Commit 97b4e754 authored by Jean-Philippe Lang's avatar Jean-Philippe Lang

Add a permission to remove issue watchers (#2450).

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2977 e93f8b46-1217-0410-a6f0-8f06a7374b81
parent 6fedbf60
......@@ -18,7 +18,7 @@
class WatchersController < ApplicationController
before_filter :find_project
before_filter :require_login, :check_project_privacy, :only => [:watch, :unwatch]
before_filter :authorize, :only => :new
before_filter :authorize, :only => [:new, :destroy]
verify :method => :post,
:only => [ :watch, :unwatch ],
......@@ -48,6 +48,18 @@ class WatchersController < ApplicationController
render :text => 'Watcher added.', :layout => true
end
def destroy
@watched.set_watcher(User.find(params[:user_id]), false) if request.post?
respond_to do |format|
format.html { redirect_to :back }
format.js do
render :update do |page|
page.replace_html 'watchers', :partial => 'watchers/watchers', :locals => {:watched => @watched}
end
end
end
end
private
def find_project
klass = Object.const_get(params[:object_type].camelcase)
......
......@@ -36,6 +36,21 @@ module WatchersHelper
# Returns a comma separated list of users watching the given object
def watchers_list(object)
object.watcher_users.collect {|u| content_tag('span', link_to_user(u), :class => 'user') }.join(",\n")
remove_allowed = User.current.allowed_to?("delete_#{object.class.name.underscore}_watchers".to_sym, object.project)
object.watcher_users.collect do |user|
s = content_tag('span', link_to_user(user), :class => 'user')
if remove_allowed
url = {:controller => 'watchers',
:action => 'destroy',
:object_type => object.class.to_s.underscore,
:object_id => object.id,
:user_id => user}
s += ' ' + link_to_remote(image_tag('delete.png'),
{:url => url},
:href => url_for(url),
:style => "vertical-align: middle")
end
s
end.join(",\n")
end
end
......@@ -52,6 +52,7 @@ Redmine::AccessControl.map do |map|
# Watchers
map.permission :view_issue_watchers, {}
map.permission :add_issue_watchers, {:watchers => :new}
map.permission :delete_issue_watchers, {:watchers => :destroy}
end
map.project_module :time_tracking do |map|
......
......@@ -18,6 +18,7 @@ roles_001:
- :delete_issues
- :view_issue_watchers
- :add_issue_watchers
- :delete_issue_watchers
- :manage_public_queries
- :save_queries
- :view_gantt
......
......@@ -67,4 +67,14 @@ class WatchersControllerTest < ActionController::TestCase
end
assert Issue.find(2).watched_by?(User.find(4))
end
def test_remove_watcher
@request.session[:user_id] = 2
assert_difference('Watcher.count', -1) do
xhr :post, :destroy, :object_type => 'issue', :object_id => '2', :user_id => '3'
assert_response :success
assert_select_rjs :replace_html, 'watchers'
end
assert !Issue.find(2).watched_by?(User.find(3))
end
end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment