##// END OF EJS Templates
jro_apps » redmine
RSS
Various code cleaning, mainly on User, Permission and IssueStatus models....
Jean-Philippe Lang -
r411:e227b9297252
parent child
Show More
Show file before | Show file after | Hide comments
@@ -1,147 +1,147
1 1 # redMine - project management software
2 2 # Copyright (C) 2006-2007 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 class ApplicationController < ActionController::Base
19 19 before_filter :check_if_login_required, :set_localization
20 20 filter_parameter_logging :password
21 21
22 22 def logged_in_user=(user)
23 23 @logged_in_user = user
24 24 session[:user_id] = (user ? user.id : nil)
25 25 end
26 26
27 27 def logged_in_user
28 28 if session[:user_id]
29 29 @logged_in_user ||= User.find(session[:user_id])
30 30 else
31 31 nil
32 32 end
33 33 end
34 34
35 35 def logged_in_user_membership
36 36 @user_membership ||= Member.find(:first, :conditions => ["user_id=? and project_id=?", self.logged_in_user.id, @project.id])
37 37 end
38 38
39 39 # check if login is globally required to access the application
40 40 def check_if_login_required
41 41 require_login if Setting.login_required?
42 42 end
43 43
44 44 def set_localization
45 45 lang = begin
46 46 if self.logged_in_user and self.logged_in_user.language and !self.logged_in_user.language.empty? and GLoc.valid_languages.include? self.logged_in_user.language.to_sym
47 47 self.logged_in_user.language
48 48 elsif request.env['HTTP_ACCEPT_LANGUAGE']
49 49 accept_lang = parse_qvalues(request.env['HTTP_ACCEPT_LANGUAGE']).first.split('-').first
50 50 if accept_lang and !accept_lang.empty? and GLoc.valid_languages.include? accept_lang.to_sym
51 51 accept_lang
52 52 end
53 53 end
54 54 rescue
55 55 nil
56 56 end || Setting.default_language
57 57 set_language_if_valid(lang)
58 58 end
59 59
60 60 def require_login
61 61 unless self.logged_in_user
62 62 store_location
63 63 redirect_to :controller => "account", :action => "login"
64 64 return false
65 65 end
66 66 true
67 67 end
68 68
69 69 def require_admin
70 70 return unless require_login
71 71 unless self.logged_in_user.admin?
72 72 render :nothing => true, :status => 403
73 73 return false
74 74 end
75 75 true
76 76 end
77 77
78 78 # authorizes the user for the requested action.
79 79 def authorize(ctrl = params[:controller], action = params[:action])
80 80 # check if action is allowed on public projects
81 81 if @project.is_public? and Permission.allowed_to_public "%s/%s" % [ ctrl, action ]
82 82 return true
83 83 end
84 84 # if action is not public, force login
85 85 return unless require_login
86 86 # admin is always authorized
87 87 return true if self.logged_in_user.admin?
88 88 # if not admin, check membership permission
89 @user_membership ||= Member.find(:first, :conditions => ["user_id=? and project_id=?", self.logged_in_user.id, @project.id])
90 if @user_membership and Permission.allowed_to_role( "%s/%s" % [ ctrl, action ], @user_membership.role_id )
89 @user_membership ||= logged_in_user.role_for_project(@project)
90 if @user_membership and Permission.allowed_to_role( "%s/%s" % [ ctrl, action ], @user_membership )
91 91 return true
92 92 end
93 93 render :nothing => true, :status => 403
94 94 false
95 95 end
96 96
97 97 # make sure that the user is a member of the project (or admin) if project is private
98 98 # used as a before_filter for actions that do not require any particular permission on the project
99 99 def check_project_privacy
100 100 return true if @project.is_public?
101 101 return false unless logged_in_user
102 102 return true if logged_in_user.admin? || logged_in_user_membership
103 103 render :nothing => true, :status => 403
104 104 false
105 105 end
106 106
107 107 # store current uri in session.
108 108 # return to this location by calling redirect_back_or_default
109 109 def store_location
110 110 session[:return_to_params] = params
111 111 end
112 112
113 113 # move to the last store_location call or to the passed default one
114 114 def redirect_back_or_default(default)
115 115 if session[:return_to_params].nil?
116 116 redirect_to default
117 117 else
118 118 redirect_to session[:return_to_params]
119 119 session[:return_to_params] = nil
120 120 end
121 121 end
122 122
123 123 def render_404
124 124 @html_title = "404"
125 125 render :template => "common/404", :layout => true, :status => 404
126 126 return false
127 127 end
128 128
129 129 # qvalues http header parser
130 130 # code taken from webrick
131 131 def parse_qvalues(value)
132 132 tmp = []
133 133 if value
134 134 parts = value.split(/,\s*/)
135 135 parts.each {|part|
136 136 if m = %r{^([^\s,]+?)(?:;\s*q=(\d+(?:\.\d+)?))?$}.match(part)
137 137 val = m[1]
138 138 q = (m[2] or 1).to_f
139 139 tmp.push([val, q])
140 140 end
141 141 }
142 142 tmp = tmp.sort_by{|val, q| -q}
143 143 tmp.collect!{|val, q| val}
144 144 end
145 145 return tmp
146 146 end
147 147 end No newline at end of file
Show file before | Show file after | Hide comments
@@ -1,96 +1,96
1 1 # redMine - project management software
2 2 # Copyright (C) 2006-2007 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 class FeedsController < ApplicationController
19 19 before_filter :find_scope
20 20 session :off
21 21
22 22 helper :issues
23 23 include IssuesHelper
24 24 helper :custom_fields
25 25 include CustomFieldsHelper
26 26
27 27 # news feeds
28 28 def news
29 29 News.with_scope(:find => @find_options) do
30 30 @news = News.find :all, :order => "#{News.table_name}.created_on DESC", :include => [ :author, :project ]
31 31 end
32 32 headers["Content-Type"] = "application/rss+xml"
33 33 render :action => 'news_atom' if 'atom' == params[:format]
34 34 end
35 35
36 36 # issue feeds
37 37 def issues
38 38 if @project && params[:query_id]
39 39 query = Query.find(params[:query_id])
40 40 # ignore query if it's not valid
41 41 query = nil unless query.valid?
42 42 # override with query conditions
43 43 @find_options[:conditions] = query.statement if query.valid? and @project == query.project
44 44 end
45 45
46 46 Issue.with_scope(:find => @find_options) do
47 47 @issues = Issue.find :all, :include => [:project, :author, :tracker, :status],
48 48 :order => "#{Issue.table_name}.created_on DESC"
49 49 end
50 50 @title = (@project ? @project.name : Setting.app_title) + ": " + (query ? query.name : l(:label_reported_issues))
51 51 headers["Content-Type"] = "application/rss+xml"
52 52 render :action => 'issues_atom' if 'atom' == params[:format]
53 53 end
54 54
55 55 # issue changes feeds
56 56 def history
57 57 if @project && params[:query_id]
58 58 query = Query.find(params[:query_id])
59 59 # ignore query if it's not valid
60 60 query = nil unless query.valid?
61 61 # override with query conditions
62 62 @find_options[:conditions] = query.statement if query.valid? and @project == query.project
63 63 end
64 64
65 65 Journal.with_scope(:find => @find_options) do
66 66 @journals = Journal.find :all, :include => [ :details, :user, {:issue => [:project, :author, :tracker, :status]} ],
67 67 :order => "#{Journal.table_name}.created_on DESC"
68 68 end
69 69
70 70 @title = (@project ? @project.name : Setting.app_title) + ": " + (query ? query.name : l(:label_reported_issues))
71 71 headers["Content-Type"] = "application/rss+xml"
72 72 render :action => 'history_atom' if 'atom' == params[:format]
73 73 end
74 74
75 75 private
76 76 # override for feeds specific authentication
77 77 def check_if_login_required
78 78 @user = User.find_by_rss_key(params[:key])
79 79 render(:nothing => true, :status => 403) and return false if !@user && Setting.login_required?
