diff options
39 files changed, 117 insertions, 10 deletions
diff --git a/app/controllers/messages_controller.rb b/app/controllers/messages_controller.rb index 79b4b616a..af39efb21 100644 --- a/app/controllers/messages_controller.rb +++ b/app/controllers/messages_controller.rb @@ -19,7 +19,7 @@ class MessagesController < ApplicationController menu_item :boards before_filter :find_board, :only => [:new, :preview] before_filter :find_message, :except => [:new, :preview] - before_filter :authorize, :except => :preview + before_filter :authorize, :except => [:preview, :edit, :destroy] verify :method => :post, :only => [ :reply, :destroy ], :redirect_to => { :action => :show } verify :xhr => true, :only => :quote @@ -30,7 +30,7 @@ class MessagesController < ApplicationController # Show a topic and its replies def show - @replies = @topic.children + @replies = @topic.children.find(:all, :include => [:author, :attachments, {:board => :project}]) @replies.reverse! if User.current.wants_comments_in_reverse_order? @reply = Message.new(:subject => "RE: #{@message.subject}") render :action => "show", :layout => false if request.xhr? @@ -65,7 +65,8 @@ class MessagesController < ApplicationController # Edit a message def edit - if params[:message] && User.current.allowed_to?(:edit_messages, @project) + render_403 and return false unless @message.editable_by?(User.current) + if params[:message] @message.locked = params[:message]['locked'] @message.sticky = params[:message]['sticky'] end @@ -78,6 +79,7 @@ class MessagesController < ApplicationController # Delete a messages def destroy + render_403 and return false unless @message.destroyable_by?(User.current) @message.destroy redirect_to @message.parent.nil? ? { :controller => 'boards', :action => 'show', :project_id => @project, :id => @board } : diff --git a/app/models/message.rb b/app/models/message.rb index f1cb2d0ba..9a313e822 100644 --- a/app/models/message.rb +++ b/app/models/message.rb @@ -71,6 +71,14 @@ class Message < ActiveRecord::Base def project board.project end + + def editable_by?(usr) + usr && usr.logged? && (usr.allowed_to?(:edit_messages, project) || (self.author == usr && usr.allowed_to?(:edit_own_messages, project))) + end + + def destroyable_by?(usr) + usr && usr.logged? && (usr.allowed_to?(:delete_messages, project) || (self.author == usr && usr.allowed_to?(:delete_own_messages, project))) + end private diff --git a/app/views/messages/show.rhtml b/app/views/messages/show.rhtml index 31696d56d..4143532b1 100644 --- a/app/views/messages/show.rhtml +++ b/app/views/messages/show.rhtml @@ -4,8 +4,8 @@ <div class="contextual"> <%= watcher_tag(@topic, User.current) %> <%= link_to_remote_if_authorized l(:button_quote), { :url => {:action => 'quote', :id => @topic} }, :class => 'icon icon-comment' %> - <%= link_to_if_authorized l(:button_edit), {:action => 'edit', :id => @topic}, :class => 'icon icon-edit' %> - <%= link_to_if_authorized l(:button_delete), {:action => 'destroy', :id => @topic}, :method => :post, :confirm => l(:text_are_you_sure), :class => 'icon icon-del' %> + <%= link_to(l(:button_edit), {:action => 'edit', :id => @topic}, :class => 'icon icon-edit') if @message.editable_by?(User.current) %> + <%= link_to(l(:button_delete), {:action => 'destroy', :id => @topic}, :method => :post, :confirm => l(:text_are_you_sure), :class => 'icon icon-del') if @message.destroyable_by?(User.current) %> </div> <h2><%=h @topic.subject %></h2> @@ -25,8 +25,8 @@ <a name="<%= "message-#{message.id}" %>"></a> <div class="contextual"> <%= link_to_remote_if_authorized image_tag('comment.png'), { :url => {:action => 'quote', :id => message} }, :title => l(:button_quote) %> - <%= link_to_if_authorized image_tag('edit.png'), {:action => 'edit', :id => message}, :title => l(:button_edit) %> - <%= link_to_if_authorized image_tag('delete.png'), {:action => 'destroy', :id => message}, :method => :post, :confirm => l(:text_are_you_sure), :title => l(:button_delete) %> + <%= link_to(image_tag('edit.png'), {:action => 'edit', :id => message}, :title => l(:button_edit)) if message.editable_by?