration
diff options
context:
space:
mode:
authorGo MAEDA <maeda@farend.jp>2023-03-02 04:32:34 +0000
committerGo MAEDA <maeda@farend.jp>2023-03-02 04:32:34 +0000
commit555acea7804e6a93b133fe7398f490cb083c05b2 (patch)
treef5a1471e7463a4c77cc99f36656c484e9215a114 /test/integration
parent4dc56cd943b6cb5cfaae8bd21db2c8ef82e7a50c (diff)
downloadredmine-555acea7804e6a93b133fe7398f490cb083c05b2.tar.gz
redmine-555acea7804e6a93b133fe7398f490cb083c05b2.zip
Check if the user has the permission to add notes or edit an issue when adding an issue attachments (#38297).
Patch by Holger Just. git-svn-id: https://svn.redmine.org/redmine/trunk@22122 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'test/integration')
-rw-r--r--test/integration/issues_test.rb74
1 files changed, 74 insertions, 0 deletions
diff --git a/test/integration/issues_test.rb b/test/integration/issues_test.rb
index c9f5c3537..fe9cb19d0 100644
--- a/test/integration/issues_test.rb
+++ b/test/integration/issues_test.rb
@@ -140,6 +140,80 @@ class IssuesTest < Redmine::IntegrationTest
assert_equal 0, Issue.find(1).attachments.length
end
+ def test_edit_add_attachment_form
+ log_user('jsmith', 'jsmith')
+ role = Role.find(1)
+
+ role.add_permission! :edit_issues
+ role.remove_permission! :edit_own_issues
+ role.remove_permission! :add_issue_notes
+
+ get '/issues/1'
+ assert_response :success
+ assert_select 'div#new-attachments', 1
+
+ get '/issues/1/edit'
+ assert_response :success
+ assert_select 'div#new-attachments', 1
+
+ role.remove_permission! :edit_issues
+ role.add_permission! :edit_own_issues
+ role.remove_permission! :add_issue_notes
+
+ get '/issues/1'
+ assert_response :success
+ assert_select 'div#new-attachments', 1
+
+ get '/issues/1/edit'
+ assert_response :success
+ assert_select 'div#new-attachments', 1
+
+ role.remove_permission! :edit_issues
+ role.remove_permission! :edit_own_issues
+ role.add_permission! :add_issue_notes
+
+ get '/issues/1'
+ assert_response :success
+ assert_select 'div#new-attachments', 1
+
+ get '/issues/1/edit'
+ assert_response :success
+ assert_select 'div#new-attachments', 1
+ end
+
+ def test_edit_check_permission_for_add_attachment
+ log_user('jsmith', 'jsmith')
+ role = Role.find(1)
+
+ role.remove_permission! :edit_issues
+ role.remove_permission! :edit_own_issues
+ role.add_permission! :add_issue_notes
+
+ role.permissions_all_trackers = {'view_issues' => '0', 'add_issue_notes' => '0' }
+ role.permissions_tracker_ids = {'view_issues' => ['1'], 'add_issue_notes' => ['2'] }
+ role.save!
+
+ assert_no_difference 'Attachment.count' do
+ put(
+ '/issues/1',
+ :params => {
+ :issue => {:notes => 'Some notes'},
+ :attachments => {
+ '1' => {
+ 'file' => uploaded_test_file('testfile.txt', 'text/plain'),
+ 'description' => 'This is an attachment'
+ }
+ }
+ }
+ )
+ end
+ assert_redirected_to '/issues/1'
+
+ follow_redirect!
+ assert_response :success
+ assert_select '.flash', '1 file(s) could not be saved.'
+ end
+
def test_next_and_previous_links_should_be_displayed_after_query_grouped_and_sorted_by_version
with_settings :default_language => 'en' do
get '/projects/ecookbook/issues?set_filter=1&group_by=fixed_version&sort=priority:desc,fixed_version,id'