summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--app/controllers/projects_controller.rb68
-rw-r--r--config/routes.rb6
-rw-r--r--lib/redmine.rb4
-rw-r--r--test/functional/projects_controller_test.rb85
-rw-r--r--test/integration/routing_test.rb4
5 files changed, 99 insertions, 68 deletions
diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb
index 90eddd7b2..65f346d5f 100644
--- a/app/controllers/projects_controller.rb
+++ b/app/controllers/projects_controller.rb
@@ -20,13 +20,13 @@ class ProjectsController < ApplicationController
menu_item :roadmap, :only => :roadmap
menu_item :settings, :only => :settings
- before_filter :find_project, :except => [ :index, :list, :add, :copy ]
- before_filter :authorize, :except => [ :index, :list, :add, :copy, :archive, :unarchive, :destroy]
- before_filter :authorize_global, :only => :add
+ before_filter :find_project, :except => [ :index, :list, :add, :create, :copy ]
+ before_filter :authorize, :except => [ :index, :list, :add, :create, :copy, :archive, :unarchive, :destroy]
+ before_filter :authorize_global, :only => [:add, :create]
before_filter :require_admin, :only => [ :copy, :archive, :unarchive, :destroy ]
accept_key_auth :index
- after_filter :only => [:add, :edit, :archive, :unarchive, :destroy] do |controller|
+ after_filter :only => [:create, :edit, :archive, :unarchive, :destroy] do |controller|
if controller.request.post?
controller.send :expire_action, :controller => 'welcome', :action => 'robots.txt'
end
@@ -65,35 +65,41 @@ class ProjectsController < ApplicationController
@issue_custom_fields = IssueCustomField.find(:all, :order => "#{CustomField.table_name}.position")
@trackers = Tracker.all
@project = Project.new(params[:project])
- if request.get?
- @project.identifier = Project.next_identifier if Setting.sequential_project_identifiers?
- @project.trackers = Tracker.all
- @project.is_public = Setting.default_projects_public?
- @project.enabled_module_names = Setting.default_projects_modules
+
+ @project.identifier = Project.next_identifier if Setting.sequential_project_identifiers?
+ @project.trackers = Tracker.all
+ @project.is_public = Setting.default_projects_public?
+ @project.enabled_module_names = Setting.default_projects_modules
+ end
+
+ def create
+ @issue_custom_fields = IssueCustomField.find(:all, :order => "#{CustomField.table_name}.position")
+ @trackers = Tracker.all
+ @project = Project.new(params[:project])
+
+ @project.enabled_module_names = params[:enabled_modules]
+ if validate_parent_id && @project.save
+ @project.set_allowed_parent!(params[:project]['parent_id']) if params[:project].has_key?('parent_id')
+ # Add current user as a project member if he is not admin
+ unless User.current.admin?
+ r = Role.givable.find_by_id(Setting.new_project_user_role_id.to_i) || Role.givable.first
+ m = Member.new(:user => User.current, :roles => [r])
+ @project.members << m
+ end
+ respond_to do |format|
+ format.html {
+ flash[:notice] = l(:notice_successful_create)
+ redirect_to :controller => 'projects', :action => 'settings', :id => @project
+ }
+ format.xml { head :created, :location => url_for(:controller => 'projects', :action => 'show', :id => @project.id) }
+ end
else
- @project.enabled_module_names = params[:enabled_modules]
- if validate_parent_id && @project.save
- @project.set_allowed_parent!(params[:project]['parent_id']) if params[:project].has_key?('parent_id')
- # Add current user as a project member if he is not admin
- unless User.current.admin?
