Patch #7444 » issue-permissions-1.1.0.patch
redmine-1.1.0-issue-permissions/app/controllers/issues_controller.rb 2011-01-26 12:48:09.316908000 -0700 | ||
---|---|---|
109 | 109 |
@changesets = @issue.changesets.visible.all |
110 | 110 |
@changesets.reverse! if User.current.wants_comments_in_reverse_order? |
111 | 111 |
@allowed_statuses = @issue.new_statuses_allowed_to(User.current) |
112 |
@edit_allowed = User.current.allowed_to?(:edit_issues, @project) |
|
113 | 112 |
@priorities = IssuePriority.all |
114 | 113 |
@time_entry = TimeEntry.new |
115 | 114 |
respond_to do |format| |
... | ... | |
263 | 262 |
def update_issue_from_params |
264 | 263 |
@allowed_statuses = @issue.new_statuses_allowed_to(User.current) |
265 | 264 |
@priorities = IssuePriority.all |
266 |
@edit_allowed = User.current.allowed_to?(:edit_issues, @project) |
|
267 | 265 |
@time_entry = TimeEntry.new |
268 | 266 |
@time_entry.attributes = params[:time_entry] |
269 | 267 |
|
redmine-1.1.0-issue-permissions/app/models/issue.rb 2011-01-26 13:35:08.228443600 -0700 | ||
---|---|---|
97 | 97 |
(usr || User.current).allowed_to?(:view_issues, self.project) |
98 | 98 |
end |
99 | 99 |
|
100 |
# Returns true if usr or current user is allowed to edit the issue |
|
101 |
def editable?(usr=nil) |
|
102 |
user = usr || User.current |
|
103 |
return new_record? || |
|
104 |
user.allowed_to?(:edit_issues, self.project) || |
|
105 |
(user.allowed_to?(:edit_assigned_issues, self.project) && self.assigned_to == user) || |
|
106 |
(user.allowed_to?(:edit_authored_issues, self.project) && self.author == user && (self.assigned_to.nil? || |
|
107 |
self.assigned_to == user || |
|
108 |
self.closed?)) |
|
109 |
end |
|
110 |
|
|
111 |
# Returns true if usr or current user is allowed to edit the description and subject |
|
112 |
def descr_editable?(usr=nil) |
|
113 |
user = usr || User.current |
|
114 |
return new_record? || |
|
115 |
user.allowed_to?(:edit_issues, self.project) || |
|
116 |
(user.allowed_to?(:edit_authored_issues, self.project) && self.author == user && self.assigned_to.nil?) |
|
117 |
end |
|
118 |
|
|
119 |
# Returns true if usr or current user is allowed to edit the progress of an issue |
|
120 |
def progress_editable?(usr=nil) |
|
121 |
user = usr || User.current |
|
122 |
return user.allowed_to?(:edit_issue_progress, self.project) |
|
123 |
end |
|
124 |
|
|
125 |
# Returns true if usr or current user is allowed to edit the planning of an issue |
|
126 |
def planning_editable?(usr=nil) |
|
127 |
user = usr || User.current |
|
128 |
return user.allowed_to?(:edit_issue_planning, self.project) |
|
129 |
end |
|
130 |
|
|
100 | 131 |
def after_initialize |
101 | 132 |
if new_record? |
102 | 133 |
# set default values for new records only |
... | ... | |
215 | 246 |
def estimated_hours=(h) |
216 | 247 |
write_attribute :estimated_hours, (h.is_a?(String) ? h.to_hours : h) |
217 | 248 |
end |
218 | 249 |
|
250 |
safe_attributes 'subject', |
|
251 |
'description', |
|
252 |
:if => lambda {|issue, user| issue.descr_editable?(user)} |
|
253 |
|
|
254 |
safe_attributes 'parent_issue_id', |
|
255 |
:if => lambda {|issue, user| user.allowed_to?(:manage_subtasks, issue.project)} |
|
256 |
|
|
219 | 257 |
safe_attributes 'tracker_id', |
220 | 258 |
'status_id', |
221 |
'parent_issue_id', |
|
222 | 259 |
'category_id', |
223 |
