##// END OF EJS Templates
jro_apps » redmine
RSS
Makes visible scopes accept projects option and deprecate Project.visible_by....
Jean-Philippe Lang -
r5204:405fc07e9073
parent child
Show More
Side by Side Unified
Context file:
r5204:405fc07e9073 Loading diff...:
Show file before | Show file after | Hide comments
@@ -42,7 +42,7 class Changeset < ActiveRecord::Base
42 validates_uniqueness_of :scmid, :scope => :repository_id, :allow_nil => true
42 validates_uniqueness_of :scmid, :scope => :repository_id, :allow_nil => true
43
43
44 named_scope :visible, lambda {|*args| { :include => {:repository => :project},
44 named_scope :visible, lambda {|*args| { :include => {:repository => :project},
45 :conditions => Project.allowed_to_condition(args.first || User.current, :view_changesets) } }
45 :conditions => Project.allowed_to_condition(args.shift || User.current, :view_changesets, *args) } }
46
46
47 def revision=(r)
47 def revision=(r)
48 write_attribute :revision, (r.nil? ? nil : r.to_s)
48 write_attribute :revision, (r.nil? ? nil : r.to_s)
Show file before | Show file after | Hide comments
@@ -30,7 +30,7 class Document < ActiveRecord::Base
30 validates_length_of :title, :maximum => 60
30 validates_length_of :title, :maximum => 60
31
31
32 named_scope :visible, lambda {|*args| { :include => :project,
32 named_scope :visible, lambda {|*args| { :include => :project,
33 :conditions => Project.allowed_to_condition(args.first || User.current, :view_documents) } }
33 :conditions => Project.allowed_to_condition(args.shift || User.current, :view_documents, *args) } }
34
34
35 def visible?(user=User.current)
35 def visible?(user=User.current)
36 !user.nil? && user.allowed_to?(:view_documents, project)
36 !user.nil? && user.allowed_to?(:view_documents, project)
Show file before | Show file after | Hide comments
@@ -60,7 +60,7 class Issue < ActiveRecord::Base
60 validates_numericality_of :estimated_hours, :allow_nil => true
60 validates_numericality_of :estimated_hours, :allow_nil => true
61
61
62 named_scope :visible, lambda {|*args| { :include => :project,
62 named_scope :visible, lambda {|*args| { :include => :project,
63 :conditions => Issue.visible_condition(args.first || User.current) } }
63 :conditions => Issue.visible_condition(args.shift || User.current, *args) } }
64
64
65 named_scope :open, :conditions => ["#{IssueStatus.table_name}.is_closed = ?", false], :include => :status
65 named_scope :open, :conditions => ["#{IssueStatus.table_name}.is_closed = ?", false], :include => :status
66
66
Show file before | Show file after | Hide comments
@@ -40,7 +40,7 class Journal < ActiveRecord::Base
40
40
41 named_scope :visible, lambda {|*args| {
41 named_scope :visible, lambda {|*args| {
42 :include => {:issue => :project},
42 :include => {:issue => :project},
43 :conditions => Issue.visible_condition(args.first || User.current)
43 :conditions => Issue.visible_condition(args.shift || User.current, *args)
44 }}
44 }}
45
45
46 def save(*args)
46 def save(*args)
Show file before | Show file after | Hide comments
@@ -24,7 +24,7 class Message < ActiveRecord::Base
24
24
25 acts_as_searchable :columns => ['subject', 'content'],
25 acts_as_searchable :columns => ['subject', 'content'],
26 :include => {:board => :project},
26 :include => {:board => :project},
27 :project_key => 'project_id',
27 :project_key => "#{Board.table_name}.project_id",
28 :date_column => "#{table_name}.created_on"
28 :date_column => "#{table_name}.created_on"
29 acts_as_event :title => Proc.new {|o| "#{o.board.name}: #{o.subject}"},
29 acts_as_event :title => Proc.new {|o| "#{o.board.name}: #{o.subject}"},
30 :description => :content,
30 :description => :content,
@@ -43,7 +43,7 class Message < ActiveRecord::Base
43 after_create :add_author_as_watcher
43 after_create :add_author_as_watcher
44
44
45 named_scope :visible, lambda {|*args| { :include => {:board => :project},
45 named_scope :visible, lambda {|*args| { :include => {:board => :project},
46 :conditions => Project.allowed_to_condition(args.first || User.current, :view_messages) } }
46 :conditions => Project.allowed_to_condition(args.shift || User.current, :view_messages, *args) } }
47
47
48 def visible?(user=User.current)
48 def visible?(user=User.current)
49 !user.nil? && user.allowed_to?(:view_messages, project)
49 !user.nil? && user.allowed_to?(:view_messages, project)
Show file before | Show file after | Hide comments
@@ -34,7 +34,7 class News < ActiveRecord::Base
34
34
35 named_scope :visible, lambda {|*args| {
35 named_scope :visible, lambda {|*args| {
36 :include => :project,
36 :include => :project,
37 :conditions => Project.allowed_to_condition(args.first || User.current, :view_news)
37 :conditions => Project.allowed_to_condition(args.shift || User.current, :view_news, *args)
38 }}
38 }}
39
39
40 def visible?(user=User.current)
40 def visible?(user=User.current)
Show file before | Show file after | Hide comments
@@ -84,7 +84,7 class Project < ActiveRecord::Base
84 named_scope :has_module, lambda { |mod| { :conditions => ["#{Project.table_name}.id IN (SELECT em.project_id FROM #{EnabledModule.table_name} em WHERE em.name=?)", mod.to_s] } }
84 named_scope :has_module, lambda { |mod| { :conditions => ["#{Project.table_name}.id IN (SELECT em.project_id FROM #{EnabledModule.table_name} em WHERE em.name=?)", mod.to_s] } }
85 named_scope :active, { :conditions => "#{Project.table_name}.status = #{STATUS_ACTIVE}"}
85 named_scope :active, { :conditions => "#{Project.table_name}.status = #{STATUS_ACTIVE}"}
86 named_scope :all_public, { :conditions => { :is_public => true } }
86 named_scope :all_public, { :conditions => { :is_public => true } }
87 named_scope :visible, lambda { { :conditions => Project.visible_by(User.current) } }
87 named_scope :visible, lambda {|*args| {:conditions => Project.visible_condition(args.shift || User.current, *args) }}
88
88
89 def initialize(attributes = nil)
89 def initialize(attributes = nil)
90 super
90 super
@@ -115,25 +115,30 class Project < ActiveRecord::Base
115 # returns latest created projects
115 # returns latest created projects
116 # non public projects will be returned only if user is a member of those
116 # non public projects will be returned only if user is a member of those
117 def self.latest(user=nil, count=5)
117 def self.latest(user=nil, count=5)
118 find(:all, :limit => count, :conditions => visible_by(user), :order => "created_on DESC")
118 visible(user).find(:all, :limit => count, :order => "created_on DESC")
119 end
119 end
120
120
121 # Returns a SQL :conditions string used to find all active projects for the specified user.
