Open danielvijge opened 8 years ago
danielvijge
commented
8 years ago Or actually, to prevent an error when viewing all issues (not per project, from the my page):
if project
project.trackers.collect {|t| t.id}
else
Tracker.all.collect {|t| t.id}The solution earlier effects the new issue creation. A different solution might be:
def self.extra_access_conditions(role)
tracker_ids = RedmineTrackControl::TrackerHelper.trackers_ids_by_role(role,"show")
if (!tracker_ids.empty?)
case role.issues_visibility
when 'all'
"1=1"
when 'default'
"((#{table_name}.tracker_id IN (#{tracker_ids.join(',')})) OR #{table_name}.project_id NOT IN (SELECT em.project_id FROM #{EnabledModule.table_name} em WHERE em.name='tracker_permissions'))"
else
""
end
end
endThe case statement is new. It add the conditions which trackers are visible, but only for users with the default issue view permissions. For all issue visibility, it simply adds a statement which is always true. For issue visibility where a user can only see own issues, no additional conditions are added, so only the condition from visible_condition_block() are applied.
I want to create a project where users can only see their own tickets. All users have a role in this project, and for this role item visibility is set to 'Issues created or assigned to the user'. For this project the tracker control module is enabled. If I give this role the permission 'show tracker', users can see all issues in the issue list, but open only their own issues. If I do not give the role the 'show tracker' permission, the user can only see own/assigned issues in the list, but cannot open any issues, including own/assigned issues. I do like to have the option to only use the item visibility. Users should be able to see only own issues, and be able to open these issues. For now, I solved it by patching tracker_helper.rb:valid_trackers_ids() to only have
project.trackers.collect {|t| t.id}and do not give the 'show tracker' permission to this role.