Project

General

Profile

Actions

Patch #24623

open

Implements CRUD permissions and restrictions to issue attachments

Added by Frederico Camara almost 8 years ago. Updated over 2 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Attachments
Start date:
Due date:
% Done:

0%

Estimated time:

Description

If anyone could help implement the test cases, I think this would be a great feature to Redmine.

Test applying the patch from Redmine directory:

patch --dry-run -p1 < atta.version

Then apply:

patch -p1 < atta.version

Patches added to redmine 3.1/3.2, 3.3 and current master.

Patch details:

Permissions:
  • lib/redmine.rb
Permission to view/delete:
  • app/models/issue.rb
  • app/models/journal.rb
  • app/views/issues/show.api.rsb
  • app/views/issues/show.html.erb
  • lib/redmine/export/pdf/issues_pdf_helper.rb
  • lib/plugins/acts_as_searchable/lib/acts_as_searchable.rb
Permission to edit (add):
  • app/views/issues/new.html.erb
  • app/views/issues/_edit.html.erb
Permission to copy (view from, edit to):
  • app/controllers/issues_controller.rb
  • app/models/issue.rb
Mailer restrictions:
  • app/models/mailer.rb
  • app/views/mailer/_issue.html.erb
  • app/views/mailer/_issue.text.erb
Translation:
  • config/locales/en.yml
  • config/locales/pt-BR.yml
Migration:
  • db/migrate/20161215142110_add_attachments_permissions.rb

Files

atta.3.2 (14.5 KB) atta.3.2 Redmine 3.2-stable (works with 3.1) Frederico Camara, 2016-12-15 19:28
atta.3.3 (14.7 KB) atta.3.3 Redmine 3.3-stable Frederico Camara, 2016-12-15 19:28
atta.master (14.8 KB) atta.master Redmine (master) Frederico Camara, 2016-12-15 19:28
img-2017-03-28-12-12-22.png (31.5 KB) img-2017-03-28-12-12-22.png Ilya Ternovoy, 2017-03-28 11:16
img-2017-03-28-12-15-45.png (59.3 KB) img-2017-03-28-12-15-45.png Ilya Ternovoy, 2017-03-28 11:16
img-2017-03-28-15-42-51.png (60.5 KB) img-2017-03-28-15-42-51.png Ilya Ternovoy, 2017-03-28 14:48
Captura de tela de 2017-04-25 11-45-32.png (49.6 KB) Captura de tela de 2017-04-25 11-45-32.png Issue Permissions Frederico Camara, 2017-04-25 17:00
Screenshot from 2018-05-24 11-46-47.png (131 KB) Screenshot from 2018-05-24 11-46-47.png atta.3.3 Nothing Ctrl, 2018-05-24 06:47
Screenshot from 2018-05-24 11-46-55.png (131 KB) Screenshot from 2018-05-24 11-46-55.png atta.master Nothing Ctrl, 2018-05-24 06:47
atta.3.4 (14.5 KB) atta.3.4 Redmine 3.4-stable Frederico Camara, 2018-05-28 13:53
atta.4.0.patch (13.9 KB) atta.4.0.patch patch for 4.0-stable Piko Tao, 2019-06-27 06:42
0015-Implements-permissions-and-restrictions-to-issue-att.patch (27.5 KB) 0015-Implements-permissions-and-restrictions-to-issue-att.patch for Redmine 4.0 (see notes) Frederico Camara, 2019-11-21 13:58
0015-Implements-permissions-and-restrictions-to-issue-att.patch (21.4 KB) 0015-Implements-permissions-and-restrictions-to-issue-att.patch for Redmine 4.1 Frederico Camara, 2020-02-26 19:56
0015-Implements-permissions-and-restrictions-to-issue-att-fix-4.0.patch (28.2 KB) 0015-Implements-permissions-and-restrictions-to-issue-att-fix-4.0.patch For Redmine 4.0 Frederico Camara, 2020-05-28 23:26
0015-Implements-permissions-and-restrictions-to-issue-att-fix-4.1.patch (22 KB) 0015-Implements-permissions-and-restrictions-to-issue-att-fix-4.1.patch For Redmine 4.1 Frederico Camara, 2020-05-28 23:26
0015-Implements-permissions-and-restrictions-to-issue-att-fix2-4.0.patch (28.6 KB) 0015-Implements-permissions-and-restrictions-to-issue-att-fix2-4.0.patch For Redmine 4.0 Frederico Camara, 2020-05-29 04:19
0015-Implements-permissions-and-restrictions-to-issue-att-fix2-4.1.patch (22.6 KB) 0015-Implements-permissions-and-restrictions-to-issue-att-fix2-4.1.patch For Redmine 4.1 Frederico Camara, 2020-05-29 04:19
0015-Implements-permissions-and-restrictions-to-issue-att-fix3-4.0.patch (28.7 KB) 0015-Implements-permissions-and-restrictions-to-issue-att-fix3-4.0.patch For Redmine 4.0 Frederico Camara, 2020-05-29 13:58

