Redmine

It seems to be able to solve this problem by adding the following condition for disp the button.

  User.current.allowed_to?(:browse_repository, @repository.project)

Thank you for the patch. While reviewing the patch, I found that we don't have to show radio buttons to select revisions to show diff when "View differences" is hidden.

IMHO, the following fix is better. It hides the radio boxes as well as the button. In addition, it is simpler.

diff --git a/app/views/repositories/_revisions.html.erb b/app/views/repositories/_revisions.html.erb
index 914999b34..514380791 100644
--- a/app/views/repositories/_revisions.html.erb
+++ b/app/views/repositories/_revisions.html.erb
@@ -20,7 +20,7 @@ end %>
        :repository_id => @repository.identifier_param, :path => to_path_param(path)},
       :method => :get
      ) do %>
-<% show_diff = revisions.size > 1 %>
+<% show_diff = revisions.size > 1 && User.current.allowed_to?(:browse_repository, @repository.project) %>
 <%= submit_tag(l(:label_view_diff), :name => nil) if show_diff %>
 <table class="list changesets">
 <thead><tr>

Setting the target version to 4.0.3.

Committed, thanks.