issue-permissions-1.0.4.patch

Brian Lindahl, 2011-01-25 19:43

Download (12.2 KB)

View differences:

redmine-1.0.4-issue-permissions/app/controllers/issues_controller.rb 2011-01-21 16:46:05.469555300 -0700
103 103
    @changesets = @issue.changesets.visible.all
104 104
    @changesets.reverse! if User.current.wants_comments_in_reverse_order?
105 105
    @allowed_statuses = @issue.new_statuses_allowed_to(User.current)
106
    @edit_allowed = User.current.allowed_to?(:edit_issues, @project)
106
    @edit_allowed = @issue.editable?
107
    @edit_planning_allowed = @issue.planning_editable?
107 108
    @priorities = IssuePriority.all
108 109
    @time_entry = TimeEntry.new
109 110
    respond_to do |format|
......
267 268
  def update_issue_from_params
268 269
    @allowed_statuses = @issue.new_statuses_allowed_to(User.current)
269 270
    @priorities = IssuePriority.all
270
    @edit_allowed = User.current.allowed_to?(:edit_issues, @project)
271
    @edit_allowed = @issue.editable?
272
    @edit_planning_allowed = @issue.planning_editable?
271 273
    @time_entry = TimeEntry.new
272 274
    
273 275
    @notes = params[:notes] || (params[:issue].present? ? params[:issue][:notes] : nil)
redmine-1.0.4-issue-permissions/app/models/issue.rb 2011-01-21 16:46:05.469555300 -0700
78 78
    (usr || User.current).allowed_to?(:view_issues, self.project)
79 79
  end
80 80
  
81
  # Returns true if usr or current user is allowed to edit the issue
82
  def editable?(usr=nil)
83
    user = usr || User.current
84
    return user.allowed_to?(:edit_issues, self.project) ||
85
            (user.allowed_to?(:edit_own_issues, self.project) && self.assigned_to == user) ||
86
            (user.allowed_to?(:edit_own_issues, self.project) && self.author == user && self.assigned_to.nil?)
87
  end
88
  
89
  def descr_editable?(usr=nil)
90
    user = usr || User.current
91
    return user.allowed_to?(:edit_issues, self.project) ||
92
            (user.allowed_to?(:edit_own_issues, self.project) && self.author == user && self.assigned_to.nil?)
93
  end
94

  
95
  def planning_editable?(usr=nil)
96
    user = usr || User.current
97
    return editable?(user) && user.allowed_to?(:edit_issue_planning, self.project)
98
  end
99
  
81 100
  def after_initialize
82 101
    if new_record?
83 102
      # set default values for new records only
redmine-1.0.4-issue-permissions/app/models/mail_handler.rb 2011-01-21 16:46:05.485181000 -0700
174 174
    return unless issue
175 175
    # check permission
176 176
    unless @@handler_options[:no_permission_check]
177
      raise UnauthorizedAction unless user.allowed_to?(:add_issue_notes, issue.project) || user.allowed_to?(:edit_issues, issue.project)
178
      raise UnauthorizedAction unless status.nil? || user.allowed_to?(:edit_issues, issue.project)
177
      raise UnauthorizedAction unless user.allowed_to?(:add_issue_notes, issue.project)
178
      raise UnauthorizedAction unless issue.editable?(user)
179
      raise UnauthorizedAction unless status.nil?
179 180
    end
180 181

  
181 182
    # add the note
redmine-1.0.4-issue-permissions/app/views/issues/_attributes.rhtml 2011-01-21 17:09:38.732206700 -0700
8 8
<% end %>
9 9

  
10 10
<p><%= f.select :priority_id, (@priorities.collect {|p| [p.name, p.id]}), {:required => true}, :disabled => !@issue.leaf? %></p>
11
<p><%= f.select :assigned_to_id, (@issue.assignable_users.collect {|m| [m.name, m.id]}), :include_blank => true %></p>
11
<p><%= f.select :assigned_to_id, (@issue.assignable_users.collect {|m| [m.name, m.id]}), {:include_blank => true}, :disabled => !@issue.planning_editable? %></p>
12 12
<% unless @project.issue_categories.empty? %>
13 13
<p><%= f.select :category_id, (@project.issue_categories.collect {|c| [c.name, c.id]}), :include_blank => true %>
14 14
<%= prompt_to_remote(image_tag('add.png', :style => 'vertical-align: middle;'),
......
19 19
                     :tabindex => 199) if authorize_for('issue_categories', 'new') %></p>
20 20
<% end %>
21 21
<% unless @issue.assignable_versions.empty? %>
22
<p><%= f.select :fixed_version_id, version_options_for_select(@issue.assignable_versions, @issue.fixed_version), :include_blank => true %>
22
<p><%= f.select :fixed_version_id, version_options_for_select(@issue.assignable_versions, @issue.fixed_version), {:include_blank => true}, :disabled => !@issue.planning_editable? %>
23 23
<%= prompt_to_remote(image_tag('add.png', :style => 'vertical-align: middle;'),
24 24
                     l(:label_version_new),
25 25
                     'version[name]', 
......
31 31
</div>
32 32

  
33 33
<div class="splitcontentright">
34
<p><%= f.text_field :start_date, :size => 10, :disabled => !@issue.leaf? %><%= calendar_for('issue_start_date') if @issue.leaf? %></p>
35
<p><%= f.text_field :due_date, :size => 10, :disabled => !@issue.leaf? %><%= calendar_for('issue_due_date') if @issue.leaf? %></p>
36
<p><%= f.text_field :estimated_hours, :size => 3, :disabled => !@issue.leaf? %> <%= l(:field_hours) %></p>
34
<p><%= f.text_field :start_date, :size => 10, :disabled => !@issue.leaf? || !@issue.planning_editable? %><%= calendar_for('issue_start_date') if @issue.leaf? && @issue.planning_editable? %></p>
35
<p><%= f.text_field :due_date, :size => 10, :disabled => !@issue.leaf? || !@issue.planning_editable? %><%= calendar_for('issue_due_date') if @issue.leaf? && @issue.planning_editable? %></p>
36
<p><%= f.text_field :estimated_hours, :size => 3, :disabled => !@issue.leaf? || !@issue.planning_editable? %> <%= l(:field_hours) %></p>
37 37
<% if @issue.leaf? && Issue.use_field_for_done_ratio? %>
38
<p><%= f.select :done_ratio, ((0..10).to_a.collect {|r| ["#{r*10} %", r*10] }) %></p>
38
<p><%= f.select :done_ratio, ((0..10).to_a.collect {|r| ["#{r*10} %", r*10] }), {},:disabled => !@issue.planning_editable? %></p>
39 39
<% end %>
40 40
</div>
41 41

