0002-adds-the-use_webhooks-permission.patch - Redmine

       self.main_menu = false
       before_action :require_login
       before_action :authorize
       before_action :find_webhook, only: [:edit, :update, :destroy]
       require_sudo_mode :create, :update, :destroy
-...
       def webhooks
         User.current.webhooks
       end
       def authorize
         deny_access unless User.current.allowed_to?(:use_webhooks, nil, global: true)
       end
     end

       scope :active, -> { where(active: true) }
       before_validation ->(hook){ hook.projects = hook.projects.to_a.select{|p| p.visible?(hook.user) } }
       before_validation ->(hook){ hook.projects = hook.projects.to_a & hook.setable_projects }
       # Triggers the given event for the given object, scheduling qualifying hooks
       # to be called.
-...
           .eager_load(:user)
           .where(users: { status: User::STATUS_ACTIVE }, projects_webhooks: { project_id: object.project_id })
           .to_a.select do |hook|
           hook.events.include?(event) && object.visible?(hook.user)
           hook.events.include?(event) && object.visible?(hook.user) && hook.user.allowed_to?(:use_webhooks, object.project)
         end
       end
       def setable_projects
         Project.visible
         user = self.user || User.current
         Project.visible(user).to_a.select{|p| user.allowed_to?(:use_webhooks, p)}
       end
       def setable_events

     <div class="contextual">
     <%= additional_emails_link(@user) %>
     <%= link_to(sprite_icon('key', l(:button_change_password)), { :action => 'password'}, :class => 'icon icon-passwd') if @user.change_password_allowed? %>
     <%= link_to sprite_icon('webhook', l(:label_webhook_plural)), webhooks_path, class: 'icon icon-webhook' %>
     <%= link_to sprite_icon('webhook', l(:label_webhook_plural)), webhooks_path, class: 'icon icon-webhook' if @user.allowed_to?(:use_webhooks, nil, global: true) %>
     <%= call_hook(:view_my_account_contextual, :user => @user)%>
     </div>

config/locales/de.yml
970	970	permission_set_issues_private: Tickets als privat oder öffentlich markieren
971	971	permission_set_notes_private: Kommentar als privat markieren
972	972	permission_set_own_issues_private: Eigene Tickets als privat oder öffentlich markieren
	973	permission_use_webhooks: Webhooks verwenden
973	974	permission_view_calendar: Kalender ansehen
974	975	permission_view_changesets: Changesets ansehen
975	976	permission_view_documents: Dokumente ansehen

config/locales/en.yml
605	605	permission_manage_related_issues: Manage related issues
606	606	permission_import_issues: Import issues
607	607	permission_log_time_for_other_users: Log spent time for other users
	608	permission_use_webhooks: Use webhooks
608	609
609	610	project_module_issue_tracking: Issue tracking
610	611	project_module_time_tracking: Time tracking

             map.permission :manage_public_queries, {:queries => [:new, :create, :edit, :update, :destroy]}, :require => :member
             map.permission :save_queries, {:queries => [:new, :create, :edit, :update, :destroy]}, :require => :loggedin
             # Webhooks
             map.permission :use_webhooks, {}, :require => :member
             map.project_module :issue_tracking do |map|
               # Issues
               map.permission :view_issues, {:issues => [:index, :show, :issue_tab],

         @project = Project.find 'ecookbook'
         @dlopper = User.find_by_login 'dlopper'
         @issue = @project.issues.first
         @role = Role.find_by_name 'Developer'
         @role.permissions << :use_webhooks; @role.save!
         @hook = create_hook
         @other_hook = create_hook user: User.find_by_login('admin'), url: 'https://example.com/other/hook'
         @request.session[:user_id] = @dlopper.id

         @project = Project.find 'ecookbook'
         @dlopper = User.find_by_login 'dlopper'
         @role = Role.find_by_name 'Developer'
         @role.permissions << :use_webhooks; @role.save!
         @issue = @project.issues.first
         WebhookEndpointValidator.class_eval do
           @blocked_hosts = nil
-...
         assert_raise(ActiveRecord::SerializationTypeMismatch){ Webhook.new(events: 'issue.created') }
       end
       test "should clean up project list on save" do
       test "should clean up project list based on permissions on save" do
         h = create_hook
         assert_equal [@project], h.projects
         @role.permissions.delete :use_webhooks
         @role.save!
         h.reload
         h.save
         h.reload
         assert_equal [], h.projects
       end
       test "should clean up project list based on project visibility on save" do
         h = create_hook
         assert_equal [@project], h.projects
         @project.memberships.destroy_all
-...
         assert_equal [], h.projects
       end
       test "should filter setable projects" do
         assert_equal [@project], Webhook.new(user: @dlopper).setable_projects
         @role.permissions.delete :use_webhooks
         @role.save!
         @dlopper.reload
         assert_equal [], Webhook.new(user: @dlopper).setable_projects
       end
       test "should check ip address at run time" do
         Redmine::Configuration.with('webhook_blocklist' => ['*.example.org', '10.0.0.0/8', '192.168.0.0/16']) do
           %w[
-...
         assert_equal [], Webhook.hooks_for('issue.created', @issue)
       end
       test "should check permission when looking for hooks" do
         hook = create_hook
         assert @issue.visible?(hook.user)
         assert_equal [hook], Webhook.hooks_for('issue.created', @issue)
         @role.permissions.delete :use_webhooks
         @role.save!
         assert_equal [], Webhook.hooks_for('issue.created', @issue)
       end
       test "should not find inactive hook" do
         hook = create_hook active: false
         assert @issue.visible?(hook.user)

Project

General

Profile

Redmine

Feature #29664 » 0002-adds-the-use_webhooks-permission.patch