diff --git a/app/models/project.rb b/app/models/project.rb index 30f3be5ba..88d1c6eb5 100644 --- a/app/models/project.rb +++ b/app/models/project.rb @@ -870,6 +870,13 @@ class Project < ActiveRecord::Base end end + def visible_custom_field_values(user = nil) + user ||= User.current + custom_field_values.select do |value| + value.custom_field.visible_by?(project, user) + end + end + private def update_inherited_members diff --git a/app/models/project_custom_field.rb b/app/models/project_custom_field.rb index 92e7c9a56..a4dde39d5 100644 --- a/app/models/project_custom_field.rb +++ b/app/models/project_custom_field.rb @@ -22,6 +22,10 @@ class ProjectCustomField < CustomField :label_project_plural end + def visible_by?(project, user=User.current) + super || (roles & user.roles_for_project(project)).present? + end + def visibility_by_project_condition(project_key=nil, user=User.current, id_column=nil) project_key ||= "#{Project.table_name}.id" super(project_key, user, id_column) diff --git a/app/views/custom_fields/_form.html.erb b/app/views/custom_fields/_form.html.erb index 97d39f96b..deb000297 100644 --- a/app/views/custom_fields/_form.html.erb +++ b/app/views/custom_fields/_form.html.erb @@ -34,7 +34,7 @@

<%= f.check_box :is_required %>

- <% if %w(UserCustomField ProjectCustomField).include?(@custom_field.class.name) %> + <% if %w(UserCustomField).include?(@custom_field.class.name) %>

<%= f.check_box :visible %>

<% end %> @@ -53,7 +53,7 @@ <%= call_hook(:"view_custom_fields_form_#{@custom_field.type.to_s.underscore}", :custom_field => @custom_field, :form => f) %>
- <% if %w(IssueCustomField TimeEntryCustomField).include?(@custom_field.class.name) %> + <% if %w(IssueCustomField TimeEntryCustomField ProjectCustomField).include?(@custom_field.class.name) %> <%= render :partial => 'visibility_by_role_selector', :locals => { :f => f } %> <% end %> diff --git a/app/views/projects/_form.html.erb b/app/views/projects/_form.html.erb index fc758f4e9..7c988fb0e 100644 --- a/app/views/projects/_form.html.erb +++ b/app/views/projects/_form.html.erb @@ -25,7 +25,7 @@ <%= wikitoolbar_for 'project_description' %> -<% @project.custom_field_values.each do |value| %> +<% @project.visible_custom_field_values.each do |value| %>

<%= custom_field_tag_with_label :project, value %>

<% end %> <%= call_hook(:view_projects_form, :project => @project, :form => f) %> diff --git a/test/functional/custom_fields_controller_test.rb b/test/functional/custom_fields_controller_test.rb index e59d408ef..101a4c34f 100644 --- a/test/functional/custom_fields_controller_test.rb +++ b/test/functional/custom_fields_controller_test.rb @@ -126,6 +126,26 @@ class CustomFieldsControllerTest < Redmine::ControllerTest end end + def test_new_project_custom_field + get :new, :params => { + :type => 'ProjectCustomField' + } + assert_response :success + + assert_select 'form#custom_field_form' do + assert_select 'select#custom_field_field_format[name=?]', 'custom_field[field_format]' do + assert_select 'option[value=user]', :text => 'User' + assert_select 'option[value=version]', :text => 'Version' + end + + # Visibility + assert_select 'input[type=radio][name=?]', 'custom_field[visible]', 2 + assert_select 'input[type=checkbox][name=?]', 'custom_field[role_ids][]', 3 + + assert_select 'input[type=hidden][name=type][value=ProjectCustomField]' + end + end + def test_new_time_entry_custom_field_should_not_show_trackers_and_projects get :new, :params => { :type => 'TimeEntryCustomField' diff --git a/test/functional/projects_controller_test.rb b/test/functional/projects_controller_test.rb index 389ad6c8a..63159ab90 100644 --- a/test/functional/projects_controller_test.rb +++ b/test/functional/projects_controller_test.rb @@ -726,6 +726,18 @@ class ProjectsControllerTest < Redmine::ControllerTest assert_select 'a#tab-activities' end + def test_settings_should_not_display_custom_fields_not_visible_for_user + @request.session[:user_id] = 2 + + ProjectCustomField.find_by_name('Development status').update_attribute :visible, false + get :settings, :params => { + :id => 'ecookbook' + } + assert_response :success + + assert_select 'select#project_custom_field_values_3', :count => 0 + end + def test_update @request.session[:user_id] = 2 # manager post :update, :params => {