From bdebb99ac187e4620c8321726f901451bf2a632b Mon Sep 17 00:00:00 2001 From: Marius BALTEANU Date: Tue, 20 Aug 2019 08:42:24 +0300 Subject: [PATCH] Per role visibility for version custom fields --- app/models/version.rb | 7 ++ app/models/version_custom_field.rb | 4 + app/views/custom_fields/_form.html.erb | 2 +- app/views/versions/_form.html.erb | 2 +- app/views/versions/index.api.rsb | 2 +- app/views/versions/show.api.rsb | 2 +- .../custom_fields_controller_test.rb | 20 +++++ .../versions_custom_fields_visibility_test.rb | 79 +++++++++++++++++++ 8 files changed, 114 insertions(+), 4 deletions(-) create mode 100644 test/functional/versions_custom_fields_visibility_test.rb diff --git a/app/models/version.rb b/app/models/version.rb index dce03c9de..e538f21b3 100644 --- a/app/models/version.rb +++ b/app/models/version.rb @@ -168,6 +168,13 @@ class Version < ActiveRecord::Base user.allowed_to?(:view_issues, self.project) end + def visible_custom_field_values(user = nil) + user ||= User.current + custom_field_values.select do |value| + value.custom_field.visible_by?(project, user) + end + end + # Version files have same visibility as project files def attachments_visible?(*args) project.present? && project.attachments_visible?(*args) diff --git a/app/models/version_custom_field.rb b/app/models/version_custom_field.rb index 238649c7c..d9034e06f 100644 --- a/app/models/version_custom_field.rb +++ b/app/models/version_custom_field.rb @@ -21,4 +21,8 @@ class VersionCustomField < CustomField def type_name :label_version_plural end + + def visible_by?(project, user=User.current) + super || (roles & user.roles_for_project(project)).present? + end end diff --git a/app/views/custom_fields/_form.html.erb b/app/views/custom_fields/_form.html.erb index deb000297..a7af54a07 100644 --- a/app/views/custom_fields/_form.html.erb +++ b/app/views/custom_fields/_form.html.erb @@ -53,7 +53,7 @@ <%= call_hook(:"view_custom_fields_form_#{@custom_field.type.to_s.underscore}", :custom_field => @custom_field, :form => f) %> - <% if %w(IssueCustomField TimeEntryCustomField ProjectCustomField).include?(@custom_field.class.name) %> + <% if %w(IssueCustomField TimeEntryCustomField ProjectCustomField VersionCustomField).include?(@custom_field.class.name) %> <%= render :partial => 'visibility_by_role_selector', :locals => { :f => f } %> <% end %> diff --git a/app/views/versions/_form.html.erb b/app/views/versions/_form.html.erb index 58d3e336a..62119769b 100644 --- a/app/views/versions/_form.html.erb +++ b/app/views/versions/_form.html.erb @@ -14,7 +14,7 @@

<%= f.check_box :default_project_version, :label => :field_default_version %>

<% end %> -<% @version.custom_field_values.each do |value| %> +<% @version.visible_custom_field_values.each do |value| %>

