##// END OF EJS Templates
jro_apps » redmine
RSS
Fixed: cross-project issue list should not show issues of projects for which the issue tracking module was disabled....
Jean-Philippe Lang -
r1905:394fc9c10945
parent child
Show More
Side by Side Unified
Context file:
r1905:394fc9c10945 Loading diff...:
Show file before | Show file after | Hide comments
@@ -0,0 +1,49
1 # Redmine - project management software
2 # Copyright (C) 2006-2008 Jean-Philippe Lang
3 #
4 # This program is free software; you can redistribute it and/or
5 # modify it under the terms of the GNU General Public License
6 # as published by the Free Software Foundation; either version 2
7 # of the License, or (at your option) any later version.
8 #
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
13 #
14 # You should have received a copy of the GNU General Public License
15 # along with this program; if not, write to the Free Software
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17
18 require File.dirname(__FILE__) + '/../../../test_helper'
19
20 class Redmine::AccessControlTest < Test::Unit::TestCase
21
22 def setup
23 @access_module = Redmine::AccessControl
24 end
25
26 def test_permissions
27 perms = @access_module.permissions
28 assert perms.is_a?(Array)
29 assert perms.first.is_a?(Redmine::AccessControl::Permission)
30 end
31
32 def test_module_permission
33 perm = @access_module.permission(:view_issues)
34 assert perm.is_a?(Redmine::AccessControl::Permission)
35 assert_equal :view_issues, perm.name
36 assert_equal :issue_tracking, perm.project_module
37 assert perm.actions.is_a?(Array)
38 assert perm.actions.include?('issues/index')
39 end
40
41 def test_no_module_permission
42 perm = @access_module.permission(:edit_project)
43 assert perm.is_a?(Redmine::AccessControl::Permission)
44 assert_equal :edit_project, perm.name
45 assert_nil perm.project_module
46 assert perm.actions.is_a?(Array)
47 assert perm.actions.include?('projects/settings')
48 end
49 end
Show file before | Show file after | Hide comments
@@ -1,268 +1,274
1 1 # redMine - project management software
2 2 # Copyright (C) 2006 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 class Project < ActiveRecord::Base
19 19 # Project statuses
20 20 STATUS_ACTIVE = 1
21 21 STATUS_ARCHIVED = 9
22 22
23 23 has_many :members, :include => :user, :conditions => "#{User.table_name}.status=#{User::STATUS_ACTIVE}"
24 24 has_many :users, :through => :members
25 25 has_many :enabled_modules, :dependent => :delete_all
26 26 has_and_belongs_to_many :trackers, :order => "#{Tracker.table_name}.position"
27 27 has_many :issues, :dependent => :destroy, :order => "#{Issue.table_name}.created_on DESC", :include => [:status, :tracker]
28 28 has_many :issue_changes, :through => :issues, :source => :journals
29 29 has_many :versions, :dependent => :destroy, :order => "#{Version.table_name}.effective_date DESC, #{Version.table_name}.name DESC"
30 30 has_many :time_entries, :dependent => :delete_all
31 31 has_many :queries, :dependent => :delete_all
32 32 has_many :documents, :dependent => :destroy
33 33 has_many :news, :dependent => :delete_all, :include => :author
34 34 has_many :issue_categories, :dependent => :delete_all, :order => "#{IssueCategory.table_name}.name"
35 35 has_many :boards, :dependent => :destroy, :order => "position ASC"
36 36 has_one :repository, :dependent => :destroy
37 37 has_many :changesets, :through => :repository
38 38 has_one :wiki, :dependent => :destroy
39 39 # Custom field for the project issues
40 40 has_and_belongs_to_many :issue_custom_fields,
41 41 :class_name => 'IssueCustomField',
42 42 :order => "#{CustomField.table_name}.position",
43 43 :join_table => "#{table_name_prefix}custom_fields_projects#{table_name_suffix}",
44 44 :association_foreign_key => 'custom_field_id'
45 45
46 46 acts_as_tree :order => "name", :counter_cache => true
47 47
48 48 acts_as_customizable
49 49 acts_as_searchable :columns => ['name', 'description'], :project_key => 'id', :permission => nil
50 50 acts_as_event :title => Proc.new {|o| "#{l(:label_project)}: #{o.name}"},
51 51 :url => Proc.new {|o| {:controller => 'projects', :action => 'show', :id => o.id}},
52 52 :author => nil
53 53
54 54 attr_protected :status, :enabled_module_names
55 55
56 56 validates_presence_of :name, :identifier
57 57 validates_uniqueness_of :name, :identifier
58 58 validates_associated :repository, :wiki
59 59 validates_length_of :name, :maximum => 30
60 60 validates_length_of :homepage, :maximum => 255
61 61 validates_length_of :identifier, :in => 3..20
62 62 validates_format_of :identifier, :with => /^[a-z0-9\-]*$/
63 63
64 64 before_destroy :delete_all_members
65 65
66 66 named_scope :has_module, lambda { |mod| { :conditions => ["#{Project.table_name}.id IN (SELECT em.project_id FROM #{EnabledModule.table_name} em WHERE em.name=?)", mod.to_s] } }
67 67
68 68 def identifier=(identifier)
69 69 super unless identifier_frozen?
70 70 end
71 71
72 72 def identifier_frozen?
73 73 errors[:identifier].nil? && !(new_record? || identifier.blank?)
74 74 end
75 75
76 76 def issues_with_subprojects(include_subprojects=false)
77 77 conditions = nil
78 78 if include_subprojects
79 79 ids = [id] + child_ids
80 80 conditions = ["#{Project.table_name}.id IN (#{ids.join(',')}) AND #{Project.visible_by}"]
81 81 end
82 82 conditions ||= ["#{Project.table_name}.id = ?", id]
83 83 # Quick and dirty fix for Rails 2 compatibility
84 84 Issue.send(:with_scope, :find => { :conditions => conditions }) do
85 85 Version.send(:with_scope, :find => { :conditions => conditions }) do
86 86 yield
87 87 end
88 88 end
89 89 end
90 90
91 91 # returns latest created projects
92 92 # non public projects will be returned only if user is a member of those
93 93 def self.latest(user=nil, count=5)
94 94 find(:all, :limit => count, :conditions => visible_by(user), :order => "created_on DESC")
95 95 end
96 96
97 97 def self.visible_by(user=nil)
98 98 user ||= User.current
99 99 if user && user.admin?
100 100 return "#{Project.table_name}.status=#{Project::STATUS_ACTIVE}"
101 101 elsif user && user.memberships.any?
102 102 return "#{Project.table_name}.status=#{Project::STATUS_ACTIVE} AND (#{Project.table_name}.is_public = #{connection.quoted_true} or #{Project.table_name}.id IN (#{user.memberships.collect{|m| m.project_id}.join(',')}))"
103 103 else
104 104 return "#{Project.table_name}.status=#{Project::STATUS_ACTIVE} AND #{Project.table_name}.is_public = #{connection.quoted_true}"
105 105 end
106 106 end
107 107
108 108 def self.allowed_to_condition(user, permission, options={})
109 109 statements = []
110 110 base_statement = "#{Project.table_name}.status=#{Project::STATUS_ACTIVE}"
111 if perm = Redmine::AccessControl.permission(permission)
112 unless perm.project_module.nil?
113 # If the permission belongs to a project module, make sure the module is enabled
114 base_statement << " AND EXISTS (SELECT em.id FROM #{EnabledModule.table_name} em WHERE em.name='#{perm.project_module}' AND em.project_id=#{Project.table_name}.id)"
115 end
116 end
111 117 if options[:project]
112 118 project_statement = "#{Project.table_name}.id = #{options[:project].id}"
113 119 project_statement << " OR #{Project.table_name}.parent_id = #{options[:project].id}" if options[:with_subprojects]
114 120 base_statement = "(#{project_statement}) AND (#{base_statement})"
115 121 end
116 122 if user.admin?
117 123 # no restriction
118 124 else
119 125 statements << "1=0"
120 126 if user.logged?
121 127 statements << "#{Project.table_name}.is_public = #{connection.quoted_true}" if Role.non_member.allowed_to?(permission)
122 128 allowed_project_ids = user.memberships.select {|m| m.role.allowed_to?(permission)}.collect {|m| m.project_id}
123 129 statements << "#{Project.table_name}.id IN (#{allowed_project_ids.join(',')})" if allowed_project_ids.any?
