Don't consider roles without issue add/edit permissions for determining fields permissions (#15988).

git-svn-id: http://svn.redmine.org/redmine/trunk@13747 e93f8b46-1217-0410-a6f0-8f06a7374b81
2025-11-15 09:46:02 +01:00 · 2014-12-13 14:31:58 +00:00
parent 07b44a4662
commit 453803c68f
3 changed files with 28 additions and 0 deletions
--- a/test/unit/issue_test.rb
+++ b/test/unit/issue_test.rb
@@ -914,6 +914,29 @@ class IssueTest < ActiveSupport::TestCase
    assert_equal %w(due_date), issue.read_only_attribute_names(user)
  end

+  def test_workflow_rules_should_ignore_roles_without_issue_permissions
+    role = Role.generate! :permissions => [:view_issues, :edit_issues]
+    ignored_role = Role.generate! :permissions => [:view_issues]
+
+    WorkflowPermission.delete_all
+    WorkflowPermission.create!(:old_status_id => 1, :tracker_id => 1,
+                               :role => role, :field_name => 'due_date',
+                               :rule => 'required')
+    WorkflowPermission.create!(:old_status_id => 1, :tracker_id => 1,
+                               :role => role, :field_name => 'start_date',
+                               :rule => 'readonly')
+    WorkflowPermission.create!(:old_status_id => 1, :tracker_id => 1,
+                               :role => role, :field_name => 'done_ratio',
+                               :rule => 'readonly')
+    user = User.generate!
+    User.add_to_project user, Project.find(1), [role, ignored_role]
+
+    issue = Issue.new(:project_id => 1, :tracker_id => 1, :status_id => 1)
+
+    assert_equal %w(due_date), issue.required_attribute_names(user)
+    assert_equal %w(done_ratio start_date), issue.read_only_attribute_names(user).sort
+  end
+
  def test_copy
    issue = Issue.new.copy_from(1)
    assert issue.copy?