##// END OF EJS Templates
Introduce virtual MenuNodes (#15880)....
Introduce virtual MenuNodes (#15880). They are characterized by having a blank url. they will only be rendered if the user is authorized to see at least one of its children. they render as links which do nothing when clicked. Patch by Jan Schulz-Hofen. git-svn-id: http://svn.redmine.org/redmine/trunk@15501 e93f8b46-1217-0410-a6f0-8f06a7374b81

File last commit:

r15082:79df68e17fc0
r15119:53710d80fc88
Show More
role.rb
284 lines | 8.8 KiB | text/x-ruby | RubyLexer
Jean-Philippe Lang
Localize anonymous and non member roles names (#8072)....
r5213 # Redmine - project management software
Jean-Philippe Lang
Updates copyright for 2016....
r14856 # Copyright (C) 2006-2016 Jean-Philippe Lang
Jean-Philippe Lang
added svn:eol-style native property on /app files...
r330 #
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
Toshi MARUYAMA
remove trailing white-spaces from app/models/role.rb....
r6737 #
Jean-Philippe Lang
added svn:eol-style native property on /app files...
r330 # This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
Toshi MARUYAMA
remove trailing white-spaces from app/models/role.rb....
r6737 #
Jean-Philippe Lang
added svn:eol-style native property on /app files...
r330 # You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class Role < ActiveRecord::Base
Jean-Philippe Lang
Perf: use a custom decoder for Role#permissions instead of YAML.load....
r9733 # Custom coder for the permissions attribute that should be an
# array of symbols. Rails 3 uses Psych which can be *unbelievably*
# slow on some platforms (eg. mingw32).
class PermissionsAttributeCoder
def self.load(str)
str.to_s.scan(/:([a-z0-9_]+)/).flatten.map(&:to_sym)
end
def self.dump(value)
YAML.dump(value)
end
end
Jean-Philippe Lang
Merged 0.6 branch into trunk....
r663 # Built-in roles
BUILTIN_NON_MEMBER = 1
BUILTIN_ANONYMOUS = 2
Toshi MARUYAMA
remove trailing white-spaces from app/models/role.rb....
r6737
Jean-Philippe Lang
Adds an issues visibility level on roles (#7412)....
r5296 ISSUES_VISIBILITY_OPTIONS = [
Jean-Philippe Lang
Private issues (#7414)....
r5346 ['all', :label_issues_visibility_all],
['default', :label_issues_visibility_public],
Jean-Philippe Lang
Adds an issues visibility level on roles (#7412)....
r5296 ['own', :label_issues_visibility_own]
]
Jean-Philippe Lang
Merged nbc branch @ r1812 (commit access permission and reposman improvements)....
r1812
Jean-Philippe Lang
Adds a role setting that viewing all or own time entries (#8929)....
r13893 TIME_ENTRIES_VISIBILITY_OPTIONS = [
['all', :label_time_entries_visibility_all],
['own', :label_time_entries_visibility_own]
]
Jean-Philippe Lang
Adds a role setting for controlling visibility of users: all or members of visible projects (#11724)....
r13202 USERS_VISIBILITY_OPTIONS = [
['all', :label_users_visibility_all],
['members_of_visible_projects', :label_users_visibility_members_of_visible_projects]
]
Jean-Philippe Lang
Order scopes cleanup....
r13144 scope :sorted, lambda { order(:builtin, :position) }
scope :givable, lambda { order(:position).where(:builtin => 0) }
Toshi MARUYAMA
model: replace Rails2 "named_scope" to Rails3 "scope"...
r9355 scope :builtin, lambda { |*args|
Jean-Philippe Lang
Code cleanup....
r9532 compare = (args.first == true ? 'not' : '')
where("#{compare} builtin = 0")
Jean-Philippe Lang
Merged nbc branch @ r1812 (commit access permission and reposman improvements)....
r1812 }
Toshi MARUYAMA
remove trailing white-spaces from app/models/role.rb....
r6737
Jean-Philippe Lang
Merged 0.6 branch into trunk....
r663 before_destroy :check_deletable
Jean-Philippe Lang
Workflow enhancement: editable and required fields configurable by role, tracker and status (#703, #3521)....
r9794 has_many :workflow_rules, :dependent => :delete_all do
Jean-Philippe Lang
Adds workflow copy functionality (#1727)....
r3040 def copy(source_role)
Jean-Philippe Lang
Workflow enhancement: editable and required fields configurable by role, tracker and status (#703, #3521)....