<%= custom_field_tag_with_label :version, value %>

<% end %> diff --git a/app/views/versions/index.api.rsb b/app/views/versions/index.api.rsb index 98f9425de..65354554f 100644 --- a/app/views/versions/index.api.rsb +++ b/app/views/versions/index.api.rsb @@ -11,7 +11,7 @@ api.array :versions, api_meta(:total_count => @versions.size) do api.sharing version.sharing api.wiki_page_title version.wiki_page_title - render_api_custom_values version.custom_field_values, api + render_api_custom_values version.visible_custom_field_values, api api.created_on version.created_on api.updated_on version.updated_on diff --git a/app/views/versions/show.api.rsb b/app/views/versions/show.api.rsb index 96edb6b57..345ec56da 100644 --- a/app/views/versions/show.api.rsb +++ b/app/views/versions/show.api.rsb @@ -9,7 +9,7 @@ api.version do api.sharing @version.sharing api.wiki_page_title @version.wiki_page_title - render_api_custom_values @version.custom_field_values, api + render_api_custom_values @version.visible_custom_field_values, api api.created_on @version.created_on api.updated_on @version.updated_on diff --git a/test/functional/custom_fields_controller_test.rb b/test/functional/custom_fields_controller_test.rb index 101a4c34f..7f41888ff 100644 --- a/test/functional/custom_fields_controller_test.rb +++ b/test/functional/custom_fields_controller_test.rb @@ -146,6 +146,26 @@ class CustomFieldsControllerTest < Redmine::ControllerTest end end + def test_new_version_custom_field + get :new, :params => { + :type => 'VersionCustomField' + } + assert_response :success + + assert_select 'form#custom_field_form' do + assert_select 'select#custom_field_field_format[name=?]', 'custom_field[field_format]' do + assert_select 'option[value=user]', :text => 'User' + assert_select 'option[value=version]', :text => 'Version' + end + + # Visibility + assert_select 'input[type=radio][name=?]', 'custom_field[visible]', 2 + assert_select 'input[type=checkbox][name=?]', 'custom_field[role_ids][]', 3 + + assert_select 'input[type=hidden][name=type][value=VersionCustomField]' + end + end + def test_new_time_entry_custom_field_should_not_show_trackers_and_projects get :new, :params => { :type => 'TimeEntryCustomField' diff --git a/test/functional/versions_custom_fields_visibility_test.rb b/test/functional/versions_custom_fields_visibility_test.rb new file mode 100644 index 000000000..29ecfba16 --- /dev/null +++ b/test/functional/versions_custom_fields_visibility_test.rb @@ -0,0 +1,79 @@ +# frozen_string_literal: true + +# Redmine - project management software +# Copyright (C) 2006-2019 Jean-Philippe Lang +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +require File.expand_path('../../test_helper', __FILE__) + +class VersionsCustomFieldsVisibilityTest < Redmine::ControllerTest + tests VersionsController + fixtures :projects, + :users, :email_addresses, + :roles, + :members, + :member_roles, + :issue_statuses, + :trackers, + :projects_trackers, + :enabled_modules, + :versions, + :custom_fields, :custom_values, :custom_fields_trackers + + def test_show_should_display_only_custom_fields_visible_to_user + cf1 = VersionCustomField.create!(:name => 'cf1', :field_format => 'string') + cf2 = VersionCustomField.create!(:name => 'cf2', :field_format => 'string', :visible => false, :role_ids => [1]) + cf3 = VersionCustomField.create!(:name => 'cf3', :field_format => 'string', :visible => false, :role_ids => [3]) + + version = Version.find(2) + version.custom_field_values = {cf1.id => 'Value1', cf2.id => 'Value2', cf3.id => 'Value3'} + version.save! + + @request.session[:user_id] = 2 + get :show, :params => { + :id => 2 + } + assert_response :success + + assert_select '#roadmap' do + assert_select 'span.label', :text => 'cf1:' + assert_select 'span.label', :text => 'cf2:' + assert_select 'span.label', {count: 0, text: 'cf3:'} + end + end + + def test_edit_should_display_only_custom_fields_visible_to_user + cf1 = VersionCustomField.create!(:name => 'cf1', :field_format => 'string') + cf2 = VersionCustomField.create!(:name => 'cf2', :field_format => 'string', :visible => false, :role_ids => [1]) + cf3 = VersionCustomField.create!(:name => 'cf3', :field_format => 'string', :visible => false, :role_ids => [3]) + + version = Version.find(2) + version.custom_field_values = {cf1.id => 'Value1', cf2.id => 'Value2', cf3.id => 'Value3'} + version.save! + + @request.session[:user_id] = 2 + get :edit, :params => { + :id => 2 + } + assert_response :success + + assert_select 'form.edit_version' do + assert_select 'input[id=?]', "version_custom_field_values_#{cf1.id}" + assert_select 'input[id=?]', "version_custom_field_values_#{cf2.id}" + assert_select 'input[id=?]', "version_custom_field_values_#{cf3.id}", 0 + end + end +end -- 2.22.0