Added the following permissions (#527, #585, #627):

* edit_issue_notes: let user edit any notes
* edit_own_issue_notes: let user edit his own notes only

git-svn-id: http://redmine.rubyforge.org/svn/trunk@1152 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Jean-Philippe Lang 2008-02-16 13:19:33 +00:00
parent abb0b15407
commit 1c8cf4ef83
7 changed files with 24 additions and 6 deletions

View File

@ -22,11 +22,11 @@ class JournalsController < ApplicationController
def edit def edit
if request.post? if request.post?
@journal.update_attributes(:notes => params[:notes]) if params[:notes] @journal.update_attributes(:notes => params[:notes]) if params[:notes]
@journal.destroy if @journal.details.empty? && @journal.notes.blank?
respond_to do |format| respond_to do |format|
format.html { redirect_to :controller => 'issues', :action => 'show', :id => @journal.journalized_id } format.html { redirect_to :controller => 'issues', :action => 'show', :id => @journal.journalized_id }
format.js { render :action => 'update' } format.js { render :action => 'update' }
end end
return
end end
end end

View File

@ -19,7 +19,7 @@ module JournalsHelper
def render_notes(journal, options={}) def render_notes(journal, options={})
content = '' content = ''
editable = journal.editable_by?(User.current) editable = journal.editable_by?(User.current)
if editable if editable && !journal.notes.blank?
links = [] links = []
links << link_to_in_place_notes_editor(image_tag('edit.png'), "journal-#{journal.id}-notes", links << link_to_in_place_notes_editor(image_tag('edit.png'), "journal-#{journal.id}-notes",
{ :controller => 'journals', :action => 'edit', :id => journal }, { :controller => 'journals', :action => 'edit', :id => journal },

View File

@ -51,6 +51,7 @@ class Journal < ActiveRecord::Base
end end
def editable_by?(usr) def editable_by?(usr)
usr && usr.admin? project = journalized.project
usr && usr.logged? && (usr.allowed_to?(:edit_issue_notes, project) || (self.user == usr && usr.allowed_to?(:edit_own_issue_notes, project)))
end end
end end

View File

@ -1,5 +1,6 @@
<% note_id = 1 %> <% note_id = 1 %>
<% for journal in journals %> <% for journal in journals %>
<div id="change-<%= journal.id %>">
<h4><div style="float:right;"><%= link_to "##{note_id}", :anchor => "note-#{note_id}" %></div> <h4><div style="float:right;"><%= link_to "##{note_id}", :anchor => "note-#{note_id}" %></div>
<%= content_tag('a', '', :name => "note-#{note_id}")%> <%= content_tag('a', '', :name => "note-#{note_id}")%>
<%= format_time(journal.created_on) %> - <%= journal.user.name %></h4> <%= format_time(journal.created_on) %> - <%= journal.user.name %></h4>
@ -9,5 +10,6 @@
<% end %> <% end %>
</ul> </ul>
<%= render_notes(journal) unless journal.notes.blank? %> <%= render_notes(journal) unless journal.notes.blank? %>
</div>
<% note_id += 1 %> <% note_id += 1 %>
<% end %> <% end %>

View File

@ -1,3 +1,8 @@
page.replace "journal-#{@journal.id}-notes", render_notes(@journal) if @journal.frozen?
page.show "journal-#{@journal.id}-notes" # journal was destroyed
page.remove "journal-#{@journal.id}-form" page.remove "change-#{@journal.id}"
else
page.replace "journal-#{@journal.id}-notes", render_notes(@journal)
page.show "journal-#{@journal.id}-notes"
page.remove "journal-#{@journal.id}-form"
end

View File

@ -34,6 +34,8 @@ Redmine::AccessControl.map do |map|
map.permission :edit_issues, {:issues => [:edit, :bulk_edit, :destroy_attachment]} map.permission :edit_issues, {:issues => [:edit, :bulk_edit, :destroy_attachment]}
map.permission :manage_issue_relations, {:issue_relations => [:new, :destroy]} map.permission :manage_issue_relations, {:issue_relations => [:new, :destroy]}
map.permission :add_issue_notes, {:issues => :edit} map.permission :add_issue_notes, {:issues => :edit}
map.permission :edit_issue_notes, {:journals => :edit}, :require => :loggedin
map.permission :edit_own_issue_notes, {:journals => :edit}, :require => :loggedin
map.permission :move_issues, {:issues => :move}, :require => :loggedin map.permission :move_issues, {:issues => :move}, :require => :loggedin
map.permission :delete_issues, {:issues => :destroy}, :require => :member map.permission :delete_issues, {:issues => :destroy}, :require => :member
# Queries # Queries

View File

@ -48,4 +48,12 @@ class JournalsControllerTest < ActionController::TestCase
assert_select_rjs :replace, 'journal-2-notes' assert_select_rjs :replace, 'journal-2-notes'
assert_equal 'Updated notes', Journal.find(2).notes assert_equal 'Updated notes', Journal.find(2).notes
end end
def test_post_edit_with_empty_notes
@request.session[:user_id] = 1
xhr :post, :edit, :id => 2, :notes => ''
assert_response :success
assert_select_rjs :remove, 'change-2'
assert_nil Journal.find_by_id(2)
end
end end