From 9eb9fc666c05685f9b20638661f76fb89403a44d Mon Sep 17 00:00:00 2001
From: Naoki Takezoe <takezoe@gmail.com>
Date: Tue, 8 Nov 2016 02:28:50 +0900
Subject: [PATCH] (refs #1286) Bugfix

---
 .../core/controller/IssuesController.scala    | 29 ++++++++++---------
 .../core/service/RepositoryService.scala      |  2 +-
 .../gitbucket/core/util/Authenticator.scala   |  2 ++
 .../gitbucket/core/issues/issue.scala.html    |  6 ++--
 4 files changed, 22 insertions(+), 17 deletions(-)

diff --git a/src/main/scala/gitbucket/core/controller/IssuesController.scala b/src/main/scala/gitbucket/core/controller/IssuesController.scala
index 703dbefbb..a4b01f293 100644
--- a/src/main/scala/gitbucket/core/controller/IssuesController.scala
+++ b/src/main/scala/gitbucket/core/controller/IssuesController.scala
@@ -78,21 +78,22 @@ trait IssuesControllerBase extends ControllerBase {
   })
 
   get("/:owner/:repository/issues/new")(readableUsersOnly { repository =>
-    defining(repository.owner, repository.name){ case (owner, name) =>
-      html.create(
-        getAssignableUserNames(owner, name),
-        getMilestones(owner, name),
-        getLabels(owner, name),
-        hasWritePermission(owner, name, context.loginAccount),
-        repository)
-    }
+    if(isEditable(repository)){ // TODO Should this check is provided by authenticator?
+      defining(repository.owner, repository.name){ case (owner, name) =>
+        html.create(
+          getAssignableUserNames(owner, name),
+          getMilestones(owner, name),
+          getLabels(owner, name),
+          hasWritePermission(owner, name, context.loginAccount),
+          repository)
+      }
+    } else Unauthorized()
   })
 
   post("/:owner/:repository/issues/new", issueCreateForm)(readableUsersOnly { (form, repository) =>
-    defining(repository.owner, repository.name){ case (owner, name) =>
-      val manageable = isManageable(repository)
-      val editable = isEditable(repository)
-      if(editable) {
+    if(isEditable(repository)){ // TODO Should this check is provided by authenticator?
+      defining(repository.owner, repository.name){ case (owner, name) =>
+        val manageable = isManageable(repository)
         val userName = context.loginAccount.get.userName
 
         // insert issue
@@ -129,8 +130,8 @@ trait IssuesControllerBase extends ControllerBase {
         }
 
         redirect(s"/${owner}/${name}/issues/${issueId}")
-      } else Unauthorized()
-    }
+      }
+    } else Unauthorized()
   })
 
   ajaxPost("/:owner/:repository/issues/edit_title/:id", issueTitleEditForm)(readableUsersOnly { (title, repository) =>
diff --git a/src/main/scala/gitbucket/core/service/RepositoryService.scala b/src/main/scala/gitbucket/core/service/RepositoryService.scala
index 9fa8552bb..26fa1599a 100644
--- a/src/main/scala/gitbucket/core/service/RepositoryService.scala
+++ b/src/main/scala/gitbucket/core/service/RepositoryService.scala
@@ -38,7 +38,7 @@ trait RepositoryService { self: AccountService =>
         parentUserName       = parentUserName,
         parentRepositoryName = parentRepositoryName,
         options              = RepositoryOptions(
-          issuesOption         = "PRIVATE", // TODO DISABLE for the forked repository?
+          issuesOption         = "PUBLIC", // TODO DISABLE for the forked repository?
           externalIssuesUrl    = None,
           wikiOption           = "PUBLIC", // TODO DISABLE for the forked repository?
           externalWikiUrl      = None,
diff --git a/src/main/scala/gitbucket/core/util/Authenticator.scala b/src/main/scala/gitbucket/core/util/Authenticator.scala
index 57f39421b..6d82508b2 100644
--- a/src/main/scala/gitbucket/core/util/Authenticator.scala
+++ b/src/main/scala/gitbucket/core/util/Authenticator.scala
@@ -90,6 +90,8 @@ trait AdminAuthenticator { self: ControllerBase =>
 
 /**
  * Allows only collaborators and administrators.
+ *
+ * TODO This authenticator should be renamed.
  */
 trait CollaboratorsAuthenticator { self: ControllerBase with RepositoryService with AccountService =>
   protected def collaboratorsOnly(action: (RepositoryInfo) => Any) = { authenticate(action) }
diff --git a/src/main/twirl/gitbucket/core/issues/issue.scala.html b/src/main/twirl/gitbucket/core/issues/issue.scala.html
index 4691b83a6..4b494adc4 100644
--- a/src/main/twirl/gitbucket/core/issues/issue.scala.html
+++ b/src/main/twirl/gitbucket/core/issues/issue.scala.html
@@ -15,7 +15,9 @@
         @if(isManageable || context.loginAccount.map(_.userName == issue.openedUserName).getOrElse(false)){
           <a class="btn btn-default" href="#" id="edit">Edit</a>
         }
-        <a class="btn btn-success" href="@helpers.url(repository)/issues/new">New issue</a>
+        @if(isEditable){
+          <a class="btn btn-success" href="@helpers.url(repository)/issues/new">New issue</a>
+        }
       </div>
       <div class="edit-title pull-right" style="display: none;">
         <a class="btn btn-success" href="#" id="update">Save</a>  <a class="btn btn-default" href="#" id="cancel">Cancel</a>
@@ -57,7 +59,7 @@
     </div>
   }
 }
-<script>
+<script><script>
 $(function(){
   $('#edit').click(function(){
     $('.edit-title').show();