124 130 elsif Role.anonymous.allowed_to?(permission)
125 131 # anonymous user allowed on public project
126 132 statements << "#{Project.table_name}.is_public = #{connection.quoted_true}"
127 133 else
128 134 # anonymous user is not authorized
129 135 end
130 136 end
131 137 statements.empty? ? base_statement : "((#{base_statement}) AND (#{statements.join(' OR ')}))"
132 138 end
133 139
134 140 def project_condition(with_subprojects)
135 141 cond = "#{Project.table_name}.id = #{id}"
136 142 cond = "(#{cond} OR #{Project.table_name}.parent_id = #{id})" if with_subprojects
137 143 cond
138 144 end
139 145
140 146 def self.find(*args)
141 147 if args.first && args.first.is_a?(String) && !args.first.match(/^\d*$/)
142 148 project = find_by_identifier(*args)
143 149 raise ActiveRecord::RecordNotFound, "Couldn't find Project with identifier=#{args.first}" if project.nil?
144 150 project
145 151 else
146 152 super
147 153 end
148 154 end
149 155
150 156 def to_param
151 157 # id is used for projects with a numeric identifier (compatibility)
152 158 @to_param ||= (identifier.to_s =~ %r{^\d*$} ? id : identifier)
153 159 end
154 160
155 161 def active?
156 162 self.status == STATUS_ACTIVE
157 163 end
158 164
159 165 def archive
160 166 # Archive subprojects if any
161 167 children.each do |subproject|
162 168 subproject.archive
163 169 end
164 170 update_attribute :status, STATUS_ARCHIVED
165 171 end
166 172
167 173 def unarchive
168 174 return false if parent && !parent.active?
169 175 update_attribute :status, STATUS_ACTIVE
170 176 end
171 177
172 178 def active_children
173 179 children.select {|child| child.active?}
174 180 end
175 181
176 182 # Returns an array of the trackers used by the project and its sub projects
177 183 def rolled_up_trackers
178 184 @rolled_up_trackers ||=
179 185 Tracker.find(:all, :include => :projects,
180 186 :select => "DISTINCT #{Tracker.table_name}.*",
181 187 :conditions => ["#{Project.table_name}.id = ? OR #{Project.table_name}.parent_id = ?", id, id],
182 188 :order => "#{Tracker.table_name}.position")
183 189 end
184 190
185 191 # Deletes all project's members
186 192 def delete_all_members
187 193 Member.delete_all(['project_id = ?', id])
188 194 end
189 195
190 196 # Users issues can be assigned to
191 197 def assignable_users
192 198 members.select {|m| m.role.assignable?}.collect {|m| m.user}.sort
193 199 end
194 200
195 201 # Returns the mail adresses of users that should be always notified on project events
196 202 def recipients
197 203 members.select {|m| m.mail_notification? || m.user.mail_notification?}.collect {|m| m.user.mail}
198 204 end
199 205
200 206 # Returns an array of all custom fields enabled for project issues
201 207 # (explictly associated custom fields and custom fields enabled for all projects)
202 208 def all_issue_custom_fields
203 209 @all_issue_custom_fields ||= (IssueCustomField.for_all + issue_custom_fields).uniq.sort
204 210 end
205 211
206 212 def project
207 213 self
208 214 end
209 215
210 216 def <=>(project)
211 217 name.downcase <=> project.name.downcase
212 218 end
213 219
214 220 def to_s
215 221 name
216 222 end
217 223
218 224 # Returns a short description of the projects (first lines)
219 225 def short_description(length = 255)
220 226 description.gsub(/^(.{#{length}}[^\n]*).*$/m, '\1').strip if description
221 227 end
222 228
223 229 def allows_to?(action)
224 230 if action.is_a? Hash
225 231 allowed_actions.include? "#{action[:controller]}/#{action[:action]}"
226 232 else
227 233 allowed_permissions.include? action
228 234 end
229 235 end
230 236
231 237 def module_enabled?(module_name)
232 238 module_name = module_name.to_s
233 239 enabled_modules.detect {|m| m.name == module_name}
234 240 end
235 241
236 242 def enabled_module_names=(module_names)
237 243 enabled_modules.clear
238 244 module_names = [] unless module_names && module_names.is_a?(Array)
239 245 module_names.each do |name|
240 246 enabled_modules << EnabledModule.new(:name => name.to_s)
241 247 end
242 248 end
243 249
244 250 # Returns an auto-generated project identifier based on the last identifier used
245 251 def self.next_identifier
246 252 p = Project.find(:first, :order => 'created_on DESC')
247 253 p.nil? ? nil : p.identifier.to_s.succ
248 254 end
249 255
250 256 protected
251 257 def validate
252 258 errors.add(parent_id, " must be a root project") if parent and parent.parent
253 259 errors.add_to_base("A project with subprojects can't be a subproject") if parent and children.size > 0
254 260 errors.add(:identifier, :activerecord_error_invalid) if !identifier.blank? && identifier.match(/^\d*$/)
255 261 end
256 262
257 263 private
258 264 def allowed_permissions
259 265 @allowed_permissions ||= begin
260 266 module_names = enabled_modules.collect {|m| m.name}
261 267 Redmine::AccessControl.modules_permissions(module_names).collect {|p| p.name}
262 268 end
263 269 end
264 270
265 271 def allowed_actions
266 272 @actions_allowed ||= allowed_permissions.inject([]) { |actions, permission| actions += Redmine::AccessControl.allowed_actions(permission) }.flatten
267 273 end
268 274 end
Show file before | Show file after | Hide comments
@@ -1,385 +1,385
1 1 # Redmine - project management software
2 2 # Copyright (C) 2006-2008 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 class QueryColumn
19 19 attr_accessor :name, :sortable, :default_order
20 20 include GLoc
21 21
22 22 def initialize(name, options={})
23 23 self.name = name
24 24 self.sortable = options[:sortable]
25 25 self.default_order = options[:default_order]
26 26 end
27 27
28 28 def caption
29 29 set_language_if_valid(User.current.language)
30 30 l("field_#{name}")
31 31 end
32 32 end
33 33
34 34 class QueryCustomFieldColumn < QueryColumn
35 35
36 36 def initialize(custom_field)
37 37 self.name = "cf_#{custom_field.id}".to_sym
38 38 self.sortable = false
39 39 @cf = custom_field
40 40 end
41 41
42 42 def caption
43 43 @cf.name
44 44 end
45 45
46 46 def custom_field
47 47 @cf
48 48 end
49 49 end
50 50
51 51 class Query < ActiveRecord::Base
52 52 belongs_to :project
53 53 belongs_to :user
54 54 serialize :filters
55 55 serialize :column_names
56 56
57 57 attr_protected :project_id, :user_id
58 58
59 59 validates_presence_of :name, :on => :save
60 60 validates_length_of :name, :maximum => 255
61 61
62 62 @@operators = { "=" => :label_equals,
63 63 "!" => :label_not_equals,
64 64 "o" => :label_open_issues,
65 65 "c" => :label_closed_issues,
66 66 "!*" => :label_none,
67 67 "*" => :label_all,
68 68 ">=" => '>=',
69 69 "<=" => '<=',
70 70 "<t+" => :label_in_less_than,
71 71 ">t+" => :label_in_more_than,
72 72 "t+" => :label_in,
73 73 "t" => :label_today,
74 74 "w" => :label_this_week,
75 75 ">t-" => :label_less_than_ago,
76 76 "<t-" => :label_more_than_ago,
77 77 "t-" => :label_ago,
78 78 "~" => :label_contains,
79 79 "!~" => :label_not_contains }
80 80
81 81 cattr_reader :operators
82 82
83 83 @@operators_by_filter_type = { :list => [ "=", "!" ],
84 84 :list_status => [ "o", "=", "!", "c", "*" ],
85 85 :list_optional => [ "=", "!", "!*", "*" ],
86 86 :list_subprojects => [ "*", "!*", "=" ],
87 87 :date => [ "<t+", ">t+", "t+", "t", "w", ">t-", "<t-", "t-" ],
88 88 :date_past => [ ">t-", "<t-", "t-", "t", "w" ],
89 89 :string => [ "=", "~", "!", "!~" ],
90 90 :text => [ "~", "!~" ],
91 91 :integer => [ "=", ">=", "<=", "!*", "*" ] }
92 92
93 93 cattr_reader :operators_by_filter_type
94 94
95 95 @@available_columns = [
96 96 QueryColumn.new(:tracker, :sortable => "#{Tracker.table_name}.position"),
97 97 QueryColumn.new(:status, :sortable => "#{IssueStatus.table_name}.position"),
98 98 QueryColumn.new(:priority, :sortable => "#{Enumeration.table_name}.position", :default_order => 'desc'),
99 99 QueryColumn.new(:subject, :sortable => "#{Issue.table_name}.subject"),
100 100 QueryColumn.new(:author),
101 101 QueryColumn.new(:assigned_to, :sortable => "#{User.table_name}.lastname"),
102 102 QueryColumn.new(:updated_on, :sortable => "#{Issue.table_name}.updated_on", :default_order => 'desc'),
103 103 QueryColumn.new(:category, :sortable => "#{IssueCategory.table_name}.name"),
104 104 QueryColumn.new(:fixed_version, :sortable => "#{Version.table_name}.effective_date", :default_order => 'desc'),
105 105 QueryColumn.new(:start_date, :sortable => "#{Issue.table_name}.start_date"),
106 106 QueryColumn.new(:due_date, :sortable => "#{Issue.table_name}.due_date"),
107 107 QueryColumn.new(:estimated_hours, :sortable => "#{Issue.table_name}.estimated_hours"),
108 108 QueryColumn.new(:done_ratio, :sortable => "#{Issue.table_name}.done_ratio"),
109 109 QueryColumn.new(:created_on, :sortable => "#{Issue.table_name}.created_on", :default_order => 'desc'),
110 110 ]
111 111 cattr_reader :available_columns
112 112
113 113 def initialize(attributes = nil)
114 114 super attributes
115 115 self.filters ||= { 'status_id' => {:operator => "o", :values => [""]} }
116 116 set_language_if_valid(User.current.language)
117 117 end
118 118
119 119 def after_initialize
120 120 # Store the fact that project is nil (used in #editable_by?)
