mirror of
https://github.com/redmine/redmine.git
synced 2026-01-18 05:22:53 +01:00
Ensure that the base permission is set for Role#permissions_tracker? and related (#38070).
Patch by Holger Just. git-svn-id: https://svn.redmine.org/redmine/trunk@22063 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Go MAEDA
@@ -231,6 +231,8 @@ class Role < ActiveRecord::Base
|
||||
# Returns true if tracker_id belongs to the list of
|
||||
# trackers for which permission is given
|
||||
def permissions_tracker_ids?(permission, tracker_id)
|
||||
return false unless has_permission?(permission)
|
||||
|
||||
permissions_tracker_ids(permission).include?(tracker_id)
|
||||
end
|
||||
|
||||
@@ -244,6 +246,8 @@ class Role < ActiveRecord::Base
|
||||
|
||||
# Returns true if permission is given for all trackers
|
||||
def permissions_all_trackers?(permission)
|
||||
return false unless has_permission?(permission)
|
||||
|
||||
permissions_all_trackers[permission.to_s].to_s != '0'
|
||||
end
|
||||
|
||||
|
||||
@@ -101,6 +101,82 @@ class RoleTest < ActiveSupport::TestCase
|
||||
assert_equal false, role.has_permission?(:delete_issues)
|
||||
end
|
||||
|
||||
def test_permissions_all_trackers?
|
||||
role = Role.create!(:name => 'Test', :permissions => [:view_issues])
|
||||
assert_equal true, role.permissions_all_trackers?(:view_issues)
|
||||
assert_equal false, role.permissions_all_trackers?(:edit_issues)
|
||||
|
||||
role.set_permission_trackers :view_issues, [1]
|
||||
role.set_permission_trackers :edit_issues, [1]
|
||||
assert_equal false, role.permissions_all_trackers?(:view_issues)
|
||||
assert_equal false, role.permissions_all_trackers?(:edit_issues)
|
||||
|
||||
role.set_permission_trackers :view_issues, :all
|
||||
role.set_permission_trackers :edit_issues, :all
|
||||
assert_equal true, role.permissions_all_trackers?(:view_issues)
|
||||
assert_equal false, role.permissions_all_trackers?(:edit_issues)
|
||||
end
|
||||
|
||||
def test_permissions_all_trackers_considers_base_permission
|
||||
role = Role.create!(:name => 'Test', :permissions => [:view_issues])
|
||||
assert_equal true, role.permissions_all_trackers?(:view_issues)
|
||||
|
||||
role.remove_permission!(:view_issues)
|
||||
assert_equal false, role.permissions_all_trackers?(:view_issues)
|
||||
end
|
||||
|
||||
def test_permissions_tracker_ids?
|
||||
role = Role.create!(:name => 'Test', :permissions => [:view_issues])
|
||||
assert_equal false, role.permissions_tracker_ids?(:view_issues, 1)
|
||||
assert_equal false, role.permissions_tracker_ids?(:edit_issues, 1)
|
||||
|
||||
role.set_permission_trackers :view_issues, [1, 2, 3]
|
||||
role.set_permission_trackers :edit_issues, [1, 2, 3]
|
||||
|
||||
assert_equal true, role.permissions_tracker_ids?(:view_issues, 1)
|
||||
assert_equal false, role.permissions_tracker_ids?(:edit_issues, 1)
|
||||
end
|
||||
|
||||
def test_permissions_tracker_ids_considers_base_permission
|
||||
role = Role.create!(:name => 'Test', :permissions => [:view_issues])
|
||||
role.set_permission_trackers :view_issues, [1, 2, 3]
|
||||
assert_equal true, role.permissions_tracker_ids?(:view_issues, 1)
|
||||
|
||||
role.remove_permission!(:view_issues)
|
||||
assert_equal false, role.permissions_tracker_ids?(:view_issues, 1)
|
||||
end
|
||||
|
||||
def test_permissions_tracker?
|
||||
tracker = Tracker.find(1)
|
||||
role = Role.create!(:name => 'Test', :permissions => [:view_issues])
|
||||
assert_equal true, role.permissions_tracker?(:view_issues, 1)
|
||||
assert_equal false, role.permissions_tracker?(:edit_issues, 1)
|
||||
|
||||
role.set_permission_trackers :view_issues, [1]
|
||||
role.set_permission_trackers :edit_issues, [1]
|
||||
assert_equal true, role.permissions_tracker?(:view_issues, tracker)
|
||||
assert_equal false, role.permissions_tracker?(:edit_issues, tracker)
|
||||
|
||||
role.set_permission_trackers :view_issues, [2]
|
||||
role.set_permission_trackers :edit_issues, [2]
|
||||
assert_equal false, role.permissions_tracker?(:view_issues, tracker)
|
||||
assert_equal false, role.permissions_tracker?(:edit_issues, tracker)
|
||||
|
||||
role.set_permission_trackers :view_issues, :all
|
||||
role.set_permission_trackers :edit_issues, :all
|
||||
assert_equal true, role.permissions_tracker?(:view_issues, tracker)
|
||||
assert_equal false, role.permissions_tracker?(:edit_issues, tracker)
|
||||
end
|
||||
|
||||
def test_permissions_tracker_considers_base_permission
|
||||
role = Role.create!(:name => 'Test', :permissions => [:edit_isues])
|
||||
role.set_permission_trackers :view_issues, [1, 2, 3]
|
||||
assert_equal false, role.permissions_tracker_ids?(:view_issues, 1)
|
||||
|
||||
role.set_permission_trackers :view_issues, :all
|
||||
assert_equal false, role.permissions_tracker_ids?(:view_issues, 1)
|
||||
end
|
||||
|
||||
def test_has_permission_without_permissions
|
||||
role = Role.create!(:name => 'Test')
|
||||
assert_equal false, role.has_permission?(:delete_issues)
|
||||
|
||||
Reference in New Issue
Block a user