diff --git a/app/controllers/messages_controller.rb b/app/controllers/messages_controller.rb
index 79b4b616..af39efb2 100644
--- a/app/controllers/messages_controller.rb
+++ b/app/controllers/messages_controller.rb
@@ -19,7 +19,7 @@ class MessagesController < ApplicationController
menu_item :boards
before_filter :find_board, :only => [:new, :preview]
before_filter :find_message, :except => [:new, :preview]
- before_filter :authorize, :except => :preview
+ before_filter :authorize, :except => [:preview, :edit, :destroy]
verify :method => :post, :only => [ :reply, :destroy ], :redirect_to => { :action => :show }
verify :xhr => true, :only => :quote
@@ -30,7 +30,7 @@ class MessagesController < ApplicationController
# Show a topic and its replies
def show
- @replies = @topic.children
+ @replies = @topic.children.find(:all, :include => [:author, :attachments, {:board => :project}])
@replies.reverse! if User.current.wants_comments_in_reverse_order?
@reply = Message.new(:subject => "RE: #{@message.subject}")
render :action => "show", :layout => false if request.xhr?
@@ -65,7 +65,8 @@ class MessagesController < ApplicationController
# Edit a message
def edit
- if params[:message] && User.current.allowed_to?(:edit_messages, @project)
+ render_403 and return false unless @message.editable_by?(User.current)
+ if params[:message]
@message.locked = params[:message]['locked']
@message.sticky = params[:message]['sticky']
end
@@ -78,6 +79,7 @@ class MessagesController < ApplicationController
# Delete a messages
def destroy
+ render_403 and return false unless @message.destroyable_by?(User.current)
@message.destroy
redirect_to @message.parent.nil? ?
{ :controller => 'boards', :action => 'show', :project_id => @project, :id => @board } :
diff --git a/app/models/message.rb b/app/models/message.rb
index f1cb2d0b..9a313e82 100644
--- a/app/models/message.rb
+++ b/app/models/message.rb
@@ -71,6 +71,14 @@ class Message < ActiveRecord::Base
def project
board.project
end
+
+ def editable_by?(usr)
+ usr && usr.logged? && (usr.allowed_to?(:edit_messages, project) || (self.author == usr && usr.allowed_to?(:edit_own_messages, project)))
+ end
+
+ def destroyable_by?(usr)
+ usr && usr.logged? && (usr.allowed_to?(:delete_messages, project) || (self.author == usr && usr.allowed_to?(:delete_own_messages, project)))
+ end
private
diff --git a/app/views/messages/show.rhtml b/app/views/messages/show.rhtml
index 31696d56..4143532b 100644
--- a/app/views/messages/show.rhtml
+++ b/app/views/messages/show.rhtml
@@ -4,8 +4,8 @@
<%= watcher_tag(@topic, User.current) %>
<%= link_to_remote_if_authorized l(:button_quote), { :url => {:action => 'quote', :id => @topic} }, :class => 'icon icon-comment' %>
- <%= link_to_if_authorized l(:button_edit), {:action => 'edit', :id => @topic}, :class => 'icon icon-edit' %>
- <%= link_to_if_authorized l(:button_delete), {:action => 'destroy', :id => @topic}, :method => :post, :confirm => l(:text_are_you_sure), :class => 'icon icon-del' %>
+ <%= link_to(l(:button_edit), {:action => 'edit', :id => @topic}, :class => 'icon icon-edit') if @message.editable_by?(User.current) %>
+ <%= link_to(l(:button_delete), {:action => 'destroy', :id => @topic}, :method => :post, :confirm => l(:text_are_you_sure), :class => 'icon icon-del') if @message.destroyable_by?(User.current) %>
<%=h @topic.subject %>
@@ -25,8 +25,8 @@
">
<%= link_to_remote_if_authorized image_tag('comment.png'), { :url => {:action => 'quote', :id => message} }, :title => l(:button_quote) %>
- <%= link_to_if_authorized image_tag('edit.png'), {:action => 'edit', :id => message}, :title => l(:button_edit) %>
