| @@ -495,6 +495,17 class Issue < ActiveRecord::Base | |||
|
|
495 | 495 | if new_record? && !statuses_allowed.include?(status) |
|
|
496 | 496 | self.status = statuses_allowed.first || default_status |
|
|
497 | 497 | end |
|
|
498 | if (u = attrs.delete('assigned_to_id')) && safe_attribute?('assigned_to_id') | |
|
|
499 | if u.blank? | |
|
|
500 | self.assigned_to_id = nil | |
|
|
501 | else | |
|
|
502 | u = u.to_i | |
|
|
503 | if assignable_users.any?{|assignable_user| assignable_user.id == u} | |
|
|
504 | self.assigned_to_id = u | |
|
|
505 | end | |
|
|
506 | end | |
|
|
507 | end | |
|
|
508 | ||
|
|
498 | 509 | |
|
|
499 | 510 | attrs = delete_unsafe_attributes(attrs, user) |
|
|
500 | 511 | return if attrs.empty? |
| @@ -790,6 +790,40 class IssueTest < ActiveSupport::TestCase | |||
|
|
790 | 790 | assert_nil issue.custom_field_value(cf2) |
|
|
791 | 791 | end |
|
|
792 | 792 | |
|
|
793 | def test_safe_attributes_should_ignore_unassignable_assignee | |
|
|
794 | issue = Issue.new(:project_id => 1, :tracker_id => 1, :author_id => 3, | |
|
|
795 | :status_id => 1, :priority => IssuePriority.all.first, | |
|
|
796 | :subject => 'test_create') | |
|
|
797 | assert issue.valid? | |
|
|
798 | ||
|
|
799 | # locked user, not allowed | |
|
|
800 | issue.safe_attributes=({'assigned_to_id' => '5'}) | |
|
|
801 | assert_nil issue.assigned_to_id | |
|
|
802 | # no member | |
|
|
803 | issue.safe_attributes=({'assigned_to_id' => '1'}) | |
|
|
804 | assert_nil issue.assigned_to_id | |
|
|
805 | # user 2 is ok | |
|
|
806 | issue.safe_attributes=({'assigned_to_id' => '2'}) | |
|
|
807 | assert_equal 2, issue.assigned_to_id | |
|
|
808 | assert issue.save | |
|
|
809 | ||
|
|
810 | issue.reload | |
|
|
811 | assert_equal 2, issue.assigned_to_id | |
|
|
812 | issue.safe_attributes=({'assigned_to_id' => '5'}) | |
|
|
813 | assert_equal 2, issue.assigned_to_id | |
|
|
814 | issue.safe_attributes=({'assigned_to_id' => '1'}) | |
|
|
815 | assert_equal 2, issue.assigned_to_id | |
|
|
816 | # user 3 is also ok | |
|
|
817 | issue.safe_attributes=({'assigned_to_id' => '3'}) | |
|
|
818 | assert_equal 3, issue.assigned_to_id | |
|
|
819 | assert issue.save | |
|
|
820 | ||
|
|
821 | # removal of assignee | |
|
|
822 | issue.safe_attributes=({'assigned_to_id' => ''}) | |
|
|
823 | assert_nil issue.assigned_to_id | |
|
|
824 | assert issue.save | |
|
|
825 | end | |
|
|
826 | ||
|
|
793 | 827 | def test_editable_custom_field_values_should_return_non_readonly_custom_values |
|
|
794 | 828 | cf1 = IssueCustomField.create!(:name => 'Writable field', :field_format => 'string', |
|
|
795 | 829 | :is_for_all => true, :tracker_ids => [1, 2]) |
General Comments 0
You need to be logged in to leave comments.
Login now