Cleans up status assignment in IssuesController#new handled by Issue#safe_attributes= now.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3606 e93f8b46-1217-0410-a6f0-8f06a7374b81

Cleans up status assignment in IssuesController#new handled by Issue#safe_attributes= now.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3606 e93f8b46-1217-0410-a6f0-8f06a7374b81
e584ae22 · Jean-Philippe Lang · 533590c2 · e584ae22 · e584ae22 · e584ae22
Commit e584ae22 authored Mar 20, 2010 by Jean-Philippe Lang
Showing with 53 additions and 11 deletions

issues_controller.rb app/controllers/issues_controller.rb +5 -11

issue.rb app/models/issue.rb +5 -0

issues_controller_test.rb test/functional/issues_controller_test.rb +43 -0

No files found.
--- a/app/controllers/issues_controller.rb
+++ b/app/controllers/issues_controller.rb
@@ -136,26 +136,19 @@ class IssuesController < ApplicationController
      render_error l(:error_no_tracker_in_project)
      return
    end
+    if @issue.status.nil?
+      render_error l(:error_no_default_issue_status)
+      return
+    end
    if params[:issue].is_a?(Hash)
      @issue.safe_attributes = params[:issue]
      @issue.watcher_user_ids = params[:issue]['watcher_user_ids'] if User.current.allowed_to?(:add_issue_watchers, @project)
    end
    @issue.author = User.current
    
-    default_status = IssueStatus.default
-    unless default_status
-      render_error l(:error_no_default_issue_status)
-      return
-    end    
-    @issue.status = default_status
-    @allowed_statuses = @issue.new_statuses_allowed_to(User.current, true)
-    
    if request.get? || request.xhr?
      @issue.start_date ||= Date.today
    else
-      requested_status = IssueStatus.find_by_id(params[:issue][:status_id])
-      # Check that the user is allowed to apply the requested status
-      @issue.status = (@allowed_statuses.include? requested_status) ? requested_status : default_status
      call_hook(:controller_issues_new_before_save, { :params => params, :issue => @issue })
      if @issue.save
        attachments = Attachment.attach_files(@issue, params[:attachments])
@@ -179,6 +172,7 @@ class IssuesController < ApplicationController
      end
    end 
    @priorities = IssuePriority.all
+    @allowed_statuses = @issue.new_statuses_allowed_to(User.current, true)
    render :layout => !request.xhr?
  end
  

--- a/app/models/issue.rb
+++ b/app/models/issue.rb
@@ -163,6 +163,11 @@ class Issue < ActiveRecord::Base
    end
    issue
  end
+
+  def status_id=(sid)
+    self.status = nil
+    write_attribute(:status_id, sid)
+  end
  
  def priority_id=(pid)
    self.priority = nil

--- a/test/functional/issues_controller_test.rb
+++ b/test/functional/issues_controller_test.rb
@@ -451,6 +451,7 @@ class IssuesControllerTest < ActionController::TestCase
    assert_difference 'Issue.count' do
      post :new, :project_id => 1, 
                 :issue => {:tracker_id => 3,
+                            :status_id => 2,
                            :subject => 'This is the test_new issue',
                            :description => 'This is the description',
                            :priority_id => 5,
@@ -463,6 +464,7 @@ class IssuesControllerTest < ActionController::TestCase
    assert_not_nil issue
    assert_equal 2, issue.author_id
    assert_equal 3, issue.tracker_id
+    assert_equal 2, issue.status_id
    assert_nil issue.estimated_hours
    v = issue.custom_values.find(:first, :conditions => {:custom_field_id => 2})
    assert_not_nil v
@@ -598,6 +600,47 @@ class IssuesControllerTest < ActionController::TestCase
    end
  end
  
+  context "without workflow privilege" do
+    setup do
+      Workflow.delete_all(["role_id = ?", Role.anonymous.id])
+      Role.anonymous.add_permission! :add_issues
+    end
+    
+    context "#new" do
+      should "propose default status only" do
+        get :new, :project_id => 1
+        assert_response :success
+        assert_template 'new'
+        assert_tag :tag => 'select',
+          :attributes => {:name => 'issue[status_id]'},
+          :children => {:count => 1},
+          :child => {:tag => 'option', :attributes => {:value => IssueStatus.default.id.to_s}}
+      end
+      
+      should "accept default status" do
+        assert_difference 'Issue.count' do
+          post :new, :project_id => 1, 
+                     :issue => {:tracker_id => 1,
+                                :subject => 'This is an issue',
+                                :status_id => 1}
+        end
+        issue = Issue.last(:order => 'id')
+        assert_equal IssueStatus.default, issue.status
+      end
+      
+      should "ignore unauthorized status" do
+        assert_difference 'Issue.count' do
+          post :new, :project_id => 1, 
+                     :issue => {:tracker_id => 1,
+                                :subject => 'This is an issue',
+                                :status_id => 3}
+        end
+        issue = Issue.last(:order => 'id')
+        assert_equal IssueStatus.default, issue.status
+      end
+    end
+  end
+  
  def test_copy_issue
    @request.session[:user_id] = 2
    get :new, :project_id => 1, :copy_from => 1