| @@ -353,25 +353,25 class User < Principal | |||
|
|
353 | 353 | # * a group of projects : returns true if user is allowed on every project |
|
|
354 | 354 | # * nil with options[:global] set : check if user has at least one role allowed for this action, |
|
|
355 | 355 | # or falls back to Non Member / Anonymous permissions depending if the user is logged |
|
|
356 |
def allowed_to?(action, |
|
|
|
357 |
if |
|
|
|
356 | def allowed_to?(action, context, options={}) | |
|
|
357 | if context && context.is_a?(Project) | |
|
|
358 | 358 | # No action allowed on archived projects |
|
|
359 |
return false unless |
|
|
|
359 | return false unless context.active? | |
|
|
360 | 360 | # No action allowed on disabled modules |
|
|
361 |
return false unless |
|
|
|
361 | return false unless context.allows_to?(action) | |
|
|
362 | 362 | # Admin users are authorized for anything else |
|
|
363 | 363 | return true if admin? |
|
|
364 | 364 | |
|
|
365 |
roles = roles_for_project( |
|
|
|
365 | roles = roles_for_project(context) | |
|
|
366 | 366 | return false unless roles |
|
|
367 |
roles.detect {|role| ( |
|
|
|
367 | roles.detect {|role| (context.is_public? || role.member?) && role.allowed_to?(action)} | |
|
|
368 | 368 | |
|
|
369 |
elsif |
|
|
|
369 | elsif context && context.is_a?(Array) | |
|
|
370 | 370 | # Authorize if user is authorized on every element of the array |
|
|
371 |
|
|
|
|
372 | allowed_to?(action,p,options) | |
|
|
373 |
end.inject do |memo, |
|
|
|
374 |
memo && |
|
|
|
371 | context.map do |project| | |
|
|
372 | allowed_to?(action,project,options) | |
|
|
373 | end.inject do |memo,allowed| | |
|
|
374 | memo && allowed | |
|
|
375 | 375 | end |
|
|
376 | 376 | elsif options[:global] |
|
|
377 | 377 | # Admin users are always authorized |
General Comments 0
You need to be logged in to leave comments.
Login now