jro_apps/redmine Commit - r2884:c12b96a89fca

1

# Redmine - project management software

1

# Redmine - project management software

2

3

#

3

#

4

# This program is free software; you can redistribute it and/or

4

# This program is free software; you can redistribute it and/or

5

# modify it under the terms of the GNU General Public License

5

# modify it under the terms of the GNU General Public License

6

# as published by the Free Software Foundation; either version 2

6

# as published by the Free Software Foundation; either version 2

7

# of the License, or (at your option) any later version.

7

# of the License, or (at your option) any later version.

8

#

8

#

9

# This program is distributed in the hope that it will be useful,

9

# This program is distributed in the hope that it will be useful,

10

# but WITHOUT ANY WARRANTY; without even the implied warranty of

10

# but WITHOUT ANY WARRANTY; without even the implied warranty of

11

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

11

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

12

# GNU General Public License for more details.

12

# GNU General Public License for more details.

13

#

13

#

14

# You should have received a copy of the GNU General Public License

14

# You should have received a copy of the GNU General Public License

15

# along with this program; if not, write to the Free Software

15

# along with this program; if not, write to the Free Software

16

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

16

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

17

18

class IssuesController < ApplicationController

18

class IssuesController < ApplicationController

19

menu_item :new_issue, :only => :new

19

menu_item :new_issue, :only => :new

20

21

before_filter :find_issue, :only => [:show, :edit, :reply]

21

before_filter :find_issue, :only => [:show, :edit, :reply]

22

before_filter :find_issues, :only => [:bulk_edit, :move, :destroy]

22

before_filter :find_issues, :only => [:bulk_edit, :move, :destroy]

23

before_filter :find_project, :only => [:new, :update_form, :preview]

23

before_filter :find_project, :only => [:new, :update_form, :preview]

24

before_filter :authorize, :except => [:index, :changes, :gantt, :calendar, :preview, :update_form, :context_menu]

24

before_filter :authorize, :except => [:index, :changes, :gantt, :calendar, :preview, :update_form, :context_menu]

25

before_filter :find_optional_project, :only => [:index, :changes, :gantt, :calendar]

25

before_filter :find_optional_project, :only => [:index, :changes, :gantt, :calendar]

26

accept_key_auth :index, :show, :changes

26

accept_key_auth :index, :show, :changes

27

28

helper :journals

28

helper :journals

29

helper :projects

29

helper :projects

30

include ProjectsHelper

30

include ProjectsHelper

31

helper :custom_fields

31

helper :custom_fields

32

include CustomFieldsHelper

32

include CustomFieldsHelper

33

helper :issue_relations

33

helper :issue_relations

34

include IssueRelationsHelper

34

include IssueRelationsHelper

35

helper :watchers

35

helper :watchers

36

include WatchersHelper

36

include WatchersHelper

37

helper :attachments

37

helper :attachments

38

include AttachmentsHelper

38

include AttachmentsHelper

39

helper :queries

39

helper :queries

40

helper :sort

40

helper :sort

41

include SortHelper

41

include SortHelper

42

include IssuesHelper

42

include IssuesHelper

43

helper :timelog

43

helper :timelog

44

include Redmine::Export::PDF

44

include Redmine::Export::PDF

45

46

verify :method => :post,

47

:only => :destroy,

48

:render => { :nothing => true, :status => :method_not_allowed }

49

46

def index

50

def index

47

retrieve_query

51

retrieve_query

48

sort_init 'id', 'desc'

52

sort_init 'id', 'desc'

49

sort_update({'id' => "#{Issue.table_name}.id"}.merge(@query.columns.inject({}) {|h, c| h[c.name.to_s] = c.sortable; h}))

53

sort_update({'id' => "#{Issue.table_name}.id"}.merge(@query.columns.inject({}) {|h, c| h[c.name.to_s] = c.sortable; h}))

50

54

51

if @query.valid?

55

if @query.valid?

52

limit = per_page_option

56

limit = per_page_option

53

respond_to do |format|

57

respond_to do |format|

54

format.html { }

58

format.html { }

55

format.atom { }

59

format.atom { }

56

format.csv { limit = Setting.issues_export_limit.to_i }

60

format.csv { limit = Setting.issues_export_limit.to_i }

57

format.pdf { limit = Setting.issues_export_limit.to_i }

61

format.pdf { limit = Setting.issues_export_limit.to_i }

58

end

62

end

59

@issue_count = Issue.count(:include => [:status, :project], :conditions => @query.statement)

63

@issue_count = Issue.count(:include => [:status, :project], :conditions => @query.statement)

60

@issue_pages = Paginator.new self, @issue_count, limit, params['page']

64

@issue_pages = Paginator.new self, @issue_count, limit, params['page']

61

@issues = Issue.find :all, :order => sort_clause,

65

@issues = Issue.find :all, :order => sort_clause,

62

:include => [ :assigned_to, :status, :tracker, :project, :priority, :category, :fixed_version ],

66

:include => [ :assigned_to, :status, :tracker, :project, :priority, :category, :fixed_version ],

63

:conditions => @query.statement,

67

:conditions => @query.statement,

64

:limit => limit,

68

:limit => limit,

65

:offset => @issue_pages.current.offset

69

:offset => @issue_pages.current.offset

66

respond_to do |format|

70

respond_to do |format|

67

format.html { render :template => 'issues/index.rhtml', :layout => !request.xhr? }

71

format.html { render :template => 'issues/index.rhtml', :layout => !request.xhr? }

68

format.atom { render_feed(@issues, :title => "#{@project || Setting.app_title}: #{l(:label_issue_plural)}") }

72

format.atom { render_feed(@issues, :title => "#{@project || Setting.app_title}: #{l(:label_issue_plural)}") }

69

format.csv { send_data(issues_to_csv(@issues, @project).read, :type => 'text/csv; header=present', :filename => 'export.csv') }

73

format.csv { send_data(issues_to_csv(@issues, @project).read, :type => 'text/csv; header=present', :filename => 'export.csv') }

70

format.pdf { send_data(issues_to_pdf(@issues, @project), :type => 'application/pdf', :filename => 'export.pdf') }

74

format.pdf { send_data(issues_to_pdf(@issues, @project), :type => 'application/pdf', :filename => 'export.pdf') }

71

end

75

end

72

else

76

else

73

# Send html if the query is not valid

77

# Send html if the query is not valid

74

render(:template => 'issues/index.rhtml', :layout => !request.xhr?)

78

render(:template => 'issues/index.rhtml', :layout => !request.xhr?)

75

end

79

end

76

rescue ActiveRecord::RecordNotFound

80

rescue ActiveRecord::RecordNotFound

77

render_404

81

render_404

78

end

82

end

79

83

80

def changes

84

def changes

81

retrieve_query

85

retrieve_query

82

sort_init 'id', 'desc'

86

sort_init 'id', 'desc'

83

sort_update({'id' => "#{Issue.table_name}.id"}.merge(@query.columns.inject({}) {|h, c| h[c.name.to_s] = c.sortable; h}))

87

sort_update({'id' => "#{Issue.table_name}.id"}.merge(@query.columns.inject({}) {|h, c| h[c.name.to_s] = c.sortable; h}))

84

88

85

if @query.valid?

89

if @query.valid?

86

@journals = Journal.find :all, :include => [ :details, :user, {:issue => [:project, :author, :tracker, :status]} ],

90

@journals = Journal.find :all, :include => [ :details, :user, {:issue => [:project, :author, :tracker, :status]} ],

87

:conditions => @query.statement,

91

:conditions => @query.statement,

88

:limit => 25,

92

:limit => 25,

89

:order => "#{Journal.table_name}.created_on DESC"

93

:order => "#{Journal.table_name}.created_on DESC"

90

end

94

end

91

@title = (@project ? @project.name : Setting.app_title) + ": " + (@query.new_record? ? l(:label_changes_details) : @query.name)

95

@title = (@project ? @project.name : Setting.app_title) + ": " + (@query.new_record? ? l(:label_changes_details) : @query.name)

92

render :layout => false, :content_type => 'application/atom+xml'

96

render :layout => false, :content_type => 'application/atom+xml'

93

rescue ActiveRecord::RecordNotFound

97

rescue ActiveRecord::RecordNotFound

94

render_404

98

render_404

95

end

99

end

96

100

97

def show

101

def show

98

@journals = @issue.journals.find(:all, :include => [:user, :details], :order => "#{Journal.table_name}.created_on ASC")

102

@journals = @issue.journals.find(:all, :include => [:user, :details], :order => "#{Journal.table_name}.created_on ASC")

99

@journals.each_with_index {|j,i| j.indice = i+1}

103

@journals.each_with_index {|j,i| j.indice = i+1}

100

@journals.reverse! if User.current.wants_comments_in_reverse_order?

104

@journals.reverse! if User.current.wants_comments_in_reverse_order?