80 80 end
81 81
82 82 def find_scope
83 83 if params[:project_id]
84 84 # project feed
85 85 # check if project is public or if the user is a member
86 86 @project = Project.find(params[:project_id])
87 render(:nothing => true, :status => 403) and return false unless @project.is_public? || (@user && @user.role_for_project(@project.id))
87 render(:nothing => true, :status => 403) and return false unless @project.is_public? || (@user && @user.role_for_project(@project))
88 88 scope = ["#{Project.table_name}.id=?", params[:project_id].to_i]
89 89 else
90 90 # global feed
91 91 scope = ["#{Project.table_name}.is_public=?", true]
92 92 end
93 93 @find_options = {:conditions => scope, :limit => Setting.feeds_limit}
94 94 return true
95 95 end
96 96 end
Show file before | Show file after | Hide comments
@@ -1,149 +1,139
1 1 # redMine - project management software
2 2 # Copyright (C) 2006-2007 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 class IssuesController < ApplicationController
19 19 layout 'base', :except => :export_pdf
20 20 before_filter :find_project, :authorize
21 21
22 22 helper :custom_fields
23 23 include CustomFieldsHelper
24 24 helper :ifpdf
25 25 include IfpdfHelper
26 26
27 27 def show
28 @status_options = ([@issue.status] + @issue.status.workflows.find(:all, :order => 'position', :include => :new_status, :conditions => ["role_id=? and tracker_id=?", self.logged_in_user.role_for_project(@project.id), @issue.tracker.id]).collect{ |w| w.new_status }) if self.logged_in_user
28 @status_options = @issue.status.find_new_statuses_allowed_to(logged_in_user.role_for_project(@project), @issue.tracker) if logged_in_user
29 29 @custom_values = @issue.custom_values.find(:all, :include => :custom_field)
30 30 @journals_count = @issue.journals.count
31 31 @journals = @issue.journals.find(:all, :include => [:user, :details], :limit => 15, :order => "#{Journal.table_name}.created_on desc")
32 32 end
33 33
34 34 def history
35 35 @journals = @issue.journals.find(:all, :include => [:user, :details], :order => "#{Journal.table_name}.created_on desc")
36 36 @journals_count = @journals.length
37 37 end
38 38
39 39 def export_pdf
40 40 @custom_values = @issue.custom_values.find(:all, :include => :custom_field)
41 41 @options_for_rfpdf ||= {}
42 42 @options_for_rfpdf[:file_name] = "#{@project.name}_#{@issue.long_id}.pdf"
43 43 end
44 44
45 45 def edit
46 46 @priorities = Enumeration::get_values('IPRI')
47 47 if request.get?
48 48 @custom_values = @project.custom_fields_for_issues(@issue.tracker).collect { |x| @issue.custom_values.find_by_custom_field_id(x.id) || CustomValue.new(:custom_field => x, :customized => @issue) }
49 49 else
50 50 begin
51 51 @issue.init_journal(self.logged_in_user)
52 52 # Retrieve custom fields and values
53 53 @custom_values = @project.custom_fields_for_issues(@issue.tracker).collect { |x| CustomValue.new(:custom_field => x, :customized => @issue, :value => params["custom_fields"][x.id.to_s]) }
54 54 @issue.custom_values = @custom_values
55 55 @issue.attributes = params[:issue]
56 56 if @issue.save
57 57 flash[:notice] = l(:notice_successful_update)
58 58 redirect_to :action => 'show', :id => @issue
59 59 end
60 60 rescue ActiveRecord::StaleObjectError
61 61 # Optimistic locking exception
62 62 flash[:notice] = l(:notice_locking_conflict)
63 63 end
64 64 end
65 65 end
66 66
67 67 def add_note
68 68 unless params[:notes].empty?
69 69 journal = @issue.init_journal(self.logged_in_user, params[:notes])
70 #@history = @issue.histories.build(params[:history])
71 #@history.author_id = self.logged_in_user.id if self.logged_in_user
72 #@history.status = @issue.status
73 70 if @issue.save
74 71 flash[:notice] = l(:notice_successful_update)
75 72 Mailer.deliver_issue_edit(journal) if Permission.find_by_controller_and_action(params[:controller], params[:action]).mail_enabled?
76 73 redirect_to :action => 'show', :id => @issue
77 74 return
78 75 end
79 76 end
80 77 show
81 78 render :action => 'show'
82 79 end
83 80
84 81 def change_status
85 #@history = @issue.histories.build(params[:history])
86 @status_options = ([@issue.status] + @issue.status.workflows.find(:all, :order => 'position', :include => :new_status, :conditions => ["role_id=? and tracker_id=?", self.logged_in_user.role_for_project(@project.id), @issue.tracker.id]).collect{ |w| w.new_status }) if self.logged_in_user
82 @status_options = @issue.status.find_new_statuses_allowed_to(logged_in_user.role_for_project(@project), @issue.tracker) if logged_in_user
87 83 @new_status = IssueStatus.find(params[:new_status_id])
88 84 if params[:confirm]
89 85 begin
90 #@history.author_id = self.logged_in_user.id if self.logged_in_user
91 #@issue.status = @history.status
92 #@issue.fixed_version_id = (params[:issue][:fixed_version_id])
93 #@issue.assigned_to_id = (params[:issue][:assigned_to_id])
94 #@issue.done_ratio = (params[:issue][:done_ratio])
95 #@issue.lock_version = (params[:issue][:lock_version])
96 86 journal = @issue.init_journal(self.logged_in_user, params[:notes])
97 87 @issue.status = @new_status
98 88 if @issue.update_attributes(params[:issue])
99 89 flash[:notice] = l(:notice_successful_update)
100 90 Mailer.deliver_issue_edit(journal) if Permission.find_by_controller_and_action(params[:controller], params[:action]).mail_enabled?
101 91 redirect_to :action => 'show', :id => @issue
102 92 end
103 93 rescue ActiveRecord::StaleObjectError
104 94 # Optimistic locking exception
105 95 flash[:notice] = l(:notice_locking_conflict)
106 96 end
107 97 end
108 98 @assignable_to = @project.members.find(:all, :include => :user).collect{ |m| m.user }
109 99 end
110 100
111 101 def destroy
112 102 @issue.destroy
113 103 redirect_to :controller => 'projects', :action => 'list_issues', :id => @project
114 104 end
115 105
116 106 def add_attachment
117 107 # Save the attachments
118 108 @attachments = []
119 109 params[:attachments].each { |file|
120 110 next unless file.size > 0
121 111 a = Attachment.create(:container => @issue, :file => file, :author => logged_in_user)
122 112 @attachments << a unless a.new_record?
123 113 } if params[:attachments] and params[:attachments].is_a? Array
124 114 Mailer.deliver_attachments_add(@attachments) if !@attachments.empty? and Permission.find_by_controller_and_action(params[:controller], params[:action]).mail_enabled?
125 115 redirect_to :action => 'show', :id => @issue
126 116 end
127 117
128 118 def destroy_attachment
129 119 @issue.attachments.find(params[:attachment_id]).destroy
130 120 redirect_to :action => 'show', :id => @issue
131 121 end
132 122
133 123 # Send the file in stream mode
134 124 def download
135 125 @attachment = @issue.attachments.find(params[:attachment_id])
136 126 send_file @attachment.diskfile, :filename => @attachment.filename
137 127 rescue
138 128 render_404
139 129 end
140 130
141 131 private
142 132 def find_project
143 133 @issue = Issue.find(params[:id], :include => [:project, :tracker, :status, :author, :priority, :category])
144 134 @project = @issue.project
145 135 @html_title = "#{@project.name} - #{@issue.tracker.name} ##{@issue.id}"
146 136 rescue ActiveRecord::RecordNotFound
147 137 render_404
148 138 end
149 139 end
Show file before | Show file after | Hide comments
@@ -1,686 +1,685
1 1 # redMine - project management software
2 2 # Copyright (C) 2006-2007 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 require 'csv'
19 19
20 20 class ProjectsController < ApplicationController
21 21 layout 'base'
22 22 before_filter :find_project, :authorize, :except => [ :index, :list, :add ]
23 23 before_filter :require_admin, :only => [ :add, :destroy ]
24 24
25 25 helper :sort
26 26 include SortHelper
27 27 helper :custom_fields
28 28 include CustomFieldsHelper
29 29 helper :ifpdf
30 30 include IfpdfHelper
31 31 helper IssuesHelper
32 32 helper :queries
33 33 include QueriesHelper
34 34
35 35 def index
36 36 list
37 37 render :action => 'list' unless request.xhr?
38 38 end
39 39
40 40 # Lists public projects
41 41 def list
42 42 sort_init "#{Project.table_name}.name", "asc"
43 43 sort_update
44 44 @project_count = Project.count(:all, :conditions => ["is_public=?", true])
45 45 @project_pages = Paginator.new self, @project_count,
46 46 15,
47 47 params['page']
48 48 @projects = Project.find :all, :order => sort_clause,
49 49 :conditions => ["#{Project.table_name}.is_public=?", true],
50 50 :include => :parent,
51 51 :limit => @project_pages.items_per_page,
52 52 :offset => @project_pages.current.offset
53 53
54 54 render :action => "list", :layout => false if request.xhr?
