From 448d83d482d42f7125c1a88e3264a1ff37fa8f94 Mon Sep 17 00:00:00 2001
From: Leo Hourvitz <leo@leo-hourvitzs-computer.local>
Date: Fri, 8 Oct 2010 12:12:00 +0900
Subject: [PATCH] Added edit_own_issues and edit_own_new_issues permissions to Redmine

---
 app/controllers/issues_controller.rb |    4 ++--
 app/models/issue.rb                  |    9 +++++++++
 app/models/mail_handler.rb           |    4 ++--
 config/locales/en.yml                |    2 ++
 config/locales/ja.yml                |    2 ++
 lib/redmine.rb                       |    2 ++
 lib/redmine/default_data/loader.rb   |    1 +
 7 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/app/controllers/issues_controller.rb b/app/controllers/issues_controller.rb
index 385bfa7..06f4508 100644
--- a/app/controllers/issues_controller.rb
+++ b/app/controllers/issues_controller.rb
@@ -104,7 +104,7 @@ class IssuesController < ApplicationController
     @changesets = @issue.changesets.visible.all
     @changesets.reverse! if User.current.wants_comments_in_reverse_order?
     @allowed_statuses = @issue.new_statuses_allowed_to(User.current)
-    @edit_allowed = User.current.allowed_to?(:edit_issues, @project)
+    @edit_allowed = @issue.editable?
     @priorities = IssuePriority.all
     @time_entry = TimeEntry.new
     respond_to do |format|
@@ -268,7 +268,7 @@ private
   def update_issue_from_params
     @allowed_statuses = @issue.new_statuses_allowed_to(User.current)
     @priorities = IssuePriority.all
-    @edit_allowed = User.current.allowed_to?(:edit_issues, @project)
+    @edit_allowed = @issue.editable?
     @time_entry = TimeEntry.new
     
     @notes = params[:notes] || (params[:issue].present? ? params[:issue][:notes] : nil)
diff --git a/app/models/issue.rb b/app/models/issue.rb
index c499523..ba6bae6 100644
--- a/app/models/issue.rb
+++ b/app/models/issue.rb
@@ -96,6 +96,15 @@ class Issue < ActiveRecord::Base
     (usr || User.current).allowed_to?(:view_issues, self.project)
   end
   
+  # Returns true if usr or current user is allowed to edit the issue
+  def editable?(usr=nil)
+    user = usr || User.current
+	return user.allowed_to?(:edit_issues, @project) ||
+		( user.allowed_to?(:edit_own_issues, @project) && @author == user ) ||
+		( user.allowed_to?(:edit_own_new_issues, @project) && @author == user &&
+		  ((!@journals) || @journals.reduce(true) { |all_mine,j| all_mine &&= j.user == user }))
+  end
+  
   def after_initialize
     if new_record?
       # set default values for new records only
diff --git a/app/models/mail_handler.rb b/app/models/mail_handler.rb
index 518f043..65add0e 100644
--- a/app/models/mail_handler.rb
+++ b/app/models/mail_handler.rb
@@ -174,8 +174,8 @@ class MailHandler < ActionMailer::Base
     return unless issue
     # check permission
     unless @@handler_options[:no_permission_check]
-      raise UnauthorizedAction unless user.allowed_to?(:add_issue_notes, issue.project) || user.allowed_to?(:edit_issues, issue.project)
-      raise UnauthorizedAction unless status.nil? || user.allowed_to?(:edit_issues, issue.project)
+      raise UnauthorizedAction unless user.allowed_to?(:add_issue_notes, issue.project) || issue.editable?(user)
+      raise UnauthorizedAction unless status.nil? 
     end
 
     # add the note
diff --git a/config/locales/en.yml b/config/locales/en.yml
index c860f45..55e142d 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -362,6 +362,8 @@ en:
   permission_view_issues: View Issues
   permission_add_issues: Add issues
   permission_edit_issues: Edit issues
+  permission_edit_own_issues: Edit own issues
+  permission_edit_own_new_issues: Edit own new issues
   permission_manage_issue_relations: Manage issue relations
   permission_add_issue_notes: Add notes
   permission_edit_issue_notes: Edit notes
diff --git a/config/locales/ja.yml b/config/locales/ja.yml
index 61a9a81..fd7f54a 100644
--- a/config/locales/ja.yml
+++ b/config/locales/ja.yml
@@ -387,6 +387,8 @@ ja:
   permission_view_issues: チケットの閲覧
   permission_add_issues: チケットの追加
   permission_edit_issues: チケットの編集
+  permission_edit_own_issues: 自分のチケットの編集
+  permission_edit_own_new_issues: 自分の新規チケットの編集
   permission_manage_issue_relations: チケットの管理
   permission_add_issue_notes: 注記の追加
   permission_edit_issue_notes: 注記の編集
diff --git a/lib/redmine.rb b/lib/redmine.rb
index eac459c..79bf5d3 100644
--- a/lib/redmine.rb
+++ b/lib/redmine.rb
@@ -66,6 +66,8 @@ Redmine::AccessControl.map do |map|
                                   :reports => [:issue_report, :issue_report_details]}
     map.permission :add_issues, {:issues => [:new, :create, :update_form]}
     map.permission :edit_issues, {:issues => [:edit, :update, :bulk_edit, :bulk_update, :update_form], :journals => [:new]}
+    map.permission :edit_own_issues, {:issues => [:edit, :update, :update_form], :journals => [:new]}
+    map.permission :edit_own_new_issues, {:issues => [:edit, :update, :update_form], :journals => [:new]}
     map.permission :manage_issue_relations, {:issue_relations => [:new, :destroy]}
     map.permission :manage_subtasks, {}
     map.permission :add_issue_notes, {:issues => [:edit, :update], :journals => [:new]}
diff --git a/lib/redmine/default_data/loader.rb b/lib/redmine/default_data/loader.rb
index e0e0cc8..e719bca 100644
--- a/lib/redmine/default_data/loader.rb
+++ b/lib/redmine/default_data/loader.rb
@@ -79,6 +79,7 @@ module Redmine
                                     :permissions => [:view_issues,
                                                     :add_issues,
                                                     :add_issue_notes,
+                                                    :edit_own_new_issues,
                                                     :save_queries,
                                                     :view_gantt,
                                                     :view_calendar,
-- 
1.6.3.3