101

@allowed_statuses = @issue.new_statuses_allowed_to(User.current)

105

@allowed_statuses = @issue.new_statuses_allowed_to(User.current)

102

@edit_allowed = User.current.allowed_to?(:edit_issues, @project)

106

@edit_allowed = User.current.allowed_to?(:edit_issues, @project)

103

@priorities = Enumeration::get_values('IPRI')

107

@priorities = Enumeration::get_values('IPRI')

104

@time_entry = TimeEntry.new

108

@time_entry = TimeEntry.new

105

respond_to do |format|

109

respond_to do |format|

106

format.html { render :template => 'issues/show.rhtml' }

110

format.html { render :template => 'issues/show.rhtml' }

107

format.atom { render :action => 'changes', :layout => false, :content_type => 'application/atom+xml' }

111

format.atom { render :action => 'changes', :layout => false, :content_type => 'application/atom+xml' }

108

format.pdf { send_data(issue_to_pdf(@issue), :type => 'application/pdf', :filename => "#{@project.identifier}-#{@issue.id}.pdf") }

112

format.pdf { send_data(issue_to_pdf(@issue), :type => 'application/pdf', :filename => "#{@project.identifier}-#{@issue.id}.pdf") }

109

end

113

end

110

end

114

end

111

115

112

# Add a new issue

116

# Add a new issue

113

# The new issue will be created from an existing one if copy_from parameter is given

117

# The new issue will be created from an existing one if copy_from parameter is given

114

def new

118

def new

115

@issue = Issue.new

119

@issue = Issue.new

116

@issue.copy_from(params[:copy_from]) if params[:copy_from]

120

@issue.copy_from(params[:copy_from]) if params[:copy_from]

117

@issue.project = @project

121

@issue.project = @project

118

# Tracker must be set before custom field values

122

# Tracker must be set before custom field values

119

@issue.tracker ||= @project.trackers.find((params[:issue] && params[:issue][:tracker_id]) || params[:tracker_id] || :first)

123

@issue.tracker ||= @project.trackers.find((params[:issue] && params[:issue][:tracker_id]) || params[:tracker_id] || :first)

120

if @issue.tracker.nil?

124

if @issue.tracker.nil?

121

flash.now[:error] = 'No tracker is associated to this project. Please check the Project settings.'

125

flash.now[:error] = 'No tracker is associated to this project. Please check the Project settings.'

122

render :nothing => true, :layout => true

126

render :nothing => true, :layout => true

123

return

127

return

124

end

128

end

125

if params[:issue].is_a?(Hash)

129

if params[:issue].is_a?(Hash)

126

@issue.attributes = params[:issue]

130

@issue.attributes = params[:issue]

127

@issue.watcher_user_ids = params[:issue]['watcher_user_ids'] if User.current.allowed_to?(:add_issue_watchers, @project)

131

@issue.watcher_user_ids = params[:issue]['watcher_user_ids'] if User.current.allowed_to?(:add_issue_watchers, @project)

128

end

132

end

129

@issue.author = User.current

133

@issue.author = User.current

130

134

131

default_status = IssueStatus.default

135

default_status = IssueStatus.default

132

unless default_status

136

unless default_status

133

flash.now[:error] = 'No default issue status is defined. Please check your configuration (Go to "Administration -> Issue statuses").'

137

flash.now[:error] = 'No default issue status is defined. Please check your configuration (Go to "Administration -> Issue statuses").'

134

render :nothing => true, :layout => true

138

render :nothing => true, :layout => true

135

return

139

return

136

end

140

end

137

@issue.status = default_status

141

@issue.status = default_status

138

@allowed_statuses = ([default_status] + default_status.find_new_statuses_allowed_to(User.current.role_for_project(@project), @issue.tracker)).uniq

142

@allowed_statuses = ([default_status] + default_status.find_new_statuses_allowed_to(User.current.role_for_project(@project), @issue.tracker)).uniq

139

143

140

if request.get? || request.xhr?

144

if request.get? || request.xhr?

141

@issue.start_date ||= Date.today

145

@issue.start_date ||= Date.today

142

else

146

else

143

requested_status = IssueStatus.find_by_id(params[:issue][:status_id])

147

requested_status = IssueStatus.find_by_id(params[:issue][:status_id])

144

# Check that the user is allowed to apply the requested status

148

# Check that the user is allowed to apply the requested status

145

@issue.status = (@allowed_statuses.include? requested_status) ? requested_status : default_status

149

@issue.status = (@allowed_statuses.include? requested_status) ? requested_status : default_status

146

if @issue.save

150

if @issue.save

147

attach_files(@issue, params[:attachments])

151

attach_files(@issue, params[:attachments])

148

flash[:notice] = l(:notice_successful_create)

152

flash[:notice] = l(:notice_successful_create)

149

Mailer.deliver_issue_add(@issue) if Setting.notified_events.include?('issue_added')

153

Mailer.deliver_issue_add(@issue) if Setting.notified_events.include?('issue_added')

150

call_hook(:controller_issues_new_after_save, { :params => params, :issue => @issue})

154

call_hook(:controller_issues_new_after_save, { :params => params, :issue => @issue})

151

redirect_to(params[:continue] ? { :action => 'new', :tracker_id => @issue.tracker } :

155

redirect_to(params[:continue] ? { :action => 'new', :tracker_id => @issue.tracker } :

152

{ :action => 'show', :id => @issue })

156

{ :action => 'show', :id => @issue })

153

return

157

return

154

end

158

end

155

end

159

end

156

@priorities = Enumeration::get_values('IPRI')

160

@priorities = Enumeration::get_values('IPRI')

157

render :layout => !request.xhr?

161

render :layout => !request.xhr?

158

end

162

end

159

163

160

# Attributes that can be updated on workflow transition (without :edit permission)

164

# Attributes that can be updated on workflow transition (without :edit permission)

161

# TODO: make it configurable (at least per role)

165

# TODO: make it configurable (at least per role)

162

UPDATABLE_ATTRS_ON_TRANSITION = %w(status_id assigned_to_id fixed_version_id done_ratio) unless const_defined?(:UPDATABLE_ATTRS_ON_TRANSITION)

166

UPDATABLE_ATTRS_ON_TRANSITION = %w(status_id assigned_to_id fixed_version_id done_ratio) unless const_defined?(:UPDATABLE_ATTRS_ON_TRANSITION)

163

167

164

def edit

168

def edit

165

@allowed_statuses = @issue.new_statuses_allowed_to(User.current)

169

@allowed_statuses = @issue.new_statuses_allowed_to(User.current)

166

@priorities = Enumeration::get_values('IPRI')

170

@priorities = Enumeration::get_values('IPRI')

167

@edit_allowed = User.current.allowed_to?(:edit_issues, @project)

171

@edit_allowed = User.current.allowed_to?(:edit_issues, @project)

168

@time_entry = TimeEntry.new

172

@time_entry = TimeEntry.new

169

173

170

@notes = params[:notes]

174

@notes = params[:notes]

171

journal = @issue.init_journal(User.current, @notes)

175

journal = @issue.init_journal(User.current, @notes)

172

# User can change issue attributes only if he has :edit permission or if a workflow transition is allowed

176

# User can change issue attributes only if he has :edit permission or if a workflow transition is allowed

173

if (@edit_allowed || !@allowed_statuses.empty?) && params[:issue]

177

if (@edit_allowed || !@allowed_statuses.empty?) && params[:issue]

174

attrs = params[:issue].dup

178

attrs = params[:issue].dup

175

attrs.delete_if {|k,v| !UPDATABLE_ATTRS_ON_TRANSITION.include?(k) } unless @edit_allowed

179

attrs.delete_if {|k,v| !UPDATABLE_ATTRS_ON_TRANSITION.include?(k) } unless @edit_allowed

176

attrs.delete(:status_id) unless @allowed_statuses.detect {|s| s.id.to_s == attrs[:status_id].to_s}

180

attrs.delete(:status_id) unless @allowed_statuses.detect {|s| s.id.to_s == attrs[:status_id].to_s}

177

@issue.attributes = attrs

181

@issue.attributes = attrs

178

end

182

end

179

183

180

if request.post?

184

if request.post?

181

@time_entry = TimeEntry.new(:project => @project, :issue => @issue, :user => User.current, :spent_on => Date.today)

185

@time_entry = TimeEntry.new(:project => @project, :issue => @issue, :user => User.current, :spent_on => Date.today)

182

@time_entry.attributes = params[:time_entry]

186

@time_entry.attributes = params[:time_entry]

183

attachments = attach_files(@issue, params[:attachments])

187

attachments = attach_files(@issue, params[:attachments])

184

attachments.each {|a| journal.details << JournalDetail.new(:property => 'attachment', :prop_key => a.id, :value => a.filename)}

188

attachments.each {|a| journal.details << JournalDetail.new(:property => 'attachment', :prop_key => a.id, :value => a.filename)}

185

189

186

call_hook(:controller_issues_edit_before_save, { :params => params, :issue => @issue, :time_entry => @time_entry, :journal => journal})

190

call_hook(:controller_issues_edit_before_save, { :params => params, :issue => @issue, :time_entry => @time_entry, :journal => journal})

187

191

188

if (@time_entry.hours.nil? || @time_entry.valid?) && @issue.save

192

if (@time_entry.hours.nil? || @time_entry.valid?) && @issue.save

189

# Log spend time

193

# Log spend time

190

if User.current.allowed_to?(:log_time, @project)

194

if User.current.allowed_to?(:log_time, @project)

191

@time_entry.save

195

@time_entry.save

192

end

196

end

193

if !journal.new_record?