55 55 end
56 56
57 57 # Add a new project
58 58 def add
59 59 @custom_fields = IssueCustomField.find(:all)
60 60 @root_projects = Project.find(:all, :conditions => "parent_id is null")
61 61 @project = Project.new(params[:project])
62 62 if request.get?
63 63 @custom_values = ProjectCustomField.find(:all).collect { |x| CustomValue.new(:custom_field => x, :customized => @project) }
64 64 else
65 65 @project.custom_fields = CustomField.find(params[:custom_field_ids]) if params[:custom_field_ids]
66 66 @custom_values = ProjectCustomField.find(:all).collect { |x| CustomValue.new(:custom_field => x, :customized => @project, :value => params["custom_fields"][x.id.to_s]) }
67 67 @project.custom_values = @custom_values
68 68 if params[:repository_enabled] && params[:repository_enabled] == "1"
69 69 @project.repository = Repository.new
70 70 @project.repository.attributes = params[:repository]
71 71 end
72 72 if "1" == params[:wiki_enabled]
73 73 @project.wiki = Wiki.new
74 74 @project.wiki.attributes = params[:wiki]
75 75 end
76 76 if @project.save
77 77 flash[:notice] = l(:notice_successful_create)
78 78 redirect_to :controller => 'admin', :action => 'projects'
79 79 end
80 80 end
81 81 end
82 82
83 83 # Show @project
84 84 def show
85 85 @custom_values = @project.custom_values.find(:all, :include => :custom_field)
86 86 @members = @project.members.find(:all, :include => [:user, :role], :order => 'position')
87 87 @subprojects = @project.children if @project.children.size > 0
88 88 @news = @project.news.find(:all, :limit => 5, :include => [ :author, :project ], :order => "#{News.table_name}.created_on DESC")
89 89 @trackers = Tracker.find(:all, :order => 'position')
90 90 @open_issues_by_tracker = Issue.count(:group => :tracker, :joins => "INNER JOIN #{IssueStatus.table_name} ON #{IssueStatus.table_name}.id = #{Issue.table_name}.status_id", :conditions => ["project_id=? and #{IssueStatus.table_name}.is_closed=?", @project.id, false])
91 91 @total_issues_by_tracker = Issue.count(:group => :tracker, :conditions => ["project_id=?", @project.id])
92 92 end
93 93
94 94 def settings
95 95 @root_projects = Project::find(:all, :conditions => ["parent_id is null and id <> ?", @project.id])
96 96 @custom_fields = IssueCustomField.find(:all)
97 97 @issue_category ||= IssueCategory.new
98 98 @member ||= @project.members.new
99 99 @roles = Role.find(:all, :order => 'position')
100 100 @users = User.find_active(:all) - @project.users
101 101 @custom_values ||= ProjectCustomField.find(:all).collect { |x| @project.custom_values.find_by_custom_field_id(x.id) || CustomValue.new(:custom_field => x) }
102 102 end
103 103
104 104 # Edit @project
105 105 def edit
106 106 if request.post?
107 107 @project.custom_fields = IssueCustomField.find(params[:custom_field_ids]) if params[:custom_field_ids]
108 108 if params[:custom_fields]
109 109 @custom_values = ProjectCustomField.find(:all).collect { |x| CustomValue.new(:custom_field => x, :customized => @project, :value => params["custom_fields"][x.id.to_s]) }
110 110 @project.custom_values = @custom_values
111 111 end
112 112 if params[:repository_enabled]
113 113 case params[:repository_enabled]
114 114 when "0"
115 115 @project.repository = nil
116 116 when "1"
117 117 @project.repository ||= Repository.new
118 118 @project.repository.update_attributes params[:repository]
119 119 end
120 120 end
121 121 if params[:wiki_enabled]
122 122 case params[:wiki_enabled]
123 123 when "0"
124 124 @project.wiki.destroy if @project.wiki
125 125 when "1"
126 126 @project.wiki ||= Wiki.new
127 127 @project.wiki.update_attributes params[:wiki]
128 128 end
129 129 end
130 130 @project.attributes = params[:project]
131 131 if @project.save
132 132 flash[:notice] = l(:notice_successful_update)
133 133 redirect_to :action => 'settings', :id => @project
134 134 else
135 135 settings
136 136 render :action => 'settings'
137 137 end
138 138 end
139 139 end
140 140
141 141 # Delete @project
142 142 def destroy
143 143 if request.post? and params[:confirm]
144 144 @project.destroy
145 145 redirect_to :controller => 'admin', :action => 'projects'
146 146 end
147 147 end
148 148
149 149 # Add a new issue category to @project
150 150 def add_issue_category
151 151 if request.post?
152 152 @issue_category = @project.issue_categories.build(params[:issue_category])
153 153 if @issue_category.save
154 154 flash[:notice] = l(:notice_successful_create)
155 155 redirect_to :action => 'settings', :tab => 'categories', :id => @project
156 156 else
157 157 settings
158 158 render :action => 'settings'
159 159 end
160 160 end
161 161 end
162 162
163 163 # Add a new version to @project
164 164 def add_version
165 165 @version = @project.versions.build(params[:version])
166 166 if request.post? and @version.save
167 167 flash[:notice] = l(:notice_successful_create)
168 168 redirect_to :action => 'settings', :tab => 'versions', :id => @project
169 169 end
170 170 end
171 171
172 172 # Add a new member to @project
173 173 def add_member
174 174 @member = @project.members.build(params[:member])
175 175 if request.post?
176 176 if @member.save
177 177 flash[:notice] = l(:notice_successful_create)
178 178 redirect_to :action => 'settings', :tab => 'members', :id => @project
179 179 else
180 180 settings
181 181 render :action => 'settings'
182 182 end
183 183 end
184 184 end
185 185
186 186 # Show members list of @project
187 187 def list_members
188 188 @members = @project.members.find(:all)
189 189 end
190 190
191 191 # Add a new document to @project
192 192 def add_document
193 193 @categories = Enumeration::get_values('DCAT')
194 194 @document = @project.documents.build(params[:document])
195 195 if request.post? and @document.save
196 196 # Save the attachments
197 197 params[:attachments].each { |a|
198 198 Attachment.create(:container => @document, :file => a, :author => logged_in_user) unless a.size == 0
199 199 } if params[:attachments] and params[:attachments].is_a? Array
200 200 flash[:notice] = l(:notice_successful_create)
201 201 Mailer.deliver_document_add(@document) if Permission.find_by_controller_and_action(params[:controller], params[:action]).mail_enabled?
202 202 redirect_to :action => 'list_documents', :id => @project
203 203 end
204 204 end
205 205
206 206 # Show documents list of @project
207 207 def list_documents
208 208 @documents = @project.documents.find :all, :include => :category
209 209 end
210 210
211 211 # Add a new issue to @project
212 212 def add_issue
213 213 @tracker = Tracker.find(params[:tracker_id])
214 214 @priorities = Enumeration::get_values('IPRI')
215 215
216 216 default_status = IssueStatus.default
217 217 @issue = Issue.new(:project => @project, :tracker => @tracker, :status => default_status)
218 @allowed_statuses = [default_status] + default_status.workflows.find(:all, :order => 'position', :include => :new_status, :conditions => ["role_id=? and tracker_id=?", self.logged_in_user.role_for_project(@project.id), @issue.tracker.id]).collect{ |w| w.new_status }
219
218 @allowed_statuses = default_status.find_new_statuses_allowed_to(logged_in_user.role_for_project(@project), @issue.tracker) if logged_in_user
220 219 if request.get?
221 220 @issue.start_date = Date.today
222 221 @custom_values = @project.custom_fields_for_issues(@tracker).collect { |x| CustomValue.new(:custom_field => x, :customized => @issue) }
223 222 else
224 223 @issue.attributes = params[:issue]
225 224
226 225 requested_status = IssueStatus.find_by_id(params[:issue][:status_id])
227 226 @issue.status = (@allowed_statuses.include? requested_status) ? requested_status : default_status
228 227
229 228 @issue.author_id = self.logged_in_user.id if self.logged_in_user
230 229 # Multiple file upload
231 230 @attachments = []
232 231 params[:attachments].each { |a|
233 232 @attachments << Attachment.new(:container => @issue, :file => a, :author => logged_in_user) unless a.size == 0
234 233 } if params[:attachments] and params[:attachments].is_a? Array
235 234 @custom_values = @project.custom_fields_for_issues(@tracker).collect { |x| CustomValue.new(:custom_field => x, :customized => @issue, :value => params["custom_fields"][x.id.to_s]) }
236 235 @issue.custom_values = @custom_values
237 236 if @issue.save
238 237 @attachments.each(&:save)
239 238 flash[:notice] = l(:notice_successful_create)
240 239 Mailer.deliver_issue_add(@issue) if Permission.find_by_controller_and_action(params[:controller], params[:action]).mail_enabled?
