| @@ -267,14 +267,7 class IssuesController < ApplicationController | |||
|
|
267 | 267 | def move |
|
|
268 | 268 | @issues.sort! |
|
|
269 | 269 | @copy = params[:copy_options] && params[:copy_options][:copy] |
|
|
270 | @allowed_projects = [] | |
|
|
271 | # find projects to which the user is allowed to move the issue | |
|
|
272 | if User.current.admin? | |
|
|
273 | # admin is allowed to move issues to any active (visible) project | |
|
|
274 | @allowed_projects = Project.find(:all, :conditions => Project.visible_by(User.current)) | |
|
|
275 | else | |
|
|
276 | User.current.memberships.each {|m| @allowed_projects << m.project if m.roles.detect {|r| r.allowed_to?(:move_issues)}} | |
|
|
277 | end | |
|
|
270 | @allowed_projects = Issue.allowed_target_projects_on_move | |
|
|
278 | 271 | @target_project = @allowed_projects.detect {|p| p.id.to_s == params[:new_project_id]} if params[:new_project_id] |
|
|
279 | 272 | @target_project ||= @project |
|
|
280 | 273 | @trackers = @target_project.trackers |
| @@ -600,6 +600,22 class Issue < ActiveRecord::Base | |||
|
|
600 | 600 | end |
|
|
601 | 601 | # End ReportsController extraction |
|
|
602 | 602 | |
|
|
603 | # Returns an array of projects that current user can move issues to | |
|
|
604 | def self.allowed_target_projects_on_move | |
|
|
605 | projects = [] | |
|
|
606 | if User.current.admin? | |
|
|
607 | # admin is allowed to move issues to any active (visible) project | |
|
|
608 | projects = Project.visible.all | |
|
|
609 | elsif User.current.logged? | |
|
|
610 | if Role.non_member.allowed_to?(:move_issues) | |
|
|
611 | projects = Project.visible.all | |
|
|
612 | else | |
|
|
613 | User.current.memberships.each {|m| projects << m.project if m.roles.detect {|r| r.allowed_to?(:move_issues)}} | |
|
|
614 | end | |
|
|
615 | end | |
|
|
616 | projects | |
|
|
617 | end | |
|
|
618 | ||
|
|
603 | 619 | private |
|
|
604 | 620 | |
|
|
605 | 621 | def update_nested_set_attributes |
| @@ -667,6 +667,23 class IssueTest < ActiveSupport::TestCase | |||
|
|
667 | 667 | assert_equal 2, groups.size |
|
|
668 | 668 | assert_equal 5, groups.inject(0) {|sum, group| sum + group['total'].to_i} |
|
|
669 | 669 | end |
|
|
670 | ||
|
|
671 | ||
|
|
672 | context ".allowed_target_projects_on_move" do | |
|
|
673 | should "return all active projects for admin users" do | |
|
|
674 | User.current = User.find(1) | |
|
|
675 | assert_equal Project.active.count, Issue.allowed_target_projects_on_move.size | |
|
|
676 | end | |
|
|
677 | ||
|
|
678 | should "return allowed projects for non admin users" do | |
|
|
679 | User.current = User.find(2) | |
|
|
680 | Role.non_member.remove_permission! :move_issues | |
|
|
681 | assert_equal 3, Issue.allowed_target_projects_on_move.size | |
|
|
682 | ||
|
|
683 | Role.non_member.add_permission! :move_issues | |
|
|
684 | assert_equal Project.active.count, Issue.allowed_target_projects_on_move.size | |
|
|
685 | end | |
|
|
686 | end | |
|
|
670 | 687 | |
|
|
671 | 688 | def test_recently_updated_with_limit_scopes |
|
|
672 | 689 | #should return the last updated issue |
General Comments 0
You need to be logged in to leave comments.
Login now