summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--app/controllers/application_controller.rb2
-rw-r--r--app/controllers/context_menus_controller.rb2
-rw-r--r--app/controllers/issues_controller.rb4
-rw-r--r--app/views/context_menus/issues.html.erb2
-rw-r--r--test/functional/context_menus_controller_test.rb9
-rw-r--r--test/functional/issues_controller_test.rb7
6 files changed, 17 insertions, 9 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index fd6fc52da..1299dac36 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -153,7 +153,7 @@ class ApplicationController < ActionController::Base
# Authorize the user for the requested action
def authorize(ctrl = params[:controller], action = params[:action], global = false)
- allowed = User.current.allowed_to?({:controller => ctrl, :action => action}, @project, :global => global)
+ allowed = User.current.allowed_to?({:controller => ctrl, :action => action}, @project || @projects, :global => global)
allowed ? true : deny_access
end
diff --git a/app/controllers/context_menus_controller.rb b/app/controllers/context_menus_controller.rb
index 5f4b02ca2..ae8517243 100644
--- a/app/controllers/context_menus_controller.rb
+++ b/app/controllers/context_menus_controller.rb
@@ -21,7 +21,7 @@ class ContextMenusController < ApplicationController
:update => (@project && (User.current.allowed_to?(:edit_issues, @project) || (User.current.allowed_to?(:change_status, @project) && @allowed_statuses && !@allowed_statuses.empty?))),
:move => (@project && User.current.allowed_to?(:move_issues, @project)),
:copy => (@issue && @project.trackers.include?(@issue.tracker) && User.current.allowed_to?(:add_issues, @project)),
- :delete => (@project && User.current.allowed_to?(:delete_issues, @project))
+ :delete => User.current.allowed_to?(:delete_issues, @projects)
}
if @project
@assignables = @project.assignable_users
diff --git a/app/controllers/issues_controller.rb b/app/controllers/issues_controller.rb
index d1378777a..2221db871 100644
--- a/app/controllers/issues_controller.rb
+++ b/app/controllers/issues_controller.rb
@@ -21,7 +21,7 @@ class IssuesController < ApplicationController
before_filter :find_issue, :only => [:show, :edit, :update]
before_filter :find_issues, :only => [:bulk_edit, :bulk_update, :move, :perform_move, :destroy]
- before_filter :check_project_uniqueness, :only => [:bulk_edit, :bulk_update, :move, :perform_move, :destroy]
+ before_filter :check_project_uniqueness, :only => [:bulk_edit, :bulk_update, :move, :perform_move]
before_filter :find_project, :only => [:new, :create]
before_filter :authorize, :except => [:index]
before_filter :find_optional_project, :only => [:index]
@@ -242,7 +242,7 @@ class IssuesController < ApplicationController
end
@issues.each(&:destroy)
respond_to do |format|
- format.html { redirect_to :action => 'index', :project_id => @project }
+ format.html { redirect_back_or_default(:action => 'index', :project_id => @project) }
format.xml { head :ok }
format.json { head :ok }
end
diff --git a/app/views/context_menus/issues.html.erb b/app/views/context_menus/issues.html.erb
index 94d4e802f..3f45f4ea2 100644
--- a/app/views/context_menus/issues.html.erb
+++ b/app/views/context_menus/issues.html.erb
@@ -115,7 +115,7 @@
:class => 'icon-copy', :disabled => !@can[:move] %></li>
<li><%= context_menu_link l(:button_move), new_issue_move_path(:ids => @issues.collect(&:id)),
:class => 'icon-move', :disabled => !@can[:move] %></li>
- <li><%= context_menu_link l(:button_delete), {:controller => 'issues', :action => 'destroy', :ids => @issues.collect(&:id)},
+ <li><%= context_menu_link l(:button_delete), {:controller => 'issues', :action => 'destroy', :ids => @issues.collect(&:id), :back_url => @back},
:method => :post, :confirm => l(:text_issues_destroy_confirmation), :class => 'icon-del', :disabled => !@can[:delete] %></li>
<%= call_hook(:view_issues_context_menu_end, {:issues => @issues, :can => @can, :back => @back }) %>
diff --git a/test/functional/context_menus_controller_test.rb b/test/functional/context_menus_controller_test.rb
index 0ebae695a..0202cf2c7 100644
--- a/test/functional/context_menus_controller_test.rb
+++ b/test/functional/context_menus_controller_test.rb
@@ -79,14 +79,15 @@ class ContextMenusControllerTest < ActionController::TestCase
:class => 'icon-del' }
end
- def test_context_menu_multiple_issues_of_different_project
+ def test_context_menu_multiple_issues_of_different_projects
@request.session[:user_id] = 2
- get :issues, :ids => [1, 2, 4]
+ get :issues, :ids => [1, 2, 6]
assert_response :success
assert_template 'context_menu'
+ ids = "ids%5B%5D=1&amp;ids%5B%5D=2&amp;ids%5B%5D=6"
assert_tag :tag => 'a', :content => 'Delete',
- :attributes => { :href => '#',
- :class => 'icon-del disabled' }
+ :attributes => { :href => "/issues/destroy?#{ids}",
+ :class => 'icon-del' }
end
end
diff --git a/test/functional/issues_controller_test.rb b/test/functional/issues_controller_test.rb
index 9e70233b2..4db2dae86 100644
--- a/test/functional/issues_controller_test.rb
+++ b/test/functional/issues_controller_test.rb
@@ -1061,6 +1061,13 @@ class IssuesControllerTest < ActionController::TestCase
assert_equal 2, TimeEntry.find(2).issue_id
end
+ def test_destroy_issues_from_different_projects
+ @request.session[:user_id] = 2
+ post :destroy, :ids => [1, 2, 6], :todo => 'destroy'
+ assert_redirected_to :controller => 'issues', :action => 'index'
+ assert !(Issue.find_by_id(1) || Issue.find_by_id(2) || Issue.find_by_id(6))
+ end
+
def test_default_search_scope
get :index
assert_tag :div, :attributes => {:id => 'quick-search'},
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-29 06:39:22 +0000