241 240 redirect_to :action => 'list_issues', :id => @project
242 241 end
243 242 end
244 243 end
245 244
246 245 # Show filtered/sorted issues list of @project
247 246 def list_issues
248 247 sort_init "#{Issue.table_name}.id", "desc"
249 248 sort_update
250 249
251 250 retrieve_query
252 251
253 252 @results_per_page_options = [ 15, 25, 50, 100 ]
254 253 if params[:per_page] and @results_per_page_options.include? params[:per_page].to_i
255 254 @results_per_page = params[:per_page].to_i
256 255 session[:results_per_page] = @results_per_page
257 256 else
258 257 @results_per_page = session[:results_per_page] || 25
259 258 end
260 259
261 260 if @query.valid?
262 261 @issue_count = Issue.count(:include => [:status, :project], :conditions => @query.statement)
263 262 @issue_pages = Paginator.new self, @issue_count, @results_per_page, params['page']
264 263 @issues = Issue.find :all, :order => sort_clause,
265 264 :include => [ :author, :status, :tracker, :project, :priority ],
266 265 :conditions => @query.statement,
267 266 :limit => @issue_pages.items_per_page,
268 267 :offset => @issue_pages.current.offset
269 268 end
270 269 @trackers = Tracker.find :all, :order => 'position'
271 270 render :layout => false if request.xhr?
272 271 end
273 272
274 273 # Export filtered/sorted issues list to CSV
275 274 def export_issues_csv
276 275 sort_init "#{Issue.table_name}.id", "desc"
277 276 sort_update
278 277
279 278 retrieve_query
280 279 render :action => 'list_issues' and return unless @query.valid?
281 280
282 281 @issues = Issue.find :all, :order => sort_clause,
283 282 :include => [ :author, :status, :tracker, :priority, {:custom_values => :custom_field} ],
284 283 :conditions => @query.statement,
285 284 :limit => Setting.issues_export_limit
286 285
287 286 ic = Iconv.new(l(:general_csv_encoding), 'UTF-8')
288 287 export = StringIO.new
289 288 CSV::Writer.generate(export, l(:general_csv_separator)) do |csv|
290 289 # csv header fields
291 290 headers = [ "#", l(:field_status),
292 291 l(:field_tracker),
293 292 l(:field_priority),
294 293 l(:field_subject),
295 294 l(:field_author),
296 295 l(:field_start_date),
297 296 l(:field_due_date),
298 297 l(:field_done_ratio),
299 298 l(:field_created_on),
300 299 l(:field_updated_on)
301 300 ]
302 301 for custom_field in @project.all_custom_fields
303 302 headers << custom_field.name
304 303 end
305 304 csv << headers.collect {|c| ic.iconv(c) }
306 305 # csv lines
307 306 @issues.each do |issue|
308 307 fields = [issue.id, issue.status.name,
309 308 issue.tracker.name,
310 309 issue.priority.name,
311 310 issue.subject,
312 311 issue.author.display_name,
313 312 issue.start_date ? l_date(issue.start_date) : nil,
314 313 issue.due_date ? l_date(issue.due_date) : nil,
315 314 issue.done_ratio,
316 315 l_datetime(issue.created_on),
317 316 l_datetime(issue.updated_on)
318 317 ]
319 318 for custom_field in @project.all_custom_fields
320 319 fields << (show_value issue.custom_value_for(custom_field))
321 320 end
322 321 csv << fields.collect {|c| ic.iconv(c.to_s) }
323 322 end
324 323 end
325 324 export.rewind
326 325 send_data(export.read, :type => 'text/csv; header=present', :filename => 'export.csv')
327 326 end
328 327
329 328 # Export filtered/sorted issues to PDF
330 329 def export_issues_pdf
331 330 sort_init "#{Issue.table_name}.id", "desc"
332 331 sort_update
333 332
334 333 retrieve_query
335 334 render :action => 'list_issues' and return unless @query.valid?
336 335
337 336 @issues = Issue.find :all, :order => sort_clause,
338 337 :include => [ :author, :status, :tracker, :priority ],
339 338 :conditions => @query.statement,
340 339 :limit => Setting.issues_export_limit
341 340
342 341 @options_for_rfpdf ||= {}
343 342 @options_for_rfpdf[:file_name] = "export.pdf"
344 343 render :layout => false
345 344 end
346 345
347 346 def move_issues
348 347 @issues = @project.issues.find(params[:issue_ids]) if params[:issue_ids]
349 348 redirect_to :action => 'list_issues', :id => @project and return unless @issues
350 349 @projects = []
351 350 # find projects to which the user is allowed to move the issue
352 @logged_in_user.memberships.each {|m| @projects << m.project if Permission.allowed_to_role("projects/move_issues", m.role_id)}
351 @logged_in_user.memberships.each {|m| @projects << m.project if Permission.allowed_to_role("projects/move_issues", m.role)}
353 352 # issue can be moved to any tracker
354 353 @trackers = Tracker.find(:all)
355 354 if request.post? and params[:new_project_id] and params[:new_tracker_id]
356 355 new_project = Project.find(params[:new_project_id])
357 356 new_tracker = Tracker.find(params[:new_tracker_id])
358 357 @issues.each { |i|
359 358 # project dependent properties
360 359 unless i.project_id == new_project.id
361 360 i.category = nil
362 361 i.fixed_version = nil
363 362 end
364 363 # move the issue
365 364 i.project = new_project
366 365 i.tracker = new_tracker
367 366 i.save
368 367 }
369 368 flash[:notice] = l(:notice_successful_update)
370 369 redirect_to :action => 'list_issues', :id => @project
371 370 end
372 371 end
373 372
374 373 def add_query
375 374 @query = Query.new(params[:query])
376 375 @query.project = @project
377 376 @query.user = logged_in_user
378 377
379 378 params[:fields].each do |field|
380 379 @query.add_filter(field, params[:operators][field], params[:values][field])
381 380 end if params[:fields]
382 381
383 382 if request.post? and @query.save
384 383 flash[:notice] = l(:notice_successful_create)
385 384 redirect_to :controller => 'reports', :action => 'issue_report', :id => @project
386 385 end
387 386 render :layout => false if request.xhr?
388 387 end
389 388
390 389 # Add a news to @project
391 390 def add_news
392 391 @news = News.new(:project => @project)
393 392 if request.post?
394 393 @news.attributes = params[:news]
395 394 @news.author_id = self.logged_in_user.id if self.logged_in_user
396 395 if @news.save
397 396 flash[:notice] = l(:notice_successful_create)
398 397 redirect_to :action => 'list_news', :id => @project
399 398 end
400 399 end
401 400 end
402 401
403 402 # Show news list of @project
404 403 def list_news
405 404 @news_pages, @news = paginate :news, :per_page => 10, :conditions => ["project_id=?", @project.id], :include => :author, :order => "#{News.table_name}.created_on DESC"
406 405 render :action => "list_news", :layout => false if request.xhr?
407 406 end
408 407
409 408 def add_file
410 409 if request.post?
411 410 @version = @project.versions.find_by_id(params[:version_id])
412 411 # Save the attachments
413 412 @attachments = []
414 413 params[:attachments].each { |file|
415 414 next unless file.size > 0
416 415 a = Attachment.create(:container => @version, :file => file, :author => logged_in_user)
417 416 @attachments << a unless a.new_record?
418 417 } if params[:attachments] and params[:attachments].is_a? Array
419 418 Mailer.deliver_attachments_add(@attachments) if !@attachments.empty? and Permission.find_by_controller_and_action(params[:controller], params[:action]).mail_enabled?
