From 31178553f33063f2ee259d9b13fef63568f11318 Mon Sep 17 00:00:00 2001 From: Jean-Philippe Lang Date: Wed, 31 Dec 2008 11:40:03 +0000 Subject: [PATCH] Merged r2116, r2117 and r2187 from trunk. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/branches/0.8-stable@2217 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- app/controllers/attachments_controller.rb | 33 ++++++++--- app/controllers/documents_controller.rb | 5 -- app/controllers/issues_controller.rb | 13 +---- app/controllers/projects_controller.rb | 12 ++-- app/controllers/versions_controller.rb | 6 -- app/controllers/wiki_controller.rb | 9 +-- app/helpers/attachments_helper.rb | 13 +++-- app/models/attachment.rb | 8 +++ app/models/document.rb | 2 +- app/models/issue.rb | 13 ++++- app/models/mailer.rb | 3 + app/models/message.rb | 2 +- app/models/project.rb | 2 + app/models/version.rb | 3 +- app/models/wiki_page.rb | 6 +- app/views/attachments/_links.rhtml | 6 +- app/views/documents/show.rhtml | 2 +- app/views/issues/show.rhtml | 4 +- app/views/messages/show.rhtml | 4 +- app/views/projects/add_file.rhtml | 9 ++- app/views/projects/list_files.rhtml | 22 ++++--- app/views/wiki/show.rhtml | 2 +- doc/CHANGELOG | 1 + lib/redmine.rb | 8 +-- test/fixtures/attachments.yml | 24 ++++++++ .../functional/attachments_controller_test.rb | 46 +++++++++++++++ test/functional/issues_controller_test.rb | 13 ----- test/functional/messages_controller_test.rb | 2 +- test/functional/projects_controller_test.rb | 49 +++++++++++++++- test/functional/wiki_controller_test.rb | 7 --- vendor/plugins/acts_as_attachable/init.rb | 2 + .../lib/acts_as_attachable.rb | 57 +++++++++++++++++++ 32 files changed, 284 insertions(+), 104 deletions(-) create mode 100644 vendor/plugins/acts_as_attachable/init.rb create mode 100644 vendor/plugins/acts_as_attachable/lib/acts_as_attachable.rb diff --git a/app/controllers/attachments_controller.rb b/app/controllers/attachments_controller.rb index 788bab94d..2851f91a6 100644 --- a/app/controllers/attachments_controller.rb +++ b/app/controllers/attachments_controller.rb @@ -1,5 +1,5 @@ -# redMine - project management software -# Copyright (C) 2006-2007 Jean-Philippe Lang +# Redmine - project management software +# Copyright (C) 2006-2008 Jean-Philippe Lang # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -17,7 +17,11 @@ class AttachmentsController < ApplicationController before_filter :find_project - + before_filter :read_authorize, :except => :destroy + before_filter :delete_authorize, :only => :destroy + + verify :method => :post, :only => :destroy + def show if @attachment.is_diff? @diff = File.new(@attachment.diskfile, "rb").read @@ -37,19 +41,32 @@ class AttachmentsController < ApplicationController send_file @attachment.diskfile, :filename => filename_for_content_disposition(@attachment.filename), :type => @attachment.content_type, :disposition => (@attachment.image? ? 'inline' : 'attachment') + end - + + def destroy + # Make sure association callbacks are called + @attachment.container.attachments.delete(@attachment) + redirect_to :back + rescue ::ActionController::RedirectBackError + redirect_to :controller => 'projects', :action => 'show', :id => @project + end + private def find_project @attachment = Attachment.find(params[:id]) # Show 404 if the filename in the url is wrong raise ActiveRecord::RecordNotFound if params[:filename] && params[:filename] != @attachment.filename - @project = @attachment.project - permission = @attachment.container.is_a?(Version) ? :view_files : "view_#{@attachment.container.class.name.underscore.pluralize}".to_sym - allowed = User.current.allowed_to?(permission, @project) - allowed ? true : (User.current.logged? ? render_403 : require_login) rescue ActiveRecord::RecordNotFound render_404 end + + def read_authorize + @attachment.visible? ? true : deny_access + end + + def delete_authorize + @attachment.deletable? ? true : deny_access + end end diff --git a/app/controllers/documents_controller.rb b/app/controllers/documents_controller.rb index aebd48bec..2d1c414c9 100644 --- a/app/controllers/documents_controller.rb +++ b/app/controllers/documents_controller.rb @@ -71,11 +71,6 @@ class DocumentsController < ApplicationController Mailer.deliver_attachments_added(attachments) if !attachments.empty? && Setting.notified_events.include?('document_added') redirect_to :action => 'show', :id => @document end - - def destroy_attachment - @document.attachments.find(params[:attachment_id]).destroy - redirect_to :action => 'show', :id => @document - end private def find_project diff --git a/app/controllers/issues_controller.rb b/app/controllers/issues_controller.rb index 7df4177e6..dd7676a78 100644 --- a/app/controllers/issues_controller.rb +++ b/app/controllers/issues_controller.rb @@ -18,7 +18,7 @@ class IssuesController < ApplicationController menu_item :new_issue, :only => :new - before_filter :find_issue, :only => [:show, :edit, :reply, :destroy_attachment] + before_filter :find_issue, :only => [:show, :edit, :reply] before_filter :find_issues, :only => [:bulk_edit, :move, :destroy] before_filter :find_project, :only => [:new, :update_form, :preview] before_filter :authorize, :except => [:index, :changes, :gantt, :calendar, :preview, :update_form, :context_menu] @@ -318,17 +318,6 @@ class IssuesController < ApplicationController @issues.each(&:destroy) redirect_to :action => 'index', :project_id => @project end - - def destroy_attachment - a = @issue.attachments.find(params[:attachment_id]) - a.destroy - journal = @issue.init_journal(User.current) - journal.details << JournalDetail.new(:property => 'attachment', - :prop_key => a.id, - :old_value => a.filename) - journal.save - redirect_to :action => 'show', :id => @issue - end def gantt @gantt = Redmine::Helpers::Gantt.new(params) diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index efb690144..8fd79533f 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -188,10 +188,13 @@ class ProjectsController < ApplicationController def add_file if request.post? - @version = @project.versions.find_by_id(params[:version_id]) - attachments = attach_files(@version, params[:attachments]) - Mailer.deliver_attachments_added(attachments) if !attachments.empty? && Setting.notified_events.include?('file_added') + container = (params[:version_id].blank? ? @project : @project.versions.find_by_id(params[:version_id])) + attachments = attach_files(container, params[:attachments]) + if !attachments.empty? && Setting.notified_events.include?('file_added') + Mailer.deliver_attachments_added(attachments) + end redirect_to :controller => 'projects', :action => 'list_files', :id => @project + return end @versions = @project.versions.sort end @@ -203,7 +206,8 @@ class ProjectsController < ApplicationController 'size' => "#{Attachment.table_name}.filesize", 'downloads' => "#{Attachment.table_name}.downloads" - @versions = @project.versions.find(:all, :include => :attachments, :order => sort_clause).sort.reverse + @containers = [ Project.find(@project.id, :include => :attachments, :order => sort_clause)] + @containers += @project.versions.find(:all, :include => :attachments, :order => sort_clause).sort.reverse render :layout => !request.xhr? end diff --git a/app/controllers/versions_controller.rb b/app/controllers/versions_controller.rb index 3a2221761..c269432f3 100644 --- a/app/controllers/versions_controller.rb +++ b/app/controllers/versions_controller.rb @@ -37,12 +37,6 @@ class VersionsController < ApplicationController redirect_to :controller => 'projects', :action => 'settings', :tab => 'versions', :id => @project end - def destroy_file - @version.attachments.find(params[:attachment_id]).destroy - flash[:notice] = l(:notice_successful_delete) - redirect_to :controller => 'projects', :action => 'list_files', :id => @project - end - def status_by respond_to do |format| format.html { render :action => 'show' } diff --git a/app/controllers/wiki_controller.rb b/app/controllers/wiki_controller.rb index 7e3fc92f0..2dcc6f971 100644 --- a/app/controllers/wiki_controller.rb +++ b/app/controllers/wiki_controller.rb @@ -21,7 +21,7 @@ class WikiController < ApplicationController before_filter :find_wiki, :authorize before_filter :find_existing_page, :only => [:rename, :protect, :history, :diff, :annotate, :add_attachment, :destroy] - verify :method => :post, :only => [:destroy, :destroy_attachment, :protect], :redirect_to => { :action => :index } + verify :method => :post, :only => [:destroy, :protect], :redirect_to => { :action => :index } helper :attachments include AttachmentsHelper @@ -181,13 +181,6 @@ class WikiController < ApplicationController redirect_to :action => 'index', :page => @page.title end - def destroy_attachment - @page = @wiki.find_page(params[:page]) - return render_403 unless editable? - @page.attachments.find(params[:attachment_id]).destroy - redirect_to :action => 'index', :page => @page.title - end - private def find_wiki diff --git a/app/helpers/attachments_helper.rb b/app/helpers/attachments_helper.rb index ebf417bab..29cdb9790 100644 --- a/app/helpers/attachments_helper.rb +++ b/app/helpers/attachments_helper.rb @@ -16,10 +16,15 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. module AttachmentsHelper - # displays the links to a collection of attachments - def link_to_attachments(attachments, options = {}) - if attachments.any? - render :partial => 'attachments/links', :locals => {:attachments => attachments, :options => options} + # Displays view/delete links to the attachments of the given object + # Options: + # :author -- author names are not displayed if set to false + def link_to_attachments(container, options = {}) + options.assert_valid_keys(:author) + + if container.attachments.any? + options = {:deletable => container.attachments_deletable?, :author => true}.merge(options) + render :partial => 'attachments/links', :locals => {:attachments => container.attachments, :options => options} end end diff --git a/app/models/attachment.rb b/app/models/attachment.rb index 3bcc266bc..2ba75a3fd 100644 --- a/app/models/attachment.rb +++ b/app/models/attachment.rb @@ -98,6 +98,14 @@ class Attachment < ActiveRecord::Base container.project end + def visible?(user=User.current) + container.attachments_visible?(user) + end + + def deletable?(user=User.current) + container.attachments_deletable?(user) + end + def image? self.filename =~ /\.