r9794 WorkflowRule.copy(nil, source_role, nil, proxy_association.owner)
Jean-Philippe Lang
Workflow copy:...
r1237 end
end
Jean-Philippe Lang
Role-based issue custom field visibility (#5037)....
r11782 has_and_belongs_to_many :custom_fields, :join_table => "#{table_name_prefix}custom_fields_roles#{table_name_suffix}", :foreign_key => "role_id"
Toshi MARUYAMA
remove trailing white-spaces from app/models/role.rb....
r6737
Jean-Philippe Lang
Ability to limit member management to certain roles (#19707)....
r13911 has_and_belongs_to_many :managed_roles, :class_name => 'Role',
:join_table => "#{table_name_prefix}roles_managed_roles#{table_name_suffix}",
:association_foreign_key => "managed_role_id"
Jean-Philippe Lang
Allows multiple roles on the same project (#706). Prerequisite for user groups feature....
r2627 has_many :member_roles, :dependent => :destroy
has_many :members, :through => :member_roles
Jean-Philippe Lang
Replaces acts_as_list with an implementation that handles #position= (#12909)....
r14953 acts_as_positioned :scope => :builtin
Toshi MARUYAMA
remove trailing white-spaces from app/models/role.rb....
r6737
Jean-Philippe Lang
Perf: use a custom decoder for Role#permissions instead of YAML.load....
r9733 serialize :permissions, ::Role::PermissionsAttributeCoder
Jean-Philippe Lang
Limit trackers for new issue to certain roles (#7839)....
r15082 store :settings, :accessors => [:permissions_all_trackers, :permissions_tracker_ids]
Jean-Philippe Lang
Merged 0.6 branch into trunk....
r663 attr_protected :builtin
Jean-Philippe Lang
added svn:eol-style native property on /app files...
r330
validates_presence_of :name
validates_uniqueness_of :name
Jean-Philippe Lang
Added several validates_length_of...
r590 validates_length_of :name, :maximum => 30
Jean-Philippe Lang
Adds an issues visibility level on roles (#7412)....
r5296 validates_inclusion_of :issues_visibility,
:in => ISSUES_VISIBILITY_OPTIONS.collect(&:first),
Jean-Philippe Lang
Skip validation if attribute did not change....
r13469 :if => lambda {|role| role.respond_to?(:issues_visibility) && role.issues_visibility_changed?}
Jean-Philippe Lang
Adds a role setting for controlling visibility of users: all or members of visible projects (#11724)....
r13202 validates_inclusion_of :users_visibility,
:in => USERS_VISIBILITY_OPTIONS.collect(&:first),
Jean-Philippe Lang
Skip validation if attribute did not change....
r13469 :if => lambda {|role| role.respond_to?(:users_visibility) && role.users_visibility_changed?}
Jean-Philippe Lang
Adds a role setting that viewing all or own time entries (#8929)....
r13893 validates_inclusion_of :time_entries_visibility,
:in => TIME_ENTRIES_VISIBILITY_OPTIONS.collect(&:first),
:if => lambda {|role| role.respond_to?(:time_entries_visibility) && role.time_entries_visibility_changed?}
Toshi MARUYAMA
remove trailing white-spaces from app/models/role.rb....
r6737
Jean-Philippe Lang
Create role by copy (#9258)....
r10102 # Copies attributes from another role, arg can be an id or a Role
def copy_from(arg, options={})
return unless arg.present?
role = arg.is_a?(Role) ? arg : Role.find_by_id(arg.to_s)
self.attributes = role.attributes.dup.except("id", "name", "position", "builtin", "permissions")
self.permissions = role.permissions.dup
self
end
Jean-Philippe Lang
Merged 0.6 branch into trunk....
r663 def permissions=(perms)
Jean-Philippe Lang
Merged nbc branch @ r1812 (commit access permission and reposman improvements)....
r1812 perms = perms.collect {|p| p.to_sym unless p.blank? }.compact.uniq if perms
Jean-Philippe Lang
Merged 0.6 branch into trunk....
r663 write_attribute(:permissions, perms)
end
Jean-Philippe Lang
Merged nbc branch @ r1812 (commit access permission and reposman improvements)....
r1812
def add_permission!(*perms)
self.permissions = [] unless permissions.is_a?(Array)
permissions_will_change!
perms.each do |p|
p = p.to_sym
permissions << p unless permissions.include?(p)
end
save!
