Actions
Defect #10949
closed
"User.current.allowed_to" does not consider the role permission when the user is administrator
Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Permissions and roles
Target version:
-
Start date:
Due date:
% Done:
0%
Estimated time:
Resolution:
Wont fix
Affected version:
Description
Hi,
I try to create an advanced plugin like the "field_permission" plugin.
I've set a permission, let's say "view_description" in my init.rb
Then in the "_form.html.erb" I've put this code in order to filter the description block:
<% if not User.current.allowed_to?(:view_description, @project, :global => true).nil? %>
<% if @issue.safe_attribute? 'description' %>
<p>
<label><%= l(:field_description) %></label>
<%= link_to_function image_tag('edit.png'),
'Element.hide(this); Effect.toggle("issue_description_and_toolbar", "appear", {duration:0.3})' unless @issue.new_record? %>
<%= content_tag 'span', :id => "issue_description_and_toolbar", :style => (@issue.new_record? ? nil : 'display:none') do %>
<%= f.text_area :description,
:cols => 60,
:rows => (@issue.description.blank? ? 10 : [[10, @issue.description.length / 50].max, 100].min),
:accesskey => accesskey(:edit),
:class => 'wiki-edit',
:no_label => true %>
<% end %>
</p>
<% end %>
- that normal accounts respond to the if statement correctly depending if they have the permission or not. This is ok
- admin accounts, with role that applies, do not take in consideration this filter and the
allowed_tomethod always respond true and do not correspond to theview_descriptionpermission.
- Redmine version: 2.0.0.stable
- Ruby version: 1.8.7 (x86_64-linux)
- Rails version: 3.2.3
- Environment: production
- Database adapter: MySQL
Updated by 
Updated by 
Updated by 
Updated by
Actions