Merge pull request #842 from opf/fix/notes_editing

pull/705/merge
Hagen Schink 11 years ago
commit d599b9d77b
  1. 9
      app/models/work_package.rb
  2. 8
      app/views/journals/update.rjs
  3. 2
      app/views/work_packages/_history.html.erb
  4. 6
      lib/plugins/acts_as_journalized/lib/redmine/acts/journalized/permissions.rb
  5. 2
      spec/controllers/journals_controller_spec.rb
  6. 4
      spec/lib/acts_as_journalized/journaled_spec.rb

@ -706,6 +706,15 @@ class WorkPackage < ActiveRecord::Base
users.select {|user| possible_watcher?(user)}
end
# check if user is allowed to edit WorkPackage Journals.
# see Redmine::Acts::Journalized::Permissions#journal_editable_by
def editable_by?(user)
project = self.project
allowed = user.allowed_to? :edit_work_package_notes, project, { :global => project.present? }
allowed = user.allowed_to? :edit_own_work_package_notes, project, { :global => project.present? } unless allowed
return allowed
end
protected
def recalculate_attributes_for(work_package_id)

@ -30,8 +30,12 @@ if @journal.frozen?
# journal was destroyed
page.remove "change-#{@journal.id}"
else
page.replace "journal-#{@journal.id}-notes", render_notes(@journal.journable, @journal,
:edit_permission => :edit_work_package_notes, :edit_own_permission => :edit_own_work_package_notes)
page.replace "journal-#{@journal.id}-notes", render_notes(
@journal.journable,
@journal,
edit_permission: :edit_work_package_notes,
edit_own_permission: :edit_own_work_package_notes,
quote_permission: :edit_work_packages)
page.show "journal-#{@journal.id}-notes"
page.remove "journal-#{@journal.id}-form"
end

@ -36,7 +36,7 @@ a journal as the cache could then not be used between all of an issue's journals
<% for journal in journals %>
<%= render_journal work_package,
journal,
:edit_permission => :edit_work_packages_notes,
:edit_permission => :edit_work_package_notes,
:quote_permission => :edit_work_packages,
:edit_own_permission => :edit_own_work_package_notes,
:cache => @journal_cache %>

@ -55,7 +55,11 @@ module Redmine::Acts::Journalized
if respond_to? :editable_by?
editable_by? user
else
permission = :"edit_#{self.class.to_s.pluralize.underscore}"
permission = if respond_to? :journal_permission
journal_permission
else
:"edit_#{self.class.to_s.pluralize.underscore}"
end
p = @project || (project if respond_to? :project)
options = { :global => p.present? }
user.allowed_to? permission, p, options

@ -74,7 +74,7 @@ describe JournalsController do
context 'without permission to edit work packages' do
let(:permissions) { [:edit_own_work_package_notes] }
example { assert_response :forbidden }
example { assert_response :success }
end
context 'without permission to edit journals' do

@ -123,10 +123,6 @@ describe "Journalized Objects" do
subject { work_package.journal_editable_by?(user) }
context 'and the user has permissions to "edit_work_packages"' do
it { should be_true }
end
context 'and the user has no permission to "edit_work_packages"' do
before do
role.remove_permission! :edit_work_packages

Loading…
Cancel
Save