121 121 @is_for_all = project.nil?
122 122 end
123 123
124 124 def validate
125 125 filters.each_key do |field|
126 126 errors.add label_for(field), :activerecord_error_blank unless
127 127 # filter requires one or more values
128 128 (values_for(field) and !values_for(field).first.blank?) or
129 129 # filter doesn't require any value
130 130 ["o", "c", "!*", "*", "t", "w"].include? operator_for(field)
131 131 end if filters
132 132 end
133 133
134 134 def editable_by?(user)
135 135 return false unless user
136 136 # Admin can edit them all and regular users can edit their private queries
137 137 return true if user.admin? || (!is_public && self.user_id == user.id)
138 138 # Members can not edit public queries that are for all project (only admin is allowed to)
139 139 is_public && !@is_for_all && user.allowed_to?(:manage_public_queries, project)
140 140 end
141 141
142 142 def available_filters
143 143 return @available_filters if @available_filters
144 144
145 145 trackers = project.nil? ? Tracker.find(:all, :order => 'position') : project.rolled_up_trackers
146 146
147 147 @available_filters = { "status_id" => { :type => :list_status, :order => 1, :values => IssueStatus.find(:all, :order => 'position').collect{|s| [s.name, s.id.to_s] } },
148 148 "tracker_id" => { :type => :list, :order => 2, :values => trackers.collect{|s| [s.name, s.id.to_s] } },
149 149 "priority_id" => { :type => :list, :order => 3, :values => Enumeration.find(:all, :conditions => ['opt=?','IPRI'], :order => 'position').collect{|s| [s.name, s.id.to_s] } },
150 150 "subject" => { :type => :text, :order => 8 },
151 151 "created_on" => { :type => :date_past, :order => 9 },
152 152 "updated_on" => { :type => :date_past, :order => 10 },
153 153 "start_date" => { :type => :date, :order => 11 },
154 154 "due_date" => { :type => :date, :order => 12 },
155 155 "estimated_hours" => { :type => :integer, :order => 13 },
156 156 "done_ratio" => { :type => :integer, :order => 14 }}
157 157
158 158 user_values = []
159 159 user_values << ["<< #{l(:label_me)} >>", "me"] if User.current.logged?
160 160 if project
161 161 user_values += project.users.sort.collect{|s| [s.name, s.id.to_s] }
162 162 else
163 163 # members of the user's projects
164 164 user_values += User.current.projects.collect(&:users).flatten.uniq.sort.collect{|s| [s.name, s.id.to_s] }
165 165 end
166 166 @available_filters["assigned_to_id"] = { :type => :list_optional, :order => 4, :values => user_values } unless user_values.empty?
167 167 @available_filters["author_id"] = { :type => :list, :order => 5, :values => user_values } unless user_values.empty?
168 168
169 169 if project
170 170 # project specific filters
171 171 unless @project.issue_categories.empty?
172 172 @available_filters["category_id"] = { :type => :list_optional, :order => 6, :values => @project.issue_categories.collect{|s| [s.name, s.id.to_s] } }
173 173 end
174 174 unless @project.versions.empty?
175 175 @available_filters["fixed_version_id"] = { :type => :list_optional, :order => 7, :values => @project.versions.sort.collect{|s| [s.name, s.id.to_s] } }
176 176 end
177 177 unless @project.active_children.empty?
178 178 @available_filters["subproject_id"] = { :type => :list_subprojects, :order => 13, :values => @project.active_children.collect{|s| [s.name, s.id.to_s] } }
179 179 end
180 180 add_custom_fields_filters(@project.all_issue_custom_fields)
181 181 else
182 182 # global filters for cross project issue list
183 183 add_custom_fields_filters(IssueCustomField.find(:all, :conditions => {:is_filter => true, :is_for_all => true}))
184 184 end
185 185 @available_filters
186 186 end
187 187
188 188 def add_filter(field, operator, values)
189 189 # values must be an array
190 190 return unless values and values.is_a? Array # and !values.first.empty?
191 191 # check if field is defined as an available filter
192 192 if available_filters.has_key? field
193 193 filter_options = available_filters[field]
194 194 # check if operator is allowed for that filter
195 195 #if @@operators_by_filter_type[filter_options[:type]].include? operator
196 196 # allowed_values = values & ([""] + (filter_options[:values] || []).collect {|val| val[1]})
197 197 # filters[field] = {:operator => operator, :values => allowed_values } if (allowed_values.first and !allowed_values.first.empty?) or ["o", "c", "!*", "*", "t"].include? operator
198 198 #end
199 199 filters[field] = {:operator => operator, :values => values }
200 200 end
201 201 end
202 202
203 203 def add_short_filter(field, expression)
204 204 return unless expression
205 205 parms = expression.scan(/^(o|c|\!|\*)?(.*)$/).first
206 206 add_filter field, (parms[0] || "="), [parms[1] || ""]
207 207 end
208 208
209 209 def has_filter?(field)
210 210 filters and filters[field]
211 211 end
212 212
213 213 def operator_for(field)
214 214 has_filter?(field) ? filters[field][:operator] : nil
215 215 end
216 216
217 217 def values_for(field)
218 218 has_filter?(field) ? filters[field][:values] : nil
219 219 end
220 220
221 221 def label_for(field)
222 222 label = available_filters[field][:name] if available_filters.has_key?(field)
223 223 label ||= field.gsub(/\_id$/, "")
224 224 end
225 225
226 226 def available_columns
227 227 return @available_columns if @available_columns
228 228 @available_columns = Query.available_columns
229 229 @available_columns += (project ?
230 230 project.all_issue_custom_fields :
231 231 IssueCustomField.find(:all, :conditions => {:is_for_all => true})
232 232 ).collect {|cf| QueryCustomFieldColumn.new(cf) }
233 233 end
234 234
235 235 def columns
236 236 if has_default_columns?
237 237 available_columns.select {|c| Setting.issue_list_default_columns.include?(c.name.to_s) }
238 238 else
239 239 # preserve the column_names order
240 240 column_names.collect {|name| available_columns.find {|col| col.name == name}}.compact
241 241 end
242 242 end
243 243
244 244 def column_names=(names)
245 245 names = names.select {|n| n.is_a?(Symbol) || !n.blank? } if names
246 246 names = names.collect {|n| n.is_a?(Symbol) ? n : n.to_sym } if names
247 247 write_attribute(:column_names, names)
248 248 end
249 249
250 250 def has_column?(column)
251 251 column_names && column_names.include?(column.name)
252 252 end
253 253
254 254 def has_default_columns?