- <%= link_to_if_authorized image_tag('delete.png'), {:action => 'destroy', :id => message}, :method => :post, :confirm => l(:text_are_you_sure), :title => l(:button_delete) %>
+ <%= link_to(image_tag('edit.png'), {:action => 'edit', :id => message}, :title => l(:button_edit)) if message.editable_by?(User.current) %>
+ <%= link_to(image_tag('delete.png'), {:action => 'destroy', :id => message}, :method => :post, :confirm => l(:text_are_you_sure), :title => l(:button_delete)) if message.destroyable_by?(User.current) %>
<%=h message.subject %> - <%= authoring message.created_on, message.author %>
diff --git a/lang/bg.yml b/lang/bg.yml
index 000f0a97..ae345f9d 100644
--- a/lang/bg.yml
+++ b/lang/bg.yml
@@ -690,3 +690,5 @@ permission_edit_own_issue_notes: Edit own notes
setting_gravatar_enabled: Use Gravatar user icons
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/ca.yml b/lang/ca.yml
index 5db547ac..52649534 100644
--- a/lang/ca.yml
+++ b/lang/ca.yml
@@ -691,3 +691,5 @@ permission_edit_own_issue_notes: Edit own notes
setting_gravatar_enabled: Use Gravatar user icons
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/cs.yml b/lang/cs.yml
index 09ed76ea..d195456c 100644
--- a/lang/cs.yml
+++ b/lang/cs.yml
@@ -695,3 +695,5 @@ permission_edit_own_issue_notes: Edit own notes
setting_gravatar_enabled: Use Gravatar user icons
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/da.yml b/lang/da.yml
index b5081e9e..b5dbe6b2 100644
--- a/lang/da.yml
+++ b/lang/da.yml
@@ -691,3 +691,5 @@ permission_edit_own_issue_notes: Edit own notes
setting_gravatar_enabled: Use Gravatar user icons
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/de.yml b/lang/de.yml
index 3e59bcf9..14f6e63a 100644
--- a/lang/de.yml
+++ b/lang/de.yml
@@ -691,3 +691,5 @@ permission_edit_own_issue_notes: Edit own notes
setting_gravatar_enabled: Use Gravatar user icons
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/en.yml b/lang/en.yml
index 8a4a2577..245663fd 100644
--- a/lang/en.yml
+++ b/lang/en.yml
@@ -269,7 +269,9 @@ permission_manage_boards: Manage boards
permission_view_messages: View messages
permission_add_messages: Post messages
permission_edit_messages: Edit messages
+permission_edit_own_messages: Edit own messages
permission_delete_messages: Delete messages
+permission_delete_won_messages: Delete own messages
project_module_issue_tracking: Issue tracking
project_module_time_tracking: Time tracking
diff --git a/lang/es.yml b/lang/es.yml
index c3b9de2b..c0a624ba 100644
--- a/lang/es.yml
+++ b/lang/es.yml
@@ -693,3 +693,5 @@ permission_edit_own_issue_notes: Edit own notes
setting_gravatar_enabled: Use Gravatar user icons
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/fi.yml b/lang/fi.yml
index bdcefef9..5b2dc0e0 100644
--- a/lang/fi.yml
+++ b/lang/fi.yml
@@ -690,3 +690,5 @@ permission_edit_own_issue_notes: Edit own notes
setting_gravatar_enabled: Use Gravatar user icons
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/fr.yml b/lang/fr.yml
index ab34575b..8b2defbd 100644
--- a/lang/fr.yml
+++ b/lang/fr.yml
@@ -270,7 +270,9 @@ permission_manage_boards: Gérer les forums
permission_view_messages: Voir les messages
permission_add_messages: Poster un message
permission_edit_messages: Modifier les messages
+permission_edit_own_messages: Modifier ses propres messages
permission_delete_messages: Supprimer les messages
+permission_delete_won_messages: Supprimer ses propres messages
project_module_issue_tracking: Suivi des demandes
project_module_time_tracking: Suivi du temps passé
diff --git a/lang/he.yml b/lang/he.yml
index 13eab75c..e7f70e7e 100644
