Fixed time entries context menu display according permissions (#9405).

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@7922 e93f8b46-1217-0410-a6f0-8f06a7374b81
2011-11-24 21:31:21 +00:00 · 2011-11-24 21:31:21 +00:00 · 703211c0a6
parent f436918dbe
commit 703211c0a6
3 changed files with 23 additions and 5 deletions
--- a/app/controllers/context_menus_controller.rb
+++ b/app/controllers/context_menus_controller.rb
@ -51,9 +51,8 @@ class ContextMenusController < ApplicationController
    @projects = @time_entries.collect(&:project).compact.uniq
    @project = @projects.first if @projects.size == 1
    @activities = TimeEntryActivity.shared.active
-    @can = {:edit   => User.current.allowed_to?(:log_time, @projects),
-            :update => User.current.allowed_to?(:log_time, @projects),
-            :delete => User.current.allowed_to?(:log_time, @projects)
+    @can = {:edit   => User.current.allowed_to?(:edit_time_entries, @projects),
+            :delete => User.current.allowed_to?(:edit_time_entries, @projects)
            }
    @back = back_url
    render :layout => false
--- a/app/views/context_menus/time_entries.html.erb
+++ b/app/views/context_menus/time_entries.html.erb
@ -15,10 +15,10 @@
    <ul>
    <% @activities.each do |u| -%>
        <li><%= context_menu_link h(u.name), {:controller => 'timelog', :action => 'bulk_edit', :ids => @time_entries.collect(&:id), :time_entry => {'activity_id' => u}, :back_url => @back}, :method => :post,
-                                  :selected => (@time_entry && u == @time_entry.activity), :disabled => !@can[:update] %></li>
+                                  :selected => (@time_entry && u == @time_entry.activity), :disabled => !@can[:edit] %></li>
    <% end -%>
        <li><%= context_menu_link l(:label_none), {:controller => 'timelog', :action => 'bulk_edit', :ids => @time_entries.collect(&:id), :time_entry => {'activity_id' => 'none'}, :back_url => @back}, :method => :post,
-                                  :selected => (@time_entry && @time_entry.activity.nil?), :disabled => !@can[:update] %></li>
+                                  :selected => (@time_entry && @time_entry.activity.nil?), :disabled => !@can[:edit] %></li>
    </ul>
  </li>
  <% end %>
--- a/test/functional/context_menus_controller_test.rb
+++ b/test/functional/context_menus_controller_test.rb
@ -129,4 +129,23 @@ class ContextMenusControllerTest < ActionController::TestCase
    assert_template 'context_menu'
    assert_equal [1], assigns(:issues).collect(&:id)
  end
+  
+  def test_time_entries_context_menu
+    @request.session[:user_id] = 2
+    get :time_entries, :ids => [1, 2]
+    assert_response :success
+    assert_template 'time_entries'
+    assert_tag 'a', :content => 'Edit'
+    assert_no_tag 'a', :content => 'Edit', :attributes => {:class => /disabled/}
+  end
+  
+  def test_time_entries_context_menu_without_edit_permission
+    @request.session[:user_id] = 2
+    Role.find_by_name('Manager').remove_permission! :edit_time_entries
+    
+    get :time_entries, :ids => [1, 2]
+    assert_response :success
+    assert_template 'time_entries'
+    assert_tag 'a', :content => 'Edit', :attributes => {:class => /disabled/}
+  end
 end