Patch #7444 » issue-permissions-1.1.0.patch
| redmine-1.1.0-issue-permissions/app/controllers/issues_controller.rb 2011-01-26 12:48:09.316908000 -0700 | ||
|---|---|---|
| 109 | 109 |
@changesets = @issue.changesets.visible.all |
| 110 | 110 |
@changesets.reverse! if User.current.wants_comments_in_reverse_order? |
| 111 | 111 |
@allowed_statuses = @issue.new_statuses_allowed_to(User.current) |
| 112 |
@edit_allowed = User.current.allowed_to?(:edit_issues, @project) |
|
| 113 | 112 |
@priorities = IssuePriority.all |
| 114 | 113 |
@time_entry = TimeEntry.new |
| 115 | 114 |
respond_to do |format| |
| ... | ... | |
| 263 | 262 |
def update_issue_from_params |
| 264 | 263 |
@allowed_statuses = @issue.new_statuses_allowed_to(User.current) |
| 265 | 264 |
@priorities = IssuePriority.all |
| 266 |
@edit_allowed = User.current.allowed_to?(:edit_issues, @project) |
|
| 267 | 265 |
@time_entry = TimeEntry.new |
| 268 | 266 |
@time_entry.attributes = params[:time_entry] |
| 269 | 267 |
|
| redmine-1.1.0-issue-permissions/app/models/issue.rb 2011-01-26 13:35:08.228443600 -0700 | ||
|---|---|---|
| 97 | 97 |
(usr || User.current).allowed_to?(:view_issues, self.project) |
| 98 | 98 |
end |
| 99 | 99 |
|
| 100 |
# Returns true if usr or current user is allowed to edit the issue |
|
| 101 |
def editable?(usr=nil) |
|
| 102 |
user = usr || User.current |
|
| 103 |
return new_record? || |
|
| 104 |
user.allowed_to?(:edit_issues, self.project) || |
|
| 105 |
(user.allowed_to?(:edit_assigned_issues, self.project) && self.assigned_to == user) || |
|
| 106 |
(user.allowed_to?(:edit_authored_issues, self.project) && self.author == user && (self.assigned_to.nil? || |
|
| 107 |
self.assigned_to == user || |
|
| 108 |
self.closed?)) |
|
| 109 |
end |
|
| 110 |
|
|
| 111 |
# Returns true if usr or current user is allowed to edit the description and subject |
|
| 112 |
def descr_editable?(usr=nil) |
|
| 113 |
user = usr || User.current |
|
| 114 |
return new_record? || |
|
| 115 |
user.allowed_to?(:edit_issues, self.project) || |
|
| 116 |
(user.allowed_to?(:edit_authored_issues, self.project) && self.author == user && self.assigned_to.nil?) |
|
| 117 |
end |
|
| 118 |
|
|
| 119 |
# Returns true if usr or current user is allowed to edit the progress of an issue |
|
| 120 |
def progress_editable?(usr=nil) |
|
| 121 |
user = usr || User.current |
|
| 122 |
return user.allowed_to?(:edit_issue_progress, self.project) |
|
| 123 |
end |
|
| 124 |
|
|
| 125 |
# Returns true if usr or current user is allowed to edit the planning of an issue |
|
| 126 |
def planning_editable?(usr=nil) |
|
| 127 |
user = usr || User.current |
|
| 128 |
return user.allowed_to?(:edit_issue_planning, self.project) |
|
| 129 |
end |
|
| 130 |
|
|
| 100 | 131 |
def after_initialize |
| 101 | 132 |
if new_record? |
| 102 | 133 |
# set default values for new records only |
| ... | ... | |
| 215 | 246 |
def estimated_hours=(h) |
| 216 | 247 |
write_attribute :estimated_hours, (h.is_a?(String) ? h.to_hours : h) |
| 217 | 248 |
end |
| 218 | 249 |
|
| 250 |
safe_attributes 'subject', |
|
| 251 |
'description', |
|
| 252 |
:if => lambda {|issue, user| issue.descr_editable?(user)}
|
|
| 253 |
|
|
| 254 |
safe_attributes 'parent_issue_id', |
|
| 255 |
:if => lambda {|issue, user| user.allowed_to?(:manage_subtasks, issue.project)}
|
|
| 256 |
|
|
| 219 | 257 |
safe_attributes 'tracker_id', |
| 220 | 258 |
'status_id', |
| 221 |
'parent_issue_id', |
|
| 222 | 259 |