--- a/lang/he.yml
+++ b/lang/he.yml
@@ -690,3 +690,5 @@ permission_edit_own_issue_notes: Edit own notes
setting_gravatar_enabled: Use Gravatar user icons
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/hu.yml b/lang/hu.yml
index 1c4afdcd..1d858a4b 100644
--- a/lang/hu.yml
+++ b/lang/hu.yml
@@ -691,3 +691,5 @@ permission_edit_own_issue_notes: Saját jegyzetek szerkesztése
setting_gravatar_enabled: Felhasználói fényképek engedélyezése
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/it.yml b/lang/it.yml
index c6ae84a9..f4427104 100644
--- a/lang/it.yml
+++ b/lang/it.yml
@@ -690,3 +690,5 @@ permission_edit_own_issue_notes: Modifica proprie note
setting_gravatar_enabled: Usa icone utente Gravatar
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/ja.yml b/lang/ja.yml
index 4092584d..347454b5 100644
--- a/lang/ja.yml
+++ b/lang/ja.yml
@@ -691,3 +691,5 @@ permission_edit_own_issue_notes: Edit own notes
setting_gravatar_enabled: Use Gravatar user icons
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/ko.yml b/lang/ko.yml
index 595acfa9..498572f9 100644
--- a/lang/ko.yml
+++ b/lang/ko.yml
@@ -690,3 +690,5 @@ permission_edit_own_issue_notes: Edit own notes
setting_gravatar_enabled: Use Gravatar user icons
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/lt.yml b/lang/lt.yml
index 544cb14f..bcec2b34 100644
--- a/lang/lt.yml
+++ b/lang/lt.yml
@@ -692,3 +692,5 @@ permission_edit_own_issue_notes: Edit own notes
setting_gravatar_enabled: Use Gravatar user icons
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/nl.yml b/lang/nl.yml
index 3434b148..03534196 100644
--- a/lang/nl.yml
+++ b/lang/nl.yml
@@ -692,3 +692,5 @@ permission_edit_own_issue_notes: Edit own notes
setting_gravatar_enabled: Use Gravatar user icons
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/no.yml b/lang/no.yml
index ca056f80..d6779234 100644
--- a/lang/no.yml
+++ b/lang/no.yml
@@ -691,3 +691,5 @@ permission_edit_own_issue_notes: Edit own notes
setting_gravatar_enabled: Use Gravatar user icons
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/pl.yml b/lang/pl.yml
index df7d525d..2a2df834 100644
--- a/lang/pl.yml
+++ b/lang/pl.yml
@@ -725,3 +725,5 @@ setting_gravatar_enabled: Używaj ikon użytkowników Gravatar
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/pt-br.yml b/lang/pt-br.yml
index 13660baa..e1fa0589 100644
--- a/lang/pt-br.yml
+++ b/lang/pt-br.yml
@@ -691,3 +691,5 @@ permission_edit_own_issue_notes: Editar próprias notas
setting_gravatar_enabled: Usar ícones do Gravatar
label_example: Exemplo
text_repository_usernames_mapping: "Seleciona ou atualiza os usuários do Redmine mapeando para cada usuário encontrado no log do repositório.\nUsuários com o mesmo login ou email no Redmine e no repositório serão mapeados automaticamente."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/pt.yml b/lang/pt.yml
index ce1e27a3..310d2c39 100644
--- a/lang/pt.yml
+++ b/lang/pt.yml
@@ -692,3 +692,5 @@ permission_edit_own_issue_notes: Edit own notes
setting_gravatar_enabled: Use Gravatar user icons
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/ro.yml b/lang/ro.yml
index 8890f6e2..cc1d9bc5 100644
--- a/lang/ro.yml
+++ b/lang/ro.yml
@@ -690,3 +690,5 @@ permission_edit_own_issue_notes: Edit own notes
setting_gravatar_enabled: Use Gravatar user icons
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/ru.yml b/lang/ru.yml
index 363386dc..87c3a13c 100644
--- a/lang/ru.yml
+++ b/lang/ru.yml
@@ -723,3 +723,5 @@ text_user_wrote: '%s написал(а):'
text_wiki_destroy_confirmation: Вы уверены, что хотите удалить данную Wiki и все ее содержимое?