Related issues

Is duplicate of Redmine - Feature #4362: Permissions on attachmentsNew2009-12-08

Actions
Is duplicate of Redmine - Feature #9358: Issue attachment permissionsNew2011-09-30

Actions
Is duplicate of Redmine - Feature #21562: Add a permission to prevent user delete issues attachments.New

Actions
Actions #1

Updated by Frederico Camara almost 8 years ago

To migrate db and restart Rails:

touch tmp/restart.txt;RAILS_ENV=production bundle exec rake db:migrate
Actions #2

Updated by Frederico Camara almost 8 years ago

I think it's related to:

Feature #9358 - Issue attachment permissions
Feature #4362 - Permissions on attachments
Feature #21562 - Add a permission to prevent user delete issues attachments

Actions #3

Updated by Marius BĂLTEANU almost 8 years ago

To increase the changes to have this patch taken into account, you should add tests to it.

Actions #4

Updated by Mischa The Evil almost 8 years ago

  • Is duplicate of Feature #4362: Permissions on attachments added
Actions #5

Updated by Mischa The Evil almost 8 years ago

  • Is duplicate of Feature #9358: Issue attachment permissions added
Actions #6

Updated by Mischa The Evil almost 8 years ago

  • Is duplicate of Feature #21562: Add a permission to prevent user delete issues attachments. added
Actions #7

Updated by Go MAEDA almost 8 years ago

  • Category set to Attachments
Actions #8

Updated by Go MAEDA almost 8 years ago

This patch introduces 3 permissions as follows.

  • :view_attachments
  • :edit_permission
  • :delete_attachments

Frederico Camara, thank you for posting this useful patch. Could you add tests?

Actions #9

Updated by Frederico Camara almost 8 years ago

Go MAEDA wrote:

This patch introduces 3 permissions as follows.

  • :view_attachments
  • :edit_permission
  • :delete_attachments

Frederico Camara, thank you for posting this useful patch. Could you add tests?

I will try to, but I'm somewhat new to Ruby/Rails and I don't know how to make tests. At least the Patch Details on the description lists which tests have to be made. This may take a while.

PS: I said it in the first line of the Description :-)

Actions #10

Updated by James Lai almost 8 years ago

Go MAEDA wrote:

This patch introduces 3 permissions as follows.

  • :view_attachments
  • :edit_permission
  • :delete_attachments

Frederico Camara, thank you for posting this useful patch. Could you add tests?

I found some problem when I login with LDAP's account(AD),it show "Internal error";and if use built-in account to login, it can work normal.
my redmine version is below:
Environment:
Redmine version 3.3.1.stable
Ruby version 2.3.1-p112 (2016-04-26) [x86_64-linux]
Rails version 4.2.7.1
Environment production
Database adapter PostgreSQL

Actions #11

Updated by Frederico Camara almost 8 years ago

James Lai wrote

I found some problem when I login with LDAP's account(AD),it show "Internal error";and if use built-in account to login, it can work normal.
my redmine version is below:
Environment:
Redmine version 3.3.1.stable
Ruby version 2.3.1-p112 (2016-04-26) [x86_64-linux]
Rails version 4.2.7.1
Environment production
Database adapter PostgreSQL

Could you post the error log for the internal error you are receiving? It could be caused by a plugin, or by a bug in my code, I don't know.

I use ldap login at work, but I think someone implemented some restriction for my development environment. I don't think it can still reach the ldap server, I'll try it later.

Thank you.

Actions #12

Updated by James Lai almost 8 years ago

Frederico Camara wrote:

James Lai wrote

I found some problem when I login with LDAP's account(AD),it show "Internal error";and if use built-in account to login, it can work normal.
my redmine version is below:
Environment:
Redmine version 3.3.1.stable
Ruby version 2.3.1-p112 (2016-04-26) [x86_64-linux]
Rails version 4.2.7.1
Environment production
Database adapter PostgreSQL

Could you post the error log for the internal error you are receiving? It could be caused by a plugin, or by a bug in my code, I don't know.

