| @@ -1,5 +1,5 | |||||
| 1 |
# |
|
1 | # Redmine - project management software | |
| 2 | # Copyright (C) 2006 Jean-Philippe Lang |
|
2 | # Copyright (C) 2006-2011 Jean-Philippe Lang | |
| 3 | # |
|
3 | # | |
| 4 | # This program is free software; you can redistribute it and/or |
|
4 | # This program is free software; you can redistribute it and/or | |
| 5 | # modify it under the terms of the GNU General Public License |
|
5 | # modify it under the terms of the GNU General Public License | |
| @@ -135,7 +135,6 class Project < ActiveRecord::Base | |||||
| 135 | end |
|
135 | end | |
| 136 |
|
136 | |||
| 137 | def self.allowed_to_condition(user, permission, options={}) |
|
137 | def self.allowed_to_condition(user, permission, options={}) | |
| 138 | statements = [] |
|
|||
| 139 | base_statement = "#{Project.table_name}.status=#{Project::STATUS_ACTIVE}" |
|
138 | base_statement = "#{Project.table_name}.status=#{Project::STATUS_ACTIVE}" | |
| 140 | if perm = Redmine::AccessControl.permission(permission) |
|
139 | if perm = Redmine::AccessControl.permission(permission) | |
| 141 | unless perm.project_module.nil? |
|
140 | unless perm.project_module.nil? | |
| @@ -148,24 +147,31 class Project < ActiveRecord::Base | |||||
| 148 | project_statement << " OR (#{Project.table_name}.lft > #{options[:project].lft} AND #{Project.table_name}.rgt < #{options[:project].rgt})" if options[:with_subprojects] |
|
147 | project_statement << " OR (#{Project.table_name}.lft > #{options[:project].lft} AND #{Project.table_name}.rgt < #{options[:project].rgt})" if options[:with_subprojects] | |
| 149 | base_statement = "(#{project_statement}) AND (#{base_statement})" |
|
148 | base_statement = "(#{project_statement}) AND (#{base_statement})" | |
| 150 | end |
|
149 | end | |
|
|
150 | ||||
| 151 | if user.admin? |
|
151 | if user.admin? | |
| 152 | # no restriction |
|
152 | base_statement | |
| 153 | else |
|
153 | else | |
| 154 |
statement |
|
154 | statement_by_role = {} | |
| 155 | if user.logged? |
|
155 | if user.logged? | |
| 156 | if Role.non_member.allowed_to?(permission) && !options[:member] |
|
156 | if Role.non_member.allowed_to?(permission) && !options[:member] | |
| 157 |
statement |
|
157 | statement_by_role[Role.non_member] = "#{Project.table_name}.is_public = #{connection.quoted_true}" | |
|
|
158 | end | |||
|
|
159 | user.projects_by_role.each do |role, projects| | |||
|
|
160 | if role.allowed_to?(permission) | |||
|
|
161 | statement_by_role[role] = "#{Project.table_name}.id IN (#{projects.collect(&:id).join(',')})" | |||
|
|
162 | end | |||
| 158 | end |
|
163 | end | |
| 159 | allowed_project_ids = user.memberships.select {|m| m.roles.detect {|role| role.allowed_to?(permission)}}.collect {|m| m.project_id} |
|
|||
| 160 | statements << "#{Project.table_name}.id IN (#{allowed_project_ids.join(',')})" if allowed_project_ids.any? |
|
|||
| 161 | else |
|
164 | else | |
| 162 | if Role.anonymous.allowed_to?(permission) && !options[:member] |
|
165 | if Role.anonymous.allowed_to?(permission) && !options[:member] | |
| 163 | # anonymous user allowed on public project |
|
166 | statement_by_role[Role.anonymous] = "#{Project.table_name}.is_public = #{connection.quoted_true}" | |
| 164 | statements << "#{Project.table_name}.is_public = #{connection.quoted_true}" |
|
|||
| 165 | end |
|
167 | end | |
| 166 | end |
|
168 | end | |
|
|
169 | if statement_by_role.empty? | |||
|
|
170 | "1=0" | |||
|
|
171 | else | |||
|
|
172 | "((#{base_statement}) AND (#{statement_by_role.values.join(' OR ')}))" | |||
|
|
173 | end | |||
| 167 | end |
|
174 | end | |
| 168 | statements.empty? ? base_statement : "((#{base_statement}) AND (#{statements.join(' OR ')}))" |
|
|||
| 169 | end |
|
175 | end | |
| 170 |