(jpe?g|gif|png)$/i end diff --git a/app/models/document.rb b/app/models/document.rb index af38484e7..2ec99fe07 100644 --- a/app/models/document.rb +++ b/app/models/document.rb @@ -18,7 +18,7 @@ class Document < ActiveRecord::Base belongs_to :project belongs_to :category, :class_name => "Enumeration", :foreign_key => "category_id" - has_many :attachments, :as => :container, :dependent => :destroy + acts_as_attachable :delete_permission => :manage_documents acts_as_searchable :columns => ['title', "#{table_name}.description"], :include => :project acts_as_event :title => Proc.new {|o| "#{l(:label_document)}: #{o.title}"}, diff --git a/app/models/issue.rb b/app/models/issue.rb index f3a221c12..fcac38bde 100644 --- a/app/models/issue.rb +++ b/app/models/issue.rb @@ -26,13 +26,13 @@ class Issue < ActiveRecord::Base belongs_to :category, :class_name => 'IssueCategory', :foreign_key => 'category_id' has_many :journals, :as => :journalized, :dependent => :destroy - has_many :attachments, :as => :container, :dependent => :destroy has_many :time_entries, :dependent => :delete_all has_and_belongs_to_many :changesets, :order => "#{Changeset.table_name}.committed_on ASC, #{Changeset.table_name}.id ASC" has_many :relations_from, :class_name => 'IssueRelation', :foreign_key => 'issue_from_id', :dependent => :delete_all has_many :relations_to, :class_name => 'IssueRelation', :foreign_key => 'issue_to_id', :dependent => :delete_all + acts_as_attachable :after_remove => :attachment_removed acts_as_customizable acts_as_watchable acts_as_searchable :columns => ['subject', "#{table_name}.description", "#{Journal.table_name}.notes"], @@ -266,4 +266,15 @@ class Issue < ActiveRecord::Base def to_s "#{tracker} ##{id}: #{subject}" end + + private + + # Callback on attachment deletion + def attachment_removed(obj) + journal = init_journal(User.current) + journal.details << JournalDetail.new(:property => 'attachment', + :prop_key => obj.id, + :old_value => obj.filename) + journal.save + end end diff --git a/app/models/mailer.rb b/app/models/mailer.rb index 93f07f6e9..dd4b5be87 100644 --- a/app/models/mailer.rb +++ b/app/models/mailer.rb @@ -74,6 +74,9 @@ class Mailer < ActionMailer::Base added_to = '' added_to_url = '' case container.class.name + when 'Project' + added_to_url = url_for(:controller => 'projects', :action => 'list_files', :id => container) + added_to = "#{l(:label_project)}: #{container}" when 'Version' added_to_url = url_for(:controller => 'projects', :action => 'list_files', :id => container.project_id) added_to = "#{l(:label_version)}: #{container.name}" diff --git a/app/models/message.rb b/app/models/message.rb index acb300f46..080e757b3 100644 --- a/app/models/message.rb +++ b/app/models/message.rb @@ -19,7 +19,7 @@ class Message < ActiveRecord::Base belongs_to :board belongs_to :author, :class_name => 'User', :foreign_key => 'author_id' acts_as_tree :counter_cache => :replies_count, :order => "#{Message.table_name}.created_on ASC" - has_many :attachments, :as => :container, :dependent => :destroy + acts_as_attachable belongs_to :last_reply, :class_name => 'Message', :foreign_key => 'last_reply_id' acts_as_searchable :columns => ['subject', 'content'], diff --git a/app/models/project.rb b/app/models/project.rb index d283e269c..e8d3ed179 100644 --- a/app/models/project.rb +++ b/app/models/project.rb @@ -44,6 +44,8 @@ class Project < ActiveRecord::Base :association_foreign_key => 'custom_field_id' acts_as_tree :order => "name", :counter_cache => true + acts_as_attachable :view_permission => :view_files, + :delete_permission => :manage_files acts_as_customizable acts_as_searchable :columns => ['name', 'description'], :project_key => 'id', :permission => nil diff --git a/app/models/version.rb b/app/models/version.rb index e379f4b05..1fd0d1710 100644 --- a/app/models/version.rb +++ b/app/models/version.rb @@ -19,7 +19,8 @@ class Version < ActiveRecord::Base before_destroy :check_integrity belongs_to :project has_many :fixed_issues, :class_name => 'Issue', :foreign_key => 'fixed_version_id' - has_many :attachments, :as => :container, :dependent => :destroy + acts_as_attachable :view_permission => :view_files, + :delete_permission => :manage_files validates_presence_of :name validates_uniqueness_of :name, :scope => [:project_id] diff --git a/app/models/wiki_page.rb b/app/models/wiki_page.rb index 2416fab74..0d96cc047 100644 --- a/app/models/wiki_page.rb +++ b/app/models/wiki_page.rb @@ -21,7 +21,7 @@ require 'enumerator' class WikiPage < ActiveRecord::Base belongs_to :wiki has_one :content, :class_name => 'WikiContent', :foreign_key => 'page_id', :dependent => :destroy - has_many :attachments, :as => :container, :dependent => :destroy + acts_as_attachable :delete_permission => :delete_wiki_pages_attachments acts_as_tree :order => 'title' acts_as_event :title => Proc.new {|o| "#{l(:label_wiki)}: #{o.title}"}, @@ -111,6 +111,10 @@ class WikiPage < ActiveRecord::Base def editable_by?(usr) !protected? || usr.allowed_to?(:protect_wiki_pages, wiki.project) end + + def attachments_deletable?(usr=User.current) + editable_by?(usr) && super(usr) + end def parent_title @parent_title || (self.parent && self.parent.pretty_title) diff --git a/app/views/attachments/_links.rhtml b/app/views/attachments/_links.rhtml index 9aae909fe..19ab6734a 100644 --- a/app/views/attachments/_links.rhtml +++ b/app/views/attachments/_links.rhtml @@ -3,14 +3,14 @@