I use ldap login at work, but I think someone implemented some restriction for my development environment. I don't think it can still reach the ldap server, I'll try it later.

Thank you.

I've resolved it now,it is some file's permission(production log and tmp/ldapcatche) cause,now I've resolved it.Thank you.

Actions #13

Updated by James Lai almost 8 years ago

Hello Frederico,when I patch atta.3.3 throw "patch --dry-run -p1 < atta.3.3",I get the error as below:

checking file app/controllers/issues_controller.rb
Hunk #1 FAILED at 136 (different line endings).
Hunk #2 FAILED at 474 (different line endings).
2 out of 2 hunks FAILED
checking file app/models/issue.rb
Hunk #1 FAILED at 43 (different line endings).
Hunk #2 FAILED at 265 (different line endings).
2 out of 2 hunks FAILED
checking file app/models/journal.rb
Hunk #1 FAILED at 74 (different line endings).
1 out of 1 hunk FAILED

So I have to change it by manual.

Actions #14

Updated by Frederico Camara almost 8 years ago

James Lai wrote:

Hello Frederico,when I patch atta.3.3 throw "patch --dry-run -p1 < atta.3.3",I get the error as below:

checking file app/controllers/issues_controller.rb
Hunk #1 FAILED at 136 (different line endings).
Hunk #2 FAILED at 474 (different line endings).
2 out of 2 hunks FAILED
checking file app/models/issue.rb
Hunk #1 FAILED at 43 (different line endings).
Hunk #2 FAILED at 265 (different line endings).
2 out of 2 hunks FAILED
checking file app/models/journal.rb
Hunk #1 FAILED at 74 (different line endings).
1 out of 1 hunk FAILED

So I have to change it by manual.

You probably use Windows. Windows and Linux use different characters for line endings. Unless you use an editor that respects that, you can unknowingly change the end of line characters of thefiles or on the patch file, and patch will fail. Maybe you'll have to sed end of line characters or use unix2dos/dos2unix.

Tip: Google for "patch different line endings".

Actions #15

Updated by James Lai almost 8 years ago

Hello, Frederico,
I have test again, using centos7(CentOS Linux release 7.3.1611 (Core)) and redmine 3.3.2 version,in redmine path I run "patch --dry-run -p1 < atta.3.3" ,the same error appear.

Actions #16

Updated by Frederico Camara almost 8 years ago

James Lai wrote:

Hello, Frederico,
I have test again, using centos7(CentOS Linux release 7.3.1611 (Core)) and redmine 3.3.2 version,in redmine path I run "patch --dry-run -p1 < atta.3.3" ,the same error appear.

Maybe there's something different with the redmine package you're using. Try this: on Redmine directory, issue these two commands:

cat -et atta.3.3 | head
cat -et app/models/journal.rb | head

cat -et exposes the end of line characters, head shows only the beginning on the file.You should see some difference at the end of each line between the two files. If you do, my guess is you're using redmine packaged using windows. I installed Redmine using git, but I know Redmine community uses something else. The end of line character does not make any difference for Ruby, but it does for patch.

You can probably solve it using dos2unix:

find . -type f -exec dos2unix {} \;

Patch should work then.

Actions #17

Updated by James Lai almost 8 years ago

Hello, Frederico,
Thank you very much,now I use redmine-3.3.2.tar.gz to installed and patch success.

Actions #18

Updated by Toshi MARUYAMA almost 8 years ago

Frederico Camara wrote:

Go MAEDA wrote:

This patch introduces 3 permissions as follows.

  • :view_attachments
  • :edit_permission
  • :delete_attachments

Frederico Camara, thank you for posting this useful patch. Could you add tests?

I will try to, but I'm somewhat new to Ruby/Rails and I don't know how to make tests.

You can see examples.
source:trunk/test

Actions #19

Updated by Ricky Liu over 7 years ago

Good patch, thank you very much!
Works with redmine-3.3 stable and LDAP fine.

Actions #20

Updated by Ilya Ternovoy over 7 years ago

I have installed the patch and made database migration succesfully. But it seems like no changes on role permission page. Where is those settings?

