Project

General

Profile

Download (12.2 KB)

Patch #7444 » issue-permissions-1.0.4.patch

Brian Lindahl, 2011-01-25 19:43

View differences:

redmine-1.0.4-issue-permissions/app/controllers/issues_controller.rb 2011-01-21 16:46:05.469555300 -0700
103 103 
    @changesets = @issue.changesets.visible.all
104 104 
    @changesets.reverse! if User.current.wants_comments_in_reverse_order?
105 105 
    @allowed_statuses = @issue.new_statuses_allowed_to(User.current)
106 
    @edit_allowed = User.current.allowed_to?(:edit_issues, @project)
106 
    @edit_allowed = @issue.editable?
107 
    @edit_planning_allowed = @issue.planning_editable?
107 108 
    @priorities = IssuePriority.all
108 109 
    @time_entry = TimeEntry.new
109 110 
    respond_to do |format|
......
267 268 
  def update_issue_from_params
268 269 
    @allowed_statuses = @issue.new_statuses_allowed_to(User.current)
269 270 
    @priorities = IssuePriority.all
270 
    @edit_allowed = User.current.allowed_to?(:edit_issues, @project)
271 
    @edit_allowed = @issue.editable?
272 
    @edit_planning_allowed = @issue.planning_editable?
271 273 
    @time_entry = TimeEntry.new
272 274
273 275 
    @notes = params[:notes] || (params[:issue].present? ? params[:issue][:notes] : nil)
redmine-1.0.4-issue-permissions/app/models/issue.rb 2011-01-21 16:46:05.469555300 -0700
78 78 
    (usr || User.current).allowed_to?(:view_issues, self.project)
79 79 
  end
80 80
81 
  # Returns true if usr or current user is allowed to edit the issue
82 
  def editable?(usr=nil)
83 
    user = usr || User.current
84 
    return user.allowed_to?(:edit_issues, self.project) ||
85 
            (user.allowed_to?(:edit_own_issues, self.project) && self.assigned_to == user) ||
86 
            (user.allowed_to?(:edit_own_issues, self.project) && self.author == user && self.assigned_to.nil?)
87 
  end
88
89 
  def descr_editable?(usr=nil)
90 
    user = usr || User.current
91 
    return user.allowed_to?(:edit_issues, self.project) ||
92 
            (user.allowed_to?(:edit_own_issues, self.project) && self.author == user && self.assigned_to.nil?)
93 
  end
94 

  		




  
  95
  
    
  def planning_editable?(usr=nil)


  		




  
  96
  
    
    user = usr || User.current


  		




  
  97
  
    
    return editable?(user) && user.allowed_to?(:edit_issue_planning, self.project)


  		




  
  98
  
    
  end


  		




  
  99
  
    
  


  		




  81
  100
  
    
  def after_initialize


  		




  82
  101
  
    
    if new_record?


  		




  83
  102
  
    
      # set default values for new records only


  		












  

    
      redmine-1.0.4-issue-permissions/app/models/mail_handler.rb	2011-01-21 16:46:05.485181000 -0700
    
  





  174
  174
  
    
    return unless issue


  		




  175
  175
  
    
    # check permission


  		




  176
  176
  
    
    unless @@handler_options[:no_permission_check]


  		




  177
  
  
    
      raise UnauthorizedAction unless user.allowed_to?(:add_issue_notes, issue.project) || user.allowed_to?(:edit_issues, issue.project)


  		




  178
  
  
    
      raise UnauthorizedAction unless status.nil? || user.allowed_to?(:edit_issues, issue.project)


  		




  
  177
  
    
      raise UnauthorizedAction unless user.allowed_to?(:add_issue_notes, issue.project)


  		




  
  178
  
    
      raise UnauthorizedAction unless issue.editable?(user)


  		




  
  179
  
    
      raise UnauthorizedAction unless status.nil?


  		




  179
  180
  
    
    end


  		




  180
  181
  
    

  		




  181
  182
  
    
    # add the note


  		












  

    
      redmine-1.0.4-issue-permissions/app/views/issues/_attributes.rhtml	2011-01-21 17:09:38.732206700 -0700
    
  





  8
  8
  
    
<% end %>


  		




  9
  9
  
    

  		




  10
  10
  
    
<p><%= f.select :priority_id, (@priorities.collect {|p| [p.name, p.id]}), {:required => true}, :disabled => !@issue.leaf? %></p>


  		




  11
  
  
    
<p><%= f.select :assigned_to_id, (@issue.assignable_users.collect {|m| [m.name, m.id]}), :include_blank => true %></p>


  		




  
  11
  
    
<p><%= f.select :assigned_to_id, (@issue.assignable_users.collect {|m| [m.name, m.id]}), {:include_blank => true}, :disabled => !@issue.planning_editable? %></p>


  		




  12
  12
  
    
<% unless @project.issue_categories.empty? %>


  		




  13
  13
  
    
<p><%= f.select :category_id, (@project.issue_categories.collect {|c| [c.name, c.id]}), :include_blank => true %>


  		




  14
  14
  
    
<%= prompt_to_remote(image_tag('add.png', :style => 'vertical-align: middle;'),


  		




  ......