<%= link_to_attachment attachment, :class => 'icon icon-attachment' -%> <%= h(" - #{attachment.description}") unless attachment.description.blank? %> (<%= number_to_human_size attachment.filesize %>) - <% if options[:delete_url] %> - <%= link_to image_tag('delete.png'), options[:delete_url].update({:attachment_id => attachment}), + <% if options[:deletable] %> + <%= link_to image_tag('delete.png'), {:controller => 'attachments', :action => 'destroy', :id => attachment}, :confirm => l(:text_are_you_sure), :method => :post, :class => 'delete', :title => l(:button_delete) %> <% end %> - <% unless options[:no_author] %> + <% if options[:author] %> <%= attachment.author %>, <%= format_time(attachment.created_on) %> <% end %>

diff --git a/app/views/documents/show.rhtml b/app/views/documents/show.rhtml index aa90c5518..4d18a7791 100644 --- a/app/views/documents/show.rhtml +++ b/app/views/documents/show.rhtml @@ -12,7 +12,7 @@

<%= l(:label_attachment_plural) %>

-<%= link_to_attachments @attachments, :delete_url => (authorize_for('documents', 'destroy_attachment') ? {:controller => 'documents', :action => 'destroy_attachment', :id => @document} : nil) %> +<%= link_to_attachments @document %> <% if authorize_for('documents', 'add_attachment') %>

