Global queries can be saved from the global issue list (follows r1311 and closes #897).

git-svn-id: http://redmine.rubyforge.org/svn/trunk@1312 e93f8b46-1217-0410-a6f0-8f06a7374b81

Global queries can be saved from the global issue list (follows r1311 and closes #897).
git-svn-id: http://redmine.rubyforge.org/svn/trunk@1312 e93f8b46-1217-0410-a6f0-8f06a7374b81
da641f41 · Jean-Philippe Lang · 287d86e3 · da641f41 · da641f41 · da641f41
Commit da641f41 authored Mar 30, 2008 by Jean-Philippe Lang
5 changed files
--- a/app/controllers/queries_controller.rb
+++ b/app/controllers/queries_controller.rb
@@ -19,7 +19,7 @@ class QueriesController < ApplicationController
  layout 'base'
  menu_item :issues
  before_filter :find_query, :except => :new
-  before_filter :find_project, :authorize, :only => :new
+  before_filter :find_optional_project, :only => :new
  def new
    @query = Query.new(params[:query])
@@ -72,8 +72,9 @@ private
    render_404
  end
-  def find_project
+  def find_optional_project
-    @project = Project.find(params[:project_id])
+    @project = Project.find(params[:project_id]) if params[:project_id]
+    User.current.allowed_to?(:save_queries, @project, :global => true)
  rescue ActiveRecord::RecordNotFound
    render_404
  end

--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -222,17 +222,26 @@ class User < ActiveRecord::Base
  # action can be:
  # * a parameter-like Hash (eg. :controller => 'projects', :action => 'edit')
  # * a permission Symbol (eg. :edit_project)
-  def allowed_to?(action, project)
+  def allowed_to?(action, project, options={})
-    # No action allowed on archived projects
+    if project
-    return false unless project.active?
+      # No action allowed on archived projects
-    # No action allowed on disabled modules
+      return false unless project.active?
-    return false unless project.allows_to?(action)
+      # No action allowed on disabled modules
-    # Admin users are authorized for anything else
+      return false unless project.allows_to?(action)
-    return true if admin?
+      # Admin users are authorized for anything else
+      return true if admin?
-    role = role_for_project(project)
-    return false unless role
+      role = role_for_project(project)
-    role.allowed_to?(action) && (project.is_public? || role.member?)
+      return false unless role
+      role.allowed_to?(action) && (project.is_public? || role.member?)
+    elsif options[:global]
+      # authorize if user has at least one role that has this permission
+      roles = memberships.collect {|m| m.role}.uniq
+      roles.detect {|r| r.allowed_to?(action)}
+    else
+      false
+    end
  end
  def self.current=(user)

--- a/app/views/issues/_sidebar.rhtml
+++ b/app/views/issues/_sidebar.rhtml
-<% if @project %>
 <h3><%= l(:label_issue_plural) %></h3>
 <%= link_to l(:label_issue_view_all), { :controller => 'issues', :action => 'index', :project_id => @project, :set_filter => 1 } %><br />
+<% if @project %>
 <%= link_to l(:field_summary), :controller => 'reports', :action => 'issue_report', :id => @project %><br />
 <%= link_to l(:label_change_log), :controller => 'projects', :action => 'changelog', :id => @project %>
 <% end %>

--- a/app/views/issues/index.rhtml
+++ b/app/views/issues/index.rhtml
@@ -18,7 +18,7 @@
                         :update => "content",
                       }, :class => 'icon icon-reload'  %>
-    <% if current_role && current_role.allowed_to?(:save_queries) %>
+    <% if User.current.allowed_to?(:save_queries, @project, :global => true) %>
    <%= link_to l(:button_save), {}, :onclick => "$('query_form').submit(); return false;", :class => 'icon icon-save' %>
    <% end %>
    </p>

