mirror of
https://github.com/redmine/redmine.git
synced 2026-07-07 20:43:39 +02:00
Merged r16569 (#25791).
git-svn-id: http://svn.redmine.org/redmine/branches/3.3-stable@16616 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
@@ -72,7 +72,7 @@ class Issue < ActiveRecord::Base
|
||||
validates :estimated_hours, :numericality => {:greater_than_or_equal_to => 0, :allow_nil => true, :message => :invalid}
|
||||
validates :start_date, :date => true
|
||||
validates :due_date, :date => true
|
||||
validate :validate_issue, :validate_required_fields
|
||||
validate :validate_issue, :validate_required_fields, :validate_permissions
|
||||
attr_protected :id
|
||||
|
||||
scope :visible, lambda {|*args|
|
||||
@@ -490,6 +490,7 @@ class Issue < ActiveRecord::Base
|
||||
# attr_accessible is too rough because we still want things like
|
||||
# Issue.new(:project => foo) to work
|
||||
def safe_attributes=(attrs, user=User.current)
|
||||
@attributes_set_by = user
|
||||
return unless attrs.is_a?(Hash)
|
||||
|
||||
attrs = attrs.deep_dup
|
||||
@@ -745,6 +746,14 @@ class Issue < ActiveRecord::Base
|
||||
end
|
||||
end
|
||||
|
||||
def validate_permissions
|
||||
if @attributes_set_by && new_record? && copy?
|
||||
unless allowed_target_trackers(@attributes_set_by).include?(tracker)
|
||||
errors.add :tracker, :invalid
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
# Overrides Redmine::Acts::Customizable::InstanceMethods#validate_custom_field_values
|
||||
# so that custom values that are not editable are not validated (eg. a custom field that
|
||||
# is marked as required should not trigger a validation error if the user is not allowed
|
||||
|
||||
Reference in New Issue
Block a user