<%= link_to l(:label_attachment_new), {}, :onclick => "Element.show('add_attachment_form'); Element.hide(this); Element.scrollTo('add_attachment_form'); return false;", diff --git a/app/views/issues/show.rhtml b/app/views/issues/show.rhtml index e53065f8f..d5babe331 100644 --- a/app/views/issues/show.rhtml +++ b/app/views/issues/show.rhtml @@ -67,9 +67,7 @@ end %> <%= textilizable @issue, :description, :attachments => @issue.attachments %> -<% if @issue.attachments.any? %> -<%= link_to_attachments @issue.attachments, :delete_url => (authorize_for('issues', 'destroy_attachment') ? {:controller => 'issues', :action => 'destroy_attachment', :id => @issue} : nil) %> -<% end %> +<%= link_to_attachments @issue %> <% if authorize_for('issue_relations', 'new') || @issue.relations.any? %>

diff --git a/app/views/messages/show.rhtml b/app/views/messages/show.rhtml index 4143532b1..eae349dcc 100644 --- a/app/views/messages/show.rhtml +++ b/app/views/messages/show.rhtml @@ -15,7 +15,7 @@
<%= textilizable(@topic.content, :attachments => @topic.attachments) %>
-<%= link_to_attachments @topic.attachments, :no_author => true %> +<%= link_to_attachments @topic, :author => false %>
@@ -31,7 +31,7 @@

<%=h message.subject %> - <%= authoring message.created_on, message.author %>

<%= textilizable message, :content, :attachments => message.attachments %>
- <%= link_to_attachments message.attachments, :no_author => true %> + <%= link_to_attachments message, :author => false %>
<% end %> <% end %> diff --git a/app/views/projects/add_file.rhtml b/app/views/projects/add_file.rhtml index 0ee55083d..ab9c7352d 100644 --- a/app/views/projects/add_file.rhtml +++ b/app/views/projects/add_file.rhtml @@ -4,10 +4,13 @@
<% form_tag({ :action => 'add_file', :id => @project }, :multipart => true, :class => "tabular") do %> -

-<%= select_tag "version_id", options_from_collection_for_select(@versions, "id", "name") %>

+<% if @versions.any? %> +

+<%= select_tag "version_id", content_tag('option', '') + + options_from_collection_for_select(@versions, "id", "name") %>

+<% end %>

<%= render :partial => 'attachments/form' %>

<%= submit_tag l(:button_add) %> -<% end %> \ No newline at end of file +<% end %> diff --git a/app/views/projects/list_files.rhtml b/app/views/projects/list_files.rhtml index bdd6f8a93..0871ba249 100644 --- a/app/views/projects/list_files.rhtml +++ b/app/views/projects/list_files.rhtml @@ -4,39 +4,37 @@

<%=l(:label_attachment_plural)%>

-<% delete_allowed = authorize_for('versions', 'destroy_file') %> +<% delete_allowed = User.current.allowed_to?(:manage_files, @project) %> - <%= sort_header_tag('filename', :caption => l(:field_filename)) %> <%= sort_header_tag('created_on', :caption => l(:label_date), :default_order => 'desc') %> <%= sort_header_tag('size', :caption => l(:field_filesize), :default_order => 'desc') %> <%= sort_header_tag('downloads', :caption => l(:label_downloads_abbr), :default_order => 'desc') %> - <% if delete_allowed %><% end %> + -<% for version in @versions %> - <% unless version.attachments.empty? %> - - <% for file in version.attachments %> +<% @containers.each do |container| %> + <% next if container.attachments.empty? -%> + <% if container.is_a?(Version) -%> + + <% end -%> + <% container.attachments.each do |file| %> "> - - <% if delete_allowed %> - <% end %> <% end reset_cycle %> - <% end %> <% end %>
<%=l(:field_version)%>MD5
<%= version.name %>
<%=h container %>
<%= link_to_attachment file, :download => true, :title => file.description %> <%= format_time(file.created_on) %> <%= number_to_human_size(file.filesize) %> <%= file.downloads %> <%= file.digest %> - <%= link_to_if_authorized image_tag('delete.png'), {:controller => 'versions', :action => 'destroy_file', :id => version, :attachment_id => file}, :confirm => l(:text_are_you_sure), :method => :post %> + <%= link_to(image_tag('delete.png'), {:controller => 'attachments', :action => 'destroy', :id => file}, + :confirm => l(:text_are_you_sure), :method => :post) if delete_allowed %>
diff --git a/app/views/wiki/show.rhtml b/app/views/wiki/show.rhtml index 844c6c0f8..1cb67dfd4 100644 --- a/app/views/wiki/show.rhtml +++ b/app/views/wiki/show.rhtml @@ -28,7 +28,7 @@ <%= render(:partial => "wiki/content", :locals => {:content => @content}) %> -<%= link_to_attachments @page.attachments, :delete_url => ((@editable && authorize_for('wiki', 'destroy_attachment')) ? {:controller => 'wiki', :action => 'destroy_attachment', :page => @page.title} : nil) %> +<%= link_to_attachments @page %> <% if @editable && authorize_for('wiki', 'add_attachment') %>

