kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Merge branch '52545-guest-create-issue-in-group-board' into 'master' 

Resolve "Adding issues from group/project board is not allowed for project-level users"

See merge request gitlab-org/gitlab-ce!22557
This commit is contained in:
Sean McGivern 2018-10-26 11:19:22 +00:00
parent 8325a1fc9f fdb46c55ee
commit ad8a859b6e
7 changed files with 43 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
app/assets/javascripts/boards/components/board.js
View File

@ -53,6 +53,9 @@ export default Vue.extend({
const { issuesSize } = this.list; const { issuesSize } = this.list;
return `${n__('%d issue', '%d issues', issuesSize)}`; return `${n__('%d issue', '%d issues', issuesSize)}`;
}, },
isNewIssueShown() {
return this.list.type === 'backlog' || (!this.disabled && this.list.type !== 'closed');
}
}, },
watch: { watch: {
filter: { filter: {

2
app/assets/javascripts/boards/components/project_select.vue
View File

@ -46,7 +46,7 @@ export default {
selectable: true, selectable: true,
data: (term, callback) => { data: (term, callback) => {
this.loading = true; this.loading = true;
return Api.groupProjects(this.groupId, term, {}, projects => { return Api.groupProjects(this.groupId, term, {with_issues_enabled: true}, projects => {
this.loading = false; this.loading = false;
callback(projects); callback(projects);
}); });

5
app/controllers/concerns/boards_responses.rb
View File

@ -50,7 +50,10 @@ module BoardsResponses
end end
def authorize_create_issue def authorize_create_issue
authorize_action_for!(project, :admin_issue) list = List.find(issue_params[:list_id])
action = list.backlog? ? :create_issue : :admin_issue
authorize_action_for!(project, action)
end end
def authorize_admin_list def authorize_admin_list

15
app/views/shared/boards/components/_board.html.haml
View File

@ -39,14 +39,13 @@
{{ list.issuesSize }} {{ list.issuesSize }}
= render_if_exists "shared/boards/components/list_weight" = render_if_exists "shared/boards/components/list_weight"
- if can?(current_user, :admin_list, current_board_parent) %button.issue-count-badge-add-button.btn.btn-sm.btn-default.ml-1.has-tooltip.js-no-trigger-collapse{ type: "button",
%button.issue-count-badge-add-button.btn.btn-sm.btn-default.ml-1.has-tooltip.js-no-trigger-collapse{ type: "button", "@click" => "showNewIssueForm",
"@click" => "showNewIssueForm", "v-if" => "isNewIssueShown",
"v-if" => 'list.type !== "closed"', "aria-label" => _("New issue"),
"aria-label" => _("New issue"), "title" => _("New issue"),
"title" => _("New issue"), data: { placement: "top", container: "body" } }
data: { placement: "top", container: "body" } } = icon("plus", class: "js-no-trigger-collapse")
= icon("plus", class: "js-no-trigger-collapse")
%board-list{ "v-if" => 'list.type !== "blank" && list.type !== "promotion"', %board-list{ "v-if" => 'list.type !== "blank" && list.type !== "promotion"',
":list" => "list", ":list" => "list",

5
changelogs/unreleased/52545-guest-create-issue-in-group-board.yml Normal file
View File

@ -0,0 +1,5 @@
---
title: Always show new issue button in boards' Open list
merge_request: 22557
author: Heinrich Lee Yu
type: fixed

19
spec/controllers/boards/issues_controller_spec.rb
View File

@ -208,11 +208,22 @@ describe Boards::IssuesController do
end end
end end
context 'with unauthorized user' do context 'with guest user' do
it 'returns a forbidden 403 response' do context 'in open list' do
create_issue user: guest, board: board, list: list1, title: 'New issue' it 'returns a successful 200 response' do
open_list = board.lists.create(list_type: :backlog)
create_issue user: guest, board: board, list: open_list, title: 'New issue'
expect(response).to have_gitlab_http_status(403) expect(response).to have_gitlab_http_status(200)
end
end
context 'in label list' do
it 'returns a forbidden 403 response' do
create_issue user: guest, board: board, list: list1, title: 'New issue'
expect(response).to have_gitlab_http_status(403)
end
end end
end end

10
spec/features/boards/new_issue_spec.rb
View File

@ -94,8 +94,14 @@ describe 'Issue Boards new issue', :js do
wait_for_requests wait_for_requests
end end
it 'does not display new issue button' do it 'displays new issue button in open list' do
expect(page).to have_selector('.issue-count-badge-add-button', count: 0) expect(first('.board')).to have_selector('.issue-count-badge-add-button', count: 1)
end
it 'does not display new issue button in label list' do
page.within('.board:nth-child(2)') do
expect(page).not_to have_selector('.issue-count-badge-add-button')
end
end end
end end
end end