(User.current) %> + <%= link_to(image_tag('delete.png'), {:action => 'destroy', :id => message}, :method => :post, :confirm => l(:text_are_you_sure), :title => l(:button_delete)) if message.destroyable_by?(User.current) %> </div> <div class="message reply"> <h4><%=h message.subject %> - <%= authoring message.created_on, message.author %></h4> diff --git a/lang/bg.yml b/lang/bg.yml index 000f0a977..ae345f9d3 100644 --- a/lang/bg.yml +++ b/lang/bg.yml @@ -690,3 +690,5 @@ permission_edit_own_issue_notes: Edit own notes setting_gravatar_enabled: Use Gravatar user icons label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped." +permission_edit_own_messages: Edit own messages +permission_delete_won_messages: Delete own messages diff --git a/lang/ca.yml b/lang/ca.yml index 5db547ac5..526495344 100644 --- a/lang/ca.yml +++ b/lang/ca.yml @@ -691,3 +691,5 @@ permission_edit_own_issue_notes: Edit own notes setting_gravatar_enabled: Use Gravatar user icons label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/cs.yml b/lang/cs.yml index 09ed76ea9..d195456cc 100644 --- a/lang/cs.yml +++ b/lang/cs.yml @@ -695,3 +695,5 @@ permission_edit_own_issue_notes: Edit own notes setting_gravatar_enabled: Use Gravatar user icons label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped." +permission_edit_own_messages: Edit own messages +permission_delete_won_messages: Delete own messages diff --git a/lang/da.yml b/lang/da.yml index b5081e9ee..b5dbe6b21 100644 --- a/lang/da.yml +++ b/lang/da.yml @@ -691,3 +691,5 @@ permission_edit_own_issue_notes: Edit own notes setting_gravatar_enabled: Use Gravatar user icons label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped." +permission_edit_own_messages: Edit own messages +permission_delete_won_messages: Delete own messages diff --git a/lang/de.yml b/lang/de.yml index 3e59bcf9e..14f6e63a4 100644 --- a/lang/de.yml +++ b/lang/de.yml @@ -691,3 +691,5 @@ permission_edit_own_issue_notes: Edit own notes setting_gravatar_enabled: Use Gravatar user icons label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped." +permission_edit_own_messages: Edit own messages +permission_delete_won_messages: Delete own messages diff --git a/lang/en.yml b/lang/en.yml index 8a4a2577d..245663fd0 100644 --- a/lang/en.yml +++ b/lang/en.yml @@ -269,7 +269,9 @@ permission_manage_boards: Manage boards permission_view_messages: View messages permission_add_messages: Post messages permission_edit_messages: Edit messages +permission_edit_own_messages: Edit own messages permission_delete_messages: Delete messages +permission_delete_won_messages: Delete own messages project_module_issue_tracking: Issue tracking project_module_time_tracking: Time tracking diff --git a/lang/es.yml b/lang/es.yml index c3b9de2b6..c0a624ba2 100644 --- a/lang/es.yml +++ b/lang/es.yml @@ -693,3 +693,5 @@ permission_edit_own_issue_notes: Edit own notes setting_gravatar_enabled: Use Gravatar user icons label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped." +permission_edit_own_messages: Edit own messages +permission_delete_won_messages: Delete own messages diff --git a/lang/fi.yml b/lang/fi.yml index bdcefef9c..5b2dc0e00 100644 --- a/lang/fi.yml +++ b/lang/fi.yml @@ -690,3 +690,5 @@ permission_edit_own_issue_notes: Edit own notes setting_gravatar_enabled: Use Gravatar user icons label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped." +permission_edit_own_messages: Edit own messages +permission_delete_won_messages: Delete own messages diff --git a/lang/fr.yml b/lang/fr.yml index ab34575b2..8b2defbdc 100644 --- a/lang/fr.yml +++ b/lang/fr.yml @@ -270,7 +270,9 @@ permission_manage_boards: Gérer les forums permission_view_messages: Voir les messages permission_add_messages: Poster un message permission_edit_messages: Modifier les messages +permission_edit_own_messages: Modifier ses propres messages permission_delete_messages: Supprimer les messages +permission_delete_won_messages: Supprimer ses propres messages project_module_issue_tracking: Suivi des