text_workflow_edit: Выберите роль и трекер для редактирования последовательности состояний
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/sk.yml b/lang/sk.yml
index 5c53eda2..65a9920e 100644
--- a/lang/sk.yml
+++ b/lang/sk.yml
@@ -695,3 +695,5 @@ permission_edit_own_issue_notes: Editácia vlastných poznámok úlohy
setting_gravatar_enabled: Použitie uživateľských Gravatar ikon
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/sr.yml b/lang/sr.yml
index 54b1e70c..1f555c41 100644
--- a/lang/sr.yml
+++ b/lang/sr.yml
@@ -691,3 +691,5 @@ permission_edit_own_issue_notes: Edit own notes
setting_gravatar_enabled: Use Gravatar user icons
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/sv.yml b/lang/sv.yml
index 76b6e6c3..e5547892 100644
--- a/lang/sv.yml
+++ b/lang/sv.yml
@@ -691,3 +691,5 @@ permission_edit_own_issue_notes: Edit own notes
setting_gravatar_enabled: Use Gravatar user icons
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/th.yml b/lang/th.yml
index fa471101..1d2f4e6a 100644
--- a/lang/th.yml
+++ b/lang/th.yml
@@ -693,3 +693,5 @@ permission_edit_own_issue_notes: Edit own notes
setting_gravatar_enabled: Use Gravatar user icons
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/tr.yml b/lang/tr.yml
index 90d4d5f6..3646baa4 100644
--- a/lang/tr.yml
+++ b/lang/tr.yml
@@ -691,3 +691,5 @@ permission_edit_own_issue_notes: Edit own notes
setting_gravatar_enabled: Use Gravatar user icons
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/uk.yml b/lang/uk.yml
index a7f3f734..55acd3a4 100644
--- a/lang/uk.yml
+++ b/lang/uk.yml
@@ -692,3 +692,5 @@ permission_edit_own_issue_notes: Edit own notes
setting_gravatar_enabled: Use Gravatar user icons
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/vn.yml b/lang/vn.yml
index 81957a53..a0506c39 100644
--- a/lang/vn.yml
+++ b/lang/vn.yml
@@ -691,3 +691,5 @@ permission_edit_time_entries: Edit time logs
permission_edit_own_time_entries: Edit own time logs
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/zh-tw.yml b/lang/zh-tw.yml
index c99e10de..e0a6ee9e 100644
--- a/lang/zh-tw.yml
+++ b/lang/zh-tw.yml
@@ -692,3 +692,5 @@ enumeration_issue_priorities: 項目優先權
enumeration_doc_categories: 文件分類
enumeration_activities: 活動 (時間追蹤)
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lang/zh.yml b/lang/zh.yml
index 10fd1ac0..6da16683 100644
--- a/lang/zh.yml
+++ b/lang/zh.yml
@@ -692,3 +692,5 @@ enumeration_doc_categories: 文档类别
enumeration_activities: 活动(时间跟踪)
label_example: Example
text_repository_usernames_mapping: "Select ou update the Redmine user mapped to each username found in the repository log.\nUsers with the same Redmine and repository username or email are automatically mapped."