  19
  19
  
    
                     :tabindex => 199) if authorize_for('issue_categories', 'new') %></p>


  		




  20
  20
  
    
<% end %>


  		




  21
  21
  
    
<% unless @issue.assignable_versions.empty? %>


  		




  22
  
  
    
<p><%= f.select :fixed_version_id, version_options_for_select(@issue.assignable_versions, @issue.fixed_version), :include_blank => true %>


  		




  
  22
  
    
<p><%= f.select :fixed_version_id, version_options_for_select(@issue.assignable_versions, @issue.fixed_version), {:include_blank => true}, :disabled => !@issue.planning_editable? %>


  		




  23
  23
  
    
<%= prompt_to_remote(image_tag('add.png', :style => 'vertical-align: middle;'),


  		




  24
  24
  
    
                     l(:label_version_new),


  		




  25
  25
  
    
                     'version[name]', 


  		




  ......




  31
  31
  
    
</div>


  		




  32
  32
  
    

  		




  33
  33
  
    
<div class="splitcontentright">


  		




  34
  
  
    
<p><%= f.text_field :start_date, :size => 10, :disabled => !@issue.leaf? %><%= calendar_for('issue_start_date') if @issue.leaf? %></p>


  		




  35
  
  
    
<p><%= f.text_field :due_date, :size => 10, :disabled => !@issue.leaf? %><%= calendar_for('issue_due_date') if @issue.leaf? %></p>


  		




  36
  
  
    
<p><%= f.text_field :estimated_hours, :size => 3, :disabled => !@issue.leaf? %> <%= l(:field_hours) %></p>


  		




  
  34
  
    
<p><%= f.text_field :start_date, :size => 10, :disabled => !@issue.leaf? || !@issue.planning_editable? %><%= calendar_for('issue_start_date') if @issue.leaf? && @issue.planning_editable? %></p>


  		




  
  35
  
    
<p><%= f.text_field :due_date, :size => 10, :disabled => !@issue.leaf? || !@issue.planning_editable? %><%= calendar_for('issue_due_date') if @issue.leaf? && @issue.planning_editable? %></p>


  		




  
  36
  
    
<p><%= f.text_field :estimated_hours, :size => 3, :disabled => !@issue.leaf? || !@issue.planning_editable? %> <%= l(:field_hours) %></p>


  		




  37
  37
  
    
<% if @issue.leaf? && Issue.use_field_for_done_ratio? %>


  		




  38
  
  
    
<p><%= f.select :done_ratio, ((0..10).to_a.collect {|r| ["#{r*10} %", r*10] }) %></p>


  		




  
  38
  
    
<p><%= f.select :done_ratio, ((0..10).to_a.collect {|r| ["#{r*10} %", r*10] }), {},:disabled => !@issue.planning_editable? %></p>


  		




  39
  39
  
    
<% end %>


  		




  40
  40
  
    
</div>


  		




  41
  41
  
    

  		












  

    
      redmine-1.0.4-issue-permissions/app/views/issues/_edit.rhtml	2011-01-21 16:46:05.500806700 -0700
    
  





  6
  6
  
    
                                       :multipart => true} do |f| %>


  		




  7
  7
  
    
    <%= error_messages_for 'issue', 'time_entry' %>


  		




  8
  8
  
    
    <div class="box">


  		




  9
  
  
    
    <% if @edit_allowed || !@allowed_statuses.empty? %>


  		




  
  9
  
    
    <% if @edit_allowed %>


  		




  10
  10
  
    
        <fieldset class="tabular"><legend><%= l(:label_change_properties) %>


  		




  11
  
  
    
        <% if !@issue.new_record? && !@issue.errors.any? && @edit_allowed %>


  		




  
  11
  
    
        <% if !@issue.new_record? && !@issue.errors.any? && @issue.descr_editable? %>


  		




  12
  12
  
    
        <small>(<%= link_to l(:label_more), {}, :onclick => 'Effect.toggle("issue_descr_fields", "appear", {duration:0.3}); return false;' %>)</small>


  		




  13
  13
  
    
        <% end %>


  		




  14
  14
  
    
        </legend>


  		




  15
  
  
    
        <%= render :partial => (@edit_allowed ? 'form' : 'form_update'), :locals => {:f => f} %>


  		




  
  15
  
    
        <%= render :partial => 'form', :locals => {:f => f} %>


  		




  16
  16
  
    
        </fieldset>


  		




  17
  17
  
    
    <% end %>


  		




  18
  18
  
    
    <% if authorize_for('timelog', 'edit') %>


  		












  

    
      redmine-1.0.4-issue-permissions/app/views/issues/_form_update.rhtml	2011-01-21 16:46:05.516432400 -0700
    
  





  1
  1
  
    
<div class="attributes">


  		