255 255 column_names.nil? || column_names.empty?
256 256 end
257 257
258 258 def project_statement
259 259 project_clauses = []
260 260 if project && !@project.active_children.empty?
261 261 ids = [project.id]
262 262 if has_filter?("subproject_id")
263 263 case operator_for("subproject_id")
264 264 when '='
265 265 # include the selected subprojects
266 266 ids += values_for("subproject_id").each(&:to_i)
267 267 when '!*'
268 268 # main project only
269 269 else
270 270 # all subprojects
271 271 ids += project.child_ids
272 272 end
273 273 elsif Setting.display_subprojects_issues?
274 274 ids += project.child_ids
275 275 end
276 276 project_clauses << "#{Project.table_name}.id IN (%s)" % ids.join(',')
277 277 elsif project
278 278 project_clauses << "#{Project.table_name}.id = %d" % project.id
279 279 end
280 project_clauses << Project.visible_by(User.current)
280 project_clauses << Project.allowed_to_condition(User.current, :view_issues)
281 281 project_clauses.join(' AND ')
282 282 end
283 283
284 284 def statement
285 285 # filters clauses
286 286 filters_clauses = []
287 287 filters.each_key do |field|
288 288 next if field == "subproject_id"
289 289 v = values_for(field).clone
290 290 next unless v and !v.empty?
291 291
292 292 sql = ''
293 293 is_custom_filter = false
294 294 if field =~ /^cf_(\d+)$/
295 295 # custom field
296 296 db_table = CustomValue.table_name
297 297 db_field = 'value'
298 298 is_custom_filter = true
299 299 sql << "#{Issue.table_name}.id IN (SELECT #{Issue.table_name}.id FROM #{Issue.table_name} LEFT OUTER JOIN #{db_table} ON #{db_table}.customized_type='Issue' AND #{db_table}.customized_id=#{Issue.table_name}.id AND #{db_table}.custom_field_id=#{$1} WHERE "
300 300 else
301 301 # regular field
302 302 db_table = Issue.table_name
303 303 db_field = field
304 304 sql << '('
305 305 end
306 306
307 307 # "me" value subsitution
308 308 if %w(assigned_to_id author_id).include?(field)
309 309 v.push(User.current.logged? ? User.current.id.to_s : "0") if v.delete("me")
310 310 end
311 311
312 312 case operator_for field
313 313 when "="
314 314 sql = sql + "#{db_table}.#{db_field} IN (" + v.collect{|val| "'#{connection.quote_string(val)}'"}.join(",") + ")"
315 315 when "!"
316 316 sql = sql + "(#{db_table}.#{db_field} IS NULL OR #{db_table}.#{db_field} NOT IN (" + v.collect{|val| "'#{connection.quote_string(val)}'"}.join(",") + "))"
317 317 when "!*"
318 318 sql = sql + "#{db_table}.#{db_field} IS NULL"
319 319 sql << " OR #{db_table}.#{db_field} = ''" if is_custom_filter
320 320 when "*"
321 321 sql = sql + "#{db_table}.#{db_field} IS NOT NULL"
322 322 sql << " AND #{db_table}.#{db_field} <> ''" if is_custom_filter
323 323 when ">="
324 324 sql = sql + "#{db_table}.#{db_field} >= #{v.first.to_i}"
325 325 when "<="
326 326 sql = sql + "#{db_table}.#{db_field} <= #{v.first.to_i}"
327 327 when "o"
328 328 sql = sql + "#{IssueStatus.table_name}.is_closed=#{connection.quoted_false}" if field == "status_id"
329 329 when "c"
330 330 sql = sql + "#{IssueStatus.table_name}.is_closed=#{connection.quoted_true}" if field == "status_id"
331 331 when ">t-"
332 332 sql = sql + "#{db_table}.#{db_field} BETWEEN '%s' AND '%s'" % [connection.quoted_date((Date.today - v.first.to_i).to_time), connection.quoted_date((Date.today + 1).to_time)]
333 333 when "<t-"
334 334 sql = sql + "#{db_table}.#{db_field} <= '%s'" % connection.quoted_date((Date.today - v.first.to_i).to_time)
335 335 when "t-"
336 336 sql = sql + "#{db_table}.#{db_field} BETWEEN '%s' AND '%s'" % [connection.quoted_date((Date.today - v.first.to_i).to_time), connection.quoted_date((Date.today - v.first.to_i + 1).to_time)]
337 337 when ">t+"
338 338 sql = sql + "#{db_table}.#{db_field} >= '%s'" % connection.quoted_date((Date.today + v.first.to_i).to_time)
339 339 when "<t+"
340 340 sql = sql + "#{db_table}.#{db_field} BETWEEN '%s' AND '%s'" % [connection.quoted_date(Date.today.to_time), connection.quoted_date((Date.today + v.first.to_i + 1).to_time)]
341 341 when "t+"
342 342 sql = sql + "#{db_table}.#{db_field} BETWEEN '%s' AND '%s'" % [connection.quoted_date((Date.today + v.first.to_i).to_time), connection.quoted_date((Date.today + v.first.to_i + 1).to_time)]
343 343 when "t"
344 344 sql = sql + "#{db_table}.#{db_field} BETWEEN '%s' AND '%s'" % [connection.quoted_date(Date.today.to_time), connection.quoted_date((Date.today+1).to_time)]
345 345 when "w"
346 346 from = l(:general_first_day_of_week) == '7' ?
347 347 # week starts on sunday
348 348 ((Date.today.cwday == 7) ? Time.now.at_beginning_of_day : Time.now.at_beginning_of_week - 1.day) :
349 349 # week starts on monday (Rails default)
350 350 Time.now.at_beginning_of_week
351 351 sql = sql + "#{db_table}.#{db_field} BETWEEN '%s' AND '%s'" % [connection.quoted_date(from), connection.quoted_date(from + 7.days)]
352 352 when "~"
353 353 sql = sql + "#{db_table}.#{db_field} LIKE '%#{connection.quote_string(v.first)}%'"
354 354 when "!~"
355 355 sql = sql + "#{db_table}.#{db_field} NOT LIKE '%#{connection.quote_string(v.first)}%'"
356 356 end
357 357 sql << ')'
358 358 filters_clauses << sql
359 359 end if filters and valid?
360 360
361 361 (filters_clauses << project_statement).join(' AND ')
362 362 end
363 363
364 364 private
365 365
366 366 def add_custom_fields_filters(custom_fields)
367 367 @available_filters ||= {}
368 368
369 369 custom_fields.select(&:is_filter?).each do |field|
370 370 case field.field_format
371 371 when "text"
372 372 options = { :type => :text, :order => 20 }
373 373 when "list"
374 374 options = { :type => :list_optional, :values => field.possible_values, :order => 20}
375 375 when "date"
376 376 options = { :type => :date, :order => 20 }
377 377 when "bool"
378 378 options = { :type => :list, :values => [[l(:general_text_yes), "1"], [l(:general_text_no), "0"]], :order => 20 }
379 379 else
380 380 options = { :type => :string, :order => 20 }
381 381 end
382 382 @available_filters["cf_#{field.id}"] = options.merge({ :name => field.name })
383 383 end
384 384 end
385 385 end
Show file before | Show file after | Hide comments
@@ -1,112 +1,120
1 1 # redMine - project management software
2 2 # Copyright (C) 2006-2007 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 module Redmine
19 19 module AccessControl
20 20
21 21 class << self
22 22 def map
23 23 mapper = Mapper.new
24 24 yield mapper
25 25 @permissions ||= []
26 26 @permissions += mapper.mapped_permissions
27 27 end
28 28
29 29 def permissions
30 30 @permissions
31 31 end
32 32
33 # Returns the permission of given name or nil if it wasn't found
34 # Argument should be a symbol
35 def permission(name)
36 permissions.detect {|p| p.name == name}
37 end
38
39 # Returns the actions that are allowed by the permission of given name
33 40 def allowed_actions(permission_name)
34 perm = @permissions.detect {|p| p.name == permission_name}
41 perm = permission(permission_name)
35 42 perm ? perm.actions : []
36 43 end
37 44
38 45 def public_permissions
39 46 @public_permissions ||= @permissions.select {|p| p.public?}
40 47 end
41 48
42 49 def members_only_permissions
43 50 @members_only_permissions ||= @permissions.select {|p| p.require_member?}
44 51 end
45 52
46 53 def loggedin_only_permissions
47 54 @loggedin_only_permissions ||= @permissions.select {|p| p.require_loggedin?}
48 55 end
49 56
50 57 def available_project_modules
51 58 @available_project_modules ||= @permissions.collect(&:project_module).uniq.compact
52 59 end
53 60
54 61 def modules_permissions(modules)
55 62 @permissions.select {|p| p.project_module.nil? || modules.include?(p.project_module.to_s)}
56 63 end
57 64 end
58 65
59 66 class Mapper
60 67 def initialize
61 68 @project_module = nil
62 69 end
63 70
64 71 def permission(name, hash, options={})
65 72 @permissions ||= []
66 73 options.merge!(:project_module => @project_module)
67 74 @permissions << Permission.new(name, hash, options)
68 75 end
69 76
70 77 def project_module(name, options={})
71 78 @project_module = name
72 79 yield self
73 80 @project_module = nil
74 81 end
75 82
76 83 def mapped_permissions
77 84 @permissions
78 85 end
79 86 end
80 87
81 88 class Permission
82 89 attr_reader :name, :actions, :project_module
83 90
84 91 def initialize(name, hash, options)
85 92 @name = name
86 93 @actions = []
87 94 @public = options[:public] || false
88 95 @require = options[:require]
89 96 @project_module = options[:project_module]
90 97 hash.each do |controller, actions|
91 98 if actions.is_a? Array
92 99 @actions << actions.collect {|action| "#{controller}/#{action}"}
93 100 else
94 101 @actions << "#{controller}/#{actions}"
95 102 end
96 103 end
104 @actions.flatten!