121 def self.visible_by(user=nil)
122 ActiveSupport::Deprecation.warn "Project.visible_by is deprecated and will be removed in Redmine 1.3.0. Use Project.visible_condition instead."
123 visible_condition(user || User.current)
124 end
125
126 # Returns a SQL conditions string used to find all projects visible by the specified user.
122 #
127 #
123 # Examples:
128 # Examples:
124 # Projects.visible_by(admin) => "projects.status = 1"
129 # Project.visible_condition(admin) => "projects.status = 1"
125 # Projects.visible_by(normal_user) => "projects.status = 1 AND projects.is_public = 1"
130 # Project.visible_condition(normal_user) => "((projects.status = 1) AND (projects.is_public = 1 OR projects.id IN (1,3,4)))"
126 def self.visible_by(user=nil)
131 # Project.visible_condition(anonymous) => "((projects.status = 1) AND (projects.is_public = 1))"
127 user ||= User.current
132 def self.visible_condition(user, options={})
128 if user && user.admin?
133 allowed_to_condition(user, :view_project, options)
129 return "#{Project.table_name}.status=#{Project::STATUS_ACTIVE}"
130 elsif user && user.memberships.any?
131 return "#{Project.table_name}.status=#{Project::STATUS_ACTIVE} AND (#{Project.table_name}.is_public = #{connection.quoted_true} or #{Project.table_name}.id IN (#{user.memberships.collect{|m| m.project_id}.join(',')}))"
132 else
133 return "#{Project.table_name}.status=#{Project::STATUS_ACTIVE} AND #{Project.table_name}.is_public = #{connection.quoted_true}"
134 end
135 end
134 end
136
135
136 # Returns a SQL conditions string used to find all projects for which +user+ has the given +permission+
137 #
138 # Valid options:
139 # * :project => limit the condition to project
140 # * :with_subprojects => limit the condition to project and its subprojects
141 # * :member => limit the condition to the user projects
137 def self.allowed_to_condition(user, permission, options={})
142 def self.allowed_to_condition(user, permission, options={})
138 base_statement = "#{Project.table_name}.status=#{Project::STATUS_ACTIVE}"
143 base_statement = "#{Project.table_name}.status=#{Project::STATUS_ACTIVE}"
139 if perm = Redmine::AccessControl.permission(permission)
144 if perm = Redmine::AccessControl.permission(permission)
Show file before | Show file after | Hide comments
@@ -41,7 +41,7 class TimeEntry < ActiveRecord::Base
41
41
42 named_scope :visible, lambda {|*args| {
42 named_scope :visible, lambda {|*args| {
43 :include => :project,
43 :include => :project,
44 :conditions => Project.allowed_to_condition(args.first || User.current, :view_time_entries)
44 :conditions => Project.allowed_to_condition(args.shift || User.current, :view_time_entries, *args)
45 }}
45 }}
46
46
47 def after_initialize
47 def after_initialize
Show file before | Show file after | Hide comments
@@ -106,6 +106,22 class IssueTest < ActiveSupport::TestCase
106 assert issues.detect {|issue| !issue.project.is_public?}
106 assert issues.detect {|issue| !issue.project.is_public?}
107 end
107 end
108
108
109 def test_visible_scope_with_project
110 project = Project.find(1)
111 issues = Issue.visible(User.find(2), :project => project).all
112 projects = issues.collect(&:project).uniq
113 assert_equal 1, projects.size
114 assert_equal project, projects.first
115 end
116
117 def test_visible_scope_with_project_and_subprojects
118 project = Project.find(1)
119 issues = Issue.visible(User.find(2), :project => project, :with_subprojects => true).all
120 projects = issues.collect(&:project).uniq
121 assert projects.size > 1
122 assert_equal [], projects.select {|p| !p.is_or_is_descendant_of?(project)}
123 end
124
109 def test_errors_full_messages_should_include_custom_fields_errors
125 def test_errors_full_messages_should_include_custom_fields_errors
110 field = IssueCustomField.find_by_name('Database')
126 field = IssueCustomField.find_by_name('Database')
111
127
General Comments 0
You need to be logged in to leave comments. Login now