- r = Role.givable.find_by_id(Setting.new_project_user_role_id.to_i) || Role.givable.first
- m = Member.new(:user => User.current, :roles => [r])
- @project.members << m
- end
- respond_to do |format|
- format.html {
- flash[:notice] = l(:notice_successful_create)
- redirect_to :controller => 'projects', :action => 'settings', :id => @project
- }
- format.xml { head :created, :location => url_for(:controller => 'projects', :action => 'show', :id => @project.id) }
- end
- else
- respond_to do |format|
- format.html
- format.xml { render :xml => @project.errors, :status => :unprocessable_entity }
- end
+ respond_to do |format|
+ format.html { render :action => 'add' }
+ format.xml { render :xml => @project.errors, :status => :unprocessable_entity }
end
- end
+ end
+
end
def copy
diff --git a/config/routes.rb b/config/routes.rb
index 5448b5f58..8bcdd91d6 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -195,9 +195,9 @@ ActionController::Routing::Routes.draw do |map|
end
projects.with_options :conditions => {:method => :post} do |project_actions|
- project_actions.connect 'projects/new', :action => 'add'
- project_actions.connect 'projects', :action => 'add'
- project_actions.connect 'projects.:format', :action => 'add', :format => /xml/
+ project_actions.connect 'projects/new', :action => 'create'
+ project_actions.connect 'projects', :action => 'create'
+ project_actions.connect 'projects.:format', :action => 'create', :format => /xml/
project_actions.connect 'projects/:id/:action', :action => /edit|destroy|archive|unarchive/
project_actions.connect 'projects/:id/files/new', :controller => 'files', :action => 'new'
project_actions.connect 'projects/:id/activities/save', :controller => 'project_enumerations', :action => 'save'
diff --git a/lib/redmine.rb b/lib/redmine.rb
index fc750d110..aa15770db 100644
--- a/lib/redmine.rb
+++ b/lib/redmine.rb
@@ -46,12 +46,12 @@ end
Redmine::AccessControl.map do |map|
map.permission :view_project, {:projects => [:show], :activities => [:index]}, :public => true
map.permission :search_project, {:search => :index}, :public => true
- map.permission :add_project, {:projects => :add}, :require => :loggedin
+ map.permission :add_project, {:projects => [:add, :create]}, :require => :loggedin
map.permission :edit_project, {:projects => [:settings, :edit]}, :require => :member
map.permission :select_project_modules, {:projects => :modules}, :require => :member
map.permission :manage_members, {:projects => :settings, :members => [:new, :edit, :destroy, :autocomplete_for_member]}, :require => :member
map.permission :manage_versions, {:projects => :settings, :versions => [:new, :edit, :close_completed, :destroy]}, :require => :member
- map.permission :add_subprojects, {:projects => :add}, :require => :member
+ map.permission :add_subprojects, {:projects => [:add, :create]}, :require => :member
map.project_module :issue_tracking do |map|
# Issue categories
diff --git a/test/functional/projects_controller_test.rb b/test/functional/projects_controller_test.rb
index 4decb060f..6b8c84728 100644
--- a/test/functional/projects_controller_test.rb
+++ b/test/functional/projects_controller_test.rb
@@ -98,9 +98,53 @@ class ProjectsControllerTest < ActionController::TestCase
assert_response :success
assert_template 'add'
end
+
+ end
+
+ context "by non-admin user with add_project permission" do
+ setup do
+ Role.non_member.add_permission! :add_project
+ @request.session[:user_id] = 9
+ end
+
+ should "accept get" do
+ get :add
+ assert_response :success
+ assert_template 'add'
+ assert_no_tag :select, :attributes => {:name => 'project[parent_id]'}
+ end
+ end
+
+ context "by non-admin user with add_subprojects permission" do
+ setup do
+ Role.find(1).remove_permission! :add_project
+ Role.find(1).add_permission! :add_subprojects
+ @request.session[:user_id] = 2
+ end
+
+ should "accept get" do
+ get :add, :parent_id => 'ecookbook'
+ assert_response :success
+ assert_template 'add'
+ # parent project selected
+ assert_tag :select, :attributes => {:name => 'project[parent_id]'},
+ :child => {:tag => 'option', :attributes => {:value => '1', :selected => 'selected'}}
+ # no empty value
+ assert_no_tag :select, :attributes => {:name => 'project[parent_id]'},
