From 97b4e754787dea8d56feec95a433648839d70ff0 Mon Sep 17 00:00:00 2001 From: Jean-Philippe Lang Date: Sun, 25 Oct 2009 12:11:53 +0000 Subject: [PATCH] Add a permission to remove issue watchers (#2450). git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2977 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- app/controllers/watchers_controller.rb | 14 +++++++++++++- app/helpers/watchers_helper.rb | 17 ++++++++++++++++- lib/redmine.rb | 1 + test/fixtures/roles.yml | 1 + test/functional/watchers_controller_test.rb | 10 ++++++++++ 5 files changed, 41 insertions(+), 2 deletions(-) diff --git a/app/controllers/watchers_controller.rb b/app/controllers/watchers_controller.rb index 8e6ee3a9e..3d4ed54dd 100644 --- a/app/controllers/watchers_controller.rb +++ b/app/controllers/watchers_controller.rb @@ -18,7 +18,7 @@ class WatchersController < ApplicationController before_filter :find_project before_filter :require_login, :check_project_privacy, :only => [:watch, :unwatch] - before_filter :authorize, :only => :new + before_filter :authorize, :only => [:new, :destroy] verify :method => :post, :only => [ :watch, :unwatch ], @@ -48,6 +48,18 @@ class WatchersController < ApplicationController render :text => 'Watcher added.', :layout => true end + def destroy + @watched.set_watcher(User.find(params[:user_id]), false) if request.post? + respond_to do |format| + format.html { redirect_to :back } + format.js do + render :update do |page| + page.replace_html 'watchers', :partial => 'watchers/watchers', :locals => {:watched => @watched} + end + end + end + end + private def find_project klass = Object.const_get(params[:object_type].camelcase) diff --git a/app/helpers/watchers_helper.rb b/app/helpers/watchers_helper.rb index f4767ebed..333b0d299 100644 --- a/app/helpers/watchers_helper.rb +++ b/app/helpers/watchers_helper.rb @@ -36,6 +36,21 @@ module WatchersHelper # Returns a comma separated list of users watching the given object def watchers_list(object) - object.watcher_users.collect {|u| content_tag('span', link_to_user(u), :class => 'user') }.join(",\n") + remove_allowed = User.current.allowed_to?("delete_#{object.class.name.underscore}_watchers".to_sym, object.project) + object.watcher_users.collect do |user| + s = content_tag('span', link_to_user(user), :class => 'user') + if remove_allowed + url = {:controller => 'watchers', + :action => 'destroy', + :object_type => object.class.to_s.underscore, + :object_id => object.id, + :user_id => user} + s += ' ' + link_to_remote(image_tag('delete.png'), + {:url => url}, + :href => url_for(url), + :style => "vertical-align: middle") + end + s + end.join(",\n") end end diff --git a/lib/redmine.rb b/lib/redmine.rb index ed227fddf..175e0539f 100644 --- a/lib/redmine.rb +++ b/lib/redmine.rb @@ -52,6 +52,7 @@ Redmine::AccessControl.map do |map| # Watchers map.permission :view_issue_watchers, {} map.permission :add_issue_watchers, {:watchers => :new} + map.permission :delete_issue_watchers, {:watchers => :destroy} end map.project_module :time_tracking do |map| diff --git a/test/fixtures/roles.yml b/test/fixtures/roles.yml index 64457c532..08699ff83 100644 --- a/test/fixtures/roles.yml +++ b/test/fixtures/roles.yml @@ -18,6 +18,7 @@ roles_001: - :delete_issues - :view_issue_watchers - :add_issue_watchers + - :delete_issue_watchers - :manage_public_queries - :save_queries - :view_gantt diff --git a/test/functional/watchers_controller_test.rb b/test/functional/watchers_controller_test.rb index 3b48767b9..d36f7831c 100644 --- a/test/functional/watchers_controller_test.rb +++ b/test/functional/watchers_controller_test.rb @@ -67,4 +67,14 @@ class WatchersControllerTest < ActionController::TestCase end assert Issue.find(2).watched_by?(User.find(4)) end + + def test_remove_watcher + @request.session[:user_id] = 2 + assert_difference('Watcher.count', -1) do + xhr :post, :destroy, :object_type => 'issue', :object_id => '2', :user_id => '3' + assert_response :success + assert_select_rjs :replace_html, 'watchers' + end + assert !Issue.find(2).watched_by?(User.find(3)) + end end