diff options
-rw-r--r-- | app/helpers/issues_helper.rb | 16 | ||||
-rw-r--r-- | test/functional/issues_controller_test.rb | 20 |
2 files changed, 31 insertions, 5 deletions
diff --git a/app/helpers/issues_helper.rb b/app/helpers/issues_helper.rb index a64aca0e3..fbb8f7e73 100644 --- a/app/helpers/issues_helper.rb +++ b/app/helpers/issues_helper.rb @@ -764,12 +764,18 @@ module IssuesHelper end def projects_for_select(issue) - if issue.parent_issue_id.present? - issue.allowed_target_projects_for_subtask(User.current) - elsif @project && issue.new_record? && !issue.copy? - issue.allowed_target_projects(User.current, 'tree') + projects = + if issue.parent_issue_id.present? + issue.allowed_target_projects_for_subtask(User.current) + elsif @project && issue.new_record? && !issue.copy? + issue.allowed_target_projects(User.current, 'tree') + else + issue.allowed_target_projects(User.current) + end + if issue.read_only_attribute_names(User.current).include?('project_id') + params['project_id'].present? ? Project.where(identifier: params['project_id']) : projects else - issue.allowed_target_projects(User.current) + projects end end end diff --git a/test/functional/issues_controller_test.rb b/test/functional/issues_controller_test.rb index fa1b6ebd0..8c9ef35c1 100644 --- a/test/functional/issues_controller_test.rb +++ b/test/functional/issues_controller_test.rb @@ -5629,6 +5629,26 @@ class IssuesControllerTest < Redmine::ControllerTest assert_select 'select[name=?]', 'issue[project_id]', 0 end + def test_new_should_hide_project_if_user_is_not_allowed_to_change_project_in_hierarchy_projects + WorkflowPermission.create!(:role_id => 1, :tracker_id => 1, :old_status_id => 1, + :field_name => 'project_id', :rule => 'readonly') + + @request.session[:user_id] = 2 + get(:new, :params => { :tracker_id => 1, :project_id => 1 }) + assert_response :success + assert_select 'select[name=?]', 'issue[project_id]', 0 + end + + def test_new_should_show_project_if_user_is_not_allowed_to_change_project_global_new_issue + WorkflowPermission.create!(:role_id => 1, :tracker_id => 1, :old_status_id => 1, + :field_name => 'project_id', :rule => 'readonly') + + @request.session[:user_id] = 2 + get(:new, :params => { :tracker_id => 1}) + assert_response :success + assert_select 'select[name=?]', 'issue[project_id]' + end + def test_edit_should_not_hide_project_when_user_changes_the_project_even_if_project_is_readonly_on_target_project WorkflowPermission.create!(:role_id => 1, :tracker_id => 1, :old_status_id => 1, :field_name => 'project_id', :rule => 'readonly') |