Show More
@@ -726,7 +726,7 b' class PullrequestsController(BaseRepoCon' | |||
|
726 | 726 | c.allowed_to_delete = PullRequestModel().check_user_delete( |
|
727 | 727 | pull_request_latest, c.rhodecode_user) and not pr_closed |
|
728 | 728 | c.allowed_to_comment = not pr_closed |
|
729 |
c.allowed_to_close = c.allowed_to_ |
|
|
729 | c.allowed_to_close = c.allowed_to_merge and not pr_closed | |
|
730 | 730 | |
|
731 | 731 | # check merge capabilities |
|
732 | 732 | _merge_check = MergeCheck.validate( |
@@ -969,7 +969,11 b' class PullrequestsController(BaseRepoCon' | |||
|
969 | 969 | close_pull_request = request.POST.get('close_pull_request') |
|
970 | 970 | |
|
971 | 971 | close_pr = False |
|
972 | if close_pull_request: | |
|
972 | # only owner or admin or person with write permissions | |
|
973 | allowed_to_close = PullRequestModel().check_user_update( | |
|
974 | pull_request, c.rhodecode_user) | |
|
975 | ||
|
976 | if close_pull_request and allowed_to_close: | |
|
973 | 977 | close_pr = True |
|
974 | 978 | pull_request_review_status = pull_request.calculated_review_status() |
|
975 | 979 | if pull_request_review_status == ChangesetStatus.STATUS_APPROVED: |
@@ -31,7 +31,8 b' from rhodecode.model.meta import Session' | |||
|
31 | 31 | from rhodecode.model.pull_request import PullRequestModel |
|
32 | 32 | from rhodecode.model.user import UserModel |
|
33 | 33 | from rhodecode.model.repo import RepoModel |
|
34 | from rhodecode.tests import assert_session_flash, url, TEST_USER_ADMIN_LOGIN | |
|
34 | from rhodecode.tests import ( | |
|
35 | assert_session_flash, url, TEST_USER_ADMIN_LOGIN, TEST_USER_REGULAR_LOGIN) | |
|
35 | 36 | from rhodecode.tests.utils import AssertResponse |
|
36 | 37 | |
|
37 | 38 | |
@@ -97,7 +98,7 b' class TestPullrequestsController:' | |||
|
97 | 98 | 'Server-side pull request merging is disabled.' |
|
98 | 99 | in response) != pr_merge_enabled |
|
99 | 100 | |
|
100 | def test_close_status_visibility(self, pr_util, csrf_token): | |
|
101 | def test_close_status_visibility(self, pr_util, user_util, csrf_token): | |
|
101 | 102 | from rhodecode.tests.functional.test_login import login_url, logut_url |
|
102 | 103 | # Logout |
|
103 | 104 | response = self.app.post( |
@@ -105,10 +106,11 b' class TestPullrequestsController:' | |||
|
105 | 106 | params={'csrf_token': csrf_token}) |
|
106 | 107 | # Login as regular user |
|
107 | 108 | response = self.app.post(login_url, |
|
108 |
{'username': |
|
|
109 | {'username': TEST_USER_REGULAR_LOGIN, | |
|
109 | 110 | 'password': 'test12'}) |
|
110 | 111 | |
|
111 |
pull_request = pr_util.create_pull_request( |
|
|
112 | pull_request = pr_util.create_pull_request( | |
|
113 | author=TEST_USER_REGULAR_LOGIN) | |
|
112 | 114 | |
|
113 | 115 | response = self.app.get(url( |
|
114 | 116 | controller='pullrequests', action='show', |
@@ -118,6 +120,22 b' class TestPullrequestsController:' | |||
|
118 | 120 | response.mustcontain('Server-side pull request merging is disabled.') |
|
119 | 121 | |
|
120 | 122 | assert_response = response.assert_response() |
|
123 | # for regular user without a merge permissions, we don't see it | |
|
124 | assert_response.no_element_exists('#close-pull-request-action') | |
|
125 | ||
|
126 | user_util.grant_user_permission_to_repo( | |
|
127 | pull_request.target_repo, | |
|
128 | UserModel().get_by_username(TEST_USER_REGULAR_LOGIN), | |
|
129 | 'repository.write') | |
|
130 | response = self.app.get(url( | |
|
131 | controller='pullrequests', action='show', | |
|
132 | repo_name=pull_request.target_repo.scm_instance().name, | |
|
133 | pull_request_id=str(pull_request.pull_request_id))) | |
|
134 | ||
|
135 | response.mustcontain('Server-side pull request merging is disabled.') | |
|
136 | ||
|
137 | assert_response = response.assert_response() | |
|
138 | # now regular user has a merge permissions, we have CLOSE button | |
|
121 | 139 | assert_response.one_element_exists('#close-pull-request-action') |
|
122 | 140 | |
|
123 | 141 | def test_show_invalid_commit_id(self, pr_util): |
General Comments 0
You need to be logged in to leave comments.
Login now