197

if !journal.new_record?

194

# Only send notification if something was actually changed

198

# Only send notification if something was actually changed

195

flash[:notice] = l(:notice_successful_update)

199

flash[:notice] = l(:notice_successful_update)

196

Mailer.deliver_issue_edit(journal) if Setting.notified_events.include?('issue_updated')

200

Mailer.deliver_issue_edit(journal) if Setting.notified_events.include?('issue_updated')

197

end

201

end

198

call_hook(:controller_issues_edit_after_save, { :params => params, :issue => @issue, :time_entry => @time_entry, :journal => journal})

202

call_hook(:controller_issues_edit_after_save, { :params => params, :issue => @issue, :time_entry => @time_entry, :journal => journal})

199

redirect_to(params[:back_to] || {:action => 'show', :id => @issue})

203

redirect_to(params[:back_to] || {:action => 'show', :id => @issue})

200

end

204

end

201

end

205

end

202

rescue ActiveRecord::StaleObjectError

206

rescue ActiveRecord::StaleObjectError

203

# Optimistic locking exception

207

# Optimistic locking exception

204

flash.now[:error] = l(:notice_locking_conflict)

208

flash.now[:error] = l(:notice_locking_conflict)

205

end

209

end

206

210

207

def reply

211

def reply

208

journal = Journal.find(params[:journal_id]) if params[:journal_id]

212

journal = Journal.find(params[:journal_id]) if params[:journal_id]

209

if journal

213

if journal

210

user = journal.user

214

user = journal.user

211

text = journal.notes

215

text = journal.notes

212

else

216

else

213

user = @issue.author

217

user = @issue.author

214

text = @issue.description

218

text = @issue.description

215

end

219

end

216

content = "#{ll(Setting.default_language, :text_user_wrote, user)}\\n> "

220

content = "#{ll(Setting.default_language, :text_user_wrote, user)}\\n> "

217

content << text.to_s.strip.gsub(%r{<pre>((.|\s)*?)</pre>}m, '[...]').gsub('"', '\"').gsub(/(\r?\n|\r\n?)/, "\\n> ") + "\\n\\n"

221

content << text.to_s.strip.gsub(%r{<pre>((.|\s)*?)</pre>}m, '[...]').gsub('"', '\"').gsub(/(\r?\n|\r\n?)/, "\\n> ") + "\\n\\n"

218

render(:update) { |page|

222

render(:update) { |page|

219

page.<< "$('notes').value = \"#{content}\";"

223

page.<< "$('notes').value = \"#{content}\";"

220

page.show 'update'

224

page.show 'update'

221

page << "Form.Element.focus('notes');"

225

page << "Form.Element.focus('notes');"

222

page << "Element.scrollTo('update');"

226

page << "Element.scrollTo('update');"

223

page << "$('notes').scrollTop = $('notes').scrollHeight - $('notes').clientHeight;"

227

page << "$('notes').scrollTop = $('notes').scrollHeight - $('notes').clientHeight;"

224

}

228

}

225

end

229

end

226

230

227

# Bulk edit a set of issues

231

# Bulk edit a set of issues

228

def bulk_edit

232

def bulk_edit

229

if request.post?

233

if request.post?

230

status = params[:status_id].blank? ? nil : IssueStatus.find_by_id(params[:status_id])

234

status = params[:status_id].blank? ? nil : IssueStatus.find_by_id(params[:status_id])

231

priority = params[:priority_id].blank? ? nil : Enumeration.find_by_id(params[:priority_id])

235

priority = params[:priority_id].blank? ? nil : Enumeration.find_by_id(params[:priority_id])

232

assigned_to = (params[:assigned_to_id].blank? || params[:assigned_to_id] == 'none') ? nil : User.find_by_id(params[:assigned_to_id])

236

assigned_to = (params[:assigned_to_id].blank? || params[:assigned_to_id] == 'none') ? nil : User.find_by_id(params[:assigned_to_id])

233

category = (params[:category_id].blank? || params[:category_id] == 'none') ? nil : @project.issue_categories.find_by_id(params[:category_id])

237

category = (params[:category_id].blank? || params[:category_id] == 'none') ? nil : @project.issue_categories.find_by_id(params[:category_id])

234

fixed_version = (params[:fixed_version_id].blank? || params[:fixed_version_id] == 'none') ? nil : @project.versions.find_by_id(params[:fixed_version_id])

238

fixed_version = (params[:fixed_version_id].blank? || params[:fixed_version_id] == 'none') ? nil : @project.versions.find_by_id(params[:fixed_version_id])

235

239

236

unsaved_issue_ids = []

240

unsaved_issue_ids = []

237

@issues.each do |issue|

241

@issues.each do |issue|

238

journal = issue.init_journal(User.current, params[:notes])

242

journal = issue.init_journal(User.current, params[:notes])

239

issue.priority = priority if priority

243

issue.priority = priority if priority

240

issue.assigned_to = assigned_to if assigned_to || params[:assigned_to_id] == 'none'

244

issue.assigned_to = assigned_to if assigned_to || params[:assigned_to_id] == 'none'

241

issue.category = category if category || params[:category_id] == 'none'

245

issue.category = category if category || params[:category_id] == 'none'

242

issue.fixed_version = fixed_version if fixed_version || params[:fixed_version_id] == 'none'

246

issue.fixed_version = fixed_version if fixed_version || params[:fixed_version_id] == 'none'

243

issue.start_date = params[:start_date] unless params[:start_date].blank?

247

issue.start_date = params[:start_date] unless params[:start_date].blank?

244

issue.due_date = params[:due_date] unless params[:due_date].blank?

248

issue.due_date = params[:due_date] unless params[:due_date].blank?

245

issue.done_ratio = params[:done_ratio] unless params[:done_ratio].blank?

249

issue.done_ratio = params[:done_ratio] unless params[:done_ratio].blank?

246

call_hook(:controller_issues_bulk_edit_before_save, { :params => params, :issue => issue })

250

call_hook(:controller_issues_bulk_edit_before_save, { :params => params, :issue => issue })

247

# Don't save any change to the issue if the user is not authorized to apply the requested status

251

# Don't save any change to the issue if the user is not authorized to apply the requested status

248

if (status.nil? || (issue.status.new_status_allowed_to?(status, current_role, issue.tracker) && issue.status = status)) && issue.save

252

if (status.nil? || (issue.status.new_status_allowed_to?(status, current_role, issue.tracker) && issue.status = status)) && issue.save

249

# Send notification for each issue (if changed)

253

# Send notification for each issue (if changed)

250

Mailer.deliver_issue_edit(journal) if journal.details.any? && Setting.notified_events.include?('issue_updated')

254

Mailer.deliver_issue_edit(journal) if journal.details.any? && Setting.notified_events.include?('issue_updated')

251

else

255

else

252

# Keep unsaved issue ids to display them in flash error

256

# Keep unsaved issue ids to display them in flash error

253

unsaved_issue_ids << issue.id

257

unsaved_issue_ids << issue.id

254

end

258

end

255

end

259

end

256

if unsaved_issue_ids.empty?

260

if unsaved_issue_ids.empty?

257

flash[:notice] = l(:notice_successful_update) unless @issues.empty?

261

flash[:notice] = l(:notice_successful_update) unless @issues.empty?

258

else

262

else

259

flash[:error] = l(:notice_failed_to_save_issues, unsaved_issue_ids.size, @issues.size, '#' + unsaved_issue_ids.join(', #'))

263

flash[:error] = l(:notice_failed_to_save_issues, unsaved_issue_ids.size, @issues.size, '#' + unsaved_issue_ids.join(', #'))

260

end

264

end

261

redirect_to(params[:back_to] || {:controller => 'issues', :action => 'index', :project_id => @project})

265

redirect_to(params[:back_to] || {:controller => 'issues', :action => 'index', :project_id => @project})

262

return

266

return

263

end

267

end

264

# Find potential statuses the user could be allowed to switch issues to

268

# Find potential statuses the user could be allowed to switch issues to

265

@available_statuses = Workflow.find(:all, :include => :new_status,

269

@available_statuses = Workflow.find(:all, :include => :new_status,

266

:conditions => {:role_id => current_role.id}).collect(&:new_status).compact.uniq.sort

270

:conditions => {:role_id => current_role.id}).collect(&:new_status).compact.uniq.sort

267

end

271

end

268

272

269

def move

273

def move

270

@allowed_projects = []

274

@allowed_projects = []

271

# find projects to which the user is allowed to move the issue

275

# find projects to which the user is allowed to move the issue

272

if User.current.admin?