<%= link_to l(:label_attachment_new), {}, :onclick => "Element.show('add_attachment_form'); Element.hide(this); Element.scrollTo('add_attachment_form'); return false;", diff --git a/doc/CHANGELOG b/doc/CHANGELOG index 31208cd86..31f316557 100644 --- a/doc/CHANGELOG +++ b/doc/CHANGELOG @@ -8,6 +8,7 @@ http://www.redmine.org/ == v0.8.1 * Select watchers on new issue form +* Files module: ability to add files without version * Show view/annotate/download links on entry and annotate views * Fixed: Deleted files are shown when using Darcs diff --git a/lib/redmine.rb b/lib/redmine.rb index 42b074a51..c8d64b8c3 100644 --- a/lib/redmine.rb +++ b/lib/redmine.rb @@ -35,7 +35,7 @@ Redmine::AccessControl.map do |map| :queries => :index, :reports => :issue_report}, :public => true map.permission :add_issues, {:issues => :new} - map.permission :edit_issues, {:issues => [:edit, :reply, :bulk_edit, :destroy_attachment]} + map.permission :edit_issues, {:issues => [:edit, :reply, :bulk_edit]} map.permission :manage_issue_relations, {:issue_relations => [:new, :destroy]} map.permission :add_issue_notes, {:issues => [:edit, :reply]} map.permission :edit_issue_notes, {:journals => :edit}, :require => :loggedin @@ -67,12 +67,12 @@ Redmine::AccessControl.map do |map| end map.project_module :documents do |map| - map.permission :manage_documents, {:documents => [:new, :edit, :destroy, :add_attachment, :destroy_attachment]}, :require => :loggedin + map.permission :manage_documents, {:documents => [:new, :edit, :destroy, :add_attachment]}, :require => :loggedin map.permission :view_documents, :documents => [:index, :show, :download] end map.project_module :files do |map| - map.permission :manage_files, {:projects => :add_file, :versions => :destroy_file}, :require => :loggedin + map.permission :manage_files, {:projects => :add_file}, :require => :loggedin map.permission :view_files, :projects => :list_files, :versions => :download end @@ -83,7 +83,7 @@ Redmine::AccessControl.map do |map| map.permission :view_wiki_pages, :wiki => [:index, :special] map.permission :view_wiki_edits, :wiki => [:history, :diff, :annotate] map.permission :edit_wiki_pages, :wiki => [:edit, :preview, :add_attachment] - map.permission :delete_wiki_pages_attachments, :wiki => :destroy_attachment + map.permission :delete_wiki_pages_attachments, {} map.permission :protect_wiki_pages, {:wiki => :protect}, :require => :member end diff --git a/test/fixtures/attachments.yml b/test/fixtures/attachments.yml index ec57aa6dd..2497bd9a3 100644 --- a/test/fixtures/attachments.yml +++ b/test/fixtures/attachments.yml @@ -85,4 +85,28 @@ attachments_007: filename: archive.zip author_id: 1 content_type: application/octet-stream +attachments_008: + created_on: 2006-07-19 21:07:27 +02:00 + container_type: Project + container_id: 1 + downloads: 0 + disk_filename: 060719210727_project_file.zip + digest: b91e08d0cf966d5c6ff411bd8c4cc3a2 + id: 8 + filesize: 320 + filename: project_file.zip + author_id: 2 + content_type: application/octet-stream +attachments_009: + created_on: 2006-07-19 21:07:27 +02:00 + container_type: Version + container_id: 1 + downloads: 0 + disk_filename: 060719210727_version_file.zip + digest: b91e08d0cf966d5c6ff411bd8c4cc3a2 + id: 9 + filesize: 452 + filename: version_file.zip + author_id: 2 + content_type: application/octet-stream \ No newline at end of file diff --git a/test/functional/attachments_controller_test.rb b/test/functional/attachments_controller_test.rb index 139896ce6..f5c3c0f57 100644 --- a/test/functional/attachments_controller_test.rb +++ b/test/functional/attachments_controller_test.rb @@ -76,4 +76,50 @@ class AttachmentsControllerTest < Test::Unit::TestCase get :download, :id => 7 assert_redirected_to 'account/login' end + + def test_destroy_issue_attachment + issue = Issue.find(3) + @request.session[:user_id] = 