  2
  2
  
    
<div class="splitcontentleft">


  		




  3
  3
  
    
<p><%= f.select :status_id, (@allowed_statuses.collect {|p| [p.name, p.id]}), :required => true %></p>


  		




  4
  
  
    
<p><%= f.select :assigned_to_id, (@issue.assignable_users.collect {|m| [m.name, m.id]}), :include_blank => true %></p>


  		




  
  4
  
    
<p><%= f.select :assigned_to_id, (@issue.assignable_users.collect {|m| [m.name, m.id]}), :include_blank => true, :disabled => !@issue.planning_editable? %></p>


  		




  5
  5
  
    
</div>


  		




  6
  6
  
    
<div class="splitcontentright">


  		




  7
  7
  
    
<% if Issue.use_field_for_done_ratio? %>


  		




  8
  
  
    
<p><%= f.select :done_ratio, ((0..10).to_a.collect {|r| ["#{r*10} %", r*10] }) %></p>


  		




  
  8
  
    
<p><%= f.select :done_ratio, ((0..10).to_a.collect {|r| ["#{r*10} %", r*10]}), :disabled => !@issue.planning_editable? %></p>


  		




  9
  9
  
    
<% end %>


  		




  10
  
  
    
<% unless @issue.assignable_versions.empty? %>


  		




  11
  
  
    
<p><%= f.select :fixed_version_id, (@issue.assignable_versions.collect {|v| [v.name, v.id]}), :include_blank => true %></p>


  		




  
  10
  
    
<% unless @issue.fixed_assignable_versions.empty? %>


  		




  
  11
  
    
<p><%= f.select :fixed_version_id, (@issue.fixed_assignable_versions.collect {|v| [v.name, v.id]}), :include_blank => true, :disabled => !@issue.planning_editable? %></p>


  		




  12
  12
  
    
<% end %>


  		




  13
  13
  
    
</div>


  		




  14
  14
  
    
</div>


  		












  

    
      redmine-1.0.4-issue-permissions/config/locales/en.yml	2011-01-21 16:46:05.516432400 -0700
    
  





  362
  362
  
    
  permission_view_issues: View Issues


  		




  363
  363
  
    
  permission_add_issues: Add issues


  		




  364
  364
  
    
  permission_edit_issues: Edit issues


  		




  
  365
  
    
  permission_edit_own_issues: Edit own issues


  		




  
  366
  
    
  permission_edit_issue_planning: Edit issue planning


  		




  365
  367
  
    
  permission_manage_issue_relations: Manage issue relations


  		




  366
  368
  
    
  permission_add_issue_notes: Add notes


  		




  367
  369
  
    
  permission_edit_issue_notes: Edit notes


  		












  

    
      redmine-1.0.4-issue-permissions/lib/redmine/default_data/loader.rb	2011-01-21 16:46:05.532058100 -0700
    
  





  52
  52
  
    
                                                      :view_issues,


  		




  53
  53
  
    
                                                      :add_issues,


  		




  54
  54
  
    
                                                      :edit_issues,


  		




  
  55
  
    
                                                      :edit_issue_planning,


  		




  55
  56
  
    
                                                      :manage_issue_relations,


  		




  56
  57
  
    
                                                      :manage_subtasks,


  		




  57
  58
  
    
                                                      :add_issue_notes,


  		




  ......




  79
  80
  
    
                                    :permissions => [:view_issues,


  		




  80
  81
  
    
                                                    :add_issues,


  		




  81
  82
  
    
                                                    :add_issue_notes,


  		




  
  83
  
    
                                                    :edit_own_issues,


  		




  82
  84
  
    
                                                    :save_queries,


  		




  83
  85
  
    
                                                    :view_gantt,


  		




  84
  86
  
    
                                                    :view_calendar,


  		












  

    
      redmine-1.0.4-issue-permissions/lib/redmine.rb	2011-01-21 16:46:05.532058100 -0700
    
  





  66
  66
  
    
                                  :reports => [:issue_report, :issue_report_details]}


  		




  67
  67
  
    
    map.permission :add_issues, {:issues => [:new, :create, :update_form]}


  		




  68
  68
  
    
    map.permission :edit_issues, {:issues => [:edit, :update, :bulk_edit, :bulk_update, :update_form], :journals => [:new]}


  		




  
  69
  
    
    map.permission :edit_own_issues, {:issues => [:edit, :update, :bulk_edit, :bulk_update, :update_form], :journals => [:new]}


  		




  
  70
  
    
    map.permission :edit_issue_planning, {:issues => [:edit, :update, :bulk_edit, :bulk_update, :update_form], :journals => [:new]}


  		




  69
  71
  
    
    map.permission :manage_issue_relations, {:issue_relations => [:new, :destroy]}


  		




  70
  72
  
    
    map.permission :manage_subtasks, {}


  		




  71
  73
  
    
    map.permission :add_issue_notes, {:issues => [:edit, :update], :journals => [:new]}


  		















  (1-1/4)