aboutsummaryrefslogtreecommitdiffstats
path: root/sonar-server
diff options
context:
space:
mode:
Diffstat (limited to 'sonar-server')
-rw-r--r--sonar-server/src/main/webapp/WEB-INF/app/controllers/measures_controller.rb9
-rw-r--r--sonar-server/src/main/webapp/WEB-INF/app/views/measures/_edit_form.html.erb10
2 files changed, 13 insertions, 6 deletions
diff --git a/sonar-server/src/main/webapp/WEB-INF/app/controllers/measures_controller.rb b/sonar-server/src/main/webapp/WEB-INF/app/controllers/measures_controller.rb
index 0d4887ec009..2aea260bac5 100644
--- a/sonar-server/src/main/webapp/WEB-INF/app/controllers/measures_controller.rb
+++ b/sonar-server/src/main/webapp/WEB-INF/app/controllers/measures_controller.rb
@@ -135,11 +135,16 @@ class MeasuresController < ApplicationController
require_parameters :id
@filter = MeasureFilter.find(params[:id])
- access_denied unless has_role?(:admin)
+ access_denied unless @filter.owner?(current_user) || has_role?(:admin)
+
@filter.name=params[:name]
@filter.description=params[:description]
@filter.shared=(params[:shared]=='true')
- @filter.user = User.find_by_login(params[:owner])
+
+ if has_role?(:admin)
+ @filter.user = User.find_by_login(params[:owner])
+ end
+
if @filter.save
render :text => @filter.id.to_s, :status => 200
else
diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/measures/_edit_form.html.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/measures/_edit_form.html.erb
index 0f146e17353..7465c6f8ec0 100644
--- a/sonar-server/src/main/webapp/WEB-INF/app/views/measures/_edit_form.html.erb
+++ b/sonar-server/src/main/webapp/WEB-INF/app/views/measures/_edit_form.html.erb
@@ -16,10 +16,12 @@
<label for="description"><%= h message('description') -%></label>
<input id="description" name="description" type="text" size="50" maxlength="4000" value="<%= h @filter.description -%>"/>
</div>
- <div class="modal-field">
- <label for="owner"><%= h message('owner') -%></label>
- <%= user_select_tag('owner', :html_id => 'select-filter-owner', :selected_user => @filter.user) -%>
- </div>
+ <% if is_admin? %>
+ <div class="modal-field">
+ <label for="owner"><%= h message('owner') -%></label>
+ <%= user_select_tag('owner', :html_id => 'select-filter-owner', :selected_user => @filter.user) -%>
+ </div>
+ <% end %>
<div class="modal-field">
<label for="shared"><%= h message('measure_filter.shared_with_all_users') -%></label>
<input id="shared" name="shared" type="checkbox" value="true" <%= 'checked' if @filter.shared -%>/>
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-13 02:48:08 +0000