Split "Manage documents" permission into create, edit and delete permissions (#12401).
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@11206 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
parent
26016cdc08
commit
48fb02e383
|
@ -19,7 +19,7 @@ class Document < ActiveRecord::Base
|
||||||
include Redmine::SafeAttributes
|
include Redmine::SafeAttributes
|
||||||
belongs_to :project
|
belongs_to :project
|
||||||
belongs_to :category, :class_name => "DocumentCategory", :foreign_key => "category_id"
|
belongs_to :category, :class_name => "DocumentCategory", :foreign_key => "category_id"
|
||||||
acts_as_attachable :delete_permission => :manage_documents
|
acts_as_attachable :delete_permission => :delete_documents
|
||||||
|
|
||||||
acts_as_searchable :columns => ['title', "#{table_name}.description"], :include => :project
|
acts_as_searchable :columns => ['title', "#{table_name}.description"], :include => :project
|
||||||
acts_as_event :title => Proc.new {|o| "#{l(:label_document)}: #{o.title}"},
|
acts_as_event :title => Proc.new {|o| "#{l(:label_document)}: #{o.title}"},
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
<div class="contextual">
|
<div class="contextual">
|
||||||
<%= link_to l(:label_document_new), new_project_document_path(@project), :class => 'icon icon-add',
|
<%= link_to l(:label_document_new), new_project_document_path(@project), :class => 'icon icon-add',
|
||||||
:onclick => 'showAndScrollTo("add-document", "document_title"); return false;' if User.current.allowed_to?(:manage_documents, @project) %>
|
:onclick => 'showAndScrollTo("add-document", "document_title"); return false;' if User.current.allowed_to?(:add_documents, @project) %>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div id="add-document" style="display:none;">
|
<div id="add-document" style="display:none;">
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
<div class="contextual">
|
<div class="contextual">
|
||||||
<% if User.current.allowed_to?(:manage_documents, @project) %>
|
<% if User.current.allowed_to?(:edit_documents, @project) %>
|
||||||
<%= link_to l(:button_edit), edit_document_path(@document), :class => 'icon icon-edit', :accesskey => accesskey(:edit) %>
|
<%= link_to l(:button_edit), edit_document_path(@document), :class => 'icon icon-edit', :accesskey => accesskey(:edit) %>
|
||||||
|
<% end %>
|
||||||
|
<% if User.current.allowed_to?(:delete_documents, @project) %>
|
||||||
<%= delete_link document_path(@document) %>
|
<%= delete_link document_path(@document) %>
|
||||||
<% end %>
|
<% end %>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
@ -0,0 +1,23 @@
|
||||||
|
class SplitDocumentsPermissions < ActiveRecord::Migration
|
||||||
|
def up
|
||||||
|
# :manage_documents permission split into 3 permissions:
|
||||||
|
# :add_documents, :edit_documents and :delete_documents
|
||||||
|
Role.all.each do |role|
|
||||||
|
if role.has_permission?(:manage_documents)
|
||||||
|
role.add_permission! :add_documents, :edit_documents, :delete_documents
|
||||||
|
role.remove_permission! :manage_documents
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def down
|
||||||
|
Role.all.each do |role|
|
||||||
|
if role.has_permission?(:add_documents) ||
|
||||||
|
role.has_permission?(:edit_documents) ||
|
||||||
|
role.has_permission?(:delete_documents)
|
||||||
|
role.remove_permission! :add_documents, :edit_documents, :delete_documents
|
||||||
|
role.add_permission! :manage_documents
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
|
@ -146,7 +146,9 @@ Redmine::AccessControl.map do |map|
|
||||||
end
|
end
|
||||||
|
|
||||||
map.project_module :documents do |map|
|
map.project_module :documents do |map|
|
||||||
map.permission :manage_documents, {:documents => [:new, :create, :edit, :update, :destroy, :add_attachment]}, :require => :loggedin
|
map.permission :add_documents, {:documents => [:new, :create, :add_attachment]}, :require => :loggedin
|
||||||
|
map.permission :edit_documents, {:documents => [:edit, :update, :add_attachment]}, :require => :loggedin
|
||||||
|
map.permission :delete_documents, {:documents => [:destroy]}, :require => :loggedin
|
||||||
map.permission :view_documents, {:documents => [:index, :show, :download]}, :read => true
|
map.permission :view_documents, {:documents => [:index, :show, :download]}, :read => true
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -38,7 +38,9 @@ roles_001:
|
||||||
- :manage_news
|
- :manage_news
|
||||||
- :comment_news
|
- :comment_news
|
||||||
- :view_documents
|
- :view_documents
|
||||||
- :manage_documents
|
- :add_documents
|
||||||
|
- :edit_documents
|
||||||
|
- :delete_documents
|
||||||
- :view_wiki_pages
|
- :view_wiki_pages
|
||||||
- :export_wiki_pages
|
- :export_wiki_pages
|
||||||
- :view_wiki_edits
|
- :view_wiki_edits
|
||||||
|
@ -89,7 +91,9 @@ roles_002:
|
||||||
- :manage_news
|
- :manage_news
|
||||||
- :comment_news
|
- :comment_news
|
||||||
- :view_documents
|
- :view_documents
|
||||||
- :manage_documents
|
- :add_documents
|
||||||
|
- :edit_documents
|
||||||
|
- :delete_documents
|
||||||
- :view_wiki_pages
|
- :view_wiki_pages
|
||||||
- :view_wiki_edits
|
- :view_wiki_edits
|
||||||
- :edit_wiki_pages
|
- :edit_wiki_pages
|
||||||
|
@ -131,7 +135,9 @@ roles_003:
|
||||||
- :manage_news
|
- :manage_news
|
||||||
- :comment_news
|
- :comment_news
|
||||||
- :view_documents
|
- :view_documents
|
||||||
- :manage_documents
|
- :add_documents
|
||||||
|
- :edit_documents
|
||||||
|
- :delete_documents
|
||||||
- :view_wiki_pages
|
- :view_wiki_pages
|
||||||
- :view_wiki_edits
|
- :view_wiki_edits
|
||||||
- :edit_wiki_pages
|
- :edit_wiki_pages
|
||||||
|
@ -163,7 +169,6 @@ roles_004:
|
||||||
- :view_time_entries
|
- :view_time_entries
|
||||||
- :comment_news
|
- :comment_news
|
||||||
- :view_documents
|
- :view_documents
|
||||||
- :manage_documents
|
|
||||||
- :view_wiki_pages
|
- :view_wiki_pages
|
||||||
- :view_wiki_edits
|
- :view_wiki_edits
|
||||||
- :edit_wiki_pages
|
- :edit_wiki_pages
|
||||||
|
|
|
@ -901,7 +901,7 @@ class UserTest < ActiveSupport::TestCase
|
||||||
should "authorize nearly everything for admin users" do
|
should "authorize nearly everything for admin users" do
|
||||||
project = Project.find(1)
|
project = Project.find(1)
|
||||||
assert ! @admin.member_of?(project)
|
assert ! @admin.member_of?(project)
|
||||||
%w(edit_issues delete_issues manage_news manage_documents manage_wiki).each do |p|
|
%w(edit_issues delete_issues manage_news add_documents manage_wiki).each do |p|
|
||||||
assert_equal true, @admin.allowed_to?(p.to_sym, project)
|
assert_equal true, @admin.allowed_to?(p.to_sym, project)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue