| @@ -267,14 +267,7 class IssuesController < ApplicationController | |||||
| 267 | def move |
|
267 | def move | |
| 268 | @issues.sort! |
|
268 | @issues.sort! | |
| 269 | @copy = params[:copy_options] && params[:copy_options][:copy] |
|
269 | @copy = params[:copy_options] && params[:copy_options][:copy] | |
| 270 | @allowed_projects = [] |
|
270 | @allowed_projects = Issue.allowed_target_projects_on_move | |
| 271 | # find projects to which the user is allowed to move the issue |
|
|||
| 272 | if User.current.admin? |
|
|||
| 273 | # admin is allowed to move issues to any active (visible) project |
|
|||
| 274 | @allowed_projects = Project.find(:all, :conditions => Project.visible_by(User.current)) |
|
|||
| 275 | else |
|
|||
| 276 | User.current.memberships.each {|m| @allowed_projects << m.project if m.roles.detect {|r| r.allowed_to?(:move_issues)}} |
|
|||
| 277 | end |
|
|||
| 278 | @target_project = @allowed_projects.detect {|p| p.id.to_s == params[:new_project_id]} if params[:new_project_id] |
|
271 | @target_project = @allowed_projects.detect {|p| p.id.to_s == params[:new_project_id]} if params[:new_project_id] | |
| 279 | @target_project ||= @project |
|
272 | @target_project ||= @project | |
| 280 | @trackers = @target_project.trackers |
|
273 | @trackers = @target_project.trackers | |
| @@ -600,6 +600,22 class Issue < ActiveRecord::Base | |||||
| 600 | end |
|
600 | end | |
| 601 | # End ReportsController extraction |
|
601 | # End ReportsController extraction | |
| 602 |
|
602 | |||
|
|
603 | # Returns an array of projects that current user can move issues to | |||
|
|
604 | def self.allowed_target_projects_on_move | |||
|
|
605 | projects = [] | |||
|
|
606 | if User.current.admin? | |||
|
|
607 | # admin is allowed to move issues to any active (visible) project | |||
|
|
608 | projects = Project.visible.all | |||
|
|
609 | elsif User.current.logged? | |||
|
|
610 | if Role.non_member.allowed_to?(:move_issues) | |||
|
|
611 | projects = Project.visible.all | |||
|
|
612 | else | |||
|
|
613 | User.current.memberships.each {|m| projects << m.project if m.roles.detect {|r| r.allowed_to?(:move_issues)}} | |||
|
|
614 | end | |||
|
|
615 | end | |||
|
|
616 | projects | |||
|
|
617 | end | |||
|
|
618 | ||||
| 603 | private |
|
619 | private | |
| 604 |
|
620 | |||
| 605 | def update_nested_set_attributes |
|
621 | def update_nested_set_attributes | |
| @@ -667,6 +667,23 class IssueTest < ActiveSupport::TestCase | |||||
| 667 | assert_equal 2, groups.size |
|
667 | assert_equal 2, groups.size | |
| 668 | assert_equal 5, groups.inject(0) {|sum, group| sum + group['total'].to_i} |
|
668 | assert_equal 5, groups.inject(0) {|sum, group| sum + group['total'].to_i} | |
| 669 | end |
|
669 | end | |
|
|
670 | ||||
|
|
671 | ||||
|
|
672 | context ".allowed_target_projects_on_move" do | |||
|
|
673 | should "return all active projects for admin users" do | |||
|
|
674 | User.current = User.find(1) | |||
|
|
675 | assert_equal Project.active.count, Issue.allowed_target_projects_on_move.size | |||
|
|
676 | end | |||
|
|
677 | ||||
|
|
678 | should "return allowed projects for non admin users" do | |||
|
|
679 | User.current = User.find(2) | |||
|
|
680 | Role.non_member.remove_permission! :move_issues | |||
|
|
681 | assert_equal 3, Issue.allowed_target_projects_on_move.size | |||
|
|
682 | ||||
|
|
683 | Role.non_member.add_permission! :move_issues | |||
|
|
684 | assert_equal Project.active.count, Issue.allowed_target_projects_on_move.size | |||
|
|
685 | end | |||
|
|
686 | end | |||
| 670 |
|
687 | |||
| 671 | def test_recently_updated_with_limit_scopes |
|
688 | def test_recently_updated_with_limit_scopes | |
| 672 | #should return the last updated issue |
|
689 | #should return the last updated issue | |
General Comments 0
You need to be logged in to leave comments.
Login now