Environment:
CentOS Linux release 7.2.1511 (Core)
Redmine version 3.3.0.stable
Ruby version 2.0.0-p598 (2014-11-13) [x86_64-linux]
Rails version 4.2.6
Redmine plugins:
clipboard_image_paste 1.6a
redmine_agile 1.4.1
redmine_ldap_sync 2.0.8.devel.g341b902df1
sidebar_hide 0.0.2

Actions #21

Updated by Ilya Ternovoy over 7 years ago

Ilya Ternovoy wrote:

I have installed the patch and made database migration succesfully. But it seems like no changes on role permission page. Where is those settings?

Environment:
CentOS Linux release 7.2.1511 (Core)
Redmine version 3.3.0.stable
Ruby version 2.0.0-p598 (2014-11-13) [x86_64-linux]
Rails version 4.2.6
Redmine plugins:
clipboard_image_paste 1.6a
redmine_agile 1.4.1
redmine_ldap_sync 2.0.8.devel.g341b902df1
sidebar_hide 0.0.2

I rebooted the server and now attachments settings are available on "role and permissions" page. But checkbox "Delete attachments" has no effect. I mean even if i uncheck it the user can delete an attachment anyway. Should I uncheck any other checkboxes to forbid user delete attachment? Current permission screen in attachment

Actions #22

Updated by Ilya Ternovoy over 7 years ago

Ilya Ternovoy wrote:

I rebooted the server and now attachments settings are available on "role and permissions" page. But checkbox "Delete attachments" has no effect. I mean even if i uncheck it the user can delete an attachment anyway. Should I uncheck any other checkboxes to forbid user delete attachment? Current permission screen in attachment

Patch works great!) It seems like I have attachment delete button because I am admin, in spite of my role on project. Users who are not admins do not see delete button now! Thanks!

Actions #23

Updated by Frederico Camara over 7 years ago

Ilya Ternovoy wrote:

Ilya Ternovoy wrote:

I rebooted the server and now attachments settings are available on "role and permissions" page. But checkbox "Delete attachments" has no effect. I mean even if i uncheck it the user can delete an attachment anyway. Should I uncheck any other checkboxes to forbid user delete attachment? Current permission screen in attachment

Patch works great!) It seems like I have attachment delete button because I am admin, in spite of my role on project. Users who are not admins do not see delete button now! Thanks!

You're welcome.

Admins are so powerful, I am usually logged as a normal user in a normal browser window, and as admin in a separate private browser window.

Actions #24

Updated by James Lai over 7 years ago

Hello,Frederico
your patch is very usefully,and I think that how to realize the document module's attachment upload permission,are you any idea? thank you!

Actions #25

Updated by Frederico Camara over 7 years ago

James Lai wrote:

Hello,Frederico
your patch is very usefully,and I think that how to realize the document module's attachment upload permission,are you any idea? thank you!

The redmine Documents module has its own permissions. They are grouped under Documents in Administration > Roles and Permissions.

Actions #26

Updated by James Lai over 7 years ago

Frederico Camara wrote:

James Lai wrote:

Hello,Frederico
your patch is very usefully,and I think that how to realize the document module's attachment upload permission,are you any idea? thank you!

The redmine Documents module has its own permissions. They are grouped under Documents in Administration > Roles and Permissions.

I mean is I can control user to upload attachment permission.give an example,developer or reporter can add document,but can not upload attechments,only manager can add document and upload attachments.

Actions #27

Updated by Frederico Camara over 7 years ago

James Lai wrote:

Frederico Camara wrote:

James Lai wrote:

Hello,Frederico
your patch is very usefully,and I think that how to realize the document module's attachment upload permission,are you any idea? thank you!

The redmine Documents module has its own permissions. They are grouped under Documents in Administration > Roles and Permissions.

I mean is I can control user to upload attachment permission.give an example,developer or reporter can add document,but can not upload attechments,only manager can add document and upload attachments.

I don't think I understand what you're trying to say. What I meant is that permissions for Documents are independent of permissions for Issue attachments. See the edited screencapture I made "Issue Permissions" (attached).

Actions #28

Updated by James Lai over 7 years ago

Frederico Camara wrote:

James Lai wrote:

Frederico Camara wrote:

James Lai wrote:

Hello,Frederico
your patch is very usefully,and I think that how to realize the document module's attachment upload permission,are you any idea? thank you!

The redmine Documents module has its own permissions. They are grouped under Documents in Administration > Roles and Permissions.

I mean is I can control user to upload attachment permission.give an example,developer or reporter can add document,but can not upload attechments,only manager can add document and upload attachments.

