Allow non admin users to add subprojects (#2963).
Subprojects can be added to the projects for which the user has add_project permission. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3059 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
parent
ea9a7c20e6
commit
534ce51154
|
@ -75,7 +75,7 @@ class ProjectsController < ApplicationController
|
|||
else
|
||||
@project.enabled_module_names = params[:enabled_modules]
|
||||
if @project.save
|
||||
@project.set_parent!(params[:project]['parent_id']) if User.current.admin? && params[:project].has_key?('parent_id')
|
||||
@project.set_allowed_parent!(params[:project]['parent_id']) if params[:project].has_key?('parent_id')
|
||||
# Add current user as a project member if he is not admin
|
||||
unless User.current.admin?
|
||||
r = Role.givable.find_by_id(Setting.new_project_user_role_id.to_i) || Role.givable.first
|
||||
|
@ -106,7 +106,7 @@ class ProjectsController < ApplicationController
|
|||
@project = Project.new(params[:project])
|
||||
@project.enabled_module_names = params[:enabled_modules]
|
||||
if @project.copy(@source_project, :only => params[:only])
|
||||
@project.set_parent!(params[:project]['parent_id']) if User.current.admin? && params[:project].has_key?('parent_id')
|
||||
@project.set_allowed_parent!(params[:project]['parent_id']) if params[:project].has_key?('parent_id')
|
||||
flash[:notice] = l(:notice_successful_create)
|
||||
redirect_to :controller => 'admin', :action => 'projects'
|
||||
end
|
||||
|
@ -158,7 +158,7 @@ class ProjectsController < ApplicationController
|
|||
if request.post?
|
||||
@project.attributes = params[:project]
|
||||
if @project.save
|
||||
@project.set_parent!(params[:project]['parent_id']) if User.current.admin? && params[:project].has_key?('parent_id')
|
||||
@project.set_allowed_parent!(params[:project]['parent_id']) if params[:project].has_key?('parent_id')
|
||||
flash[:notice] = l(:notice_successful_update)
|
||||
redirect_to :action => 'settings', :id => @project
|
||||
else
|
||||
|
|
|
@ -36,7 +36,7 @@ module ProjectsHelper
|
|||
end
|
||||
|
||||
def parent_project_select_tag(project)
|
||||
options = '<option></option>' + project_tree_options_for_select(project.possible_parents, :selected => project.parent)
|
||||
options = '<option></option>' + project_tree_options_for_select(project.allowed_parents, :selected => project.parent)
|
||||
content_tag('select', options, :name => 'project[parent_id]')
|
||||
end
|
||||
|
||||
|
|
|
@ -148,14 +148,16 @@ class Project < ActiveRecord::Base
|
|||
else
|
||||
statements << "1=0"
|
||||
if user.logged?
|
||||
statements << "#{Project.table_name}.is_public = #{connection.quoted_true}" if Role.non_member.allowed_to?(permission)
|
||||
if Role.non_member.allowed_to?(permission) && !options[:member]
|
||||
statements << "#{Project.table_name}.is_public = #{connection.quoted_true}"
|
||||
end
|
||||
allowed_project_ids = user.memberships.select {|m| m.roles.detect {|role| role.allowed_to?(permission)}}.collect {|m| m.project_id}
|
||||
statements << "#{Project.table_name}.id IN (#{allowed_project_ids.join(',')})" if allowed_project_ids.any?
