diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 1299dac..360d091 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -154,7 +154,15 @@ class ApplicationController < ActionController::Base # Authorize the user for the requested action def authorize(ctrl = params[:controller], action = params[:action], global = false) allowed = User.current.allowed_to?({:controller => ctrl, :action => action}, @project || @projects, :global => global) - allowed ? true : deny_access + if allowed + true + else + if @project && @project.archived? + render_403 :message => :notice_not_authorized_archived_project + else + deny_access + end + end end # Authorize the user for the requested action outside a project @@ -265,8 +273,10 @@ class ApplicationController < ActionController::Base redirect_to default end - def render_403 + def render_403(options={}) @project = nil + @message = options[:message] || :notice_not_authorized + @message = l(@message) if @message.is_a?(Symbol) respond_to do |format| format.html { render :template => "common/403", :layout => use_layout, :status => 403 } format.atom { head 403 } diff --git a/app/models/project.rb b/app/models/project.rb index 16c9744..a6d7dc7 100644 --- a/app/models/project.rb +++ b/app/models/project.rb @@ -220,6 +220,10 @@ class Project < ActiveRecord::Base self.status == STATUS_ACTIVE end + def archived? + self.status == STATUS_ARCHIVED + end + # Archives the project and its descendants def archive # Check that there is no issue of a non descendant project that is assigned diff --git a/app/views/common/403.rhtml b/app/views/common/403.rhtml index d1173a1..43f487d 100644 --- a/app/views/common/403.rhtml +++ b/app/views/common/403.rhtml @@ -1,6 +1,6 @@