'category_id', |
| 223 |
'assigned_to_id', |
|
| 260 |
'custom_field_values', |
|
| 261 |
'custom_fields', |
|
| 262 |
'lock_version', |
|
| 263 |
:if => lambda {|issue, user| issue.new_record? || issue.editable?(user) }
|
|
| 264 |
|
|
| 265 |
safe_attributes 'assigned_to_id', |
|
| 224 | 266 |
'priority_id', |
| 225 | 267 |
'fixed_version_id', |
| 226 |
'subject', |
|
| 227 |
'description', |
|
| 228 | 268 |
'start_date', |
| 229 | 269 |
'due_date', |
| 230 |
'done_ratio', |
|
| 270 |
:if => lambda {|issue, user| issue.planning_editable?(user)}
|
|
| 271 |
|
|
| 272 |
safe_attributes 'done_ratio', |
|
| 231 | 273 |
'estimated_hours', |
| 232 |
'custom_field_values', |
|
| 233 |
'custom_fields', |
|
| 234 |
'lock_version', |
|
| 235 |
:if => lambda {|issue, user| issue.new_record? || user.allowed_to?(:edit_issues, issue.project) }
|
|
| 236 |
|
|
| 274 |
:if => lambda {|issue, user| issue.progress_editable?(user)}
|
|
| 275 |
|
|
| 237 | 276 |
safe_attributes 'status_id', |
| 238 |
'assigned_to_id', |
|
| 239 |
'fixed_version_id', |
|
| 240 |
'done_ratio', |
|
| 241 | 277 |
:if => lambda {|issue, user| issue.new_statuses_allowed_to(user).any? }
|
| 242 | 278 |
|
| 243 | 279 |
# Safely sets attributes |
| redmine-1.1.0-issue-permissions/app/models/mail_handler.rb 2011-01-26 12:43:13.725049800 -0700 | ||
|---|---|---|
| 145 | 145 |
return unless issue |
| 146 | 146 |
# check permission |
| 147 | 147 |
unless @@handler_options[:no_permission_check] |
| 148 |
raise UnauthorizedAction unless user.allowed_to?(:add_issue_notes, issue.project) || user.allowed_to?(:edit_issues, issue.project)
|
|
| 148 |
raise UnauthorizedAction unless user.allowed_to?(:add_issue_notes, issue.project) || issue.editable?(user)
|
|
| 149 | 149 |
end |
| 150 | 150 |
|
| 151 | 151 |
# ignore CLI-supplied defaults for new issues |
| redmine-1.1.0-issue-permissions/app/views/issues/_attributes.rhtml 2011-01-26 12:43:13.740674700 -0700 | ||
|---|---|---|
| 7 | 7 |
<p><label><%= l(:field_status) %></label> <%= @issue.status.name %></p> |
| 8 | 8 |
<% end %> |
| 9 | 9 |
|
| 10 |
<p><%= f.select :priority_id, (@priorities.collect {|p| [p.name, p.id]}), {:required => true}, :disabled => !@issue.leaf? %></p>
|
|
| 11 |
<p><%= f.select :assigned_to_id, (@issue.assignable_users.collect {|m| [m.name, m.id]}), :include_blank => true %></p>
|
|
| 10 |
<p><%= f.select :priority_id, (@priorities.collect {|p| [p.name, p.id]}), {:required => true}, :disabled => !@issue.leaf? || !@issue.planning_editable? %></p>
|
|
| 11 |
<p><%= f.select :assigned_to_id, (@issue.assignable_users.collect {|m| [m.name, m.id]}), {:include_blank => true}, :disabled => !@issue.planning_editable? %></p>
|
|
| 12 | 12 |
<% unless @project.issue_categories.empty? %> |
| 13 | 13 |
<p><%= f.select :category_id, (@project.issue_categories.collect {|c| [c.name, c.id]}), :include_blank => true %>
|
| 14 | 14 |
<%= prompt_to_remote(image_tag('add.png', :style => 'vertical-align: middle;'),
|
| ... | ... | |
| 19 | 19 |
:tabindex => 199) if authorize_for('issue_categories', 'new') %></p>
|
| 20 | 20 |
<% end %> |
| 21 | 21 |
<% unless @issue.assignable_versions.empty? %> |
| 22 |
<p><%= f.select :fixed_version_id, version_options_for_select(@issue.assignable_versions, @issue.fixed_version), :include_blank => true %>
|
|
| 22 |
<p><%= f.select :fixed_version_id, version_options_for_select(@issue.assignable_versions, @issue.fixed_version), {:include_blank => true}, :disabled => !@issue.planning_editable? %>
