summaryrefslogtreecommitdiffstats
path: root/app
diff options
context:
space:
mode:
Diffstat (limited to 'app')
-rw-r--r--app/models/project.rb20
-rw-r--r--app/views/projects/_form.html.erb2
2 files changed, 19 insertions, 3 deletions
diff --git a/app/models/project.rb b/app/models/project.rb
index b6ca8a095..2fc35ec4d 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -500,12 +500,18 @@ class Project < ActiveRecord::Base
# Adds user as a project member with the default role
# Used for when a non-admin user creates a project
def add_default_member(user)
- role = Role.givable.find_by_id(Setting.new_project_user_role_id.to_i) || Role.givable.first
+ role = self.class.default_member_role
member = Member.new(:project => self, :principal => user, :roles => [role])
self.members << member
member
end
+ # Default role that is given to non-admin users that
+ # create a project
+ def self.default_member_role
+ Role.givable.find_by_id(Setting.new_project_user_role_id.to_i) || Role.givable.first
+ end
+
# Deletes all project's members
def delete_all_members
me, mr = Member.table_name, MemberRole.table_name
@@ -716,7 +722,17 @@ class Project < ActiveRecord::Base
'default_version_id'
safe_attributes 'enabled_module_names',
- :if => lambda {|project, user| project.new_record? || user.allowed_to?(:select_project_modules, project) }
+ :if => lambda {|project, user|
+ if project.new_record?
+ if user.admin?
+ true
+ else
+ default_member_role.has_permission?(:select_project_modules)
+ end
+ else
+ user.allowed_to?(:select_project_modules, project)
+ end
+ }
safe_attributes 'inherit_members',
:if => lambda {|project, user| project.parent.nil? || project.parent.visible?(user)}
diff --git a/app/views/projects/_form.html.erb b/app/views/projects/_form.html.erb
index b75ce82d6..1e5917e88 100644
--- a/app/views/projects/_form.html.erb
+++ b/app/views/projects/_form.html.erb
@@ -32,7 +32,7 @@
<%= call_hook(:view_projects_form, :project => @project, :form => f) %>
</div>
-<% if @project.new_record? %>
+<% if @project.new_record? && @project.safe_attribute?('enabled_module_names') %>
<fieldset class="box tabular"><legend><%= l(:label_module_plural) %></legend>
<% Redmine::AccessControl.available_project_modules.each do |m| %>
<label class="floating">
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-12 01:33:24 +0000