Error message when editing a child project without add project/subprojects permissions (#20282).

git-svn-id: http://svn.redmine.org/redmine/trunk@14619 e93f8b46-1217-0410-a6f0-8f06a7374b81

app/models/project.rb

@@ -700,14 +700,16 @@ class Project < ActiveRecord::Base
     attrs = attrs.deep_dup
 
     @unallowed_parent_id = nil
+    if new_record? || attrs.key?('parent_id')
       parent_id_param = attrs['parent_id'].to_s
-    if parent_id_param.blank? || parent_id_param != parent_id.to_s
+      if new_record? || parent_id_param != parent_id.to_s
         p = parent_id_param.present? ? Project.find_by_id(parent_id_param) : nil
         unless allowed_parents(user).include?(p)
           attrs.delete('parent_id')
           @unallowed_parent_id = true
         end
       end
+    end
 
     super(attrs, user)
   end

test/functional/projects_controller_test.rb

@@ -495,6 +495,17 @@ class ProjectsControllerTest < ActionController::TestCase
     assert_equal 'eCookbook', Project.find(1).name
   end
 
+  def test_update_child_project_without_parent_permission_should_not_show_validation_error
+    child = Project.generate_with_parent!
+    user = User.generate!
+    User.add_to_project(user, child, Role.generate!(:permissions => [:edit_project]))
+    @request.session[:user_id] = user.id
+
+    post :update, :id => child.id, :project => {:name => 'Updated'}
+    assert_response 302
+    assert_match /Successful update/, flash[:notice]
+  end
+
   def test_modules
     @request.session[:user_id] = 2
     Project.find(1).enabled_module_names = ['issue_tracking', 'news']

test/object_helpers.rb

@@ -39,7 +39,10 @@ module ObjectHelpers
     project
   end
 
-  def Project.generate_with_parent!(parent, attributes={})
+  def Project.generate_with_parent!(*args)
+    attributes = args.last.is_a?(Hash) ? args.pop : {}
+    parent = args.size > 0 ? args.first : Project.generate!
+
     project = Project.generate!(attributes) do |p|
       p.parent = parent
     end