276

if User.current.admin?

273

# admin is allowed to move issues to any active (visible) project

277

# admin is allowed to move issues to any active (visible) project

274

@allowed_projects = Project.find(:all, :conditions => Project.visible_by(User.current), :order => 'name')

278

@allowed_projects = Project.find(:all, :conditions => Project.visible_by(User.current), :order => 'name')

275

else

279

else

276

User.current.memberships.each {|m| @allowed_projects << m.project if m.role.allowed_to?(:move_issues)}

280

User.current.memberships.each {|m| @allowed_projects << m.project if m.role.allowed_to?(:move_issues)}

277

end

281

end

278

@target_project = @allowed_projects.detect {|p| p.id.to_s == params[:new_project_id]} if params[:new_project_id]

282

@target_project = @allowed_projects.detect {|p| p.id.to_s == params[:new_project_id]} if params[:new_project_id]

279

@target_project ||= @project

283

@target_project ||= @project

280

@trackers = @target_project.trackers

284

@trackers = @target_project.trackers

281

if request.post?

285

if request.post?

282

new_tracker = params[:new_tracker_id].blank? ? nil : @target_project.trackers.find_by_id(params[:new_tracker_id])

286

new_tracker = params[:new_tracker_id].blank? ? nil : @target_project.trackers.find_by_id(params[:new_tracker_id])

283

unsaved_issue_ids = []

287

unsaved_issue_ids = []

284

@issues.each do |issue|

288

@issues.each do |issue|

285

issue.init_journal(User.current)

289

issue.init_journal(User.current)

286

unsaved_issue_ids << issue.id unless issue.move_to(@target_project, new_tracker)

290

unsaved_issue_ids << issue.id unless issue.move_to(@target_project, new_tracker)

287

end

291

end

288

if unsaved_issue_ids.empty?

292

if unsaved_issue_ids.empty?

289

flash[:notice] = l(:notice_successful_update) unless @issues.empty?

293

flash[:notice] = l(:notice_successful_update) unless @issues.empty?

290

else

294

else

291

flash[:error] = l(:notice_failed_to_save_issues, unsaved_issue_ids.size, @issues.size, '#' + unsaved_issue_ids.join(', #'))

295

flash[:error] = l(:notice_failed_to_save_issues, unsaved_issue_ids.size, @issues.size, '#' + unsaved_issue_ids.join(', #'))

292

end

296

end

293

redirect_to :controller => 'issues', :action => 'index', :project_id => @project

297

redirect_to :controller => 'issues', :action => 'index', :project_id => @project

294

return

298

return

295

end

299

end

296

render :layout => false if request.xhr?

300

render :layout => false if request.xhr?

297

end

301

end

298

302

299

def destroy

303

def destroy

300

@hours = TimeEntry.sum(:hours, :conditions => ['issue_id IN (?)', @issues]).to_f

304

@hours = TimeEntry.sum(:hours, :conditions => ['issue_id IN (?)', @issues]).to_f

301

if @hours > 0

305

if @hours > 0

302

case params[:todo]

306

case params[:todo]

303

when 'destroy'

307

when 'destroy'

304

# nothing to do

308

# nothing to do

305

when 'nullify'

309

when 'nullify'

306

TimeEntry.update_all('issue_id = NULL', ['issue_id IN (?)', @issues])

310

TimeEntry.update_all('issue_id = NULL', ['issue_id IN (?)', @issues])

307

when 'reassign'

311

when 'reassign'

308

reassign_to = @project.issues.find_by_id(params[:reassign_to_id])

312

reassign_to = @project.issues.find_by_id(params[:reassign_to_id])

309

if reassign_to.nil?

313

if reassign_to.nil?

310

flash.now[:error] = l(:error_issue_not_found_in_project)

314

flash.now[:error] = l(:error_issue_not_found_in_project)

311

return

315

return

312

else

316

else

313

TimeEntry.update_all("issue_id = #{reassign_to.id}", ['issue_id IN (?)', @issues])

317

TimeEntry.update_all("issue_id = #{reassign_to.id}", ['issue_id IN (?)', @issues])

314

end

318

end

315

else

319

else

316

# display the destroy form

320

# display the destroy form

317

return

321

return

318

end

322

end

319

end

323

end

320

@issues.each(&:destroy)

324

@issues.each(&:destroy)

321

redirect_to :action => 'index', :project_id => @project

325

redirect_to :action => 'index', :project_id => @project

322

end

326

end

323

327

324

def gantt

328

def gantt

325

@gantt = Redmine::Helpers::Gantt.new(params)

329

@gantt = Redmine::Helpers::Gantt.new(params)

326

retrieve_query

330

retrieve_query

327

if @query.valid?

331

if @query.valid?

328

events = []

332

events = []

329

# Issues that have start and due dates

333

# Issues that have start and due dates

330

events += Issue.find(:all,

334

events += Issue.find(:all,

331

:order => "start_date, due_date",

335

:order => "start_date, due_date",

332

:include => [:tracker, :status, :assigned_to, :priority, :project],

336

:include => [:tracker, :status, :assigned_to, :priority, :project],

333

:conditions => ["(#{@query.statement}) AND (((start_date>=? and start_date<=?) or (due_date>=? and due_date<=?) or (start_date<? and due_date>?)) and start_date is not null and due_date is not null)", @gantt.date_from, @gantt.date_to, @gantt.date_from, @gantt.date_to, @gantt.date_from, @gantt.date_to]

337

:conditions => ["(#{@query.statement}) AND (((start_date>=? and start_date<=?) or (due_date>=? and due_date<=?) or (start_date<? and due_date>?)) and start_date is not null and due_date is not null)", @gantt.date_from, @gantt.date_to, @gantt.date_from, @gantt.date_to, @gantt.date_from, @gantt.date_to]

334

)

338

)

335

# Issues that don't have a due date but that are assigned to a version with a date

339

# Issues that don't have a due date but that are assigned to a version with a date

336

events += Issue.find(:all,

340

events += Issue.find(:all,

337

:order => "start_date, effective_date",

341

:order => "start_date, effective_date",

338

:include => [:tracker, :status, :assigned_to, :priority, :project, :fixed_version],

342

:include => [:tracker, :status, :assigned_to, :priority, :project, :fixed_version],

339

:conditions => ["(#{@query.statement}) AND (((start_date>=? and start_date<=?) or (effective_date>=? and effective_date<=?) or (start_date<? and effective_date>?)) and start_date is not null and due_date is null and effective_date is not null)", @gantt.date_from, @gantt.date_to, @gantt.date_from, @gantt.date_to, @gantt.date_from, @gantt.date_to]

343

:conditions => ["(#{@query.statement}) AND (((start_date>=? and start_date<=?) or (effective_date>=? and effective_date<=?) or (start_date<? and effective_date>?)) and start_date is not null and due_date is null and effective_date is not null)", @gantt.date_from, @gantt.date_to, @gantt.date_from, @gantt.date_to, @gantt.date_from, @gantt.date_to]

340

)

344

)

341

# Versions

345

# Versions

342

events += Version.find(:all, :include => :project,

346

events += Version.find(:all, :include => :project,

343

:conditions => ["(#{@query.project_statement}) AND effective_date BETWEEN ? AND ?", @gantt.date_from, @gantt.date_to])

347

:conditions => ["(#{@query.project_statement}) AND effective_date BETWEEN ? AND ?", @gantt.date_from, @gantt.date_to])

344

348

345

@gantt.events = events

349

@gantt.events = events

346

end

350

end

347

351

348

basename = (@project ? "#{@project.identifier}-" : '') + 'gantt'

352

basename = (@project ? "#{@project.identifier}-" : '') + 'gantt'

349

353

350

respond_to do |format|

354

respond_to do |format|

351

format.html { render :template => "issues/gantt.rhtml", :layout => !request.xhr? }

355

format.html { render :template => "issues/gantt.rhtml", :layout => !request.xhr? }

352

format.png { send_data(@gantt.to_image, :disposition => 'inline', :type => 'image/png', :filename => "#{basename}.png") } if @gantt.respond_to?('to_image')

356

format.png { send_data(@gantt.to_image, :disposition => 'inline', :type => 'image/png', :filename => "#{basename}.png") } if @gantt.respond_to?('to_image')

353

format.pdf { send_data(gantt_to_pdf(@gantt, @project), :type => 'application/pdf', :filename => "#{basename}.pdf") }

357

format.pdf { send_data(gantt_to_pdf(@gantt, @project), :type => 'application/pdf', :filename => "#{basename}.pdf") }

354

end

358

end

355

end

359

end

356

360

357

def calendar

361

def calendar

358

if params[:year] and params[:year].to_i > 1900

362

if params[:year] and params[:year].to_i > 1900

359

@year = params[:year].to_i

363

@year = params[:year].to_i

360

if params[:month] and params[:month].to_i > 0 and params[:month].to_i < 13

364

if params[:month] and params[:month].to_i > 0 and params[:month].to_i < 13

361

@month = params[:month].to_i

365

@month = params[:month].to_i

362

end

366

end

363

end

367

end

364

@year ||= Date.today.year

368

@year ||= Date.today.year

365

@month ||= Date.today.month

369

@month ||= Date.today.month

366

370

367

@calendar = Redmine::Helpers::Calendar.new(Date.civil(@year, @month, 1), current_language, :month)

371

@calendar = Redmine::Helpers::Calendar.new(Date.civil(@year, @month, 1), current_language, :month)

368

retrieve_query

372

retrieve_query

369

if @query.valid?