end
def remove_permission!(*perms)
return unless permissions.is_a?(Array)
permissions_will_change!
perms.each { |p| permissions.delete(p.to_sym) }
save!
end
Toshi MARUYAMA
remove trailing white-spaces from app/models/role.rb....
r6737
Jean-Philippe Lang
Adds a permission 'view wiki edits' so that wiki history can be hidden to certain users (#1154)....
r1813 # Returns true if the role has the given permission
def has_permission?(perm)
!permissions.nil? && permissions.include?(perm.to_sym)
end
Toshi MARUYAMA
remove trailing white-spaces from app/models/role.rb....
r6737
Jean-Philippe Lang
Don't consider roles without issue add/edit permissions for determining fields permissions (#15988)....
r13365 def consider_workflow?
has_permission?(:add_issues) || has_permission?(:edit_issues)
end
Jean-Philippe Lang
Various changes on views. On project summary, members are now grouped by role and subprojects are listed inline....
r431 def <=>(role)
Jean-Philippe Lang
Code cleanup....
r9532 if role
if builtin == role.builtin
position <=> role.position
else
builtin <=> role.builtin
end
else
-1
end
Jean-Philippe Lang
Allows multiple roles on the same project (#706). Prerequisite for user groups feature....
r2627 end
Toshi MARUYAMA
remove trailing white-spaces from app/models/role.rb....
r6737
Jean-Philippe Lang
Allows multiple roles on the same project (#706). Prerequisite for user groups feature....
r2627 def to_s
name
Jean-Philippe Lang
Various changes on views. On project summary, members are now grouped by role and subprojects are listed inline....
r431 end
Toshi MARUYAMA
remove trailing white-spaces from app/models/role.rb....
r6737
Jean-Philippe Lang
Localize anonymous and non member roles names (#8072)....
r5213 def name
case builtin
when 1; l(:label_role_non_member, :default => read_attribute(:name))
when 2; l(:label_role_anonymous, :default => read_attribute(:name))
else; read_attribute(:name)
end
end
Toshi MARUYAMA
remove trailing white-spaces from app/models/role.rb....
r6737
Jean-Philippe Lang
Merged 0.6 branch into trunk....
r663 # Return true if the role is a builtin role
def builtin?
self.builtin != 0
end
Toshi MARUYAMA
remove trailing white-spaces from app/models/role.rb....
r6737
Jean-Philippe Lang
Anonymous users should always see public issues only (#11872)....
r10254 # Return true if the role is the anonymous role
def anonymous?
builtin == 2
end
Toshi MARUYAMA
remove trailing white-space from app/models/role.rb...
r11485
Jean-Philippe Lang
Merged 0.6 branch into trunk....
r663 # Return true if the role is a project member role
def member?
!self.builtin?
end
Toshi MARUYAMA
remove trailing white-spaces from app/models/role.rb....
r6737
Jean-Philippe Lang
Merged 0.6 branch into trunk....
r663 # Return true if role is allowed to do the specified action
# action can be:
# * a parameter-like Hash (eg. :controller => 'projects', :action => 'edit')
# * a permission Symbol (eg. :edit_project)
def allowed_to?(action)
if action.is_a? Hash
allowed_actions.include? "#{action[:controller]}/#{action[:action]}"
else
allowed_permissions.include? action
end
end
Toshi MARUYAMA
remove trailing white-spaces from app/models/role.rb....
r6737
Jean-Philippe Lang
Merged 0.6 branch into trunk....
r663 # Return all the permissions that can be given to the role
def setable_permissions
setable_permissions = Redmine::AccessControl.permissions - Redmine::AccessControl.public_permissions
setable_permissions -= Redmine::AccessControl.members_only_permissions if self.builtin == BUILTIN_NON_MEMBER
setable_permissions -= Redmine::AccessControl.loggedin_only_permissions if self.builtin == BUILTIN_ANONYMOUS
setable_permissions
end
Jean-Philippe Lang
Limit trackers for new issue to certain roles (#7839)....
r15082 def permissions_tracker_ids(*args)
if args.any?