demandes project_module_time_tracking: Suivi du temps passé diff --git a/lang/he.yml b/lang/he.yml index 13eab75c5..e7f70e7ed 100644 --- a/lang/he.yml +++ b/lang/he.yml @@ -690,3 +690,5 @@ permission_edit_own_issue_notes: Edit own notes setting_gravatar_enabled: Use Gravatar user icons label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped." +permission_edit_own_messages: Edit own messages +permission_delete_won_messages: Delete own messages diff --git a/lang/hu.yml b/lang/hu.yml index 1c4afdcd3..1d858a4b3 100644 --- a/lang/hu.yml +++ b/lang/hu.yml @@ -691,3 +691,5 @@ permission_edit_own_issue_notes: Saját jegyzetek szerkesztése setting_gravatar_enabled: Felhasználói fényképek engedélyezése label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped." +permission_edit_own_messages: Edit own messages +permission_delete_won_messages: Delete own messages diff --git a/lang/it.yml b/lang/it.yml index c6ae84a91..f4427104f 100644 --- a/lang/it.yml +++ b/lang/it.yml @@ -690,3 +690,5 @@ permission_edit_own_issue_notes: Modifica proprie note setting_gravatar_enabled: Usa icone utente Gravatar label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped." +permission_edit_own_messages: Edit own messages +permission_delete_won_messages: Delete own messages diff --git a/lang/ja.yml b/lang/ja.yml index 4092584d7..347454b50 100644 --- a/lang/ja.yml +++ b/lang/ja.yml @@ -691,3 +691,5 @@ permission_edit_own_issue_notes: Edit own notes setting_gravatar_enabled: Use Gravatar user icons label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped." +permission_edit_own_messages: Edit own messages +permission_delete_won_messages: Delete own messages diff --git a/lang/ko.yml b/lang/ko.yml index 595acfa9e..498572f92 100644 --- a/lang/ko.yml +++ b/lang/ko.yml @@ -690,3 +690,5 @@ permission_edit_own_issue_notes: Edit own notes setting_gravatar_enabled: Use Gravatar user icons label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped." +permission_edit_own_messages: Edit own messages +permission_delete_won_messages: Delete own messages diff --git a/lang/lt.yml b/lang/lt.yml index 544cb14f9..bcec2b347 100644 --- a/lang/lt.yml +++ b/lang/lt.yml @@ -692,3 +692,5 @@ permission_edit_own_issue_notes: Edit own notes setting_gravatar_enabled: Use Gravatar user icons label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped." +permission_edit_own_messages: Edit own messages +permission_delete_won_messages: Delete own messages diff --git a/lang/nl.yml b/lang/nl.yml index 3434b1481..035341969 100644 --- a/lang/nl.yml +++ b/lang/nl.yml @@ -692,3 +692,5 @@ permission_edit_own_issue_notes: Edit own notes setting_gravatar_enabled: Use Gravatar user icons label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped." +permission_edit_own_messages: Edit own messages +permission_delete_won_messages: Delete own messages diff --git a/lang/no.yml b/lang/no.yml index ca056f809..d6779234a 100644 --- a/lang/no.yml +++ b/lang/no.yml @@ -691,3 +691,5 @@ permission_edit_own_issue_notes: Edit own notes setting_gravatar_enabled: Use Gravatar user icons label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped." +permission_edit_own_messages: Edit own messages +permission_delete_won_messages: Delete own messages diff --git a/lang/pl.yml b/lang/pl.yml index df7d525dc..2a2df8341 100644 --- a/lang/pl.yml +++ b/lang/pl.yml @@ -725,3 +725,5 @@ setting_gravatar_enabled: Używaj ikon użytkowników Gravatar label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped." +permission_edit_own_messages: Edit own messages +permission_delete_won_messages: Delete own messages diff --git a/lang/pt-br.yml b/lang/pt-br.yml index 13660baa9..e1fa05892 100644 --- a/lang/pt-br.yml +++ b/lang/pt-br.yml @@ -691,3 +691,5 @@ permission_edit_own_issue_notes: Editar próprias notas setting_gravatar_enabled: Usar ícones do Gravatar label_example: Exemplo text_repository_usernames_mapping: "Seleciona ou atualiza os usuários do Redmine mapeando para cada usuário encontrado no log do repositório.