373

if @query.valid?

370

events = []

374

events = []

371

events += Issue.find(:all,

375

events += Issue.find(:all,

372

:include => [:tracker, :status, :assigned_to, :priority, :project],

376

:include => [:tracker, :status, :assigned_to, :priority, :project],

373

:conditions => ["(#{@query.statement}) AND ((start_date BETWEEN ? AND ?) OR (due_date BETWEEN ? AND ?))", @calendar.startdt, @calendar.enddt, @calendar.startdt, @calendar.enddt]

377

:conditions => ["(#{@query.statement}) AND ((start_date BETWEEN ? AND ?) OR (due_date BETWEEN ? AND ?))", @calendar.startdt, @calendar.enddt, @calendar.startdt, @calendar.enddt]

374

)

378

)

375

events += Version.find(:all, :include => :project,

379

events += Version.find(:all, :include => :project,

376

:conditions => ["(#{@query.project_statement}) AND effective_date BETWEEN ? AND ?", @calendar.startdt, @calendar.enddt])

380

:conditions => ["(#{@query.project_statement}) AND effective_date BETWEEN ? AND ?", @calendar.startdt, @calendar.enddt])

377

381

378

@calendar.events = events

382

@calendar.events = events

379

end

383

end

380

384

381

render :layout => false if request.xhr?

385

render :layout => false if request.xhr?

382

end

386

end

383

387

384

def context_menu

388

def context_menu

385

@issues = Issue.find_all_by_id(params[:ids], :include => :project)

389

@issues = Issue.find_all_by_id(params[:ids], :include => :project)

386

if (@issues.size == 1)

390

if (@issues.size == 1)

387

@issue = @issues.first

391

@issue = @issues.first

388

@allowed_statuses = @issue.new_statuses_allowed_to(User.current)

392

@allowed_statuses = @issue.new_statuses_allowed_to(User.current)

389

end

393

end

390

projects = @issues.collect(&:project).compact.uniq

394

projects = @issues.collect(&:project).compact.uniq

391

@project = projects.first if projects.size == 1

395

@project = projects.first if projects.size == 1

392

396

393

@can = {:edit => (@project && User.current.allowed_to?(:edit_issues, @project)),

397

@can = {:edit => (@project && User.current.allowed_to?(:edit_issues, @project)),

394

:log_time => (@project && User.current.allowed_to?(:log_time, @project)),

398

:log_time => (@project && User.current.allowed_to?(:log_time, @project)),

395

:update => (@project && (User.current.allowed_to?(:edit_issues, @project) || (User.current.allowed_to?(:change_status, @project) && @allowed_statuses && !@allowed_statuses.empty?))),

399

:update => (@project && (User.current.allowed_to?(:edit_issues, @project) || (User.current.allowed_to?(:change_status, @project) && @allowed_statuses && !@allowed_statuses.empty?))),

396

:move => (@project && User.current.allowed_to?(:move_issues, @project)),

400

:move => (@project && User.current.allowed_to?(:move_issues, @project)),

397

:copy => (@issue && @project.trackers.include?(@issue.tracker) && User.current.allowed_to?(:add_issues, @project)),

401

:copy => (@issue && @project.trackers.include?(@issue.tracker) && User.current.allowed_to?(:add_issues, @project)),

398

:delete => (@project && User.current.allowed_to?(:delete_issues, @project))

402

:delete => (@project && User.current.allowed_to?(:delete_issues, @project))

399

}

403

}

400

if @project

404

if @project

401

@assignables = @project.assignable_users

405

@assignables = @project.assignable_users

402

@assignables << @issue.assigned_to if @issue && @issue.assigned_to && !@assignables.include?(@issue.assigned_to)

406

@assignables << @issue.assigned_to if @issue && @issue.assigned_to && !@assignables.include?(@issue.assigned_to)

403

end

407

end

404

408

405

@priorities = Enumeration.get_values('IPRI').reverse

409

@priorities = Enumeration.get_values('IPRI').reverse

406

@statuses = IssueStatus.find(:all, :order => 'position')

410

@statuses = IssueStatus.find(:all, :order => 'position')

407

@back = request.env['HTTP_REFERER']

411

@back = request.env['HTTP_REFERER']

408

412

409

render :layout => false

413

render :layout => false

410

end

414

end

411

415

412

def update_form

416

def update_form

413

@issue = Issue.new(params[:issue])

417

@issue = Issue.new(params[:issue])

414

render :action => :new, :layout => false

418

render :action => :new, :layout => false

415

end

419

end

416

420

417

def preview

421

def preview

418

@issue = @project.issues.find_by_id(params[:id]) unless params[:id].blank?

422

@issue = @project.issues.find_by_id(params[:id]) unless params[:id].blank?

419

@attachements = @issue.attachments if @issue

423

@attachements = @issue.attachments if @issue

420

@text = params[:notes] || (params[:issue] ? params[:issue][:description] : nil)

424

@text = params[:notes] || (params[:issue] ? params[:issue][:description] : nil)

421

render :partial => 'common/preview'

425

render :partial => 'common/preview'

422

end

426

end

423

427

424

private

428

private

425

def find_issue

429

def find_issue

426

@issue = Issue.find(params[:id], :include => [:project, :tracker, :status, :author, :priority, :category])

430

@issue = Issue.find(params[:id], :include => [:project, :tracker, :status, :author, :priority, :category])

427

@project = @issue.project

431

@project = @issue.project

428

rescue ActiveRecord::RecordNotFound

432

rescue ActiveRecord::RecordNotFound

429

render_404

433

render_404

430

end

434

end

431

435

432

# Filter for bulk operations

436

# Filter for bulk operations

433

def find_issues

437

def find_issues

434

@issues = Issue.find_all_by_id(params[:id] || params[:ids])

438

@issues = Issue.find_all_by_id(params[:id] || params[:ids])

435

raise ActiveRecord::RecordNotFound if @issues.empty?

439

raise ActiveRecord::RecordNotFound if @issues.empty?

436

projects = @issues.collect(&:project).compact.uniq

440

projects = @issues.collect(&:project).compact.uniq

437

if projects.size == 1

441

if projects.size == 1

438

@project = projects.first

442

@project = projects.first

439

else

443

else

440

# TODO: let users bulk edit/move/destroy issues from different projects

444

# TODO: let users bulk edit/move/destroy issues from different projects

441

render_error 'Can not bulk edit/move/destroy issues from different projects' and return false

445

render_error 'Can not bulk edit/move/destroy issues from different projects' and return false

442

end

446

end

443

rescue ActiveRecord::RecordNotFound

447

rescue ActiveRecord::RecordNotFound

444

render_404

448

render_404

445

end

449

end

446

450

447

def find_project

451

def find_project

448

@project = Project.find(params[:project_id])

452

@project = Project.find(params[:project_id])

449

rescue ActiveRecord::RecordNotFound

453

rescue ActiveRecord::RecordNotFound

450

render_404

454

render_404

451

end

455

end

452

456

453

def find_optional_project

457

def find_optional_project

454

@project = Project.find(params[:project_id]) unless params[:project_id].blank?

458

@project = Project.find(params[:project_id]) unless params[:project_id].blank?

455

allowed = User.current.allowed_to?({:controller => params[:controller], :action => params[:action]}, @project, :global => true)

459

allowed = User.current.allowed_to?({:controller => params[:controller], :action => params[:action]}, @project, :global => true)

456

allowed ? true : deny_access

460

allowed ? true : deny_access

457

rescue ActiveRecord::RecordNotFound

461

rescue ActiveRecord::RecordNotFound

458

render_404

462

render_404

459

end

463

end

460

464

461

# Retrieve query from session or build a new query

465

# Retrieve query from session or build a new query

462

def retrieve_query

466

def retrieve_query

463

if !params[:query_id].blank?

467

if !params[:query_id].blank?