Array(permissions_tracker_ids[args.first.to_s]).map(&:to_i)
else
super || {}
end
end
def permissions_tracker_ids=(arg)
h = arg.to_hash
h.values.each {|v| v.reject!(&:blank?)}
super(h)
end
# Returns true if tracker_id belongs to the list of
# trackers for which permission is given
def permissions_tracker_ids?(permission, tracker_id)
permissions_tracker_ids(permission).include?(tracker_id)
end
def permissions_all_trackers
super || {}
end
def permissions_all_trackers=(arg)
super(arg.to_hash)
end
# Returns true if permission is given for all trackers
def permissions_all_trackers?(permission)
permissions_all_trackers[permission.to_s].to_s != '0'
end
# Sets the trackers that are allowed for a permission.
# tracker_ids can be an array of tracker ids or :all for
# no restrictions.
#
# Examples:
# role.set_permission_trackers :add_issues, [1, 3]
# role.set_permission_trackers :add_issues, :all
def set_permission_trackers(permission, tracker_ids)
h = {permission.to_s => (tracker_ids == :all ? '1' : '0')}
self.permissions_all_trackers = permissions_all_trackers.merge(h)
h = {permission.to_s => (tracker_ids == :all ? [] : tracker_ids)}
self.permissions_tracker_ids = permissions_tracker_ids.merge(h)
self
end
Jean-Philippe Lang
Merged 0.6 branch into trunk....
r663 # Find all the roles that can be given to a project member
def self.find_all_givable
Jean-Philippe Lang
Merged rails-4.1 branch (#14534)....
r13100 Role.givable.to_a
Jean-Philippe Lang
Merged 0.6 branch into trunk....
r663 end
Eric Davis
Change Role#anonymous and #non_member so they generate the record as needed....
r3249 # Return the builtin 'non member' role. If the role doesn't exist,
# it will be created on the fly.
Jean-Philippe Lang
Merged 0.6 branch into trunk....
r663 def self.non_member
Jean-Philippe Lang
Refactor builtin roles creation....
r6179 find_or_create_system_role(BUILTIN_NON_MEMBER, 'Non member')
Jean-Philippe Lang
Merged 0.6 branch into trunk....
r663 end
Eric Davis
Change Role#anonymous and #non_member so they generate the record as needed....
r3249 # Return the builtin 'anonymous' role. If the role doesn't exist,
# it will be created on the fly.
Jean-Philippe Lang
Merged 0.6 branch into trunk....
r663 def self.anonymous
Jean-Philippe Lang
Refactor builtin roles creation....
r6179 find_or_create_system_role(BUILTIN_ANONYMOUS, 'Anonymous')
Jean-Philippe Lang
Merged 0.6 branch into trunk....
r663 end
Toshi MARUYAMA
remove trailing white-spaces from app/models/role.rb....
r6737
Jean-Philippe Lang
added svn:eol-style native property on /app files...
r330 private
Toshi MARUYAMA
remove trailing white-spaces from app/models/role.rb....
r6737
Jean-Philippe Lang
Merged 0.6 branch into trunk....
r663 def allowed_permissions
@allowed_permissions ||= permissions + Redmine::AccessControl.public_permissions.collect {|p| p.name}
end
def allowed_actions
@actions_allowed ||= allowed_permissions.inject([]) { |actions, permission| actions += Redmine::AccessControl.allowed_actions(permission) }.flatten
end
Toshi MARUYAMA
remove trailing white-spaces from app/models/role.rb....
r6737
Jean-Philippe Lang
Merged 0.6 branch into trunk....
r663 def check_deletable
Jean-Philippe Lang
Replaced "can't" with "cannot" in error messages....
r13399 raise "Cannot delete role" if members.any?
raise "Cannot delete builtin role" if builtin?
Jean-Philippe Lang
Initial commit...
r2 end
Toshi MARUYAMA
remove trailing white-spaces from app/models/role.rb....
r6737
Jean-Philippe Lang
Refactor builtin roles creation....
r6179 def self.find_or_create_system_role(builtin, name)
Jean-Philippe Lang
Code cleanup....
r9532 role = where(:builtin => builtin).first
Jean-Philippe Lang
Refactor builtin roles creation....
r6179 if role.nil?
Jean-Philippe Lang
Replaces acts_as_list with an implementation that handles #position= (#12909)....
r14953 role = create(:name => name) do |r|
Jean-Philippe Lang
Refactor builtin roles creation....
r6179 r.builtin = builtin
end
Jean-Philippe Lang
Replaces acts_as_list with an implementation that handles #position= (#12909)....
r14953 raise "Unable to create the #{name} role (#{role.errors.full_messages.join(',')})." if role.new_record?
Jean-Philippe Lang
Refactor builtin roles creation....
r6179 end
role
end
Jean-Philippe Lang
Initial commit...
r2 end