'assigned_to_id', |
|
260 |
'custom_field_values', |
|
261 |
'custom_fields', |
|
262 |
'lock_version', |
|
263 |
:if => lambda {|issue, user| issue.new_record? || issue.editable?(user) } |
|
264 |
|
|
265 |
safe_attributes 'assigned_to_id', |
|
224 | 266 |
'priority_id', |
225 | 267 |
'fixed_version_id', |
226 |
'subject', |
|
227 |
'description', |
|
228 | 268 |
'start_date', |
229 | 269 |
'due_date', |
230 |
'done_ratio', |
|
270 |
:if => lambda {|issue, user| issue.planning_editable?(user)} |
|
271 |
|
|
272 |
safe_attributes 'done_ratio', |
|
231 | 273 |
'estimated_hours', |
232 |
'custom_field_values', |
|
233 |
'custom_fields', |
|
234 |
'lock_version', |
|
235 |
:if => lambda {|issue, user| issue.new_record? || user.allowed_to?(:edit_issues, issue.project) } |
|
236 |
|
|
274 |
:if => lambda {|issue, user| issue.progress_editable?(user)} |
|
275 |
|
|
237 | 276 |
safe_attributes 'status_id', |
238 |
'assigned_to_id', |
|
239 |
'fixed_version_id', |
|
240 |
'done_ratio', |
|
241 | 277 |
:if => lambda {|issue, user| issue.new_statuses_allowed_to(user).any? } |
242 | 278 |
|
243 | 279 |
# Safely sets attributes |
redmine-1.1.0-issue-permissions/app/models/mail_handler.rb 2011-01-26 12:43:13.725049800 -0700 | ||
---|---|---|
145 | 145 |
return unless issue |
146 | 146 |
# check permission |
147 | 147 |
unless @@handler_options[:no_permission_check] |
148 |
raise UnauthorizedAction unless user.allowed_to?(:add_issue_notes, issue.project) || user.allowed_to?(:edit_issues, issue.project)
|
|
148 |
raise UnauthorizedAction unless user.allowed_to?(:add_issue_notes, issue.project) || issue.editable?(user)
|
|
149 | 149 |
end |
150 | 150 |
|
151 | 151 |
# ignore CLI-supplied defaults for new issues |
redmine-1.1.0-issue-permissions/app/views/issues/_attributes.rhtml 2011-01-26 12:43:13.740674700 -0700 | ||
---|---|---|
7 | 7 |
<p><label><%= l(:field_status) %></label> <%= @issue.status.name %></p> |
8 | 8 |
<% end %> |
9 | 9 |
|
10 |
<p><%= f.select :priority_id, (@priorities.collect {|p| [p.name, p.id]}), {:required => true}, :disabled => !@issue.leaf? %></p> |
|
11 |
<p><%= f.select :assigned_to_id, (@issue.assignable_users.collect {|m| [m.name, m.id]}), :include_blank => true %></p>
|
|
10 |
<p><%= f.select :priority_id, (@priorities.collect {|p| [p.name, p.id]}), {:required => true}, :disabled => !@issue.leaf? || !@issue.planning_editable? %></p>
|
|
11 |
<p><%= f.select :assigned_to_id, (@issue.assignable_users.collect {|m| [m.name, m.id]}), {:include_blank => true}, :disabled => !@issue.planning_editable? %></p>
|
|
12 | 12 |
<% unless @project.issue_categories.empty? %> |
13 | 13 |
<p><%= f.select :category_id, (@project.issue_categories.collect {|c| [c.name, c.id]}), :include_blank => true %> |
14 | 14 |
<%= prompt_to_remote(image_tag('add.png', :style => 'vertical-align: middle;'), |
... | ... | |
19 | 19 |
:tabindex => 199) if authorize_for('issue_categories', 'new') %></p> |
20 | 20 |
<% end %> |
21 | 21 |
<% unless @issue.assignable_versions.empty? %> |
22 |
<p><%= f.select :fixed_version_id, version_options_for_select(@issue.assignable_versions, @issue.fixed_version), :include_blank => true %>
|
|
22 |
<p><%= f.select :fixed_version_id, version_options_for_select(@issue.assignable_versions, @issue.fixed_version), {:include_blank => true}, :disabled => !@issue.planning_editable? %>
|
|
