Similar functionality to #7412 (private issues) applied to Documents.
#3 Updated by Preethi Sriram over 8 years ago
- File TestPrivateDocumentsResults.txt added
- File 20111017193453_add_is_private_to_documents.rb added
- File 20111018230249_add_assigned_to_id_to_documents.rb added
- File 20111018230420_add_author_id_to_documents.rb added
- File 20111028205848_add_documents_visibility_to_roles.rb added
- File fix-private-documents.diff added
- % Done changed from 0 to 100
I have attached the db/migrate scripts to add columns is_private, assigned_user_id,author_id to Documents table and documents_visibility to roles. The diff file is the patch file for all the views/controllers/model/yml codebase. I ran the existing tests for unit and functional test scripts on Roles and Documents and have attached the test results (no failures). Translations for yml files are in English as I am not familiar with other locales.
It should behave very similar to issues_visibility roles and permissions.
#5 Updated by Preethi Sriram over 8 years ago
These are the use cases I tested in development.
Created Test Project-
Created two accounts-
1)One as redmine-admin, added role as manager for the project and updated documents_visibility permission for manager to "all" on Roles Permissions.
2)The second account preethi, added role as a developer and updated documents_visibility permission for developer to "default" on Roles Permissions.
3)Logged in as redmine-admin/manager for the project-and created some private documents- so developer/preethi should not be able to view it when logged in. (Assigned userid and author as redmine-admin)
4)Logged in as Developer-Preethi and checked to make sure none of manager's private documents are visible. Because default permission is set to view any documents that are marked "not private" or ones assigned to the user or ones authored by the user. No private documents of Manager shows on the list
5)Created private documents for Developer-Preethi and assigned_id as Developer-Preethi.
6)Logged in as redmine-admine/manager and because the permission is set to all (in my environment), all documents (private to developer/preethi are visible). Permissions behavior for "all" is coded similar to issues-visibility role-permissions.
7)Third Account-has permission "Own" for the project and is able to view documents assigned to or authored by them.
#6 Updated by Preethi Sriram over 8 years ago
I forgot to add two more use cases in my last update.
8)Created a tester user with two roles (developer,tester) for a project. Tester has more restrictive permission ("own"). Created documents as Tester and the only documents the tester gets to see are the ones assigned or authored to them. I am assuming here that "the more restrictive permission should apply", although this person is also a developer and can get "default" permission to view non private documents of others. If this is a wrong assumption let me know and I can resend the patch by adding an orderby clause in the query.
9)When no document_visibility permission is assigned to a user/role in a project, default permissions apply.