  
redmine-1.0.4-issue-permissions/app/views/issues/_edit.rhtml 2011-01-21 16:46:05.500806700 -0700
6 6
                                       :multipart => true} do |f| %>
7 7
    <%= error_messages_for 'issue', 'time_entry' %>
8 8
    <div class="box">
9
    <% if @edit_allowed || !@allowed_statuses.empty? %>
9
    <% if @edit_allowed %>
10 10
        <fieldset class="tabular"><legend><%= l(:label_change_properties) %>
11
        <% if !@issue.new_record? && !@issue.errors.any? && @edit_allowed %>
11
        <% if !@issue.new_record? && !@issue.errors.any? && @issue.descr_editable? %>
12 12
        <small>(<%= link_to l(:label_more), {}, :onclick => 'Effect.toggle("issue_descr_fields", "appear", {duration:0.3}); return false;' %>)</small>
13 13
        <% end %>
14 14
        </legend>
15
        <%= render :partial => (@edit_allowed ? 'form' : 'form_update'), :locals => {:f => f} %>
15
        <%= render :partial => 'form', :locals => {:f => f} %>
16 16
        </fieldset>
17 17
    <% end %>
18 18
    <% if authorize_for('timelog', 'edit') %>
redmine-1.0.4-issue-permissions/app/views/issues/_form_update.rhtml 2011-01-21 16:46:05.516432400 -0700
1 1
<div class="attributes">
2 2
<div class="splitcontentleft">
3 3
<p><%= f.select :status_id, (@allowed_statuses.collect {|p| [p.name, p.id]}), :required => true %></p>
4
<p><%= f.select :assigned_to_id, (@issue.assignable_users.collect {|m| [m.name, m.id]}), :include_blank => true %></p>
4
<p><%= f.select :assigned_to_id, (@issue.assignable_users.collect {|m| [m.name, m.id]}), :include_blank => true, :disabled => !@issue.planning_editable? %></p>
5 5
</div>
6 6
<div class="splitcontentright">
7 7
<% if Issue.use_field_for_done_ratio? %>
8
<p><%= f.select :done_ratio, ((0..10).to_a.collect {|r| ["#{r*10} %", r*10] }) %></p>
8
<p><%= f.select :done_ratio, ((0..10).to_a.collect {|r| ["#{r*10} %", r*10]}), :disabled => !@issue.planning_editable? %></p>
9 9
<% end %>
10
<% unless @issue.assignable_versions.empty? %>
11
<p><%= f.select :fixed_version_id, (@issue.assignable_versions.collect {|v| [v.name, v.id]}), :include_blank => true %></p>
10
<% unless @issue.fixed_assignable_versions.empty? %>
11
<p><%= f.select :fixed_version_id, (@issue.fixed_assignable_versions.collect {|v| [v.name, v.id]}), :include_blank => true, :disabled => !@issue.planning_editable? %></p>
12 12
<% end %>
13 13
</div>
14 14
</div>
redmine-1.0.4-issue-permissions/config/locales/en.yml 2011-01-21 16:46:05.516432400 -0700
362 362
  permission_view_issues: View Issues
363 363
  permission_add_issues: Add issues
364 364
  permission_edit_issues: Edit issues
365
  permission_edit_own_issues: Edit own issues
366
  permission_edit_issue_planning: Edit issue planning
365 367
  permission_manage_issue_relations: Manage issue relations
366 368
  permission_add_issue_notes: Add notes
367 369
  permission_edit_issue_notes: Edit notes
redmine-1.0.4-issue-permissions/lib/redmine/default_data/loader.rb 2011-01-21 16:46:05.532058100 -0700
52 52
                                                      :view_issues,
53 53
                                                      :add_issues,
54 54
                                                      :edit_issues,
55
                                                      :edit_issue_planning,
55 56
                                                      :manage_issue_relations,
56 57
                                                      :manage_subtasks,
57 58
                                                      :add_issue_notes,
......
79 80
                                    :permissions => [:view_issues,
80 81
                                                    :add_issues,
81 82
                                                    :add_issue_notes,
83
                                                    :edit_own_issues,
82 84
                                                    :save_queries,
83 85
                                                    :view_gantt,
84 86
                                                    :view_calendar,
redmine-1.0.4-issue-permissions/lib/redmine.rb 2011-01-21 16:46:05.532058100 -0700
66 66
                                  :reports => [:issue_report, :issue_report_details]}
67 67
    map.permission :add_issues, {:issues => [:new, :create, :update_form]}
68 68
    map.permission :edit_issues, {:issues => [:edit, :update, :bulk_edit, :bulk_update, :update_form], :journals => [:new]}
69
    map.permission :edit_own_issues, {:issues => [:edit, :update, :bulk_edit, :bulk_update, :update_form], :journals => [:new]}
70
    map.permission :edit_issue_planning, {:issues => [:edit, :update, :bulk_edit, :bulk_update, :update_form], :journals => [:new]}
69 71
    map.permission :manage_issue_relations, {:issue_relations => [:new, :destroy]}
70 72
    map.permission :manage_subtasks, {}
71 73
    map.permission :add_issue_notes, {:issues => [:edit, :update], :journals => [:new]}