2 + + assert_difference 'issue.attachments.count', -1 do + post :destroy, :id => 1 + end + # no referrer + assert_redirected_to 'projects/show/ecookbook' + assert_nil Attachment.find_by_id(1) + j = issue.journals.find(:first, :order => 'created_on DESC') + assert_equal 'attachment', j.details.first.property + assert_equal '1', j.details.first.prop_key + assert_equal 'error281.txt', j.details.first.old_value + end + + def test_destroy_wiki_page_attachment + @request.session[:user_id] = 2 + assert_difference 'Attachment.count', -1 do + post :destroy, :id => 3 + assert_response 302 + end + end + + def test_destroy_project_attachment + @request.session[:user_id] = 2 + assert_difference 'Attachment.count', -1 do + post :destroy, :id => 8 + assert_response 302 + end + end + + def test_destroy_version_attachment + @request.session[:user_id] = 2 + assert_difference 'Attachment.count', -1 do + post :destroy, :id => 9 + assert_response 302 + end + end + + def test_destroy_without_permission + post :destroy, :id => 3 + assert_redirected_to '/login' + assert Attachment.find_by_id(3) + end end diff --git a/test/functional/issues_controller_test.rb b/test/functional/issues_controller_test.rb index 961e04c99..2af1c5153 100644 --- a/test/functional/issues_controller_test.rb +++ b/test/functional/issues_controller_test.rb @@ -747,17 +747,4 @@ class IssuesControllerTest < Test::Unit::TestCase assert_equal 2, TimeEntry.find(1).issue_id assert_equal 2, TimeEntry.find(2).issue_id end - - def test_destroy_attachment - issue = Issue.find(3) - a = issue.attachments.size - @request.session[:user_id] = 2 - post :destroy_attachment, :id => 3, :attachment_id => 1 - assert_redirected_to 'issues/show/3' - assert_nil Attachment.find_by_id(1) - issue.reload - assert_equal((a-1), issue.attachments.size) - j = issue.journals.find(:first, :order => 'created_on DESC') - assert_equal 'attachment', j.details.first.property - end end diff --git a/test/functional/messages_controller_test.rb b/test/functional/messages_controller_test.rb index b1b3ea942..9bd1cc524 100644 --- a/test/functional/messages_controller_test.rb +++ b/test/functional/messages_controller_test.rb @@ -64,7 +64,7 @@ class MessagesControllerTest < Test::Unit::TestCase def test_post_new @request.session[:user_id] = 2 ActionMailer::Base.deliveries.clear - Setting.notified_events << 'message_posted' + Setting.notified_events = ['message_posted'] post :new, :board_id => 1, :message => { :subject => 'Test created message', diff --git a/test/functional/projects_controller_test.rb b/test/functional/projects_controller_test.rb index d1810b3d4..a8f8ecb76 100644 --- a/test/functional/projects_controller_test.rb +++ b/test/functional/projects_controller_test.rb @@ -23,7 +23,8 @@ class ProjectsController; def rescue_action(e) raise e end; end class ProjectsControllerTest < Test::Unit::TestCase fixtures :projects, :versions, :users, :roles, :members, :issues, :journals, :journal_details, - :trackers, :projects_trackers, :issue_statuses, :enabled_modules, :enumerations, :boards, :messages + :trackers, :projects_trackers, :issue_statuses, :enabled_modules, :enumerations, :boards, :messages, + :attachments def setup @controller = ProjectsController.new @@ -112,12 +113,56 @@ class ProjectsControllerTest < Test::Unit::TestCase assert_redirected_to 'admin/projects' assert_nil Project.find_by_id(1) end + + def test_add_file + set_tmp_attachments_directory + @request.session[:user_id] = 2 + Setting.notified_events = ['file_added'] + ActionMailer::Base.deliveries.clear + + assert_difference 'Attachment.count' do + post :add_file, :id => 1, :version_id => '', + :attachments => {'1' => {'file' => test_uploaded_file('testfile.txt', 'text/plain')}} + end + assert_redirected_to 'projects/list_files/ecookbook' + a = Attachment.find(:first, :order => 'created_on DESC') + assert_equal 'testfile.txt', a.filename + assert_equal Project.find(1), a.container + + mail = ActionMailer::Base.deliveries.last + assert_kind_of TMail::Mail, mail + assert_equal "[eCookbook] New file", mail.subject + assert mail.body.include?