420 419 redirect_to :controller => 'projects', :action => 'list_files', :id => @project
421 420 end
422 421 @versions = @project.versions
423 422 end
424 423
425 424 def list_files
426 425 @versions = @project.versions
427 426 end
428 427
429 428 # Show changelog for @project
430 429 def changelog
431 430 @trackers = Tracker.find(:all, :conditions => ["is_in_chlog=?", true], :order => 'position')
432 431 retrieve_selected_tracker_ids(@trackers)
433 432
434 433 @fixed_issues = @project.issues.find(:all,
435 434 :include => [ :fixed_version, :status, :tracker ],
436 435 :conditions => [ "#{IssueStatus.table_name}.is_closed=? and #{Issue.table_name}.tracker_id in (#{@selected_tracker_ids.join(',')}) and #{Issue.table_name}.fixed_version_id is not null", true],
437 436 :order => "#{Version.table_name}.effective_date DESC, #{Issue.table_name}.id DESC"
438 437 ) unless @selected_tracker_ids.empty?
439 438 @fixed_issues ||= []
440 439 end
441 440
442 441 def roadmap
443 442 @trackers = Tracker.find(:all, :conditions => ["is_in_roadmap=?", true], :order => 'position')
444 443 retrieve_selected_tracker_ids(@trackers)
445 444
446 445 @versions = @project.versions.find(:all,
447 446 :conditions => [ "#{Version.table_name}.effective_date>?", Date.today],
448 447 :order => "#{Version.table_name}.effective_date ASC"
449 448 )
450 449 end
451 450
452 451 def activity
453 452 if params[:year] and params[:year].to_i > 1900
454 453 @year = params[:year].to_i
455 454 if params[:month] and params[:month].to_i > 0 and params[:month].to_i < 13
456 455 @month = params[:month].to_i
457 456 end
458 457 end
459 458 @year ||= Date.today.year
460 459 @month ||= Date.today.month
461 460
462 461 @date_from = Date.civil(@year, @month, 1)
463 462 @date_to = (@date_from >> 1)-1
464 463
465 464 @events_by_day = {}
466 465
467 466 unless params[:show_issues] == "0"
468 467 @project.issues.find(:all, :include => [:author, :status], :conditions => ["#{Issue.table_name}.created_on>=? and #{Issue.table_name}.created_on<=?", @date_from, @date_to] ).each { |i|
469 468 @events_by_day[i.created_on.to_date] ||= []
470 469 @events_by_day[i.created_on.to_date] << i
471 470 }
472 471 @show_issues = 1
473 472 end
474 473
475 474 unless params[:show_news] == "0"
476 475 @project.news.find(:all, :conditions => ["#{News.table_name}.created_on>=? and #{News.table_name}.created_on<=?", @date_from, @date_to], :include => :author ).each { |i|
477 476 @events_by_day[i.created_on.to_date] ||= []
478 477 @events_by_day[i.created_on.to_date] << i
479 478 }
480 479 @show_news = 1
481 480 end
482 481
483 482 unless params[:show_files] == "0"
484 483 Attachment.find(:all, :select => "#{Attachment.table_name}.*", :joins => "LEFT JOIN #{Version.table_name} ON #{Version.table_name}.id = #{Attachment.table_name}.container_id", :conditions => ["#{Attachment.table_name}.container_type='Version' and #{Version.table_name}.project_id=? and #{Attachment.table_name}.created_on>=? and #{Attachment.table_name}.created_on<=?", @project.id, @date_from, @date_to], :include => :author ).each { |i|
485 484 @events_by_day[i.created_on.to_date] ||= []
486 485 @events_by_day[i.created_on.to_date] << i
487 486 }
488 487 @show_files = 1
489 488 end
490 489
491 490 unless params[:show_documents] == "0"
492 491 @project.documents.find(:all, :conditions => ["#{Document.table_name}.created_on>=? and #{Document.table_name}.created_on<=?", @date_from, @date_to] ).each { |i|
493 492 @events_by_day[i.created_on.to_date] ||= []
494 493 @events_by_day[i.created_on.to_date] << i
495 494 }
496 495 Attachment.find(:all, :select => "attachments.*", :joins => "LEFT JOIN #{Document.table_name} ON #{Document.table_name}.id = #{Attachment.table_name}.container_id", :conditions => ["#{Attachment.table_name}.container_type='Document' and #{Document.table_name}.project_id=? and #{Attachment.table_name}.created_on>=? and #{Attachment.table_name}.created_on<=?", @project.id, @date_from, @date_to], :include => :author ).each { |i|
497 496 @events_by_day[i.created_on.to_date] ||= []
498 497 @events_by_day[i.created_on.to_date] << i
499 498 }
500 499 @show_documents = 1
501 500 end
502 501
503 502 unless params[:show_wiki_edits] == "0"
504 503 select = "#{WikiContent.versioned_table_name}.updated_on, #{WikiContent.versioned_table_name}.comment, " +
505 504 "#{WikiContent.versioned_table_name}.#{WikiContent.version_column}, #{WikiPage.table_name}.title"
506 505 joins = "LEFT JOIN #{WikiPage.table_name} ON #{WikiPage.table_name}.id = #{WikiContent.versioned_table_name}.page_id " +
507 506 "LEFT JOIN #{Wiki.table_name} ON #{Wiki.table_name}.id = #{WikiPage.table_name}.wiki_id "
508 507 conditions = ["#{Wiki.table_name}.project_id = ? AND #{WikiContent.versioned_table_name}.updated_on BETWEEN ? AND ?",
509 508 @project.id, @date_from, @date_to]
510 509
511 510 WikiContent.versioned_class.find(:all, :select => select, :joins => joins, :conditions => conditions).each { |i|
512 511 # We provide this alias so all events can be treated in the same manner
513 512 def i.created_on
514 513 self.updated_on
515 514 end
516 515
517 516 @events_by_day[i.created_on.to_date] ||= []
518 517 @events_by_day[i.created_on.to_date] << i
519 518 }
520 519 @show_wiki_edits = 1
521 520 end
522 521
523 522 unless @project.repository.nil? || params[:show_changesets] == "0"
524 523 @project.repository.changesets.find(:all, :conditions => ["#{Changeset.table_name}.committed_on BETWEEN ? AND ?", @date_from, @date_to]).each { |i|
525 524 def i.created_on
526 525 self.committed_on
527 526 end
528 527 @events_by_day[i.created_on.to_date] ||= []
529 528 @events_by_day[i.created_on.to_date] << i
530 529 }
531 530 @show_changesets = 1
532 531 end
533 532
534 533 render :layout => false if request.xhr?
535 534 end
536 535
537 536 def calendar
538 537 @trackers = Tracker.find(:all, :order => 'position')
539 538 retrieve_selected_tracker_ids(@trackers)
540 539
541 540 if params[:year] and params[:year].to_i > 1900
542 541 @year = params[:year].to_i
543 542 if params[:month] and params[:month].to_i > 0 and params[:month].to_i < 13
544 543 @month = params[:month].to_i
545 544 end
546 545 end
547 546 @year ||= Date.today.year
548 547 @month ||= Date.today.month
549 548
550 549 @date_from = Date.civil(@year, @month, 1)
551 550 @date_to = (@date_from >> 1)-1
552 551 # start on monday
553 552 @date_from = @date_from - (@date_from.cwday-1)
554 553 # finish on sunday
555 554 @date_to = @date_to + (7-@date_to.cwday)
556 555
557 556 @project.issues_with_subprojects(params[:with_subprojects]) do
558 557 @issues = Issue.find(:all,
559 558 :include => [:tracker, :status, :assigned_to, :priority],
560 559 :conditions => ["((start_date>=? and start_date<=?) or (due_date>=? and due_date<=?)) and #{Issue.table_name}.tracker_id in (#{@selected_tracker_ids.join(',')})", @date_from, @date_to, @date_from, @date_to]
561 560 ) unless @selected_tracker_ids.empty?
562 561 end
563 562 @issues ||=[]
564 563
565 564 @ending_issues_by_days = @issues.group_by {|issue| issue.due_date}
566 565 @starting_issues_by_days = @issues.group_by {|issue| issue.start_date}
567 566
568 567 render :layout => false if request.xhr?