|
|
| 23 | 23 |
<%= prompt_to_remote(image_tag('add.png', :style => 'vertical-align: middle;'),
|
| 24 | 24 |
l(:label_version_new), |
| 25 | 25 |
'version[name]', |
| ... | ... | |
| 31 | 31 |
</div> |
| 32 | 32 |
|
| 33 | 33 |
<div class="splitcontentright"> |
| 34 |
<p><%= f.text_field :start_date, :size => 10, :disabled => !@issue.leaf? %><%= calendar_for('issue_start_date') if @issue.leaf? %></p>
|
|
| 35 |
<p><%= f.text_field :due_date, :size => 10, :disabled => !@issue.leaf? %><%= calendar_for('issue_due_date') if @issue.leaf? %></p>
|
|
| 36 |
<p><%= f.text_field :estimated_hours, :size => 3, :disabled => !@issue.leaf? %> <%= l(:field_hours) %></p> |
|
| 34 |
<p><%= f.text_field :start_date, :size => 10, :disabled => !@issue.leaf? || !@issue.planning_editable? %><%= calendar_for('issue_start_date') if @issue.leaf? && @issue.planning_editable? %></p>
|
|
| 35 |
<p><%= f.text_field :due_date, :size => 10, :disabled => !@issue.leaf? || !@issue.planning_editable? %><%= calendar_for('issue_due_date') if @issue.leaf? && @issue.planning_editable? %></p>
|
|
| 36 |
<p><%= f.text_field :estimated_hours, :size => 3, :disabled => !@issue.leaf? || !@issue.progress_editable? %> <%= l(:field_hours) %></p>
|
|
| 37 | 37 |
<% if @issue.leaf? && Issue.use_field_for_done_ratio? %> |
| 38 |
<p><%= f.select :done_ratio, ((0..10).to_a.collect {|r| ["#{r*10} %", r*10] }) %></p>
|
|
| 38 |
<p><%= f.select :done_ratio, ((0..10).to_a.collect {|r| ["#{r*10} %", r*10] }), {},:disabled => !@issue.progress_editable? %></p>
|
|
| 39 | 39 |
<% end %> |
| 40 | 40 |
</div> |
| 41 | 41 |
|
| redmine-1.1.0-issue-permissions/app/views/issues/_edit.rhtml 2011-01-26 12:43:13.756299600 -0700 | ||
|---|---|---|
| 6 | 6 |
:multipart => true} do |f| %> |
| 7 | 7 |
<%= error_messages_for 'issue', 'time_entry' %> |
| 8 | 8 |
<div class="box"> |
| 9 |
<% if @edit_allowed || !@allowed_statuses.empty? %>
|
|
| 9 |
<% if @issue.editable? || (!@allowed_statuses.empty? && @issue.assigned_to == User.current) %>
|
|
| 10 | 10 |
<fieldset class="tabular"><legend><%= l(:label_change_properties) %> |
| 11 |
<% if !@issue.new_record? && !@issue.errors.any? && @edit_allowed %>
|
|
| 11 |
<% if !@issue.new_record? && !@issue.errors.any? && @issue.descr_editable? %>
|
|
| 12 | 12 |
<small>(<%= link_to l(:label_more), {}, :onclick => 'Effect.toggle("issue_descr_fields", "appear", {duration:0.3}); return false;' %>)</small>
|
| 13 | 13 |
<% end %> |
| 14 | 14 |
</legend> |
| 15 |
<%= render :partial => (@edit_allowed ? 'form' : 'form_update'), :locals => {:f => f} %>
|
|
| 15 |
<%= render :partial => (@issue.editable? ? 'form' : 'form_update'), :locals => {:f => f} %>
|
|
| 16 | 16 |
</fieldset> |
| 17 | 17 |
<% end %> |
| 18 | 18 |
<% if authorize_for('timelog', 'edit') %>
|
| redmine-1.1.0-issue-permissions/app/views/issues/_form_update.rhtml 2011-01-26 13:25:57.771139800 -0700 | ||
|---|---|---|
| 1 | 1 |
<div class="attributes"> |
| 2 | 2 |
<div class="splitcontentleft"> |
| 3 | 3 |
<p><%= f.select :status_id, (@allowed_statuses.collect {|p| [p.name, p.id]}), :required => true %></p>
|
| 4 |
<p><%= f.select :assigned_to_id, (@issue.assignable_users.collect {|m| [m.name, m.id]}), :include_blank => true %></p>
|
|
| 4 |
<p><%= f.select :assigned_to_id, (@issue.assignable_users.collect {|m| [m.name, m.id]}), {:include_blank => true}, :disabled => !@issue.planning_editable? %></p>
|
|
| 5 | 5 |
</div> |
| 6 | 6 |