464

cond = "project_id IS NULL"

468

cond = "project_id IS NULL"

465

cond << " OR project_id = #{@project.id}" if @project

469

cond << " OR project_id = #{@project.id}" if @project

466

@query = Query.find(params[:query_id], :conditions => cond)

470

@query = Query.find(params[:query_id], :conditions => cond)

467

@query.project = @project

471

@query.project = @project

468

session[:query] = {:id => @query.id, :project_id => @query.project_id}

472

session[:query] = {:id => @query.id, :project_id => @query.project_id}

469

else

473

else

470

if params[:set_filter] || session[:query].nil? || session[:query][:project_id] != (@project ? @project.id : nil)

474

if params[:set_filter] || session[:query].nil? || session[:query][:project_id] != (@project ? @project.id : nil)

471

# Give it a name, required to be valid

475

# Give it a name, required to be valid

472

@query = Query.new(:name => "_")

476

@query = Query.new(:name => "_")

473

@query.project = @project

477

@query.project = @project

474

if params[:fields] and params[:fields].is_a? Array

478

if params[:fields] and params[:fields].is_a? Array

475

params[:fields].each do |field|

479

params[:fields].each do |field|

476

@query.add_filter(field, params[:operators][field], params[:values][field])

480

@query.add_filter(field, params[:operators][field], params[:values][field])

477

end

481

end

478

else

482

else

479

@query.available_filters.keys.each do |field|

483

@query.available_filters.keys.each do |field|

480

@query.add_short_filter(field, params[field]) if params[field]

484

@query.add_short_filter(field, params[field]) if params[field]

481

end

485

end

482

end

486

end

483

session[:query] = {:project_id => @query.project_id, :filters => @query.filters}

487

session[:query] = {:project_id => @query.project_id, :filters => @query.filters}

484

else

488

else

485

@query = Query.find_by_id(session[:query][:id]) if session[:query][:id]

489

@query = Query.find_by_id(session[:query][:id]) if session[:query][:id]

486

@query ||= Query.new(:name => "_", :project => @project, :filters => session[:query][:filters])

490

@query ||= Query.new(:name => "_", :project => @project, :filters => session[:query][:filters])

487

@query.project = @project

491

@query.project = @project

488

end

492

end

489

end

493

end

490

end

494

end

491

end

495

end

             <% if @project.versions.any? %>
             <table class="list">
             	<thead>
                 <th><%= l(:label_version) %></th>
                 <th><%= l(:field_effective_date) %></th>
                 <th><%= l(:field_description) %></th>
                 <th><%= l(:label_wiki_page) unless @project.wiki.nil? %></th>
                 <th style="width:15%"></th>
                 <th style="width:15%"></th>
                 </thead>
             	<tbody>
             <% for version in @project.versions.sort %>
                 <tr class="<%= cycle 'odd', 'even' %>">
                 <td><%= link_to h(version.name), :controller => 'versions', :action => 'show', :id => version %></td>
                 <td align="center"><%= format_date(version.effective_date) %></td>
                 <td><%=h version.description %></td>
-                <td><%= link_to(version.wiki_page_title, :controller => 'wiki', :page => Wiki.titleize(version.wiki_page_title)) unless version.wiki_page_title.blank? || @project.wiki.nil? %></td>
+                <td><%= link_to(h(version.wiki_page_title), :controller => 'wiki', :page => Wiki.titleize(version.wiki_page_title)) unless version.wiki_page_title.blank? || @project.wiki.nil? %></td>
                 <td align="center"><%= link_to_if_authorized l(:button_edit), { :controller => 'versions', :action => 'edit', :id => version }, :class => 'icon icon-edit' %></td>
                 <td align="center"><%= link_to_if_authorized l(:button_delete), {:controller => 'versions', :action => 'destroy', :id => version}, :confirm => l(:text_are_you_sure), :method => :post, :class => 'icon icon-del' %></td>
                 </tr>
             <% end; reset_cycle %>
                 </tbody>
             </table>
             <% else %>
             <p class="nodata"><%= l(:label_no_data) %></p>
             <% end %>
             <p><%= link_to_if_authorized l(:label_version_new), :controller => 'projects', :action => 'add_version', :id => @project %></p>

-            <h2><%=l(:label_role)%>: <%= @role.name %></h2>
+            <h2><%=l(:label_role)%>: <%=h @role.name %></h2>
             <% labelled_tabular_form_for :role, @role, :url => { :action => 'edit' }, :html => {:id => 'role_form'} do |f| %>
             <%= render :partial => 'form', :locals => { :f => f } %>
             <%= submit_tag l(:button_save) %>
             <% end %>