403

-

<%= l(:notice_not_authorized) %>

+

<%=h @message %>

Back

<% html_title '403' %> diff --git a/config/locales/bg.yml b/config/locales/bg.yml index e6f92cc..a3f78f8 100644 --- a/config/locales/bg.yml +++ b/config/locales/bg.yml @@ -916,3 +916,4 @@ bg: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/bs.yml b/config/locales/bs.yml index f637351..cebe14d 100644 --- a/config/locales/bs.yml +++ b/config/locales/bs.yml @@ -936,3 +936,4 @@ bs: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/ca.yml b/config/locales/ca.yml index 842ef62..9befe1d 100644 --- a/config/locales/ca.yml +++ b/config/locales/ca.yml @@ -925,3 +925,4 @@ ca: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/cs.yml b/config/locales/cs.yml index d4449ce..5e90855 100644 --- a/config/locales/cs.yml +++ b/config/locales/cs.yml @@ -922,3 +922,4 @@ cs: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/da.yml b/config/locales/da.yml index e557721..87e813b 100644 --- a/config/locales/da.yml +++ b/config/locales/da.yml @@ -938,3 +938,4 @@ da: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/de.yml b/config/locales/de.yml index 9c9a853..f2eb1e8 100644 --- a/config/locales/de.yml +++ b/config/locales/de.yml @@ -941,3 +941,4 @@ de: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/el.yml b/config/locales/el.yml index 963f30d..85f4bcc 100644 --- a/config/locales/el.yml +++ b/config/locales/el.yml @@ -922,3 +922,4 @@ el: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/en-GB.yml b/config/locales/en-GB.yml index a6b2817..e14276a 100644 --- a/config/locales/en-GB.yml +++ b/config/locales/en-GB.yml @@ -926,3 +926,4 @@ en-GB: setting_default_notification_option: Default notification option label_user_mail_option_only_my_events: Only for things I watch or I'm involved in label_user_mail_option_only_assigned: Only for things I am assigned to + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/en.yml b/config/locales/en.yml index bdf2e98..083d781 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -150,6 +150,7 @@ en: notice_file_not_found: The page you were trying to access doesn't exist or has been removed. notice_locking_conflict: Data has been updated by another user. notice_not_authorized: You are not authorized to access this page. + notice_not_authorized_archived_project: The project you're trying to access has been archived. notice_email_sent: "An email was sent to {{value}}" notice_email_error: "An error occurred while sending mail ({{value}})" notice_feeds_access_key_reseted: Your RSS access key was reset. diff --git a/config/locales/es.yml b/config/locales/es.yml index 2b08b1d..8f824d2 100644 --- a/config/locales/es.yml +++ b/config/locales/es.yml @@ -962,3 +962,4 @@ es: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/eu.yml b/config/locales/eu.yml index b45bf0e..6072c3b 100644 --- a/config/locales/eu.yml +++ b/config/locales/eu.yml @@ -926,3 +926,4 @@ eu: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/fi.yml b/config/locales/fi.yml index e4f107e..b1fdae7 100644 --- a/config/locales/fi.yml +++ b/config/locales/fi.yml @@ -947,3 +947,4 @@ fi: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/fr.yml b/config/locales/fr.yml index 6784893..92720ab 100644 --- a/config/locales/fr.yml +++ b/config/locales/fr.yml @@ -169,6 +169,7 @@ fr: notice_file_not_found: "La page à laquelle vous souhaitez accéder n'existe pas ou a été supprimée." notice_locking_conflict: Les données ont été mises à jour par un autre utilisateur. Mise à jour impossible. notice_not_authorized: "Vous n'êtes pas autorisés à accéder à cette page." + notice_not_authorized_archived_project: Le projet auquel vous tentez d'accéder a été archivé. notice_email_sent: "Un email a été envoyé à {{value}}" notice_email_error: "Erreur lors de l'envoi de l'email ({{value}})" notice_feeds_access_key_reseted: "Votre clé d'accès aux flux RSS a été réinitialisée." diff --git a/config/locales/gl.yml b/config/locales/gl.yml index 14f04ab..d3ee6de 100644 --- a/config/locales/gl.yml +++ b/config/locales/gl.yml @@ -938,3 +938,4 @@ gl: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/he.yml b/config/locales/he.yml index 1fc167e..72f5a6c 100644 --- a/config/locales/he.yml +++ b/config/locales/he.yml @@ -927,3 +927,4 @@ he: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/hr.yml b/config/locales/hr.yml index 725411c..a9f702e 100644 --- a/config/locales/hr.yml +++ b/config/locales/hr.yml @@ -929,3 +929,4 @@ hr: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/hu.yml b/config/locales/hu.yml index 767f2d6..b08e905 100644 --- a/config/locales/hu.yml +++ b/config/locales/hu.yml @@ -945,3 +945,4 @@ label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/id.yml b/config/locales/id.yml index b913670..e3e120f 100644 --- a/config/locales/id.yml +++ b/config/locales/id.yml @@ -930,3 +930,4 @@ id: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/it.yml b/config/locales/it.yml index f39dfbb..2faa28b 100644 --- a/config/locales/it.yml +++ b/config/locales/it.yml @@ -926,3 +926,4 @@ it: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/ja.yml b/config/locales/ja.yml index 92bfd15..a9adc09 100644 --- a/config/locales/ja.yml +++ b/config/locales/ja.yml @@ -947,3 +947,4 @@ ja: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/ko.yml b/config/locales/ko.yml index 7cc8ad6..e74ad2a 100644 --- a/config/locales/ko.yml +++ b/config/locales/ko.yml @@ -978,3 +978,4 @@ ko: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/lt.yml b/config/locales/lt.yml index 186c61a..e091422 100644 --- a/config/locales/lt.yml +++ b/config/locales/lt.yml @@ -986,3 +986,4 @@ lt: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/lv.yml b/config/locales/lv.yml