|
||||
elsif Role.anonymous.allowed_to?(permission)
|
||||
else
|
||||
if Role.anonymous.allowed_to?(permission) && !options[:member]
|
||||
# anonymous user allowed on public project
|
||||
statements << "#{Project.table_name}.is_public = #{connection.quoted_true}"
|
||||
else
|
||||
# anonymous user is not authorized
|
||||
end
|
||||
end
|
||||
end
|
||||
statements.empty? ? base_statement : "((#{base_statement}) AND (#{statements.join(' OR ')}))"
|
||||
|
@ -253,8 +255,34 @@ class Project < ActiveRecord::Base
|
|||
end
|
||||
|
||||
# Returns an array of projects the project can be moved to
|
||||
def possible_parents
|
||||
@possible_parents ||= (Project.active.find(:all) - self_and_descendants)
|
||||
# by the current user
|
||||
def allowed_parents
|
||||
return @allowed_parents if @allowed_parents
|
||||
@allowed_parents = (Project.find(:all, :conditions => Project.allowed_to_condition(User.current, :add_project, :member => true)) - self_and_descendants)
|
||||
unless parent.nil? || @allowed_parents.empty? || @allowed_parents.include?(parent)
|
||||
@allowed_parents << parent
|
||||
end
|
||||
@allowed_parents
|
||||
end
|
||||
|
||||
# Sets the parent of the project with authorization check
|
||||
def set_allowed_parent!(p)
|
||||
unless p.nil? || p.is_a?(Project)
|
||||
if p.to_s.blank?
|
||||
p = nil
|
||||
else
|
||||
p = Project.find_by_id(p)
|
||||
return false unless p
|
||||
end
|
||||
end
|
||||
if p.nil?
|
||||
if !new_record? && allowed_parents.empty?
|
||||
return false
|
||||
end
|
||||
elsif !allowed_parents.include?(p)
|
||||
return false
|
||||
end
|
||||
set_parent!(p)
|
||||
end
|
||||
|
||||
# Sets the parent of the project
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
<!--[form:project]-->
|
||||
<p><%= f.text_field :name, :required => true %><br /><em><%= l(:text_caracters_maximum, 30) %></em></p>
|
||||
|
||||
<% if User.current.admin? && !@project.possible_parents.empty? %>
|
||||
<% unless @project.allowed_parents.empty? %>
|
||||
<p><label><%= l(:field_parent) %></label><%= parent_project_select_tag(@project) %></p>
|
||||
<% end %>
|
||||
|
||||
|
|
|
@ -117,6 +117,23 @@ class ProjectsControllerTest < ActionController::TestCase
|
|||
assert_kind_of Project, project
|
||||
assert_equal 'weblog', project.description
|
||||
assert_equal true, project.is_public?
|
||||
assert_nil project.parent
|
||||
end
|
||||
|
||||
def test_post_add_subproject
|
||||
@request.session[:user_id] = 1
|
||||
post :add, :project => { :name => "blog",
|
||||
:description => "weblog",
|
||||
:identifier => "blog",
|
||||
:is_public => 1,
|
||||
:custom_field_values => { '3' => 'Beta' },
|
||||
:parent_id => 1
|
||||
}
|
||||
assert_redirected_to '/projects/blog/settings'
|
||||
|
||||
project = Project.find_by_name('blog')
|
||||
assert_kind_of Project, project
|
||||
assert_equal Project.find(1), project.parent
|
||||
end
|
||||
|
||||
def test_post_add_by_non_admin
|
||||
|
|
|
@ -26,6 +26,7 @@ class ProjectTest < ActiveSupport::TestCase
|
|||
def setup
|
||||
@ecookbook = Project.find(1)
|
||||
@ecookbook_sub1 = Project.find(3)
|
||||
User.current = nil
|
||||
end
|
||||
|
||||
should_validate_presence_of :name
|
||||
|
@ -236,6 +237,14 @@ class ProjectTest < ActiveSupport::TestCase
|
|||
assert_equal [5, 6, 3, 4], d.collect(&:id)
|
||||
end
|
||||
|
||||
def test_allowed_parents_should_be_empty_for_non_member_user
|
||||
Role.non_member.add_permission!(:add_project)
|
||||
user = User.find(9)
|
||||
assert user.memberships.empty?
|
||||
User.current = user
|
||||
assert Project.new.allowed_parents.empty?
|
||||
end
|
||||
|
||||
def test_users_by_role
|
||||
users_by_role = Project.find(1).users_by_role
|
||||
assert_kind_of Hash, users_by_role
|
||||
|
|
Loading…
Reference in New Issue