23 | 23 |
<%= prompt_to_remote(image_tag('add.png', :style => 'vertical-align: middle;'), |
24 | 24 |
l(:label_version_new), |
25 | 25 |
'version[name]', |
... | ... | |
31 | 31 |
</div> |
32 | 32 |
|
33 | 33 |
<div class="splitcontentright"> |
34 |
<p><%= f.text_field :start_date, :size => 10, :disabled => !@issue.leaf? %><%= calendar_for('issue_start_date') if @issue.leaf? %></p>
|
|
35 |
<p><%= f.text_field :due_date, :size => 10, :disabled => !@issue.leaf? %><%= calendar_for('issue_due_date') if @issue.leaf? %></p>
|
|
36 |
<p><%= f.text_field :estimated_hours, :size => 3, :disabled => !@issue.leaf? %> <%= l(:field_hours) %></p> |
|
34 |
<p><%= f.text_field :start_date, :size => 10, :disabled => !@issue.leaf? || !@issue.planning_editable? %><%= calendar_for('issue_start_date') if @issue.leaf? && @issue.planning_editable? %></p>
|
|
35 |
<p><%= f.text_field :due_date, :size => 10, :disabled => !@issue.leaf? || !@issue.planning_editable? %><%= calendar_for('issue_due_date') if @issue.leaf? && @issue.planning_editable? %></p>
|
|
36 |
<p><%= f.text_field :estimated_hours, :size => 3, :disabled => !@issue.leaf? || !@issue.progress_editable? %> <%= l(:field_hours) %></p>
|
|
37 | 37 |
<% if @issue.leaf? && Issue.use_field_for_done_ratio? %> |
38 |
<p><%= f.select :done_ratio, ((0..10).to_a.collect {|r| ["#{r*10} %", r*10] }) %></p> |
|
38 |
<p><%= f.select :done_ratio, ((0..10).to_a.collect {|r| ["#{r*10} %", r*10] }), {},:disabled => !@issue.progress_editable? %></p>
|
|
39 | 39 |
<% end %> |
40 | 40 |
</div> |
41 | 41 |
|
redmine-1.1.0-issue-permissions/app/views/issues/_edit.rhtml 2011-01-26 12:43:13.756299600 -0700 | ||
---|---|---|
6 | 6 |
:multipart => true} do |f| %> |
7 | 7 |
<%= error_messages_for 'issue', 'time_entry' %> |
8 | 8 |
<div class="box"> |
9 |
<% if @edit_allowed || !@allowed_statuses.empty? %>
|
|
9 |
<% if @issue.editable? || (!@allowed_statuses.empty? && @issue.assigned_to == User.current) %>
|
|
10 | 10 |
<fieldset class="tabular"><legend><%= l(:label_change_properties) %> |
11 |
<% if !@issue.new_record? && !@issue.errors.any? && @edit_allowed %>
|
|
11 |
<% if !@issue.new_record? && !@issue.errors.any? && @issue.descr_editable? %>
|
|
12 | 12 |
<small>(<%= link_to l(:label_more), {}, :onclick => 'Effect.toggle("issue_descr_fields", "appear", {duration:0.3}); return false;' %>)</small> |
13 | 13 |
<% end %> |
14 | 14 |
</legend> |
15 |
<%= render :partial => (@edit_allowed ? 'form' : 'form_update'), :locals => {:f => f} %>
|
|
15 |
<%= render :partial => (@issue.editable? ? 'form' : 'form_update'), :locals => {:f => f} %>
|
|
16 | 16 |
</fieldset> |
17 | 17 |
<% end %> |
18 | 18 |
<% if authorize_for('timelog', 'edit') %> |
redmine-1.1.0-issue-permissions/app/views/issues/_form_update.rhtml 2011-01-26 13:25:57.771139800 -0700 | ||
---|---|---|
1 | 1 |
<div class="attributes"> |
2 | 2 |
<div class="splitcontentleft"> |
3 | 3 |
<p><%= f.select :status_id, (@allowed_statuses.collect {|p| [p.name, p.id]}), :required => true %></p> |
4 |
<p><%= f.select :assigned_to_id, (@issue.assignable_users.collect {|m| [m.name, m.id]}), :include_blank => true %></p>
|
|
4 |
<p><%= f.select :assigned_to_id, (@issue.assignable_users.collect {|m| [m.name, m.id]}), {:include_blank => true}, :disabled => !@issue.planning_editable? %></p>
|
|
5 | 5 |
</div> |
6 | 6 |
<div class="splitcontentright"> |