97 105 end
98 106
99 107 def public?
100 108 @public
101 109 end
102 110
103 111 def require_member?
104 112 @require && @require == :member
105 113 end
106 114
107 115 def require_loggedin?
108 116 @require && (@require == :member || @require == :loggedin)
109 117 end
110 118 end
111 119 end
112 120 end
Show file before | Show file after | Hide comments
@@ -1,46 +1,58
1 1 ---
2 2 enabled_modules_001:
3 3 name: issue_tracking
4 4 project_id: 1
5 5 id: 1
6 6 enabled_modules_002:
7 7 name: time_tracking
8 8 project_id: 1
9 9 id: 2
10 10 enabled_modules_003:
11 11 name: news
12 12 project_id: 1
13 13 id: 3
14 14 enabled_modules_004:
15 15 name: documents
16 16 project_id: 1
17 17 id: 4
18 18 enabled_modules_005:
19 19 name: files
20 20 project_id: 1
21 21 id: 5
22 22 enabled_modules_006:
23 23 name: wiki
24 24 project_id: 1
25 25 id: 6
26 26 enabled_modules_007:
27 27 name: repository
28 28 project_id: 1
29 29 id: 7
30 30 enabled_modules_008:
31 31 name: boards
32 32 project_id: 1
33 33 id: 8
34 34 enabled_modules_009:
35 35 name: repository
36 36 project_id: 3
37 37 id: 9
38 38 enabled_modules_010:
39 39 name: wiki
40 40 project_id: 3
41 41 id: 10
42 42 enabled_modules_011:
43 43 name: issue_tracking
44 44 project_id: 2
45 45 id: 11
46 enabled_modules_012:
47 name: time_tracking
48 project_id: 3
49 id: 12
50 enabled_modules_013:
51 name: issue_tracking
52 project_id: 3
53 id: 13
54 enabled_modules_014:
55 name: issue_tracking
56 project_id: 5
57 id: 14
46 58 No newline at end of file
Show file before | Show file after | Hide comments
@@ -1,690 +1,701
1 1 # Redmine - project management software
2 2 # Copyright (C) 2006-2008 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 require File.dirname(__FILE__) + '/../test_helper'
19 19 require 'issues_controller'
20 20
21 21 # Re-raise errors caught by the controller.
22 22 class IssuesController; def rescue_action(e) raise e end; end
23 23
24 24 class IssuesControllerTest < Test::Unit::TestCase
25 25 fixtures :projects,
26 26 :users,
27 27 :roles,
28 28 :members,
29 29 :issues,
30 30 :issue_statuses,
31 31 :versions,
32 32 :trackers,
33 33 :projects_trackers,
34 34 :issue_categories,
35 35 :enabled_modules,
36 36 :enumerations,
37 37 :attachments,
38 38 :workflows,
39 39 :custom_fields,
40 40 :custom_values,
41 41 :custom_fields_trackers,
42 42 :time_entries,
43 43 :journals,
44 44 :journal_details
45 45
46 46 def setup
47 47 @controller = IssuesController.new
48 48 @request = ActionController::TestRequest.new
49 49 @response = ActionController::TestResponse.new
50 50 User.current = nil
51 51 end
52 52
53 53 def test_index
54 54 get :index
55 55 assert_response :success
56 56 assert_template 'index.rhtml'
57 57 assert_not_nil assigns(:issues)
58 58 assert_nil assigns(:project)
59 59 assert_tag :tag => 'a', :content => /Can't print recipes/
60 60 assert_tag :tag => 'a', :content => /Subproject issue/
61 61 # private projects hidden
62 62 assert_no_tag :tag => 'a', :content => /Issue of a private subproject/
63 63 assert_no_tag :tag => 'a', :content => /Issue on project 2/
64 64 end
65
66 def test_index_should_not_list_issues_when_module_disabled
67 EnabledModule.delete_all("name = 'issue_tracking' AND project_id = 1")
68 get :index
69 assert_response :success
70 assert_template 'index.rhtml'
71 assert_not_nil assigns(:issues)
72 assert_nil assigns(:project)
73 assert_no_tag :tag => 'a', :content => /Can't print recipes/
74 assert_tag :tag => 'a', :content => /Subproject issue/
75 end
65 76
66 77 def test_index_with_project
67 78 Setting.display_subprojects_issues = 0
68 79 get :index, :project_id => 1
69 80 assert_response :success
70 81 assert_template 'index.rhtml'
71 82 assert_not_nil assigns(:issues)
72 83 assert_tag :tag => 'a', :content => /Can't print recipes/
73 84 assert_no_tag :tag => 'a', :content => /Subproject issue/
74 85 end
75 86
76 87 def test_index_with_project_and_subprojects
77 88 Setting.display_subprojects_issues = 1
78 89 get :index, :project_id => 1
79 90 assert_response :success
80 91 assert_template 'index.rhtml'
81 92 assert_not_nil assigns(:issues)
82 93 assert_tag :tag => 'a', :content => /Can't print recipes/
83 94 assert_tag :tag => 'a', :content => /Subproject issue/
84 95 assert_no_tag :tag => 'a', :content => /Issue of a private subproject/
85 96 end
86 97
87 98 def test_index_with_project_and_subprojects_should_show_private_subprojects
88 99 @request.session[:user_id] = 2
89 100 Setting.display_subprojects_issues = 1
90 101 get :index, :project_id => 1
91 102 assert_response :success
92 103 assert_template 'index.rhtml'
93 104 assert_not_nil assigns(:issues)
94 105 assert_tag :tag => 'a', :content => /Can't print recipes/
95 106 assert_tag :tag => 'a', :content => /Subproject issue/
96 107 assert_tag :tag => 'a', :content => /Issue of a private subproject/
97 108 end
98 109
99 110 def test_index_with_project_and_filter
100 111 get :index, :project_id => 1, :set_filter => 1
101 112 assert_response :success
102 113 assert_template 'index.rhtml'
103 114 assert_not_nil assigns(:issues)
104 115 end
105 116
106 117 def test_index_csv_with_project
107 118 get :index, :format => 'csv'
108 119 assert_response :success
109 120 assert_not_nil assigns(:issues)
110 121 assert_equal 'text/csv', @response.content_type
111 122
112 123 get :index, :project_id => 1, :format => 'csv'
113 124 assert_response :success
114 125 assert_not_nil assigns(:issues)
115 126 assert_equal 'text/csv', @response.content_type
116 127 end
117 128
118 129 def test_index_pdf
119 130 get :index, :format => 'pdf'
120 131 assert_response :success
121 132 assert_not_nil assigns(:issues)
122 133 assert_equal 'application/pdf', @response.content_type
123 134
124 135 get :index, :project_id => 1, :format => 'pdf'
125 136 assert_response :success
126 137 assert_not_nil assigns(:issues)
127 138 assert_equal 'application/pdf', @response.content_type
128 139 end
129 140
130 141 def test_gantt
131 142 get :gantt, :project_id => 1
132 143 assert_response :success
133 144 assert_template 'gantt.rhtml'
134 145 assert_not_nil assigns(:gantt)
135 146 events = assigns(:gantt).events
136 147 assert_not_nil events
137 148 # Issue with start and due dates
138 149 i = Issue.find(1)
139 150 assert_not_nil i.due_date
140 151 assert events.include?(Issue.find(1))
141 152 # Issue with without due date but targeted to a version with date
142 153 i = Issue.find(2)
143 154 assert_nil i.due_date
144 155 assert events.include?(i)
145 156 end
146 157
147 158 def test_gantt_export_to_pdf
148 159 get :gantt, :project_id => 1, :format => 'pdf'
149 160 assert_response :success
150 161 assert_template 'gantt.rfpdf'
151 162 assert_equal 'application/pdf', @response.content_type
152 163 assert_not_nil assigns(:gantt)
153 164 end
154 165
155 166 if Object.const_defined?(:Magick)
156 167 def test_gantt_image
157 168 get :gantt, :project_id => 1, :format => 'png'
158 169 assert_response :success
159 170 assert_equal 'image/png', @response.content_type
160 171 end
161 172 else
162 173 puts "RMagick not installed. Skipping tests !!!"
