menu_item :issues
before_filter :find_project, :authorize
+ verify :method => :post, :only => :destroy, :redirect_to => { :action => :details }
+
helper :sort
include SortHelper
helper :issues
end
def edit
- render_404 and return if @time_entry && @time_entry.user != User.current
+ render_403 and return if @time_entry && !@time_entry.editable_by?(User.current)
@time_entry ||= TimeEntry.new(:project => @project, :issue => @issue, :user => User.current, :spent_on => Date.today)
@time_entry.attributes = params[:time_entry]
if request.post? and @time_entry.save
flash[:notice] = l(:notice_successful_update)
- redirect_to :action => 'details', :project_id => @time_entry.project, :issue_id => @time_entry.issue
+ redirect_to :action => 'details', :project_id => @time_entry.project
return
end
@activities = Enumeration::get_values('ACTI')
end
+
+ def destroy
+ render_404 and return unless @time_entry
+ render_403 and return unless @time_entry.editable_by?(User.current)
+ @time_entry.destroy
+ flash[:notice] = l(:notice_successful_delete)
+ redirect_to :action => 'details', :project_id => @time_entry.project
+ end
private
def find_project
render_404
return false
end
+ rescue ActiveRecord::RecordNotFound
+ render_404
end
end
# Returns true if the time entry can be edited by usr, otherwise false
def editable_by?(usr)
- usr == self.user
+ (usr == user && usr.allowed_to?(:edit_own_time_entries, project)) || usr.allowed_to?(:edit_time_entries, project)
end
def self.visible_by(usr)
<td><b><%=l(:field_category)%> :</b></td><td><%=h @issue.category ? @issue.category.name : "-" %></td>
<% if User.current.allowed_to?(:view_time_entries, @project) %>
<td><b><%=l(:label_spent_time)%> :</b></td>
- <td><%= @issue.spent_hours > 0 ? (link_to lwr(:label_f_hour, @issue.spent_hours), {:controller => 'timelog', :action => 'details', :issue_id => @issue}, :class => 'icon icon-time') : "-" %></td>
+ <td><%= @issue.spent_hours > 0 ? (link_to lwr(:label_f_hour, @issue.spent_hours), {:controller => 'timelog', :action => 'details', :project_id => @project, :issue_id => @issue}, :class => 'icon icon-time') : "-" %></td>
<% end %>
</tr>
<tr>
</td>
<td class="comments"><%=h entry.comments %></td>
<td class="hours"><%= html_hours("%.2f" % entry.hours) %></td>
-<td align="center"><%= link_to_if_authorized(l(:button_edit),
- {:controller => 'timelog', :action => 'edit', :id => entry},
- :class => 'icon icon-edit') if entry.editable_by?(User.current) %></td>
+<td align="center">
+<% if entry.editable_by?(User.current) -%>
+ <%= link_to image_tag('edit.png'), {:controller => 'timelog', :action => 'edit', :id => entry},
+ :title => l(:button_edit) %>
+ <%= link_to image_tag('delete.png'), {:controller => 'timelog', :action => 'destroy', :id => entry},
+ :confirm => l(:text_are_you_sure),
+ :method => :post,
+ :title => l(:button_delete) %>
+<% end -%>
+</td>
</tr>
<% end -%>
</tbdoy>
map.connect 'projects/:project_id/news/:action', :controller => 'news'
map.connect 'projects/:project_id/documents/:action', :controller => 'documents'
map.connect 'projects/:project_id/boards/:action/:id', :controller => 'boards'
+ map.connect 'projects/:project_id/timelog/:action/:id', :controller => 'timelog'
map.connect 'boards/:board_id/topics/:action/:id', :controller => 'messages'
map.with_options :controller => 'repositories' do |omap|
map.project_module :time_tracking do |map|
map.permission :log_time, {:timelog => :edit}, :require => :loggedin
map.permission :view_time_entries, :timelog => [:details, :report]
+ map.permission :edit_time_entries, {:timelog => [:edit, :destroy]}, :require => :member
+ map.permission :edit_own_time_entries, {:timelog => [:edit, :destroy]}, :require => :loggedin
end
map.project_module :news do |map|
- :view_calendar\r
- :log_time\r
- :view_time_entries\r
+ - :edit_time_entries\r
+ - :delete_time_entries\r
- :manage_news\r
- :comment_news\r
- :view_documents\r
- :view_calendar\r
- :log_time\r
- :view_time_entries\r
+ - :edit_own_time_entries\r
- :manage_news\r
- :comment_news\r
- :view_documents\r
class TimelogController; def rescue_action(e) raise e end; end
class TimelogControllerTest < Test::Unit::TestCase
- fixtures :projects, :issues, :time_entries, :users, :trackers, :enumerations, :issue_statuses
+ fixtures :projects, :roles, :members, :issues, :time_entries, :users, :trackers, :enumerations, :issue_statuses
def setup
@controller = TimelogController.new
@request = ActionController::TestRequest.new
@response = ActionController::TestResponse.new
end
+
+ def test_create
+ @request.session[:user_id] = 3
+ post :edit, :project_id => 1,
+ :time_entry => {:comments => 'Some work on TimelogControllerTest',
+ :activity_id => '10',
+ :spent_on => '2008-03-14',
+ :issue_id => '1',
+ :hours => '7.3'}
+ assert_redirected_to 'projects/ecookbook/timelog/details'
+
+ i = Issue.find(1)
+ t = TimeEntry.find_by_comments('Some work on TimelogControllerTest')
+ assert_not_nil t
+ assert_equal 7.3, t.hours
+ assert_equal 3, t.user_id
+ assert_equal i, t.issue
+ assert_equal i.project, t.project
+ end
+
+ def test_update
+ entry = TimeEntry.find(1)
+ assert_equal 1, entry.issue_id
+ assert_equal 2, entry.user_id
+
+ @request.session[:user_id] = 1
+ post :edit, :id => 1,
+ :time_entry => {:issue_id => '2',
+ :hours => '8'}
+ assert_redirected_to 'projects/ecookbook/timelog/details'
+ entry.reload
+
+ assert_equal 8, entry.hours
+ assert_equal 2, entry.issue_id
+ assert_equal 2, entry.user_id
+ end
+
+ def destroy
+ @request.session[:user_id] = 2
+ post :destroy, :id => 1
+ assert_redirected_to 'projects/ecookbook/timelog/details'
+ assert_nil TimeEntry.find_by_id(1)
+ end
def test_report_no_criteria
get :report, :project_id => 1
OSDN Git Service
