diff options
| author | Julien Lancelot <julien.lancelot@gmail.com> | 2013-09-18 16:58:57 +0200 |
|---|---|---|
| committer | Julien Lancelot <julien.lancelot@gmail.com> | 2013-09-18 16:59:12 +0200 |
| commit | 77eb8da28272430488ee7e1ff79593b074efbe21 (patch) | |
| tree | 9008f903f53d0edc449ed7e706e4596f55121e64 /sonar-server/src/main | |
| parent | c3eb47f2c4b2fe2348e9dcde855a0c245e454aa4 (diff) | |
| download | sonarqube-77eb8da28272430488ee7e1ff79593b074efbe21.tar.gz sonarqube-77eb8da28272430488ee7e1ff79593b074efbe21.zip | |
SONAR-4686 Without the 'Code Viewer' permission it should not be possible to see the code snippet attached to each issue
Diffstat (limited to 'sonar-server/src/main')
| -rw-r--r-- | sonar-server/src/main/webapp/WEB-INF/app/views/issue/_show.html.erb | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/issue/_show.html.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/issue/_show.html.erb index 14a8520d3b5..54f8f0ea89a 100644 --- a/sonar-server/src/main/webapp/WEB-INF/app/views/issue/_show.html.erb +++ b/sonar-server/src/main/webapp/WEB-INF/app/views/issue/_show.html.erb @@ -25,13 +25,14 @@ <%= render :partial => 'issue/issue', :locals => {:issue => @issue_results.first} -%> </div> - <% if @snapshot && @issue.line && params[:source]!='false' %> + <!-- SONAR-4686 Do not display source code if user has not the "Code Viewer" permission --> + <% if @snapshot && @issue.line && params[:source]!='false' && has_role?(:codeviewer, @snapshot.project) %> <div class="bordered"> <%= snapshot_html_source(@snapshot, {:line_range => (@issue.line-5)..(@issue.line+5), :highlighted_lines => [@issue.line]}) -%> </div> <% else %> - <!-- SONAR-4438 - If no source code, add a blank component in order for the "more action" link to be weel displayed + <!-- + SONAR-4438 If no source code, add blank lines in order for the "more action" link to be well displayed --> <div style="height: 60px;"></div> <% end %> |