163 174 end
164 175
165 176 def test_calendar
166 177 get :calendar, :project_id => 1
167 178 assert_response :success
168 179 assert_template 'calendar'
169 180 assert_not_nil assigns(:calendar)
170 181 end
171 182
172 183 def test_changes
173 184 get :changes, :project_id => 1
174 185 assert_response :success
175 186 assert_not_nil assigns(:journals)
176 187 assert_equal 'application/atom+xml', @response.content_type
177 188 end
178 189
179 190 def test_show_by_anonymous
180 191 get :show, :id => 1
181 192 assert_response :success
182 193 assert_template 'show.rhtml'
183 194 assert_not_nil assigns(:issue)
184 195 assert_equal Issue.find(1), assigns(:issue)
185 196
186 197 # anonymous role is allowed to add a note
187 198 assert_tag :tag => 'form',
188 199 :descendant => { :tag => 'fieldset',
189 200 :child => { :tag => 'legend',
190 201 :content => /Notes/ } }
191 202 end
192 203
193 204 def test_show_by_manager
194 205 @request.session[:user_id] = 2
195 206 get :show, :id => 1
196 207 assert_response :success
197 208
198 209 assert_tag :tag => 'form',
199 210 :descendant => { :tag => 'fieldset',
200 211 :child => { :tag => 'legend',
201 212 :content => /Change properties/ } },
202 213 :descendant => { :tag => 'fieldset',
203 214 :child => { :tag => 'legend',
204 215 :content => /Log time/ } },
205 216 :descendant => { :tag => 'fieldset',
206 217 :child => { :tag => 'legend',
207 218 :content => /Notes/ } }
208 219 end
209 220
210 221 def test_get_new
211 222 @request.session[:user_id] = 2
212 223 get :new, :project_id => 1, :tracker_id => 1
213 224 assert_response :success
214 225 assert_template 'new'
215 226
216 227 assert_tag :tag => 'input', :attributes => { :name => 'issue[custom_field_values][2]',
217 228 :value => 'Default string' }
218 229 end
219 230
220 231 def test_get_new_without_tracker_id
221 232 @request.session[:user_id] = 2
222 233 get :new, :project_id => 1
223 234 assert_response :success
224 235 assert_template 'new'
225 236
226 237 issue = assigns(:issue)
227 238 assert_not_nil issue
228 239 assert_equal Project.find(1).trackers.first, issue.tracker
229 240 end
230 241
231 242 def test_update_new_form
232 243 @request.session[:user_id] = 2
233 244 xhr :post, :new, :project_id => 1,
234 245 :issue => {:tracker_id => 2,
235 246 :subject => 'This is the test_new issue',
236 247 :description => 'This is the description',
237 248 :priority_id => 5}
238 249 assert_response :success
239 250 assert_template 'new'
240 251 end
241 252
242 253 def test_post_new
243 254 @request.session[:user_id] = 2
244 255 post :new, :project_id => 1,
245 256 :issue => {:tracker_id => 3,
246 257 :subject => 'This is the test_new issue',
247 258 :description => 'This is the description',
248 259 :priority_id => 5,
249 260 :estimated_hours => '',
250 261 :custom_field_values => {'2' => 'Value for field 2'}}
251 262 assert_redirected_to 'issues/show'
252 263
253 264 issue = Issue.find_by_subject('This is the test_new issue')
254 265 assert_not_nil issue
255 266 assert_equal 2, issue.author_id
256 267 assert_equal 3, issue.tracker_id
257 268 assert_nil issue.estimated_hours
258 269 v = issue.custom_values.find(:first, :conditions => {:custom_field_id => 2})
259 270 assert_not_nil v
260 271 assert_equal 'Value for field 2', v.value
261 272 end
262 273
263 274 def test_post_new_without_custom_fields_param
264 275 @request.session[:user_id] = 2
265 276 post :new, :project_id => 1,
266 277 :issue => {:tracker_id => 1,
267 278 :subject => 'This is the test_new issue',
268 279 :description => 'This is the description',
269 280 :priority_id => 5}
270 281 assert_redirected_to 'issues/show'
271 282 end
272 283
273 284 def test_post_new_with_required_custom_field_and_without_custom_fields_param
274 285 field = IssueCustomField.find_by_name('Database')
275 286 field.update_attribute(:is_required, true)
276 287
277 288 @request.session[:user_id] = 2
278 289 post :new, :project_id => 1,
279 290 :issue => {:tracker_id => 1,
280 291 :subject => 'This is the test_new issue',
281 292 :description => 'This is the description',
282 293 :priority_id => 5}
283 294 assert_response :success
284 295 assert_template 'new'
285 296 issue = assigns(:issue)
286 297 assert_not_nil issue
287 298 assert_equal 'activerecord_error_invalid', issue.errors.on(:custom_values)
288 299 end
289 300
290 301 def test_post_should_preserve_fields_values_on_validation_failure
291 302 @request.session[:user_id] = 2
292 303 post :new, :project_id => 1,
293 304 :issue => {:tracker_id => 1,
294 305 :subject => 'This is the test_new issue',
295 306 # empty description
296 307 :description => '',
297 308 :priority_id => 6,
298 309 :custom_field_values => {'1' => 'Oracle', '2' => 'Value for field 2'}}
299 310 assert_response :success
300 311 assert_template 'new'
301 312
302 313 assert_tag :input, :attributes => { :name => 'issue[subject]',
303 314 :value => 'This is the test_new issue' }
304 315 assert_tag :select, :attributes => { :name => 'issue[priority_id]' },
305 316 :child => { :tag => 'option', :attributes => { :selected => 'selected',
306 317 :value => '6' },
307 318 :content => 'High' }
308 319 # Custom fields
309 320 assert_tag :select, :attributes => { :name => 'issue[custom_field_values][1]' },
310 321 :child => { :tag => 'option', :attributes => { :selected => 'selected',
311 322 :value => 'Oracle' },
312 323 :content => 'Oracle' }
313 324 assert_tag :input, :attributes => { :name => 'issue[custom_field_values][2]',
314 325 :value => 'Value for field 2'}
315 326 end
316 327
317 328 def test_copy_issue
318 329 @request.session[:user_id] = 2
319 330 get :new, :project_id => 1, :copy_from => 1
320 331 assert_template 'new'
321 332 assert_not_nil assigns(:issue)
322 333 orig = Issue.find(1)
323 334 assert_equal orig.subject, assigns(:issue).subject
324 335 end
325 336
326 337 def test_get_edit
327 338 @request.session[:user_id] = 2
328 339 get :edit, :id => 1
329 340 assert_response :success
330 341 assert_template 'edit'
331 342 assert_not_nil assigns(:issue)
332 343 assert_equal Issue.find(1), assigns(:issue)
333 344 end
334 345
335 346 def test_get_edit_with_params
336 347 @request.session[:user_id] = 2
337 348 get :edit, :id => 1, :issue => { :status_id => 5, :priority_id => 7 }
338 349 assert_response :success
339 350 assert_template 'edit'
340 351
341 352 issue = assigns(:issue)
342 353 assert_not_nil issue