7 | 7 |
<% if Issue.use_field_for_done_ratio? %> |
8 |
<p><%= f.select :done_ratio, ((0..10).to_a.collect {|r| ["#{r*10} %", r*10] }) %></p>
|
|
8 |
<p><%= f.select :done_ratio, ((0..10).to_a.collect {|r| ["#{r*10} %", r*10]}), {}, :disabled => !@issue.progress_editable? %></p>
|
|
9 | 9 |
<% end %> |
10 | 10 |
<% unless @issue.assignable_versions.empty? %> |
11 |
<p><%= f.select :fixed_version_id, (@issue.assignable_versions.collect {|v| [v.name, v.id]}), :include_blank => true %></p>
|
|
11 |
<p><%= f.select :fixed_version_id, (@issue.assignable_versions.collect {|v| [v.name, v.id]}), {:include_blank => true}, :disabled => !@issue.planning_editable? %></p>
|
|
12 | 12 |
<% end %> |
13 | 13 |
</div> |
14 | 14 |
</div> |
redmine-1.1.0-issue-permissions/config/locales/en.yml 2011-01-26 12:49:51.175631100 -0700 | ||
---|---|---|
373 | 373 |
permission_manage_categories: Manage issue categories |
374 | 374 |
permission_view_issues: View Issues |
375 | 375 |
permission_add_issues: Add issues |
376 |
permission_edit_issues: Edit issues |
|
376 |
permission_edit_issues: Edit all issues |
|
377 |
permission_edit_authored_issues: Edit authored issues |
|
378 |
permission_edit_assigned_issues: Edit assigned issues |
|
379 |
permission_edit_issue_progress: Edit issue progress |
|
380 |
permission_edit_issue_planning: Edit issue planning |
|
377 | 381 |
permission_manage_issue_relations: Manage issue relations |
378 | 382 |
permission_add_issue_notes: Add notes |
379 | 383 |
permission_edit_issue_notes: Edit notes |
redmine-1.1.0-issue-permissions/lib/redmine/default_data/loader.rb 2011-01-26 12:51:10.128250800 -0700 | ||
---|---|---|
51 | 51 |
:manage_categories, |
52 | 52 |
:view_issues, |
53 | 53 |
:add_issues, |
54 |
:edit_issues, |
|
54 |
:edit_authored_issues, |
|
55 |
:edit_assigned_issues, |
|
56 |
:edit_issue_progress, |
|
55 | 57 |
:manage_issue_relations, |
56 | 58 |
:manage_subtasks, |
57 | 59 |
:add_issue_notes, |
... | ... | |
79 | 81 |
:permissions => [:view_issues, |
80 | 82 |
:add_issues, |
81 | 83 |
:add_issue_notes, |
84 |
:edit_authored_issues, |
|
82 | 85 |
:save_queries, |
83 | 86 |
:view_gantt, |
84 | 87 |
:view_calendar, |
redmine-1.1.0-issue-permissions/lib/redmine.rb 2011-01-26 12:50:48.675263100 -0700 | ||
---|---|---|
67 | 67 |
:reports => [:issue_report, :issue_report_details]} |
68 | 68 |
map.permission :add_issues, {:issues => [:new, :create, :update_form]} |
69 | 69 |
map.permission :edit_issues, {:issues => [:edit, :update, :bulk_edit, :bulk_update, :update_form], :journals => [:new]} |
70 |
map.permission :edit_authored_issues, {:issues => [:edit, :update, :bulk_edit, :bulk_update, :update_form], :journals => [:new]} |
|
71 |
map.permission :edit_assigned_issues, {:issues => [:edit, :update, :bulk_edit, :bulk_update, :update_form], :journals => [:new]} |
|
72 |
map.permission :edit_issue_progress, {:issues => [:edit, :update, :bulk_edit, :bulk_update, :update_form], :journals => [:new]} |
|
73 |
map.permission :edit_issue_planning, {:issues => [:edit, :update, :bulk_edit, :bulk_update, :update_form], :journals => [:new]} |
|
70 | 74 |
map.permission :manage_issue_relations, {:issue_relations => [:new, :destroy]} |
71 | 75 |
map.permission :manage_subtasks, {} |
72 | 76 |
map.permission :add_issue_notes, {:issues => [:edit, :update], :journals => [:new]} |