('testfile.txt') + end + + def test_add_version_file + set_tmp_attachments_directory + @request.session[:user_id] = 2 + Setting.notified_events = ['file_added'] + + assert_difference 'Attachment.count' do + post :add_file, :id => 1, :version_id => '2', + :attachments => {'1' => {'file' => test_uploaded_file('testfile.txt', 'text/plain')}} + end + assert_redirected_to 'projects/list_files/ecookbook' + a = Attachment.find(:first, :order => 'created_on DESC') + assert_equal 'testfile.txt', a.filename + assert_equal Version.find(2), a.container + end def test_list_files get :list_files, :id => 1 assert_response :success assert_template 'list_files' - assert_not_nil assigns(:versions) + assert_not_nil assigns(:containers) + + # file attached to the project + assert_tag :a, :content => 'project_file.zip', + :attributes => { :href => '/attachments/download/8/project_file.zip' } + + # file attached to a project's version + assert_tag :a, :content => 'version_file.zip', + :attributes => { :href => '/attachments/download/9/version_file.zip' } end def test_changelog diff --git a/test/functional/wiki_controller_test.rb b/test/functional/wiki_controller_test.rb index fe2414ee1..5b2574128 100644 --- a/test/functional/wiki_controller_test.rb +++ b/test/functional/wiki_controller_test.rb @@ -252,13 +252,6 @@ class WikiControllerTest < Test::Unit::TestCase assert_template 'edit' end - def test_destroy_attachment - @request.session[:user_id] = 2 - assert_difference 'Attachment.count', -1 do - post :destroy_attachment, :id => 1, :page => 'Page_with_an_inline_image', :attachment_id => 3 - end - end - def test_history_of_non_existing_page_should_return_404 get :history, :id => 1, :page => 'Unknown_page' assert_response 404 diff --git a/vendor/plugins/acts_as_attachable/init.rb b/vendor/plugins/acts_as_attachable/init.rb new file mode 100644 index 000000000..213e1d4b1 --- /dev/null +++ b/vendor/plugins/acts_as_attachable/init.rb @@ -0,0 +1,2 @@ +require File.dirname(__FILE__) + '/lib/acts_as_attachable' +ActiveRecord::Base.send(:include, Redmine::Acts::Attachable) diff --git a/vendor/plugins/acts_as_attachable/lib/acts_as_attachable.rb b/vendor/plugins/acts_as_attachable/lib/acts_as_attachable.rb new file mode 100644 index 000000000..78d42c215 --- /dev/null +++ b/vendor/plugins/acts_as_attachable/lib/acts_as_attachable.rb @@ -0,0 +1,57 @@ +# Redmine - project management software +# Copyright (C) 2006-2008 Jean-Philippe Lang +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +module Redmine + module Acts + module Attachable + def self.included(base) + base.extend ClassMethods + end + + module ClassMethods + def acts_as_attachable(options = {}) + cattr_accessor :attachable_options + self.attachable_options = {} + attachable_options[:view_permission] = options.delete(:view_permission) || "view_#{self.name.pluralize.underscore}".to_sym + attachable_options[:delete_permission] = options.delete(:delete_permission) || "edit_#{self.name.pluralize.underscore}".to_sym + + has_many :attachments, options.merge(:as => :container, + :order => "#{Attachment.table_name}.created_on", + :dependent => :destroy) + send :include, Redmine::Acts::Attachable::InstanceMethods + end + end + + module InstanceMethods + def self.included(base) + base.extend ClassMethods + end + + def attachments_visible?(user=User.current) + user.allowed_to?(self.class.attachable_options[:view_permission], self.project) + end + + def attachments_deletable?(user=User.current) + user.allowed_to?(self.class.attachable_options[:delete_permission], self.project) + end + + module ClassMethods + end + end + end + end +end