343 354
344 355 assert_equal 5, issue.status_id
345 356 assert_tag :select, :attributes => { :name => 'issue[status_id]' },
346 357 :child => { :tag => 'option',
347 358 :content => 'Closed',
348 359 :attributes => { :selected => 'selected' } }
349 360
350 361 assert_equal 7, issue.priority_id
351 362 assert_tag :select, :attributes => { :name => 'issue[priority_id]' },
352 363 :child => { :tag => 'option',
353 364 :content => 'Urgent',
354 365 :attributes => { :selected => 'selected' } }
355 366 end
356 367
357 368 def test_reply_to_issue
358 369 @request.session[:user_id] = 2
359 370 get :reply, :id => 1
360 371 assert_response :success
361 372 assert_select_rjs :show, "update"
362 373 end
363 374
364 375 def test_reply_to_note
365 376 @request.session[:user_id] = 2
366 377 get :reply, :id => 1, :journal_id => 2
367 378 assert_response :success
368 379 assert_select_rjs :show, "update"
369 380 end
370 381
371 382 def test_post_edit_without_custom_fields_param
372 383 @request.session[:user_id] = 2
373 384 ActionMailer::Base.deliveries.clear
374 385
375 386 issue = Issue.find(1)
376 387 assert_equal '125', issue.custom_value_for(2).value
377 388 old_subject = issue.subject
378 389 new_subject = 'Subject modified by IssuesControllerTest#test_post_edit'
379 390
380 391 assert_difference('Journal.count') do
381 392 assert_difference('JournalDetail.count', 2) do
382 393 post :edit, :id => 1, :issue => {:subject => new_subject,
383 394 :priority_id => '6',
384 395 :category_id => '1' # no change
385 396 }
386 397 end
387 398 end
388 399 assert_redirected_to 'issues/show/1'
389 400 issue.reload
390 401 assert_equal new_subject, issue.subject
391 402 # Make sure custom fields were not cleared
392 403 assert_equal '125', issue.custom_value_for(2).value
393 404
394 405 mail = ActionMailer::Base.deliveries.last
395 406 assert_kind_of TMail::Mail, mail
396 407 assert mail.subject.starts_with?("[#{issue.project.name} - #{issue.tracker.name} ##{issue.id}]")
397 408 assert mail.body.include?("Subject changed from #{old_subject} to #{new_subject}")
398 409 end
399 410
400 411 def test_post_edit_with_custom_field_change
401 412 @request.session[:user_id] = 2
402 413 issue = Issue.find(1)
403 414 assert_equal '125', issue.custom_value_for(2).value
404 415
405 416 assert_difference('Journal.count') do
406 417 assert_difference('JournalDetail.count', 3) do
407 418 post :edit, :id => 1, :issue => {:subject => 'Custom field change',
408 419 :priority_id => '6',
409 420 :category_id => '1', # no change
410 421 :custom_field_values => { '2' => 'New custom value' }
411 422 }
412 423 end
413 424 end
414 425 assert_redirected_to 'issues/show/1'
415 426 issue.reload
416 427 assert_equal 'New custom value', issue.custom_value_for(2).value
417 428
418 429 mail = ActionMailer::Base.deliveries.last
419 430 assert_kind_of TMail::Mail, mail
420 431 assert mail.body.include?("Searchable field changed from 125 to New custom value")
421 432 end
422 433
423 434 def test_post_edit_with_status_and_assignee_change
424 435 issue = Issue.find(1)
425 436 assert_equal 1, issue.status_id
426 437 @request.session[:user_id] = 2
427 438 assert_difference('TimeEntry.count', 0) do
428 439 post :edit,
429 440 :id => 1,
430 441 :issue => { :status_id => 2, :assigned_to_id => 3 },
431 442 :notes => 'Assigned to dlopper',
432 443 :time_entry => { :hours => '', :comments => '', :activity_id => Enumeration.get_values('ACTI').first }
433 444 end
434 445 assert_redirected_to 'issues/show/1'
435 446 issue.reload
436 447 assert_equal 2, issue.status_id
437 448 j = issue.journals.find(:first, :order => 'id DESC')
438 449 assert_equal 'Assigned to dlopper', j.notes
439 450 assert_equal 2, j.details.size
440 451
441 452 mail = ActionMailer::Base.deliveries.last
442 453 assert mail.body.include?("Status changed from New to Assigned")
443 454 end
444 455
445 456 def test_post_edit_with_note_only
446 457 notes = 'Note added by IssuesControllerTest#test_update_with_note_only'
447 458 # anonymous user
448 459 post :edit,
449 460 :id => 1,
450 461 :notes => notes
451 462 assert_redirected_to 'issues/show/1'
452 463 j = Issue.find(1).journals.find(:first, :order => 'id DESC')
453 464 assert_equal notes, j.notes
454 465 assert_equal 0, j.details.size
455 466 assert_equal User.anonymous, j.user
456 467
457 468 mail = ActionMailer::Base.deliveries.last
458 469 assert mail.body.include?(notes)
459 470 end
460 471
461 472 def test_post_edit_with_note_and_spent_time
462 473 @request.session[:user_id] = 2
463 474 spent_hours_before = Issue.find(1).spent_hours
464 475 assert_difference('TimeEntry.count') do
465 476 post :edit,
466 477 :id => 1,
467 478 :notes => '2.5 hours added',
468 479 :time_entry => { :hours => '2.5', :comments => '', :activity_id => Enumeration.get_values('ACTI').first }
469 480 end
470 481 assert_redirected_to 'issues/show/1'
471 482
472 483 issue = Issue.find(1)
473 484
474 485 j = issue.journals.find(:first, :order => 'id DESC')
475 486 assert_equal '2.5 hours added', j.notes
476 487 assert_equal 0, j.details.size
477 488
478 489 t = issue.time_entries.find(:first, :order => 'id DESC')
479 490 assert_not_nil t
480 491 assert_equal 2.5, t.hours
481 492 assert_equal spent_hours_before + 2.5, issue.spent_hours
482 493 end
483 494
484 495 def test_post_edit_with_attachment_only
485 496 set_tmp_attachments_directory
486 497
487 498 # anonymous user
488 499 post :edit,
489 500 :id => 1,
490 501 :notes => '',
491 502 :attachments => {'1' => {'file' => test_uploaded_file('testfile.txt', 'text/plain')}}
492 503 assert_redirected_to 'issues/show/1'
493 504 j = Issue.find(1).journals.find(:first, :order => 'id DESC')
494 505 assert j.notes.blank?
495 506 assert_equal 1, j.details.size
496 507 assert_equal 'testfile.txt', j.details.first.value
497 508 assert_equal User.anonymous, j.user
498 509
499 510 mail = ActionMailer::Base.deliveries.last
500 511 assert mail.body.include?('testfile.txt')
501 512 end
502 513
503 514 def test_post_edit_with_no_change
504 515 issue = Issue.find(1)
505 516 issue.journals.clear
506 517 ActionMailer::Base.deliveries.clear
507 518
508 519 post :edit,
509 520 :id => 1,
510 521 :notes => ''
511 522 assert_redirected_to 'issues/show/1'
512 523
513 524 issue.reload
514 525 assert issue.journals.empty?
515 526 # No email should be sent
516 527 assert ActionMailer::Base.deliveries.empty?