|
176 | |||
| 171 | # Returns the Systemwide and project specific activities |
|
177 | # Returns the Systemwide and project specific activities | |
| @@ -1,5 +1,5 | |||||
| 1 | # Redmine - project management software |
|
1 | # Redmine - project management software | |
| 2 |
# Copyright (C) 2006-20 |
|
2 | # Copyright (C) 2006-2011 Jean-Philippe Lang | |
| 3 | # |
|
3 | # | |
| 4 | # This program is free software; you can redistribute it and/or |
|
4 | # This program is free software; you can redistribute it and/or | |
| 5 | # modify it under the terms of the GNU General Public License |
|
5 | # modify it under the terms of the GNU General Public License | |
| @@ -90,6 +90,7 class User < Principal | |||||
| 90 |
|
90 | |||
| 91 | def reload(*args) |
|
91 | def reload(*args) | |
| 92 | @name = nil |
|
92 | @name = nil | |
|
|
93 | @projects_by_role = nil | |||
| 93 | super |
|
94 | super | |
| 94 | end |
|
95 | end | |
| 95 |
|
96 | |||
| @@ -361,6 +362,23 class User < Principal | |||||
| 361 | !roles_for_project(project).detect {|role| role.member?}.nil? |
|
362 | !roles_for_project(project).detect {|role| role.member?}.nil? | |
| 362 | end |
|
363 | end | |
| 363 |
|
364 | |||
|
|
365 | # Returns a hash of user's projects grouped by roles | |||
|
|
366 | def projects_by_role | |||
|
|
367 | return @projects_by_role if @projects_by_role | |||
|
|
368 | ||||
|
|
369 | @projects_by_role = Hash.new {|h,k| h[k]=[]} | |||
|
|
370 | memberships.each do |membership| | |||
|
|
371 | membership.roles.each do |role| | |||
|
|
372 | @projects_by_role[role] << membership.project if membership.project | |||
|
|
373 | end | |||
|
|
374 | end | |||
|
|
375 | @projects_by_role.each do |role, projects| | |||
|
|
376 | projects.uniq! | |||
|
|
377 | end | |||
|
|
378 | ||||
|
|
379 | @projects_by_role | |||
|
|
380 | end | |||
|
|
381 | ||||
| 364 | # Return true if the user is allowed to do the specified action on a specific context |
|
382 | # Return true if the user is allowed to do the specified action on a specific context | |
| 365 | # Action can be: |
|
383 | # Action can be: | |
| 366 | # * a parameter-like Hash (eg. :controller => 'projects', :action => 'edit') |
|
384 | # * a parameter-like Hash (eg. :controller => 'projects', :action => 'edit') | |
| @@ -522,6 +522,23 class UserTest < ActiveSupport::TestCase | |||||
| 522 | assert_nil @dlopper.roles_for_project(Project.find(2)).detect {|role| role.member?} |
|
522 | assert_nil @dlopper.roles_for_project(Project.find(2)).detect {|role| role.member?} | |
| 523 | end |
|
523 | end | |
| 524 |
|
524 | |||
|
|
525 | def test_projects_by_role_for_user_with_role | |||
|
|
526 | user = User.find(2) | |||
|
|
527 | assert_kind_of Hash, user.projects_by_role | |||
|
|
528 | assert_equal 2, user.projects_by_role.size | |||
|
|
529 | assert_equal [1,5], user.projects_by_role[Role.find(1)].collect(&:id).sort | |||
|
|
530 | assert_equal [2], user.projects_by_role[Role.find(2)].collect(&:id).sort | |||
|
|
531 | end | |||
|
|
532 | ||||
|
|
533 | def test_projects_by_role_for_user_with_no_role | |||
|
|
534 | user = User.generate! | |||
|
|
535 | assert_equal({}, user.projects_by_role) | |||
|
|
536 | end | |||
|
|
537 | ||||
|
|
538 | def test_projects_by_role_for_anonymous | |||
|
|
539 | assert_equal({}, User.anonymous.projects_by_role) | |||
|
|
540 | end | |||
|
|
541 | ||||
| 525 | def test_valid_notification_options |
|
542 | def test_valid_notification_options | |
| 526 | # without memberships |
|
543 | # without memberships | |
| 527 | assert_equal 5, User.find(7).valid_notification_options.size |
|
544 | assert_equal 5, User.find(7).valid_notification_options.size | |
General Comments 0
You need to be logged in to leave comments.
Login now