<div class="splitcontentright"> |
| 7 | 7 |
<% if Issue.use_field_for_done_ratio? %> |
| 8 |
<p><%= f.select :done_ratio, ((0..10).to_a.collect {|r| ["#{r*10} %", r*10] }) %></p>
|
|
| 8 |
<p><%= f.select :done_ratio, ((0..10).to_a.collect {|r| ["#{r*10} %", r*10]}), {}, :disabled => !@issue.progress_editable? %></p>
|
|
| 9 | 9 |
<% end %> |
| 10 | 10 |
<% unless @issue.assignable_versions.empty? %> |
| 11 |
<p><%= f.select :fixed_version_id, (@issue.assignable_versions.collect {|v| [v.name, v.id]}), :include_blank => true %></p>
|
|
| 11 |
<p><%= f.select :fixed_version_id, (@issue.assignable_versions.collect {|v| [v.name, v.id]}), {:include_blank => true}, :disabled => !@issue.planning_editable? %></p>
|
|
| 12 | 12 |
<% end %> |
| 13 | 13 |
</div> |
| 14 | 14 |
</div> |
| redmine-1.1.0-issue-permissions/config/locales/en.yml 2011-01-26 12:49:51.175631100 -0700 | ||
|---|---|---|
| 373 | 373 |
permission_manage_categories: Manage issue categories |
| 374 | 374 |
permission_view_issues: View Issues |
| 375 | 375 |
permission_add_issues: Add issues |
| 376 |
permission_edit_issues: Edit issues |
|
| 376 |
permission_edit_issues: Edit all issues |
|
| 377 |
permission_edit_authored_issues: Edit authored issues |
|
| 378 |
permission_edit_assigned_issues: Edit assigned issues |
|
| 379 |
permission_edit_issue_progress: Edit issue progress |
|
| 380 |
permission_edit_issue_planning: Edit issue planning |
|
| 377 | 381 |
permission_manage_issue_relations: Manage issue relations |
| 378 | 382 |
permission_add_issue_notes: Add notes |
| 379 | 383 |
permission_edit_issue_notes: Edit notes |
| redmine-1.1.0-issue-permissions/lib/redmine/default_data/loader.rb 2011-01-26 12:51:10.128250800 -0700 | ||
|---|---|---|
| 51 | 51 |
:manage_categories, |
| 52 | 52 |
:view_issues, |
| 53 | 53 |
:add_issues, |
| 54 |
:edit_issues, |
|
| 54 |
:edit_authored_issues, |
|
| 55 |
:edit_assigned_issues, |
|
| 56 |
:edit_issue_progress, |
|
| 55 | 57 |
:manage_issue_relations, |
| 56 | 58 |
:manage_subtasks, |
| 57 | 59 |
:add_issue_notes, |
| ... | ... | |
| 79 | 81 |
:permissions => [:view_issues, |
| 80 | 82 |
:add_issues, |
| 81 | 83 |
:add_issue_notes, |
| 84 |
:edit_own_issues, |
|
| 82 | 85 |
:save_queries, |
| 83 | 86 |
:view_gantt, |
| 84 | 87 |
:view_calendar, |
| redmine-1.1.0-issue-permissions/lib/redmine.rb 2011-01-26 12:50:48.675263100 -0700 | ||
|---|---|---|
| 67 | 67 |
:reports => [:issue_report, :issue_report_details]} |
| 68 | 68 |
map.permission :add_issues, {:issues => [:new, :create, :update_form]}
|
| 69 | 69 |
map.permission :edit_issues, {:issues => [:edit, :update, :bulk_edit, :bulk_update, :update_form], :journals => [:new]}
|
| 70 |
map.permission :edit_authored_issues, {:issues => [:edit, :update, :bulk_edit, :bulk_update, :update_form], :journals => [:new]}
|
|
| 71 |
map.permission :edit_assigned_issues, {:issues => [:edit, :update, :bulk_edit, :bulk_update, :update_form], :journals => [:new]}
|
|
| 72 |
map.permission :edit_issue_progress, {:issues => [:edit, :update, :bulk_edit, :bulk_update, :update_form], :journals => [:new]}
|
|
| 73 |
map.permission :edit_issue_planning, {:issues => [:edit, :update, :bulk_edit, :bulk_update, :update_form], :journals => [:new]}
|
|
| 70 | 74 |
map.permission :manage_issue_relations, {:issue_relations => [:new, :destroy]}
|
| 71 | 75 |
map.permission :manage_subtasks, {}
|
| 72 | 76 |
map.permission :add_issue_notes, {:issues => [:edit, :update], :journals => [:new]}
|