index 5c338cd..c0fd237 100644 --- a/config/locales/lv.yml +++ b/config/locales/lv.yml @@ -917,3 +917,4 @@ lv: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/mk.yml b/config/locales/mk.yml index 6dd1fca..5d7124f 100644 --- a/config/locales/mk.yml +++ b/config/locales/mk.yml @@ -922,3 +922,4 @@ mk: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/mn.yml b/config/locales/mn.yml index a0f4be9..b6032f9 100644 --- a/config/locales/mn.yml +++ b/config/locales/mn.yml @@ -923,3 +923,4 @@ mn: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/nl.yml b/config/locales/nl.yml index ab9fdfa..b151657 100644 --- a/config/locales/nl.yml +++ b/config/locales/nl.yml @@ -904,3 +904,4 @@ nl: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/no.yml b/config/locales/no.yml index 592af9d..b21eba1 100644 --- a/config/locales/no.yml +++ b/config/locales/no.yml @@ -913,3 +913,4 @@ label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/pl.yml b/config/locales/pl.yml index d119310..25099c9 100644 --- a/config/locales/pl.yml +++ b/config/locales/pl.yml @@ -943,3 +943,4 @@ pl: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/pt-BR.yml b/config/locales/pt-BR.yml index f860930..78448f7 100644 --- a/config/locales/pt-BR.yml +++ b/config/locales/pt-BR.yml @@ -946,3 +946,4 @@ pt-BR: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/pt.yml b/config/locales/pt.yml index eb8917e..24ee868 100644 --- a/config/locales/pt.yml +++ b/config/locales/pt.yml @@ -930,3 +930,4 @@ pt: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/ro.yml b/config/locales/ro.yml index b1e311f..7076ef8 100644 --- a/config/locales/ro.yml +++ b/config/locales/ro.yml @@ -915,3 +915,4 @@ ro: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/ru.yml b/config/locales/ru.yml index ee6c704..b0ed5cb 100644 --- a/config/locales/ru.yml +++ b/config/locales/ru.yml @@ -1039,3 +1039,4 @@ ru: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/sk.yml b/config/locales/sk.yml index e49a214..c26bca7 100644 --- a/config/locales/sk.yml +++ b/config/locales/sk.yml @@ -917,3 +917,4 @@ sk: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/sl.yml b/config/locales/sl.yml index 33eade5..417a19a 100644 --- a/config/locales/sl.yml +++ b/config/locales/sl.yml @@ -918,3 +918,4 @@ sl: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/sr-YU.yml b/config/locales/sr-YU.yml index 0aee7ec..53c8e5e 100644 --- a/config/locales/sr-YU.yml +++ b/config/locales/sr-YU.yml @@ -922,3 +922,4 @@ sr-YU: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/sr.yml b/config/locales/sr.yml index b1686eb..dd49240 100644 --- a/config/locales/sr.yml +++ b/config/locales/sr.yml @@ -923,3 +923,4 @@ sr: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/sv.yml b/config/locales/sv.yml index 0b19956..8509a03 100644 --- a/config/locales/sv.yml +++ b/config/locales/sv.yml @@ -967,3 +967,4 @@ sv: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/th.yml b/config/locales/th.yml index d0275af..7344a92 100644 --- a/config/locales/th.yml +++ b/config/locales/th.yml @@ -919,3 +919,4 @@ th: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/tr.yml b/config/locales/tr.yml index 32ae9cc..3fd0b74 100644 --- a/config/locales/tr.yml +++ b/config/locales/tr.yml @@ -945,3 +945,4 @@ tr: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/uk.yml b/config/locales/uk.yml index 28e6caa..f755641 100644 --- a/config/locales/uk.yml +++ b/config/locales/uk.yml @@ -918,3 +918,4 @@ uk: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/vi.yml b/config/locales/vi.yml index 84adc16..b1e1662 100644 --- a/config/locales/vi.yml +++ b/config/locales/vi.yml @@ -977,3 +977,4 @@ vi: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/zh-TW.yml b/config/locales/zh-TW.yml index 89ea488..82db927 100644 --- a/config/locales/zh-TW.yml +++ b/config/locales/zh-TW.yml @@ -1008,3 +1008,4 @@ label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/config/locales/zh.yml b/config/locales/zh.yml index 3439b31..ba93329 100644 --- a/config/locales/zh.yml +++ b/config/locales/zh.yml @@ -940,3 +940,4 @@ zh: label_user_mail_option_none: No events field_member_of_group: Assignee's group field_assigned_to_role: Assignee's role + notice_not_authorized_archived_project: The project you're trying to access has been archived. diff --git a/test/functional/projects_controller_test.rb b/test/functional/projects_controller_test.rb index 8a9bbe6..7122f89 100644 --- a/test/functional/projects_controller_test.rb +++ b/test/functional/projects_controller_test.rb @@ -296,6 +296,16 @@ class ProjectsControllerTest < ActionController::TestCase assert_equal Project.find_by_identifier('ecookbook'), assigns(:project) end + def show_archived_project_should_be_denied + project = Project.find_by_identifier('ecookbook') + project.archive! + + get :show, :id => 'ecookbook' + assert_response 403 + assert_nil assigns(:project) + assert_tag :tag => 'p', :content => /archived/ + end + def test_private_subprojects_hidden get :show, :id => 'ecookbook' assert_response :success diff --git a/test/unit/project_test.rb b/test/unit/project_test.rb index 08b0fb2..e4927eb 100644 --- a/test/unit/project_test.rb +++ b/test/unit/project_test.rb @@ -102,6 +102,7 @@ class ProjectTest < ActiveSupport::TestCase @ecookbook.reload assert !@ecookbook.active? + assert @ecookbook.archived? assert !user.projects.include?(@ecookbook) # Subproject are also archived assert !@ecookbook.children.empty? @@ -129,6 +130,7 @@ class ProjectTest < ActiveSupport::TestCase assert @ecookbook.unarchive @ecookbook.reload assert @ecookbook.active? + assert !@ecookbook.archived? assert user.projects.include?(@ecookbook) # Subproject can now be unarchived @ecookbook_sub1.reload