517 528 end
518 529
519 530 def test_bulk_edit
520 531 @request.session[:user_id] = 2
521 532 # update issues priority
522 533 post :bulk_edit, :ids => [1, 2], :priority_id => 7, :notes => 'Bulk editing', :assigned_to_id => ''
523 534 assert_response 302
524 535 # check that the issues were updated
525 536 assert_equal [7, 7], Issue.find_all_by_id([1, 2]).collect {|i| i.priority.id}
526 537 assert_equal 'Bulk editing', Issue.find(1).journals.find(:first, :order => 'created_on DESC').notes
527 538 end
528 539
529 540 def test_bulk_unassign
530 541 assert_not_nil Issue.find(2).assigned_to
531 542 @request.session[:user_id] = 2
532 543 # unassign issues
533 544 post :bulk_edit, :ids => [1, 2], :notes => 'Bulk unassigning', :assigned_to_id => 'none'
534 545 assert_response 302
535 546 # check that the issues were updated
536 547 assert_nil Issue.find(2).assigned_to
537 548 end
538 549
539 550 def test_move_one_issue_to_another_project
540 551 @request.session[:user_id] = 1
541 552 post :move, :id => 1, :new_project_id => 2
542 553 assert_redirected_to 'projects/ecookbook/issues'
543 554 assert_equal 2, Issue.find(1).project_id
544 555 end
545 556
546 557 def test_bulk_move_to_another_project
547 558 @request.session[:user_id] = 1
548 559 post :move, :ids => [1, 2], :new_project_id => 2
549 560 assert_redirected_to 'projects/ecookbook/issues'
550 561 # Issues moved to project 2
551 562 assert_equal 2, Issue.find(1).project_id
552 563 assert_equal 2, Issue.find(2).project_id
553 564 # No tracker change
554 565 assert_equal 1, Issue.find(1).tracker_id
555 566 assert_equal 2, Issue.find(2).tracker_id
556 567 end
557 568
558 569 def test_bulk_move_to_another_tracker
559 570 @request.session[:user_id] = 1
560 571 post :move, :ids => [1, 2], :new_tracker_id => 2
561 572 assert_redirected_to 'projects/ecookbook/issues'
562 573 assert_equal 2, Issue.find(1).tracker_id
563 574 assert_equal 2, Issue.find(2).tracker_id
564 575 end
565 576
566 577 def test_context_menu_one_issue
567 578 @request.session[:user_id] = 2
568 579 get :context_menu, :ids => [1]
569 580 assert_response :success
570 581 assert_template 'context_menu'
571 582 assert_tag :tag => 'a', :content => 'Edit',
572 583 :attributes => { :href => '/issues/edit/1',
573 584 :class => 'icon-edit' }
574 585 assert_tag :tag => 'a', :content => 'Closed',
575 586 :attributes => { :href => '/issues/edit/1?issue%5Bstatus_id%5D=5',
576 587 :class => '' }
577 588 assert_tag :tag => 'a', :content => 'Immediate',
578 589 :attributes => { :href => '/issues/bulk_edit?ids%5B%5D=1&amp;priority_id=8',
579 590 :class => '' }
580 591 assert_tag :tag => 'a', :content => 'Dave Lopper',
581 592 :attributes => { :href => '/issues/bulk_edit?assigned_to_id=3&amp;ids%5B%5D=1',
582 593 :class => '' }
583 594 assert_tag :tag => 'a', :content => 'Copy',
584 595 :attributes => { :href => '/projects/ecookbook/issues/new?copy_from=1',
585 596 :class => 'icon-copy' }
586 597 assert_tag :tag => 'a', :content => 'Move',
587 598 :attributes => { :href => '/issues/move?ids%5B%5D=1',
588 599 :class => 'icon-move' }
589 600 assert_tag :tag => 'a', :content => 'Delete',
590 601 :attributes => { :href => '/issues/destroy?ids%5B%5D=1',
591 602 :class => 'icon-del' }
592 603 end
593 604
594 605 def test_context_menu_one_issue_by_anonymous
595 606 get :context_menu, :ids => [1]
596 607 assert_response :success
597 608 assert_template 'context_menu'
598 609 assert_tag :tag => 'a', :content => 'Delete',
599 610 :attributes => { :href => '#',
600 611 :class => 'icon-del disabled' }
601 612 end
602 613
603 614 def test_context_menu_multiple_issues_of_same_project
604 615 @request.session[:user_id] = 2
605 616 get :context_menu, :ids => [1, 2]
606 617 assert_response :success
607 618 assert_template 'context_menu'
608 619 assert_tag :tag => 'a', :content => 'Edit',
609 620 :attributes => { :href => '/issues/bulk_edit?ids%5B%5D=1&amp;ids%5B%5D=2',
610 621 :class => 'icon-edit' }
611 622 assert_tag :tag => 'a', :content => 'Immediate',
612 623 :attributes => { :href => '/issues/bulk_edit?ids%5B%5D=1&amp;ids%5B%5D=2&amp;priority_id=8',
613 624 :class => '' }
614 625 assert_tag :tag => 'a', :content => 'Dave Lopper',
615 626 :attributes => { :href => '/issues/bulk_edit?assigned_to_id=3&amp;ids%5B%5D=1&amp;ids%5B%5D=2',
616 627 :class => '' }
617 628 assert_tag :tag => 'a', :content => 'Move',
618 629 :attributes => { :href => '/issues/move?ids%5B%5D=1&amp;ids%5B%5D=2',
619 630 :class => 'icon-move' }
620 631 assert_tag :tag => 'a', :content => 'Delete',
621 632 :attributes => { :href => '/issues/destroy?ids%5B%5D=1&amp;ids%5B%5D=2',
622 633 :class => 'icon-del' }
623 634 end
624 635
625 636 def test_context_menu_multiple_issues_of_different_project
626 637 @request.session[:user_id] = 2
627 638 get :context_menu, :ids => [1, 2, 4]
628 639 assert_response :success
629 640 assert_template 'context_menu'
630 641 assert_tag :tag => 'a', :content => 'Delete',
631 642 :attributes => { :href => '#',
632 643 :class => 'icon-del disabled' }
633 644 end
634 645
635 646 def test_destroy_issue_with_no_time_entries
636 647 assert_nil TimeEntry.find_by_issue_id(2)
637 648 @request.session[:user_id] = 2
638 649 post :destroy, :id => 2
639 650 assert_redirected_to 'projects/ecookbook/issues'
640 651 assert_nil Issue.find_by_id(2)
641 652 end
642 653
643 654 def test_destroy_issues_with_time_entries
644 655 @request.session[:user_id] = 2
645 656 post :destroy, :ids => [1, 3]
646 657 assert_response :success
647 658 assert_template 'destroy'
648 659 assert_not_nil assigns(:hours)
649 660 assert Issue.find_by_id(1) && Issue.find_by_id(3)
650 661 end
651 662
652 663 def test_destroy_issues_and_destroy_time_entries
653 664 @request.session[:user_id] = 2
654 665 post :destroy, :ids => [1, 3], :todo => 'destroy'
655 666 assert_redirected_to 'projects/ecookbook/issues'
656 667 assert !(Issue.find_by_id(1) || Issue.find_by_id(3))
657 668 assert_nil TimeEntry.find_by_id([1, 2])
658 669 end
659 670
660 671 def test_destroy_issues_and_assign_time_entries_to_project
661 672 @request.session[:user_id] = 2
662 673 post :destroy, :ids => [1, 3], :todo => 'nullify'
663 674 assert_redirected_to 'projects/ecookbook/issues'
664 675 assert !(Issue.find_by_id(1) || Issue.find_by_id(3))
665 676 assert_nil TimeEntry.find(1).issue_id
666 677 assert_nil TimeEntry.find(2).issue_id
667 678 end
668 679
669 680 def test_destroy_issues_and_reassign_time_entries_to_another_issue
670 681 @request.session[:user_id] = 2
671 682 post :destroy, :ids => [1, 3], :todo => 'reassign', :reassign_to_id => 2
672 683 assert_redirected_to 'projects/ecookbook/issues'
673 684 assert !(Issue.find_by_id(1) || Issue.find_by_id(3))
674 685 assert_equal 2, TimeEntry.find(1).issue_id
675 686 assert_equal 2, TimeEntry.find(2).issue_id
676 687 end
677 688
678 689 def test_destroy_attachment
679 690 issue = Issue.find(3)
680 691 a = issue.attachments.size
681 692 @request.session[:user_id] = 2
682 693 post :destroy_attachment, :id => 3, :attachment_id => 1
683 694 assert_redirected_to 'issues/show/3'
684 695 assert_nil Attachment.find_by_id(1)
685 696 issue.reload
686 697 assert_equal((a-1), issue.attachments.size)
687 698 j = issue.journals.find(:first, :order => 'created_on DESC')
688 699 assert_equal 'attachment', j.details.first.property
689 700 end
690 701 end
General Comments 0
You need to be logged in to leave comments. Login now