\nUsuários com o mesmo login ou email no Redmine e no repositório serão mapeados automaticamente." +permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/pt.yml b/lang/pt.yml index ce1e27a36..310d2c392 100644 --- a/lang/pt.yml +++ b/lang/pt.yml @@ -692,3 +692,5 @@ permission_edit_own_issue_notes: Edit own notes setting_gravatar_enabled: Use Gravatar user icons label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped." +permission_edit_own_messages: Edit own messages +permission_delete_won_messages: Delete own messages diff --git a/lang/ro.yml b/lang/ro.yml index 8890f6e2d..cc1d9bc57 100644 --- a/lang/ro.yml +++ b/lang/ro.yml @@ -690,3 +690,5 @@ permission_edit_own_issue_notes: Edit own notes setting_gravatar_enabled: Use Gravatar user icons label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped." +permission_edit_own_messages: Edit own messages +permission_delete_won_messages: Delete own messages diff --git a/lang/ru.yml b/lang/ru.yml index 363386dc9..87c3a13ce 100644 --- a/lang/ru.yml +++ b/lang/ru.yml @@ -723,3 +723,5 @@ text_user_wrote: '%s написал(а):' text_wiki_destroy_confirmation: Вы уверены, что хотите удалить данную Wiki и все ее содержимое? text_workflow_edit: Выберите роль и трекер для редактирования последовательности состояний text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped." +permission_edit_own_messages: Edit own messages +permission_delete_won_messages: Delete own messages diff --git a/lang/sk.yml b/lang/sk.yml index 5c53eda2f..65a9920ea 100644 --- a/lang/sk.yml +++ b/lang/sk.yml @@ -695,3 +695,5 @@ permission_edit_own_issue_notes: Editácia vlastných poznámok úlohy setting_gravatar_enabled: Použitie uživateľských Gravatar ikon label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/sr.yml b/lang/sr.yml index 54b1e70c6..1f555c41b 100644 --- a/lang/sr.yml +++ b/lang/sr.yml @@ -691,3 +691,5 @@ permission_edit_own_issue_notes: Edit own notes setting_gravatar_enabled: Use Gravatar user icons label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped." +permission_edit_own_messages: Edit own messages +permission_delete_won_messages: Delete own messages diff --git a/lang/sv.yml b/lang/sv.yml index 76b6e6c38..e5547892c 100644 --- a/lang/sv.yml +++ b/lang/sv.yml @@ -691,3 +691,5 @@ permission_edit_own_issue_notes: Edit own notes setting_gravatar_enabled: Use Gravatar user icons label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped." +permission_edit_own_messages: Edit own messages +permission_delete_won_messages: Delete own messages diff --git a/lang/th.yml b/lang/th.yml index fa471101f..1d2f4e6a5 100644 --- a/lang/th.yml +++ b/lang/th.yml @@ -693,3 +693,5 @@ permission_edit_own_issue_notes: Edit own notes setting_gravatar_enabled: Use Gravatar user icons label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped." +permission_edit_own_messages: Edit own messages +permission_delete_won_messages: Delete own messages diff --git a/lang/tr.yml b/lang/tr.yml index 90d4d5f65..3646baa44 100644 --- a/lang/tr.yml +++ b/lang/tr.yml @@ -691,3 +691,5 @@ permission_edit_own_issue_notes: Edit own notes setting_gravatar_enabled: Use Gravatar user icons label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped." +permission_edit_own_messages: Edit own messages +permission_delete_won_messages: Delete own messages diff --git a/lang/uk.yml b/lang/uk.yml index a7f3f7347..55acd3a4b 100644 --- a/lang/uk.yml +++ b/lang/uk.yml @@ -692,3 +692,5 @@ permission_edit_own_issue_notes: Edit own notes setting_gravatar_enabled: Use Gravatar user icons label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped." +permission_edit_own_messages: Edit own messages +permission_delete_won_messages: Delete own messages diff --git a/lang/vn.yml b/lang/vn.yml index 81957a53c..a0506c39c 100644 --- a/lang/vn.yml +++ b/lang/vn.yml @@ -691,3 +691,5 @@ permission_edit_time_entries: Edit time logs permission_edit_own_time_entries: Edit own time logs label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/zh-tw.yml b/lang/zh-tw.yml index c99e10de3..e0a6ee9e8 100644 --- a/lang/zh-tw.yml +++ b/lang/zh-tw.yml @@ -692,3 +692,5 @@ enumeration_issue_priorities: 項目優先權 enumeration_doc_categories: 文件分類 enumeration_activities: 活動 (時間追蹤) text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped." +permission_edit_own_messages: Edit own messages +permission_delete_won_messages: Delete own messages diff --git a/lang/zh.yml b/lang/zh.yml index 10fd1ac01..6da16683a 100644 --- a/lang/zh.yml +++ b/lang/zh.yml @@ -692,3 +692,5 @@ enumeration_doc_categories: 文档类别 enumeration_activities: 活动(时间跟踪) label_example: Example text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped." +permission_edit_own_messages: Edit own messages +permission_delete_won_messages: Delete own messages diff --git a/lib/redmine.rb b/lib/redmine.rb index b07d8e90c..19f0854e2 100644 --- a/lib/redmine.rb +++ b/lib/redmine.rb @@ -99,7 +99,9 @@ Redmine::AccessControl.map do |map| map.permission :view_messages, {:boards => [:index, :show], :messages => [:show]}, :public => true map.permission :add_messages, {:messages => [:new, :reply, :quote]} map.permission :edit_messages, {:messages => :edit}, :require => :member + map.permission :edit_own_messages, {:messages => :edit}, :require => :loggedin map.permission :delete_messages, {:messages => :destroy}, :require => :member + map.permission :delete_own_messages, {:messages => :destroy}, :require => :loggedin end end diff --git a/lib/redmine/default_data/loader.rb b/lib/redmine/default_data/loader.rb index 1c3b1f939..b7cab56ca 100644 --- a/lib/redmine/default_data/loader.rb +++ b/lib/redmine/default_data/loader.rb @@ -65,6 +65,7 @@ module Redmine :edit_wiki_pages, :delete_wiki_pages, :add_messages, + :edit_own_messages, :view_files, :manage_files, :browse_repository, @@ -85,6 +86,7 @@ module Redmine :view_wiki_pages, :view_wiki_edits, :add_messages, + :edit_own_messages, :view_files, :browse_repository, :view_changesets] diff --git a/test/fixtures/messages.yml b/test/fixtures/messages.yml index f82f376c1..e578853d4 100644 --- a/test/fixtures/messages.yml +++ b/test/fixtures/messages.yml @@ -38,8 +38,8 @@ messages_004: updated_on: 2007-08-12 17:15:32 +02:00
subject: Post 2
id: 4
- replies_count: 1
- last_reply_id: 5
+ replies_count: 2
+ last_reply_id: 6
content: "This is an other post"
author_id:
parent_id:
@@ -55,3 +55,14 @@ messages_005: author_id: 1
parent_id: 4
board_id: 1
+messages_006:
+ created_on: <%= 2.days.ago.to_date.to_s(:db) %>
+ updated_on: <%= 2.days.ago.to_date.to_s(:db) %>
+ subject: 'RE: post 2'
+ id: 6
+ replies_count: 0
+ last_reply_id:
+ content: "Another reply to the second post"
+ author_id: 3
+ parent_id: 4
+ board_id: 1
diff --git a/test/fixtures/roles.yml b/test/fixtures/roles.yml index 5bc6809d7..d8ae2c819 100644 --- a/test/fixtures/roles.yml +++ b/test/fixtures/roles.yml @@ -80,6 +80,8 @@ roles_002: - :protect_wiki_pages
- :delete_wiki_pages
- :add_messages
+ - :edit_own_messages
+ - :delete_own_messages
- :manage_boards
- :view_files
- :manage_files
diff --git a/test/unit/message_test.rb b/test/unit/message_test.rb index 6e8e8fb26..b907cfef3 100644 --- a/test/unit/message_test.rb +++ b/test/unit/message_test.rb @@ -1,7 +1,7 @@ require File.dirname(__FILE__) + '/../test_helper' class MessageTest < Test::Unit::TestCase - fixtures :projects, :boards, :messages, :users, :watchers + fixtures :projects, :roles, :members, :boards, :messages, :users, :watchers def setup @board = Board.find(1) @@ -76,4 +76,22 @@ class MessageTest < Test::Unit::TestCase assert_equal topics_count, board.topics_count assert_equal messages_count - 1, board.messages_count end + + def test_editable_by + message = Message.find(6) + author = message.author + assert message.editable_by?(author) + + author.role_for_project(message.project).remove_permission!(:edit_own_messages) + assert !message.reload.editable_by?(author.reload) + end + + def test_destroyable_by + message = Message.find(6) + author = message.author + assert message.destroyable_by?(author) + + author.role_for_project(message.project).remove_permission!(:delete_own_messages) + assert !message.reload.destroyable_by?(author.reload) + end end |