569 568 end
570 569
571 570 def gantt
572 571 @trackers = Tracker.find(:all, :order => 'position')
573 572 retrieve_selected_tracker_ids(@trackers)
574 573
575 574 if params[:year] and params[:year].to_i >0
576 575 @year_from = params[:year].to_i
577 576 if params[:month] and params[:month].to_i >=1 and params[:month].to_i <= 12
578 577 @month_from = params[:month].to_i
579 578 else
580 579 @month_from = 1
581 580 end
582 581 else
583 582 @month_from ||= (Date.today << 1).month
584 583 @year_from ||= (Date.today << 1).year
585 584 end
586 585
587 586 @zoom = (params[:zoom].to_i > 0 and params[:zoom].to_i < 5) ? params[:zoom].to_i : 2
588 587 @months = (params[:months].to_i > 0 and params[:months].to_i < 25) ? params[:months].to_i : 6
589 588
590 589 @date_from = Date.civil(@year_from, @month_from, 1)
591 590 @date_to = (@date_from >> @months) - 1
592 591
593 592 @project.issues_with_subprojects(params[:with_subprojects]) do
594 593 @issues = Issue.find(:all,
595 594 :order => "start_date, due_date",
596 595 :include => [:tracker, :status, :assigned_to, :priority],
597 596 :conditions => ["(((start_date>=? and start_date<=?) or (due_date>=? and due_date<=?) or (start_date<? and due_date>?)) and start_date is not null and due_date is not null and #{Issue.table_name}.tracker_id in (#{@selected_tracker_ids.join(',')}))", @date_from, @date_to, @date_from, @date_to, @date_from, @date_to]
598 597 ) unless @selected_tracker_ids.empty?
599 598 end
600 599 @issues ||=[]
601 600
602 601 if params[:output]=='pdf'
603 602 @options_for_rfpdf ||= {}
604 603 @options_for_rfpdf[:file_name] = "gantt.pdf"
605 604 render :template => "projects/gantt.rfpdf", :layout => false
606 605 else
607 606 render :template => "projects/gantt.rhtml"
608 607 end
609 608 end
610 609
611 610 def search
612 611 @question = params[:q] || ""
613 612 @question.strip!
614 613 @all_words = params[:all_words] || (params[:submit] ? false : true)
615 614 @scope = params[:scope] || (params[:submit] ? [] : %w(issues changesets news documents wiki) )
616 615 # tokens must be at least 3 character long
617 616 @tokens = @question.split.uniq.select {|w| w.length > 2 }
618 617 if !@tokens.empty?
619 618 # no more than 5 tokens to search for
620 619 @tokens.slice! 5..-1 if @tokens.size > 5
621 620 # strings used in sql like statement
622 621 like_tokens = @tokens.collect {|w| "%#{w}%"}
623 622 operator = @all_words ? " AND " : " OR "
624 623 limit = 10
625 624 @results = []
626 625 @results += @project.issues.find(:all, :limit => limit, :include => :author, :conditions => [ (["(LOWER(subject) like ? OR LOWER(description) like ?)"] * like_tokens.size).join(operator), * (like_tokens * 2).sort] ) if @scope.include? 'issues'
627 626 @results += @project.news.find(:all, :limit => limit, :conditions => [ (["(LOWER(title) like ? OR LOWER(description) like ?)"] * like_tokens.size).join(operator), * (like_tokens * 2).sort], :include => :author ) if @scope.include? 'news'
628 627 @results += @project.documents.find(:all, :limit => limit, :conditions => [ (["(LOWER(title) like ? OR LOWER(description) like ?)"] * like_tokens.size).join(operator), * (like_tokens * 2).sort] ) if @scope.include? 'documents'
629 628 @results += @project.wiki.pages.find(:all, :limit => limit, :include => :content, :conditions => [ (["(LOWER(title) like ? OR LOWER(text) like ?)"] * like_tokens.size).join(operator), * (like_tokens * 2).sort] ) if @project.wiki && @scope.include?('wiki')
630 629 @results += @project.repository.changesets.find(:all, :limit => limit, :conditions => [ (["(LOWER(comment) like ?)"] * like_tokens.size).join(operator), * (like_tokens).sort] ) if @project.repository && @scope.include?('changesets')
631 630 @question = @tokens.join(" ")
632 631 else
633 632 @question = ""
634 633 end
635 634 end
636 635
637 636 def feeds
638 637 @queries = @project.queries.find :all, :conditions => ["is_public=? or user_id=?", true, (logged_in_user ? logged_in_user.id : 0)]
639 638 @key = logged_in_user.get_or_create_rss_key.value if logged_in_user
640 639 end
641 640
642 641 private
643 642 # Find project of id params[:id]
644 643 # if not found, redirect to project list
645 644 # Used as a before_filter
646 645 def find_project
647 646 @project = Project.find(params[:id])
648 647 @html_title = @project.name
649 648 rescue ActiveRecord::RecordNotFound
650 649 render_404
651 650 end
652 651
653 652 def retrieve_selected_tracker_ids(selectable_trackers)
654 653 if ids = params[:tracker_ids]
655 654 @selected_tracker_ids = (ids.is_a? Array) ? ids.collect { |id| id.to_i.to_s } : ids.split('/').collect { |id| id.to_i.to_s }
656 655 else
657 656 @selected_tracker_ids = selectable_trackers.collect {|t| t.id.to_s }
658 657 end
659 658 end
660 659
661 660 # Retrieve query from session or build a new query
662 661 def retrieve_query
663 662 if params[:query_id]
664 663 @query = @project.queries.find(params[:query_id])
665 664 session[:query] = @query
666 665 else
667 666 if params[:set_filter] or !session[:query] or session[:query].project_id != @project.id
668 667 # Give it a name, required to be valid
669 668 @query = Query.new(:name => "_")
670 669 @query.project = @project
671 670 if params[:fields] and params[:fields].is_a? Array
672 671 params[:fields].each do |field|
673 672 @query.add_filter(field, params[:operators][field], params[:values][field])
674 673 end
675 674 else
676 675 @query.available_filters.keys.each do |field|
677 676 @query.add_short_filter(field, params[field]) if params[field]
678 677 end
679 678 end
680 679 session[:query] = @query
681 680 else
682 681 @query = session[:query]
683 682 end
684 683 end
685 684 end
686 685 end
Show file before | Show file after | Hide comments
@@ -1,230 +1,230
1 1 # redMine - project management software
2 2 # Copyright (C) 2006-2007 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 module ApplicationHelper
19 19
20 20 # Return current logged in user or nil
21 21 def loggedin?
22 22 @logged_in_user
23 23 end
24 24
25 25 # Return true if user is logged in and is admin, otherwise false
26 26 def admin_loggedin?
27 27 @logged_in_user and @logged_in_user.admin?
28 28 end
29 29
30 30 # Return true if user is authorized for controller/action, otherwise false
31 31 def authorize_for(controller, action)
32 32 # check if action is allowed on public projects
33 33 if @project.is_public? and Permission.allowed_to_public "%s/%s" % [ controller, action ]
34 34 return true
35 35 end
36 36 # check if user is authorized
37 if @logged_in_user and (@logged_in_user.admin? or Permission.allowed_to_role( "%s/%s" % [ controller, action ], @logged_in_user.role_for_project(@project.id) ) )
37 if @logged_in_user and (@logged_in_user.admin? or Permission.allowed_to_role( "%s/%s" % [ controller, action ], @logged_in_user.role_for_project(@project) ) )
38 38 return true
39 39 end
40 40 return false
41 41 end
42 42
43 43 # Display a link if user is authorized
44 44 def link_to_if_authorized(name, options = {}, html_options = nil, *parameters_for_method_reference)
45 45 link_to(name, options, html_options, *parameters_for_method_reference) if authorize_for(options[:controller], options[:action])
46 46 end
47 47
48 48 # Display a link to user's account page
49 49 def link_to_user(user)
50 50 link_to user.display_name, :controller => 'account', :action => 'show', :id => user
51 51 end
52 52
53 53 def image_to_function(name, function, html_options = {})
54 54 html_options.symbolize_keys!