I don't think I understand what you're trying to say. What I meant is that permissions for Documents are independent of permissions for Issue attachments. See the edited screencapture I made "Issue Permissions" (attached).

thank you very much.

Actions #29

Updated by Aleksandar Pavic over 6 years ago

+1 IMHO, this should be added to Redmine core.

Actions #30

Updated by Nothing Ctrl over 6 years ago

Hello,

Can you update for Redmine 3.4

I'm test with file atta.3.3 and atta.master but dry-run got some failed.

Actions #31

Updated by Frederico Camara over 6 years ago

Nothing Ctrl wrote:

Hello,

Can you update for Redmine 3.4

I'm test with file atta.3.3 and atta.master but dry-run got some failed.

Updated, to 3.4-stable (on github).
Not tested, but it should work, just had to adapt to little changes since 3.3.

Actions #32

Updated by Nothing Ctrl about 6 years ago

Frederico Camara wrote:

Nothing Ctrl wrote:

Hello,

Can you update for Redmine 3.4

I'm test with file atta.3.3 and atta.master but dry-run got some failed.

Updated, to 3.4-stable (on github).
Not tested, but it should work, just had to adapt to little changes since 3.3.

Confirm is work on Redmine 3.4

Actions #33

Updated by Piko Tao over 5 years ago

Frederico Camara wrote:

Nothing Ctrl wrote:

Hello,

Can you update for Redmine 3.4

I'm test with file atta.3.3 and atta.master but dry-run got some failed.

Updated, to 3.4-stable (on github).
Not tested, but it should work, just had to adapt to little changes since 3.3.

I made one patch for redmine 4.0-stable.
Hope this feature be added into core feature.

Actions #34

Updated by Frederico Camara about 5 years ago

Redmine 4.0 added a feature so roles could have different permissions to each tracker. I had to rearrange things a bit so these permissions would extend to attachments. Permissions for attachments so become:
- view_attachments
- add_attachments
- edit_attachments (rename)
- delete_attachments

Important: In my old patches there was not an add_attachments permissions, Redmine would use the edit_attachments to verify if the user could add attachments. After applying the patch you would have to set add_attachments permissions to your roles.

Actions #35

Updated by Aleksandar Pavic over 4 years ago

So for Redmine 4, we should only run this one 0015-Implement... from above post?

How about Redmine 4.1 ?

Actions #36

Updated by Frederico Camara over 4 years ago

Aleksandar Pavic wrote:

So for Redmine 4, we should only run this one 0015-Implement... from above post?

How about Redmine 4.1 ?

Untested, but probably works. Redmine 4 changed some user permissions regarding issues, you can see it in the role administration.

I did not try patching Redmine 4.1. Tell me if patch fails.

Actions #37

Updated by Aleksandar Pavic over 4 years ago

Well I downloaded fresh 4.1 and got few chunk errors, and many succeeds...

patch --dry-run -p1 < 0015-Implements-permissions-and-restrictions-to-issue-att.patch 
patching file app/controllers/issues_controller.rb
Hunk #1 succeeded at 88 with fuzz 2 (offset 2 lines).
Hunk #2 succeeded at 130 (offset 3 lines).
Hunk #3 succeeded at 169 (offset 3 lines).
Hunk #4 succeeded at 287 with fuzz 2 (offset 18 lines).
Hunk #5 succeeded at 353 (offset 21 lines).
Hunk #6 succeeded at 574 (offset 23 lines).
patching file app/models/issue.rb
Hunk #1 succeeded at 40 (offset 2 lines).
Hunk #2 succeeded at 189 with fuzz 1 (offset 5 lines).
Hunk #3 succeeded at 296 (offset 5 lines).
Hunk #4 succeeded at 1657 (offset 7 lines).
patching file app/models/journal.rb
Hunk #1 succeeded at 92 (offset 4 lines).
patching file app/models/mailer.rb
Hunk #1 succeeded at 99 with fuzz 1 (offset 6 lines).
Hunk #2 succeeded at 117 (offset 7 lines).
Hunk #3 succeeded at 133 (offset 7 lines).
patching file app/views/issues/_edit.html.erb
Hunk #1 succeeded at 45 (offset 5 lines).
Hunk #2 FAILED at 81.
1 out of 2 hunks FAILED -- saving rejects to file app/views/issues/_edit.html.erb.rej
patching file app/views/issues/index.api.rsb
patching file app/views/issues/new.html.erb
patching file app/views/issues/new.js.erb
patching file app/views/issues/show.api.rsb
patching file app/views/issues/show.html.erb
patching file app/views/mailer/_issue.html.erb
patching file app/views/mailer/_issue.text.erb
patching file app/views/roles/_form.html.erb
Hunk #1 FAILED at 67.
1 out of 1 hunk FAILED -- saving rejects to file app/views/roles/_form.html.erb.rej
patching file config/locales/en.yml
Hunk #1 succeeded at 509 (offset 17 lines).
patching file config/locales/pt-BR.yml
Hunk #1 succeeded at 785 (offset 3 lines).
patching file db/migrate/20161215142110_add_attachments_permissions.rb
patching file lib/plugins/acts_as_searchable/lib/acts_as_searchable.rb
Hunk #1 succeeded at 136 (offset 2 lines).
patching file lib/redmine.rb
Hunk #1 FAILED at 99.
1 out of 1 hunk FAILED -- saving rejects to file lib/redmine.rb.rej
patching file lib/redmine/export/pdf/issues_pdf_helper.rb
Reversed (or previously applied) patch detected!  Assume -R? [n] 