--- a/test/functional/queries_controller_test.rb
+++ b/test/functional/queries_controller_test.rb
@@ -31,7 +31,7 @@ class QueriesControllerTest < Test::Unit::TestCase
    User.current = nil
  end
-  def test_get_new
+  def test_get_new_project_query
    @request.session[:user_id] = 2
    get :new, :project_id => 1
    assert_response :success
@@ -45,6 +45,19 @@ class QueriesControllerTest < Test::Unit::TestCase
                                                 :disabled => nil }
  end
+  def test_get_new_global_query
+    @request.session[:user_id] = 2
+    get :new
+    assert_response :success
+    assert_template 'new'
+    assert_no_tag :tag => 'input', :attributes => { :type => 'checkbox',
+                                                    :name => 'query[is_public]' } 
+    assert_tag :tag => 'input', :attributes => { :type => 'checkbox',
+                                                 :name => 'query_is_for_all',
+                                                 :checked => 'checked',
+                                                 :disabled => nil }
+  end
  def test_new_project_public_query
    @request.session[:user_id] = 2
    post :new,
@@ -54,8 +67,7 @@ class QueriesControllerTest < Test::Unit::TestCase
         :fields => ["status_id", "assigned_to_id"],
         :operators => {"assigned_to_id" => "=", "status_id" => "o"},
         :values => { "assigned_to_id" => ["1"], "status_id" => ["1"]},
-         :query => {"name" => "test_new_project_public_query", "is_public" => "1"},
+         :query => {"name" => "test_new_project_public_query", "is_public" => "1"}
-         :column_names => ["", "tracker", "status", "priority", "subject", "updated_on", "category"]
    q = Query.find_by_name('test_new_project_public_query')
    assert_redirected_to :controller => 'issues', :action => 'index', :query_id => q
@@ -73,8 +85,7 @@ class QueriesControllerTest < Test::Unit::TestCase
         :fields => ["status_id", "assigned_to_id"],
         :operators => {"assigned_to_id" => "=", "status_id" => "o"},
         :values => { "assigned_to_id" => ["1"], "status_id" => ["1"]},
-         :query => {"name" => "test_new_project_private_query", "is_public" => "1"},
+         :query => {"name" => "test_new_project_private_query", "is_public" => "1"}
-         :column_names => ["", "tracker", "status", "priority", "subject", "updated_on", "category"]
    q = Query.find_by_name('test_new_project_private_query')
    assert_redirected_to :controller => 'issues', :action => 'index', :query_id => q
@@ -83,6 +94,23 @@ class QueriesControllerTest < Test::Unit::TestCase
    assert q.valid?
  end
+  def test_new_global_private_query_with_custom_columns
+    @request.session[:user_id] = 3
+    post :new,
+         :confirm => '1',
+         :fields => ["status_id", "assigned_to_id"],
+         :operators => {"assigned_to_id" => "=", "status_id" => "o"},
+         :values => { "assigned_to_id" => ["me"], "status_id" => ["1"]},
+         :query => {"name" => "test_new_global_private_query", "is_public" => "1", "column_names" => ["", "tracker", "subject", "priority", "category"]}
+    q = Query.find_by_name('test_new_global_private_query')
+    assert_redirected_to :controller => 'issues', :action => 'index', :query_id => q
+    assert !q.is_public?
+    assert !q.has_default_columns?
+    assert_equal [:tracker, :subject, :priority, :category], q.columns.collect {|c| c.name}
+    assert q.valid?
+  end
  def test_get_edit_global_public_query
    @request.session[:user_id] = 1
    get :edit, :id => 4
@@ -106,8 +134,7 @@ class QueriesControllerTest < Test::Unit::TestCase
         :fields => ["status_id", "assigned_to_id"],
         :operators => {"assigned_to_id" => "=", "status_id" => "o"},
         :values => { "assigned_to_id" => ["1"], "status_id" => ["1"]},
-         :query => {"name" => "test_edit_global_public_query", "is_public" => "1"},
+         :query => {"name" => "test_edit_global_public_query", "is_public" => "1"}
-         :column_names => ["", "tracker", "status", "priority", "subject", "updated_on", "category"]
    assert_redirected_to :controller => 'issues', :action => 'index', :query_id => 4
    q = Query.find_by_name('test_edit_global_public_query')
@@ -138,8 +165,7 @@ class QueriesControllerTest < Test::Unit::TestCase
         :fields => ["status_id", "assigned_to_id"],
         :operators => {"assigned_to_id" => "=", "status_id" => "o"},
         :values => { "assigned_to_id" => ["me"], "status_id" => ["1"]},
-         :query => {"name" => "test_edit_global_private_query", "is_public" => "1"},
+         :query => {"name" => "test_edit_global_private_query", "is_public" => "1"}
-         :column_names => ["", "tracker", "status", "priority", "subject", "updated_on", "category"]
    assert_redirected_to :controller => 'issues', :action => 'index', :query_id => 3
    q = Query.find_by_name('test_edit_global_private_query')