55 55 tag(:input, html_options.merge({
56 56 :type => "image", :src => image_path(name),
57 57 :onclick => (html_options[:onclick] ? "#{html_options[:onclick]}; " : "") + "#{function};"
58 58 }))
59 59 end
60 60
61 61 def format_date(date)
62 62 l_date(date) if date
63 63 end
64 64
65 65 def format_time(time)
66 66 l_datetime((time.is_a? String) ? time.to_time : time) if time
67 67 end
68 68
69 69 def day_name(day)
70 70 l(:general_day_names).split(',')[day-1]
71 71 end
72 72
73 73 def month_name(month)
74 74 l(:actionview_datehelper_select_month_names).split(',')[month-1]
75 75 end
76 76
77 77 def pagination_links_full(paginator, options={}, html_options={})
78 78 html = ''
79 79 html << link_to_remote(('&#171; ' + l(:label_previous)),
80 80 {:update => "content", :url => options.merge(:page => paginator.current.previous)},
81 81 {:href => url_for(:params => options.merge(:page => paginator.current.previous))}) + ' ' if paginator.current.previous
82 82
83 83 html << (pagination_links_each(paginator, options) do |n|
84 84 link_to_remote(n.to_s,
85 85 {:url => {:action => 'list', :params => options.merge(:page => n)}, :update => 'content'},
86 86 {:href => url_for(:params => options.merge(:page => n))})
87 87 end || '')
88 88
89 89 html << ' ' + link_to_remote((l(:label_next) + ' &#187;'),
90 90 {:update => "content", :url => options.merge(:page => paginator.current.next)},
91 91 {:href => url_for(:params => options.merge(:page => paginator.current.next))}) if paginator.current.next
92 92 html
93 93 end
94 94
95 95 # textilize text according to system settings and RedCloth availability
96 96 def textilizable(text, options = {})
97 97 # different methods for formatting wiki links
98 98 case options[:wiki_links]
99 99 when :local
100 100 # used for local links to html files
101 101 format_wiki_link = Proc.new {|title| "#{title}.html" }
102 102 when :anchor
103 103 # used for single-file wiki export
104 104 format_wiki_link = Proc.new {|title| "##{title}" }
105 105 else
106 106 if @project
107 107 format_wiki_link = Proc.new {|title| url_for :controller => 'wiki', :action => 'index', :id => @project, :page => title }
108 108 else
109 109 format_wiki_link = Proc.new {|title| title }
110 110 end
111 111 end
112 112
113 113 # turn wiki links into textile links:
114 114 # example:
115 115 # [[link]] -> "link":link
116 116 # [[link|title]] -> "title":link
117 117 text = text.gsub(/\[\[([^\]\|]+)(\|([^\]\|]+))?\]\]/) {|m| "\"#{$3 || $1}\":" + format_wiki_link.call(Wiki.titleize($1)) }
118 118
119 119 # turn issue ids to textile links
120 120 # example:
121 121 # #52 -> "#52":/issues/show/52
122 122 text = text.gsub(/#(\d+)(?=\b)/) {|m| "\"##{$1}\":" + url_for(:controller => 'issues', :action => 'show', :id => $1) }
123 123
124 124 # turn revision ids to textile links (@project needed)
125 125 # example:
126 126 # r52 -> "r52":/repositories/revision/6?rev=52 (@project.id is 6)
127 127 text = text.gsub(/r(\d+)(?=\b)/) {|m| "\"r#{$1}\":" + url_for(:controller => 'repositories', :action => 'revision', :id => @project.id, :rev => $1) } if @project
128 128
129 129 # finally textilize text
130 130 @do_textilize ||= (Setting.text_formatting == 'textile') && (ActionView::Helpers::TextHelper.method_defined? "textilize")
131 131 text = @do_textilize ? auto_link(RedCloth.new(text).to_html) : simple_format(auto_link(h(text)))
132 132 end
133 133
134 134 def error_messages_for(object_name, options = {})
135 135 options = options.symbolize_keys
136 136 object = instance_variable_get("@#{object_name}")
137 137 if object && !object.errors.empty?
138 138 # build full_messages here with controller current language
139 139 full_messages = []
140 140 object.errors.each do |attr, msg|
141 141 next if msg.nil?
142 142 msg = msg.first if msg.is_a? Array
143 143 if attr == "base"
144 144 full_messages << l(msg)
145 145 else
146 146 full_messages << "&#171; " + (l_has_string?("field_" + attr) ? l("field_" + attr) : object.class.human_attribute_name(attr)) + " &#187; " + l(msg) unless attr == "custom_values"
147 147 end
148 148 end
149 149 # retrieve custom values error messages
150 150 if object.errors[:custom_values]
151 151 object.custom_values.each do |v|
152 152 v.errors.each do |attr, msg|
153 153 next if msg.nil?
154 154 msg = msg.first if msg.is_a? Array
155 155 full_messages << "&#171; " + v.custom_field.name + " &#187; " + l(msg)
156 156 end
157 157 end
158 158 end
159 159 content_tag("div",
160 160 content_tag(
161 161 options[:header_tag] || "h2", lwr(:gui_validation_error, full_messages.length) + " :"
162 162 ) +
163 163 content_tag("ul", full_messages.collect { |msg| content_tag("li", msg) }),
164 164 "id" => options[:id] || "errorExplanation", "class" => options[:class] || "errorExplanation"
165 165 )
166 166 else
167 167 ""
168 168 end
169 169 end
170 170
171 171 def lang_options_for_select(blank=true)
172 172 (blank ? [["(auto)", ""]] : []) +
173 173 (GLoc.valid_languages.sort {|x,y| x.to_s <=> y.to_s }).collect {|lang| [ l_lang_name(lang.to_s, lang), lang.to_s]}
174 174 end
175 175
176 176 def label_tag_for(name, option_tags = nil, options = {})
177 177 label_text = l(("field_"+field.to_s.gsub(/\_id$/, "")).to_sym) + (options.delete(:required) ? @template.content_tag("span", " *", :class => "required"): "")
178 178 content_tag("label", label_text)
179 179 end
180 180
181 181 def labelled_tabular_form_for(name, object, options, &proc)
182 182 options[:html] ||= {}
183 183 options[:html].store :class, "tabular"
184 184 form_for(name, object, options.merge({ :builder => TabularFormBuilder, :lang => current_language}), &proc)
185 185 end
186 186
187 187 def check_all_links(form_name)
188 188 link_to_function(l(:button_check_all), "checkAll('#{form_name}', true)") +
189 189 " | " +
190 190 link_to_function(l(:button_uncheck_all), "checkAll('#{form_name}', false)")
191 191 end
192 192
193 193 def calendar_for(field_id)
194 194 image_tag("calendar.png", {:id => "#{field_id}_trigger",:class => "calendar-trigger"}) +
195 195 javascript_tag("Calendar.setup({inputField : '#{field_id}', ifFormat : '%Y-%m-%d', button : '#{field_id}_trigger' });")
196 196 end
197 197 end
198 198
199 199 class TabularFormBuilder < ActionView::Helpers::FormBuilder
200 200 include GLoc
201 201
202 202 def initialize(object_name, object, template, options, proc)
203 203 set_language_if_valid options.delete(:lang)
204 204 @object_name, @object, @template, @options, @proc = object_name, object, template, options, proc
205 205 end
206 206
207 207 (field_helpers - %w(radio_button hidden_field) + %w(date_select)).each do |selector|
208 208 src = <<-END_SRC
209 209 def #{selector}(field, options = {})
210 210 return super if options.delete :no_label
211 211 label_text = l(("field_"+field.to_s.gsub(/\_id$/, "")).to_sym) + (options.delete(:required) ? @template.content_tag("span", " *", :class => "required"): "")
212 212 label = @template.content_tag("label", label_text,
213 213 :class => (@object && @object.errors[field] ? "error" : nil),
214 214 :for => (@object_name.to_s + "_" + field.to_s))
215 215 label + super
216 216 end
217 217 END_SRC
218 218 class_eval src, __FILE__, __LINE__
219 219 end
220 220
221 221 def select(field, choices, options = {}, html_options = {})
222 222 label_text = l(("field_"+field.to_s.gsub(/\_id$/, "")).to_sym) + (options.delete(:required) ? @template.content_tag("span", " *", :class => "required"): "")
223 223 label = @template.content_tag("label", label_text,
224 224 :class => (@object && @object.errors[field] ? "error" : nil),
225 225 :for => (@object_name.to_s + "_" + field.to_s))
226 226 label + super
227 227 end
228 228
229 229 end
230 230
Show file before | Show file after | Hide comments
@@ -1,51 +1,58
1 1 # redMine - project management software
2 2 # Copyright (C) 2006 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 class IssueStatus < ActiveRecord::Base
19 19 before_destroy :check_integrity
20 20 has_many :workflows, :foreign_key => "old_status_id"
21 21 acts_as_list
22 22
23 23 validates_presence_of :name
24 24 validates_uniqueness_of :name
25 25 validates_format_of :name, :with => /^[\w\s\'\-]*$/i
26 26 validates_length_of :html_color, :is => 6
27 27 validates_format_of :html_color, :with => /^[a-f0-9]*$/i
28 28
29 29 def before_save
30 30 IssueStatus.update_all "is_default=#{connection.quoted_false}" if self.is_default?