So I'm aborting...
Actions #38

Updated by Frederico Camara over 4 years ago

Aleksandar Pavic wrote:

Well I downloaded fresh 4.1 and got few chunk errors, and many succeeds...

[...]
So I'm aborting...

There were some minor modifications on some files. Redmine 4.1 patch added.

Actions #39

Updated by Pawel Orzechowski over 4 years ago

FREDERICO LÚCIO DE SOUZA, can you create this patch as a plugin?

Actions #40

Updated by Frederico Camara over 4 years ago

Pawel Orzechowski wrote:

FREDERICO LÚCIO DE SOUZA, can you create this patch as a plugin?

I can take some time. It would have to be implemented differently, I'll try.

Actions #41

Updated by Adriano Bellia over 4 years ago

Frederico Camara wrote:

Aleksandar Pavic wrote:

Well I downloaded fresh 4.1 and got few chunk errors, and many succeeds...

[...]
So I'm aborting...

There were some minor modifications on some files. Redmine 4.1 patch added.

Hi,
thank you for this implementation. It is great!!!
Does this version works also with Redmine 4.0.3? Or should I use older version?

I've installed the 4.0 version, but, when I create a new issue it follows the rules created. During a modification (with all the attachment rules unflagged) I see again the file button.

Actions #42

Updated by Frederico Camara over 4 years ago

Adriano Bellia wrote:

I've installed the 4.0 version, but, when I create a new issue it follows the rules created. During a modification (with all the attachment rules unflagged) I see again the file button.

You're right. I had it implemented on my 3.2 patch but forgot this bit when reimplementing the whole thing to the 4.0, 4.1 patches.

Fix files added.

Actions #43

Updated by Frederico Camara over 4 years ago

Frederico Camara wrote:

Adriano Bellia wrote:

I've installed the 4.0 version, but, when I create a new issue it follows the rules created. During a modification (with all the attachment rules unflagged) I see again the file button.

You're right. I had it implemented on my 3.2 patch but forgot this bit when reimplementing the whole thing to the 4.0, 4.1 patches.

Fix files added.

Sloppy patch. Here is a much better patch, it takes into consideration the user may change the Issue Tracker when showing the attachment button. Also fix a bug when editing the path "/issues/#/edit".

Wish I could delete old files.

Actions #44

Updated by Adriano Bellia over 4 years ago

Frederico Camara wrote:

Frederico Camara wrote:

Adriano Bellia wrote:

I've installed the 4.0 version, but, when I create a new issue it follows the rules created. During a modification (with all the attachment rules unflagged) I see again the file button.

You're right. I had it implemented on my 3.2 patch but forgot this bit when reimplementing the whole thing to the 4.0, 4.1 patches.

Fix files added.

Sloppy patch. Here is a much better patch, it takes into consideration the user may change the Issue Tracker when showing the attachment button. Also fix a bug when editing the path "/issues/#/edit".

Wish I could delete old files.

Sorry to bother you,
how do I apply this fix? I should first reverse the old patch?
If I try to apply directly 0015-Implements-permissions-and-restrictions-to-issue-att-fix2-4.0.patch after 0015-Implements-permissions-and-restrictions-to-issue-att.patch it asks me to reverse the older one.