+ :child => {:tag => 'option', :attributes => {:value => ''}}
+ end
+ end
+
+ end
+
+ context "POST :create" do
+ context "by admin user" do
+ setup do
+ @request.session[:user_id] = 1
+ end
- should "accept post" do
- post :add, :project => { :name => "blog",
+ should "create a new project" do
+ post :create, :project => { :name => "blog",
:description => "weblog",
:identifier => "blog",
:is_public => 1,
@@ -115,8 +159,8 @@ class ProjectsControllerTest < ActionController::TestCase
assert_nil project.parent
end
- should "accept post with parent" do
- post :add, :project => { :name => "blog",
+ should "create a new subproject" do
+ post :create, :project => { :name => "blog",
:description => "weblog",
:identifier => "blog",
:is_public => 1,
@@ -137,15 +181,8 @@ class ProjectsControllerTest < ActionController::TestCase
@request.session[:user_id] = 9
end
- should "accept get" do
- get :add
- assert_response :success
- assert_template 'add'
- assert_no_tag :select, :attributes => {:name => 'project[parent_id]'}
- end
-
- should "accept post" do
- post :add, :project => { :name => "blog",
+ should "accept create a Project" do
+ post :create, :project => { :name => "blog",
:description => "weblog",
:identifier => "blog",
:is_public => 1,
@@ -166,7 +203,7 @@ class ProjectsControllerTest < ActionController::TestCase
should "fail with parent_id" do
assert_no_difference 'Project.count' do
- post :add, :project => { :name => "blog",
+ post :create, :project => { :name => "blog",
:description => "weblog",
:identifier => "blog",
:is_public => 1,
@@ -188,20 +225,8 @@ class ProjectsControllerTest < ActionController::TestCase
@request.session[:user_id] = 2
end
- should "accept get" do
- get :add, :parent_id => 'ecookbook'
- assert_response :success
- assert_template 'add'
- # parent project selected
- assert_tag :select, :attributes => {:name => 'project[parent_id]'},
- :child => {:tag => 'option', :attributes => {:value => '1', :selected => 'selected'}}
- # no empty value
- assert_no_tag :select, :attributes => {:name => 'project[parent_id]'},
- :child => {:tag => 'option', :attributes => {:value => ''}}
- end
-
- should "accept post with parent_id" do
- post :add, :project => { :name => "blog",
+ should "create a project with a parent_id" do
+ post :create, :project => { :name => "blog",
:description => "weblog",
:identifier => "blog",
:is_public => 1,
@@ -214,7 +239,7 @@ class ProjectsControllerTest < ActionController::TestCase
should "fail without parent_id" do
assert_no_difference 'Project.count' do
- post :add, :project => { :name => "blog",
+ post :create, :project => { :name => "blog",
:description => "weblog",
:identifier => "blog",
:is_public => 1,
@@ -230,7 +255,7 @@ class ProjectsControllerTest < ActionController::TestCase
should "fail with unauthorized parent_id" do
assert !User.find(2).member_of?(Project.find(6))
assert_no_difference 'Project.count' do
- post :add, :project => { :name => "blog",
+ post :create, :project => { :name => "blog",
:description => "weblog",
:identifier => "blog",
:is_public => 1,
diff --git a/test/integration/routing_test.rb b/test/integration/routing_test.rb
index 71be6c3c7..e75cf4721 100644
--- a/test/integration/routing_test.rb
+++ b/test/integration/routing_test.rb
@@ -178,8 +178,8 @@ class RoutingTest < ActionController::IntegrationTest
should_route :get, "/projects/33/activity", :controller => 'activities', :action => 'index', :id => '33'
should_route :get, "/projects/33/activity.atom", :controller => 'activities', :action => 'index', :id => '33', :format => 'atom'
- should_route :post, "/projects/new", :controller => 'projects', :action => 'add'
- should_route :post, "/projects.xml", :controller => 'projects', :action => 'add', :format => 'xml'
+ should_route :post, "/projects/new", :controller => 'projects', :action => 'create'
+ should_route :post, "/projects.xml", :controller => 'projects', :action => 'create', :format => 'xml'
should_route :post, "/projects/4223/edit", :controller => 'projects', :action => 'edit', :id => '4223'
should_route :post, "/projects/64/destroy", :controller => 'projects', :action => 'destroy', :id => '64'
should_route :post, "/projects/33/files/new", :controller => 'files', :action => 'new', :id => '33'