+permission_edit_own_messages: Edit own messages
+permission_delete_won_messages: Delete own messages
diff --git a/lib/redmine.rb b/lib/redmine.rb
index b07d8e90..19f0854e 100644
--- a/lib/redmine.rb
+++ b/lib/redmine.rb
@@ -99,7 +99,9 @@ Redmine::AccessControl.map do |map|
map.permission :view_messages, {:boards => [:index, :show], :messages => [:show]}, :public => true
map.permission :add_messages, {:messages => [:new, :reply, :quote]}
map.permission :edit_messages, {:messages => :edit}, :require => :member
+ map.permission :edit_own_messages, {:messages => :edit}, :require => :loggedin
map.permission :delete_messages, {:messages => :destroy}, :require => :member
+ map.permission :delete_own_messages, {:messages => :destroy}, :require => :loggedin
end
end
diff --git a/lib/redmine/default_data/loader.rb b/lib/redmine/default_data/loader.rb
index 1c3b1f93..b7cab56c 100644
--- a/lib/redmine/default_data/loader.rb
+++ b/lib/redmine/default_data/loader.rb
@@ -65,6 +65,7 @@ module Redmine
:edit_wiki_pages,
:delete_wiki_pages,
:add_messages,
+ :edit_own_messages,
:view_files,
:manage_files,
:browse_repository,
@@ -85,6 +86,7 @@ module Redmine
:view_wiki_pages,
:view_wiki_edits,
:add_messages,
+ :edit_own_messages,
:view_files,
:browse_repository,
:view_changesets]
diff --git a/test/fixtures/messages.yml b/test/fixtures/messages.yml
index f82f376c..e578853d 100644
--- a/test/fixtures/messages.yml
+++ b/test/fixtures/messages.yml
@@ -38,8 +38,8 @@ messages_004:
updated_on: 2007-08-12 17:15:32 +02:00
subject: Post 2
id: 4
- replies_count: 1
- last_reply_id: 5
+ replies_count: 2
+ last_reply_id: 6
content: "This is an other post"
author_id:
parent_id:
@@ -55,3 +55,14 @@ messages_005:
author_id: 1
parent_id: 4
board_id: 1
+messages_006:
+ created_on: <%= 2.days.ago.to_date.to_s(:db) %>
+ updated_on: <%= 2.days.ago.to_date.to_s(:db) %>
+ subject: 'RE: post 2'
+ id: 6
+ replies_count: 0
+ last_reply_id:
+ content: "Another reply to the second post"
+ author_id: 3
+ parent_id: 4
+ board_id: 1
diff --git a/test/fixtures/roles.yml b/test/fixtures/roles.yml
index 5bc6809d..d8ae2c81 100644
--- a/test/fixtures/roles.yml
+++ b/test/fixtures/roles.yml
@@ -80,6 +80,8 @@ roles_002:
- :protect_wiki_pages
- :delete_wiki_pages
- :add_messages
+ - :edit_own_messages
+ - :delete_own_messages
- :manage_boards
- :view_files
- :manage_files
diff --git a/test/unit/message_test.rb b/test/unit/message_test.rb
index 6e8e8fb2..b907cfef 100644
--- a/test/unit/message_test.rb
+++ b/test/unit/message_test.rb
@@ -1,7 +1,7 @@
require File.dirname(__FILE__) + '/../test_helper'
class MessageTest < Test::Unit::TestCase
- fixtures :projects, :boards, :messages, :users, :watchers
+ fixtures :projects, :roles, :members, :boards, :messages, :users, :watchers
def setup
@board = Board.find(1)
@@ -76,4 +76,22 @@ class MessageTest < Test::Unit::TestCase
assert_equal topics_count, board.topics_count
assert_equal messages_count - 1, board.messages_count
end
+
+ def test_editable_by
+ message = Message.find(6)
+ author = message.author
+ assert message.editable_by?(author)
+
+ author.role_for_project(message.project).remove_permission!(:edit_own_messages)
+ assert !message.reload.editable_by?(author.reload)
+ end
+
+ def test_destroyable_by
+ message = Message.find(6)
+ author = message.author
+ assert message.destroyable_by?(author)
+
+ author.role_for_project(message.project).remove_permission!(:delete_own_messages)
+ assert !message.reload.destroyable_by?(author.reload)
+ end
end