Reversed (or previously applied) patch detected! Assume -R? [n] n
Apply anyway? [n] y
Hunk #1 FAILED at 86.
Hunk #2 FAILED at 126.
Hunk #3 succeeded at 158 (offset 3 lines).
Hunk #4 FAILED at 164.
Hunk #5 FAILED at 265.
Hunk #6 FAILED at 328.
Hunk #7 FAILED at 546.
6 out of 7 hunks FAILED

Actions #45

Updated by Adriano Bellia over 4 years ago

also reversing the first patch and applying directly the fix2 gives errrors :(
If I apply fix1 (after the first patch reverted) it goes perfectly. But If I retry then with the fix2 it gives me the same messages

Actions #46

Updated by Frederico Camara over 4 years ago

Adriano Bellia wrote:

also reversing the first patch and applying directly the fix2 gives errrors :(
If I apply fix1 (after the first patch reverted) it goes perfectly. But If I retry then with the fix2 it gives me the same messages

Thanks for the reply. Atom messed up my patch, removing blank spaces from the source lines. New file uploaded.

You have to revert to the situation before the patch was applied. This means reverting last applied patches. If you lost track or prefer to start from scratch (and use git, which I personally recomend), you can revert to a previous state using it:

find -name "*.rej" -exec rm {} \; # Remove patch unapplied patches
find -name "*.orig" -exec rm {} \; # Remove patch backups
git reset --hard
git status # check if your branch is up to date with 'origin/4.0-stable'. You may have to remove some created files manually (eg: db).

Now you can reapply any patches you use.

Actions #47

Updated by Adriano Bellia over 4 years ago

Thank you!!! Now it seems perfect :)

Actions #48

Updated by Pawel Orzechowski over 4 years ago

My question is why this feature is not implemented as plugin?

Actions #49

Updated by Frederico Camara over 4 years ago

Pawel Orzechowski wrote:

My question is why this feature is not implemented as plugin?

You have asked me that a month ago, and I answered already (see comment #24623-40).

Implementing as a plugin is much harder, and different. It would have to account that the scope of this feature changed a lot between Redmine versions 3.x and 4.x. See the admin role configuration. On unpatched Redmine, file CRUD restrictions are the same as issue restrictions. Redmine 4 implements permission per tracker, so file restrictions had to be implemented per tracker also.

Besides that, most things were implemented in the controller. I would have to implement them in the model and I would have to research how to do it seamlessly, because Issue.attachments returns ActiveRecord::Associations::CollectionProxy and I would have to test an active record that filters out attachments not visible to the user, for example.

Besides that, implementing as a plugin gives only minor compatibility between versions of Redmine.

Actions #50

Updated by Mischa The Evil over 3 years ago

  • Subject changed from Implements permissions and restrictions to issue attachments to Implements CRUD permissions and restrictions to issue attachments
  • Target version set to Candidate for next major release

Frederico Camara wrote:

Implementing as a plugin is much harder, and different. It would have to account that the scope of this feature changed a lot between Redmine versions 3.x and 4.x. See the admin role configuration. On unpatched Redmine, file CRUD restrictions are the same as issue restrictions. Redmine 4 implements permission per tracker, so file restrictions had to be implemented per tracker also.

Besides that, most things were implemented in the controller. I would have to implement them in the model and I would have to research how to do it seamlessly, because Issue.attachments returns ActiveRecord::Associations::CollectionProxy and I would have to test an active record that filters out attachments not visible to the user, for example.

Besides that, implementing as a plugin gives only minor compatibility between versions of Redmine.

I don't think that this is a feasible feature to easily implement through a plugin.
Actually, I wrote in #35634#note-2:

I think it would be nice to have it integrated into the core, however the provided patch as-is is pretty big and, sadly, is currently outdated and will likely break the existing test suite and comes without any test coverage for the new features itself.
I've had a quick look into the patch implementation though and it all seems properly implemented (albeit to obviously outdated checkouts). It shouldn't be all too hard to rebase it onto the current trunk. Updating the test suite for the patch and testing (for) and handling (of) any possible edge-cases will be most of the required work to get it ready for a decision on core integration.

Actions #51

Updated by Peter Volkov over 2 years ago

This is really sad that we do not have permissions for attachments in redmine. Our company wants to pay for finishing this patch work and pushing it upstream: https://www.redmine.org/boards/5/topics/67335

Actions

Also available in: Atom PDF