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

             # Redmine - project management software
             # Copyright (C) 2006-2008  Jean-Philippe Lang
             #
             # This program is free software; you can redistribute it and/or
             # modify it under the terms of the GNU General Public License
             # as published by the Free Software Foundation; either version 2
             # of the License, or (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program; if not, write to the Free Software
             # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
             class IssuesController < ApplicationController
               menu_item :new_issue, :only => :new
               before_filter :find_issue, :only => [:show, :edit, :reply]
               before_filter :find_issues, :only => [:bulk_edit, :move, :destroy]
               before_filter :find_project, :only => [:new, :update_form, :preview]
               before_filter :authorize, :except => [:index, :changes, :gantt, :calendar, :preview, :update_form, :context_menu]
               before_filter :find_optional_project, :only => [:index, :changes, :gantt, :calendar]
               accept_key_auth :index, :show, :changes
               helper :journals
               helper :projects
               include ProjectsHelper
               helper :custom_fields
               include CustomFieldsHelper
               helper :issue_relations
               include IssueRelationsHelper
               helper :watchers
               include WatchersHelper
               helper :attachments
               include AttachmentsHelper
               helper :queries
               helper :sort
               include SortHelper
               include IssuesHelper
               helper :timelog
               include Redmine::Export::PDF
+              verify :method => :post,
+                     :only => :destroy,
+                     :render => { :nothing => true, :status => :method_not_allowed }
               def index
                 retrieve_query
                 sort_init 'id', 'desc'
                 sort_update({'id' => "#{Issue.table_name}.id"}.merge(@query.columns.inject({}) {|h, c| h[c.name.to_s] = c.sortable; h}))
                 if @query.valid?
                   limit = per_page_option
                   respond_to do |format|
                     format.html { }
                     format.atom { }
                     format.csv  { limit = Setting.issues_export_limit.to_i }
                     format.pdf  { limit = Setting.issues_export_limit.to_i }
                   end
                   @issue_count = Issue.count(:include => [:status, :project], :conditions => @query.statement)
                   @issue_pages = Paginator.new self, @issue_count, limit, params['page']
                   @issues = Issue.find :all, :order => sort_clause,
                                        :include => [ :assigned_to, :status, :tracker, :project, :priority, :category, :fixed_version ],
                                        :conditions => @query.statement,
                                        :limit  =>  limit,
                                        :offset =>  @issue_pages.current.offset
                   respond_to do |format|
                     format.html { render :template => 'issues/index.rhtml', :layout => !request.xhr? }
                     format.atom { render_feed(@issues, :title => "#{@project || Setting.app_title}: #{l(:label_issue_plural)}") }
                     format.csv  { send_data(issues_to_csv(@issues, @project).read, :type => 'text/csv; header=present', :filename => 'export.csv') }
                     format.pdf  { send_data(issues_to_pdf(@issues, @project), :type => 'application/pdf', :filename => 'export.pdf') }
                   end
                 else
                   # Send html if the query is not valid
                   render(:template => 'issues/index.rhtml', :layout => !request.xhr?)
                 end
               rescue ActiveRecord::RecordNotFound
                 render_404
               end
               def changes
                 retrieve_query
                 sort_init 'id', 'desc'
                 sort_update({'id' => "#{Issue.table_name}.id"}.merge(@query.columns.inject({}) {|h, c| h[c.name.to_s] = c.sortable; h}))
                 if @query.valid?
                   @journals = Journal.find :all, :include => [ :details, :user, {:issue => [:project, :author, :tracker, :status]} ],
                                                  :conditions => @query.statement,
                                                  :limit => 25,
                                                  :order => "#{Journal.table_name}.created_on DESC"
                 end
                 @title = (@project ? @project.name : Setting.app_title) + ": " + (@query.new_record? ? l(:label_changes_details) : @query.name)
                 render :layout => false, :content_type => 'application/atom+xml'
               rescue ActiveRecord::RecordNotFound
                 render_404
               end
               def show
                 @journals = @issue.journals.find(:all, :include => [:user, :details], :order => "#{Journal.table_name}.created_on ASC")
                 @journals.each_with_index {|j,i| j.indice = i+1}
                 @journals.reverse! if User.current.wants_comments_in_reverse_order?
                 @allowed_statuses = @issue.new_statuses_allowed_to(User.current)
                 @edit_allowed = User.current.allowed_to?(:edit_issues, @project)
                 @priorities = Enumeration::get_values('IPRI')
                 @time_entry = TimeEntry.new
                 respond_to do |format|
                   format.html { render :template => 'issues/show.rhtml' }
                   format.atom { render :action => 'changes', :layout => false, :content_type => 'application/atom+xml' }
                   format.pdf  { send_data(issue_to_pdf(@issue), :type => 'application/pdf', :filename => "#{@project.identifier}-#{@issue.id}.pdf") }
                 end
               end
               # Add a new issue
               # The new issue will be created from an existing one if copy_from parameter is given
               def new
                 @issue = Issue.new
                 @issue.copy_from(params[:copy_from]) if params[:copy_from]
                 @issue.project = @project
                 # Tracker must be set before custom field values
                 @issue.tracker ||= @project.trackers.find((params[:issue] && params[:issue][:tracker_id]) || params[:tracker_id] || :first)
                 if @issue.tracker.nil?
                   flash.now[:error] = 'No tracker is associated to this project. Please check the Project settings.'
                   render :nothing => true, :layout => true
                   return
                 end
                 if params[:issue].is_a?(Hash)
                   @issue.attributes = params[:issue]
                   @issue.watcher_user_ids = params[:issue]['watcher_user_ids'] if User.current.allowed_to?(:add_issue_watchers, @project)
                 end
                 @issue.author = User.current
                 default_status = IssueStatus.default
                 unless default_status
                   flash.now[:error] = 'No default issue status is defined. Please check your configuration (Go to "Administration -> Issue statuses").'
                   render :nothing => true, :layout => true
                   return
                 end
                 @issue.status = default_status
                 @allowed_statuses = ([default_status] + default_status.find_new_statuses_allowed_to(User.current.role_for_project(@project), @issue.tracker)).uniq
                 if request.get? || request.xhr?
                   @issue.start_date ||= Date.today
                 else
                   requested_status = IssueStatus.find_by_id(params[:issue][:status_id])
                   # Check that the user is allowed to apply the requested status
                   @issue.status = (@allowed_statuses.include? requested_status) ? requested_status : default_status
                   if @issue.save
                     attach_files(@issue, params[:attachments])
                     flash[:notice] = l(:notice_successful_create)
                     Mailer.deliver_issue_add(@issue) if Setting.notified_events.include?('issue_added')
                     call_hook(:controller_issues_new_after_save, { :params => params, :issue => @issue})
                     redirect_to(params[:continue] ? { :action => 'new', :tracker_id => @issue.tracker } :
                                                     { :action => 'show', :id => @issue })
                     return
                   end
                 end
                 @priorities = Enumeration::get_values('IPRI')
                 render :layout => !request.xhr?
               end
               # Attributes that can be updated on workflow transition (without :edit permission)
               # TODO: make it configurable (at least per role)
               UPDATABLE_ATTRS_ON_TRANSITION = %w(status_id assigned_to_id fixed_version_id done_ratio) unless const_defined?(:UPDATABLE_ATTRS_ON_TRANSITION)
               def edit
                 @allowed_statuses = @issue.new_statuses_allowed_to(User.current)
                 @priorities = Enumeration::get_values('IPRI')
                 @edit_allowed = User.current.allowed_to?(:edit_issues, @project)
                 @time_entry = TimeEntry.new
                 @notes = params[:notes]
                 journal = @issue.init_journal(User.current, @notes)
                 # User can change issue attributes only if he has :edit permission or if a workflow transition is allowed
                 if (@edit_allowed || !@allowed_statuses.empty?) && params[:issue]
                   attrs = params[:issue].dup
                   attrs.delete_if {|k,v| !UPDATABLE_ATTRS_ON_TRANSITION.include?(k) } unless @edit_allowed
                   attrs.delete(:status_id) unless @allowed_statuses.detect {|s| s.id.to_s == attrs[:status_id].to_s}
                   @issue.attributes = attrs
                 end
                 if request.post?
                   @time_entry = TimeEntry.new(:project => @project, :issue => @issue, :user => User.current, :spent_on => Date.today)
                   @time_entry.attributes = params[:time_entry]
                   attachments = attach_files(@issue, params[:attachments])
                   attachments.each {|a| journal.details << JournalDetail.new(:property => 'attachment', :prop_key => a.id, :value => a.filename)}
                   call_hook(:controller_issues_edit_before_save, { :params => params, :issue => @issue, :time_entry => @time_entry, :journal => journal})
                   if (@time_entry.hours.nil? || @time_entry.valid?) && @issue.save
                     # Log spend time
                     if User.current.allowed_to?(:log_time, @project)
                       @time_entry.save
                     end
                     if !journal.new_record?
                       # Only send notification if something was actually changed
                       flash[:notice] = l(:notice_successful_update)
                       Mailer.deliver_issue_edit(journal) if Setting.notified_events.include?('issue_updated')
                     end
                     call_hook(:controller_issues_edit_after_save, { :params => params, :issue => @issue, :time_entry => @time_entry, :journal => journal})
                     redirect_to(params[:back_to] || {:action => 'show', :id => @issue})
                   end
                 end
               rescue ActiveRecord::StaleObjectError
                 # Optimistic locking exception
                 flash.now[:error] = l(:notice_locking_conflict)
               end
               def reply
                 journal = Journal.find(params[:journal_id]) if params[:journal_id]
                 if journal
                   user = journal.user
                   text = journal.notes
                 else
                   user = @issue.author
                   text = @issue.description
                 end
                 content = "#{ll(Setting.default_language, :text_user_wrote, user)}\\n> "
                 content << text.to_s.strip.gsub(%r{<pre>((.|\s)*?)</pre>}m, '[...]').gsub('"', '\"').gsub(/(\r?\n|\r\n?)/, "\\n> ") + "\\n\\n"
                 render(:update) { |page|
                   page.<< "$('notes').value = \"#{content}\";"
                   page.show 'update'
                   page << "Form.Element.focus('notes');"
                   page << "Element.scrollTo('update');"
                   page << "$('notes').scrollTop = $('notes').scrollHeight - $('notes').clientHeight;"
                 }
               end
               # Bulk edit a set of issues
               def bulk_edit
                 if request.post?
                   status = params[:status_id].blank? ? nil : IssueStatus.find_by_id(params[:status_id])
                   priority = params[:priority_id].blank? ? nil : Enumeration.find_by_id(params[:priority_id])
                   assigned_to = (params[:assigned_to_id].blank? || params[:assigned_to_id] == 'none') ? nil : User.find_by_id(params[:assigned_to_id])
                   category = (params[:category_id].blank? || params[:category_id] == 'none') ? nil : @project.issue_categories.find_by_id(params[:category_id])
                   fixed_version = (params[:fixed_version_id].blank? || params[:fixed_version_id] == 'none') ? nil : @project.versions.find_by_id(params[:fixed_version_id])
                   unsaved_issue_ids = []
                   @issues.each do |issue|
                     journal = issue.init_journal(User.current, params[:notes])
                     issue.priority = priority if priority
                     issue.assigned_to = assigned_to if assigned_to || params[:assigned_to_id] == 'none'
                     issue.category = category if category || params[:category_id] == 'none'
                     issue.fixed_version = fixed_version if fixed_version || params[:fixed_version_id] == 'none'
                     issue.start_date = params[:start_date] unless params[:start_date].blank?