31 31 end
32 32
33 33 # Returns the default status for new issues
34 34 def self.default
35 35 find(:first, :conditions =>["is_default=?", true])
36 36 end
37 37
38 38 # Returns an array of all statuses the given role can switch to
39 # Uses association cache when called more than one time
39 40 def new_statuses_allowed_to(role, tracker)
40 statuses = []
41 for workflow in self.workflows
42 statuses << workflow.new_status if workflow.role_id == role.id and workflow.tracker_id == tracker.id
43 end unless role.nil? or tracker.nil?
44 statuses
41 new_statuses = [self] + workflows.select {|w| w.role_id == role.id && w.tracker_id == tracker.id}.collect{|w| w.new_status}
42 new_statuses.sort{|x, y| x.position <=> y.position }
43 end
44
45 # Same thing as above but uses a database query
46 # More efficient than the previous method if called just once
47 def find_new_statuses_allowed_to(role, tracker)
48 new_statuses = [self] + workflows.find(:all,
49 :include => :new_status,
50 :conditions => ["role_id=? and tracker_id=?", role.id, tracker.id]).collect{ |w| w.new_status }
51 new_statuses.sort{|x, y| x.position <=> y.position }
45 52 end
46 53
47 54 private
48 55 def check_integrity
49 56 raise "Can't delete status" if Issue.find(:first, :conditions => ["status_id=?", self.id])
50 57 end
51 58 end
Show file before | Show file after | Hide comments
@@ -1,66 +1,66
1 1 # redMine - project management software
2 2 # Copyright (C) 2006 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 class Permission < ActiveRecord::Base
19 19 has_and_belongs_to_many :roles
20 20
21 21 validates_presence_of :controller, :action, :description
22 22
23 23 GROUPS = {
24 24 100 => :label_project,
25 25 200 => :label_member_plural,
26 26 300 => :label_version_plural,
27 27 400 => :label_issue_category_plural,
28 28 600 => :label_query_plural,
29 29 1000 => :label_issue_plural,
30 30 1100 => :label_news_plural,
31 31 1200 => :label_document_plural,
32 32 1300 => :label_attachment_plural,
33 33 1400 => :label_repository,
34 34 1500 => :label_time_tracking
35 35 }.freeze
36 36
37 37 @@cached_perms_for_public = nil
38 38 @@cached_perms_for_roles = nil
39 39
40 40 def name
41 41 self.controller + "/" + self.action
42 42 end
43 43
44 44 def group_id
45 45 (self.sort / 100)*100
46 46 end
47 47
48 48 def self.allowed_to_public(action)
49 49 @@cached_perms_for_public ||= find(:all, :conditions => ["is_public=?", true]).collect {|p| "#{p.controller}/#{p.action}"}
50 50 @@cached_perms_for_public.include? action
51 51 end
52 52
53 53 def self.allowed_to_role(action, role)
54 54 @@cached_perms_for_roles ||=
55 55 begin
56 56 perms = {}
57 57 find(:all, :include => :roles).each {|p| perms.store "#{p.controller}/#{p.action}", p.roles.collect {|r| r.id } }
58 58 perms
59 59 end
60 allowed_to_public(action) or (@@cached_perms_for_roles[action] and @@cached_perms_for_roles[action].include? role)
60 allowed_to_public(action) or (role && @@cached_perms_for_roles[action] && @@cached_perms_for_roles[action].include?(role.id))
61 61 end
62 62
63 63 def self.allowed_to_role_expired
64 64 @@cached_perms_for_roles = nil
65 65 end
66 66 end
Show file before | Show file after | Hide comments
@@ -1,155 +1,149
1 1 # redMine - project management software
2 2 # Copyright (C) 2006-2007 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 require "digest/sha1"
19 19
20 20 class User < ActiveRecord::Base
21 21 has_many :memberships, :class_name => 'Member', :include => [ :project, :role ], :dependent => :delete_all
22 22 has_many :projects, :through => :memberships
23 23 has_many :custom_values, :dependent => :delete_all, :as => :customized
24 24 has_one :preference, :dependent => :destroy, :class_name => 'UserPreference'
25 25 has_one :rss_key, :dependent => :destroy, :class_name => 'Token', :conditions => "action='feeds'"
26 26 belongs_to :auth_source
27 27
28 28 attr_accessor :password, :password_confirmation
29 29 attr_accessor :last_before_login_on
30 30 # Prevents unauthorized assignments
31 31 attr_protected :login, :admin, :password, :password_confirmation, :hashed_password
32 32
33 33 validates_presence_of :login, :firstname, :lastname, :mail
34 34 validates_uniqueness_of :login, :mail
35 35 # Login must contain lettres, numbers, underscores only
36 36 validates_format_of :login, :with => /^[a-z0-9_\-@\.]+$/i
37 37 validates_length_of :login, :maximum => 30
38 38 validates_format_of :firstname, :lastname, :with => /^[\w\s\'\-]*$/i
39 39 validates_length_of :firstname, :lastname, :maximum => 30
40 40 validates_format_of :mail, :with => /^([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})$/i
41 41 validates_length_of :mail, :maximum => 60
42 42 # Password length between 4 and 12
43 43 validates_length_of :password, :in => 4..12, :allow_nil => true
44 44 validates_confirmation_of :password, :allow_nil => true
45 45 validates_associated :custom_values, :on => :update
46 46
47 47 # Account statuses
48 48 STATUS_ACTIVE = 1
49 49 STATUS_REGISTERED = 2
50 50 STATUS_LOCKED = 3
51 51
52 52 def before_save
53 53 # update hashed_password if password was set
54 54 self.hashed_password = User.hash_password(self.password) if self.password
55 55 end
56 56
57 57 def self.active
58 58 with_scope :find => { :conditions => [ "status = ?", STATUS_ACTIVE ] } do
59 59 yield
60 60 end
61 61 end
62 62
63 63 def self.find_active(*args)
64 64 active do
65 65 find(*args)
66 66 end
67 67 end
68 68
69 69 # Returns the user that matches provided login and password, or nil
70 70 def self.try_to_login(login, password)
71 71 user = find(:first, :conditions => ["login=?", login])
72 72 if user
73 73 # user is already in local database
74 74 return nil if !user.active?
75 75 if user.auth_source
76 76 # user has an external authentication method
77 77 return nil unless user.auth_source.authenticate(login, password)
78 78 else
79 79 # authentication with local password
80 80 return nil unless User.hash_password(password) == user.hashed_password
81 81 end
82 82 else
83 83 # user is not yet registered, try to authenticate with available sources
84 84 attrs = AuthSource.authenticate(login, password)
85 85 if attrs
86 86 onthefly = new(*attrs)
87 87 onthefly.login = login
88 88 onthefly.language = Setting.default_language
89 89 if onthefly.save
90 90 user = find(:first, :conditions => ["login=?", login])
91 91 logger.info("User '#{user.login}' created on the fly.") if logger
92 92 end
93 93 end
94 94 end
95 95 user.update_attribute(:last_login_on, Time.now) if user
96 96 user
97 97
98 98 rescue => text
99 99 raise text
100 100 end
101 101
102 102 # Return user's full name for display
103 103 def display_name
104 104 firstname + " " + lastname
105 105 end
106 106
107 107 def name
108 108 display_name
109 109 end
110 110
111 111 def active?
112 112 self.status == STATUS_ACTIVE
113 113 end
114 114
115 115 def registered?
116 116 self.status == STATUS_REGISTERED
117 117 end
118 118
119 119 def locked?
120 120 self.status == STATUS_LOCKED
121 121 end
122 122
123 123 def check_password?(clear_password)
124 124 User.hash_password(clear_password) == self.hashed_password
125 125 end
126 126
127 def role_for_project(project_id)
128 @role_for_projects ||=
129 begin
130 roles = {}
131 self.memberships.each { |m| roles.store m.project_id, m.role_id }
132 roles
133 end
134 @role_for_projects[project_id]
127 def role_for_project(project)
128 memberships.detect {|m| m.project_id == project.id}
135 129 end
136 130
137 131 def pref
138 132 self.preference ||= UserPreference.new(:user => self)
139 133 end
140 134
141 135 def get_or_create_rss_key
142 136 self.rss_key || Token.create(:user => self, :action => 'feeds')
143 137 end
144 138
145 139 def self.find_by_rss_key(key)
146 140 token = Token.find_by_value(key)
147 141 token && token.user.active? ? token.user : nil
148 142 end
149 143
150 144 private
151 145 # Return password digest
152 146 def self.hash_password(clear_password)
153 147 Digest::SHA1.hexdigest(clear_password || "")
154 148 end
155 149 end
General Comments 0
You need to be logged in to leave comments. Login now