                     issue.due_date = params[:due_date] unless params[:due_date].blank?
                     issue.done_ratio = params[:done_ratio] unless params[:done_ratio].blank?
                     call_hook(:controller_issues_bulk_edit_before_save, { :params => params, :issue => issue })
                     # Don't save any change to the issue if the user is not authorized to apply the requested status
                     if (status.nil? || (issue.status.new_status_allowed_to?(status, current_role, issue.tracker) && issue.status = status)) && issue.save
                       # Send notification for each issue (if changed)
                       Mailer.deliver_issue_edit(journal) if journal.details.any? && Setting.notified_events.include?('issue_updated')
                     else
                       # Keep unsaved issue ids to display them in flash error
                       unsaved_issue_ids << issue.id
                     end
                   end
                   if unsaved_issue_ids.empty?
                     flash[:notice] = l(:notice_successful_update) unless @issues.empty?
                   else
                     flash[:error] = l(:notice_failed_to_save_issues, unsaved_issue_ids.size, @issues.size, '#' + unsaved_issue_ids.join(', #'))
                   end
                   redirect_to(params[:back_to] || {:controller => 'issues', :action => 'index', :project_id => @project})
                   return
                 end
                 # Find potential statuses the user could be allowed to switch issues to
                 @available_statuses = Workflow.find(:all, :include => :new_status,
                                                           :conditions => {:role_id => current_role.id}).collect(&:new_status).compact.uniq.sort
               end
               def move
                 @allowed_projects = []
                 # find projects to which the user is allowed to move the issue
                 if User.current.admin?
                   # admin is allowed to move issues to any active (visible) project
                   @allowed_projects = Project.find(:all, :conditions => Project.visible_by(User.current), :order => 'name')
                 else
                   User.current.memberships.each {|m| @allowed_projects << m.project if m.role.allowed_to?(:move_issues)}
                 end
                 @target_project = @allowed_projects.detect {|p| p.id.to_s == params[:new_project_id]} if params[:new_project_id]
                 @target_project ||= @project
                 @trackers = @target_project.trackers
                 if request.post?
                   new_tracker = params[:new_tracker_id].blank? ? nil : @target_project.trackers.find_by_id(params[:new_tracker_id])
                   unsaved_issue_ids = []
                   @issues.each do |issue|
                     issue.init_journal(User.current)
                     unsaved_issue_ids << issue.id unless issue.move_to(@target_project, new_tracker)
                   end
                   if unsaved_issue_ids.empty?
                     flash[:notice] = l(:notice_successful_update) unless @issues.empty?
                   else
                     flash[:error] = l(:notice_failed_to_save_issues, unsaved_issue_ids.size, @issues.size, '#' + unsaved_issue_ids.join(', #'))
                   end
                   redirect_to :controller => 'issues', :action => 'index', :project_id => @project
                   return
                 end
                 render :layout => false if request.xhr?
               end
               def destroy
                 @hours = TimeEntry.sum(:hours, :conditions => ['issue_id IN (?)', @issues]).to_f
                 if @hours > 0
                   case params[:todo]
                   when 'destroy'
                     # nothing to do
                   when 'nullify'
                     TimeEntry.update_all('issue_id = NULL', ['issue_id IN (?)', @issues])
                   when 'reassign'
                     reassign_to = @project.issues.find_by_id(params[:reassign_to_id])
                     if reassign_to.nil?
                       flash.now[:error] = l(:error_issue_not_found_in_project)
                       return
                     else
                       TimeEntry.update_all("issue_id = #{reassign_to.id}", ['issue_id IN (?)', @issues])
                     end
                   else
                     # display the destroy form
                     return
                   end
                 end
                 @issues.each(&:destroy)
                 redirect_to :action => 'index', :project_id => @project
               end
               def gantt
                 @gantt = Redmine::Helpers::Gantt.new(params)
                 retrieve_query
                 if @query.valid?
                   events = []
                   # Issues that have start and due dates
                   events += Issue.find(:all,
                                        :order => "start_date, due_date",
                                        :include => [:tracker, :status, :assigned_to, :priority, :project],
                                        :conditions => ["(#{@query.statement}) AND (((start_date>=? and start_date<=?) or (due_date>=? and due_date<=?) or (start_date<? and due_date>?)) and start_date is not null and due_date is not null)", @gantt.date_from, @gantt.date_to, @gantt.date_from, @gantt.date_to, @gantt.date_from, @gantt.date_to]
                                        )
                   # Issues that don't have a due date but that are assigned to a version with a date
                   events += Issue.find(:all,
                                        :order => "start_date, effective_date",
                                        :include => [:tracker, :status, :assigned_to, :priority, :project, :fixed_version],
                                        :conditions => ["(#{@query.statement}) AND (((start_date>=? and start_date<=?) or (effective_date>=? and effective_date<=?) or (start_date<? and effective_date>?)) and start_date is not null and due_date is null and effective_date is not null)", @gantt.date_from, @gantt.date_to, @gantt.date_from, @gantt.date_to, @gantt.date_from, @gantt.date_to]
                                        )
                   # Versions
                   events += Version.find(:all, :include => :project,
                                                :conditions => ["(#{@query.project_statement}) AND effective_date BETWEEN ? AND ?", @gantt.date_from, @gantt.date_to])
                   @gantt.events = events
                 end
                 basename = (@project ? "#{@project.identifier}-" : '') + 'gantt'
                 respond_to do |format|
                   format.html { render :template => "issues/gantt.rhtml", :layout => !request.xhr? }
                   format.png  { send_data(@gantt.to_image, :disposition => 'inline', :type => 'image/png', :filename => "#{basename}.png") } if @gantt.respond_to?('to_image')
                   format.pdf  { send_data(gantt_to_pdf(@gantt, @project), :type => 'application/pdf', :filename => "#{basename}.pdf") }
                 end
               end
               def calendar
                 if params[:year] and params[:year].to_i > 1900
                   @year = params[:year].to_i
                   if params[:month] and params[:month].to_i > 0 and params[:month].to_i < 13
                     @month = params[:month].to_i
                   end
                 end
                 @year ||= Date.today.year
                 @month ||= Date.today.month
                 @calendar = Redmine::Helpers::Calendar.new(Date.civil(@year, @month, 1), current_language, :month)
                 retrieve_query
                 if @query.valid?
                   events = []
                   events += Issue.find(:all,
                                        :include => [:tracker, :status, :assigned_to, :priority, :project],
                                        :conditions => ["(#{@query.statement}) AND ((start_date BETWEEN ? AND ?) OR (due_date BETWEEN ? AND ?))", @calendar.startdt, @calendar.enddt, @calendar.startdt, @calendar.enddt]
                                        )
                   events += Version.find(:all, :include => :project,
                                                :conditions => ["(#{@query.project_statement}) AND effective_date BETWEEN ? AND ?", @calendar.startdt, @calendar.enddt])
                   @calendar.events = events
                 end
                 render :layout => false if request.xhr?
               end
               def context_menu
                 @issues = Issue.find_all_by_id(params[:ids], :include => :project)
                 if (@issues.size == 1)
                   @issue = @issues.first
                   @allowed_statuses = @issue.new_statuses_allowed_to(User.current)
                 end
                 projects = @issues.collect(&:project).compact.uniq
                 @project = projects.first if projects.size == 1
                 @can = {:edit => (@project && User.current.allowed_to?(:edit_issues, @project)),
                         :log_time => (@project && User.current.allowed_to?(:log_time, @project)),
                         :update => (@project && (User.current.allowed_to?(:edit_issues, @project) || (User.current.allowed_to?(:change_status, @project) && @allowed_statuses && !@allowed_statuses.empty?))),
                         :move => (@project && User.current.allowed_to?(:move_issues, @project)),
                         :copy => (@issue && @project.trackers.include?(@issue.tracker) && User.current.allowed_to?(:add_issues, @project)),
                         :delete => (@project && User.current.allowed_to?(:delete_issues, @project))
                         }
                 if @project
                   @assignables = @project.assignable_users
                   @assignables << @issue.assigned_to if @issue && @issue.assigned_to && !@assignables.include?(@issue.assigned_to)
                 end
                 @priorities = Enumeration.get_values('IPRI').reverse
                 @statuses = IssueStatus.find(:all, :order => 'position')
                 @back = request.env['HTTP_REFERER']
                 render :layout => false
               end
               def update_form
                 @issue = Issue.new(params[:issue])
                 render :action => :new, :layout => false
               end
               def preview
                 @issue = @project.issues.find_by_id(params[:id]) unless params[:id].blank?
                 @attachements = @issue.attachments if @issue
                 @text = params[:notes] || (params[:issue] ? params[:issue][:description] : nil)
                 render :partial => 'common/preview'
               end
             private
               def find_issue
                 @issue = Issue.find(params[:id], :include => [:project, :tracker, :status, :author, :priority, :category])
                 @project = @issue.project
               rescue ActiveRecord::RecordNotFound
                 render_404
               end
               # Filter for bulk operations
               def find_issues
                 @issues = Issue.find_all_by_id(params[:id] || params[:ids])
                 raise ActiveRecord::RecordNotFound if @issues.empty?
                 projects = @issues.collect(&:project).compact.uniq
                 if projects.size == 1
                   @project = projects.first
                 else
                   # TODO: let users bulk edit/move/destroy issues from different projects
                   render_error 'Can not bulk edit/move/destroy issues from different projects' and return false
                 end
               rescue ActiveRecord::RecordNotFound
                 render_404
               end
               def find_project
                 @project = Project.find(params[:project_id])
               rescue ActiveRecord::RecordNotFound
                 render_404
               end
               def find_optional_project
                 @project = Project.find(params[:project_id]) unless params[:project_id].blank?
                 allowed = User.current.allowed_to?({:controller => params[:controller], :action => params[:action]}, @project, :global => true)
                 allowed ? true : deny_access
               rescue ActiveRecord::RecordNotFound
                 render_404
               end
               # Retrieve query from session or build a new query
               def retrieve_query
                 if !params[:query_id].blank?
                   cond = "project_id IS NULL"
                   cond << " OR project_id = #{@project.id}" if @project
                   @query = Query.find(params[:query_id], :conditions => cond)
                   @query.project = @project
                   session[:query] = {:id => @query.id, :project_id => @query.project_id}
                 else
                   if params[:set_filter] || session[:query].nil? || session[:query][:project_id] != (@project ? @project.id : nil)
                     # Give it a name, required to be valid
                     @query = Query.new(:name => "_")
                     @query.project = @project
                     if params[:fields] and params[:fields].is_a? Array
                       params[:fields].each do |field|
                         @query.add_filter(field, params[:operators][field], params[:values][field])
                       end
                     else
                       @query.available_filters.keys.each do |field|
                         @query.add_short_filter(field, params[field]) if params[field]
                       end
                     end
                     session[:query] = {:project_id => @query.project_id, :filters => @query.filters}
                   else
                     @query = Query.find_by_id(session[:query][:id]) if session[:query][:id]
                     @query ||= Query.new(:name => "_", :project => @project, :filters => session[:query][:filters])
                     @query.project = @project
                   end
                 end
               end
             end