end
end
- # Return true if this project is allowed to do the specified action.
+ # Return true if this project allows to do the specified action.
# action can be:
# * a parameter-like Hash (eg. :controller => 'projects', :action => 'edit')
# * a permission Symbol (eg. :edit_project)
def allows_to?(action)
+ if archived?
+ # No action allowed on archived projects
+ return false
+ end
+ unless active? || Redmine::AccessControl.read_action?(action)
+ # No write action allowed on closed projects
+ return false
+ end
+ # No action allowed on disabled modules
if action.is_a? Hash
allowed_actions.include? "#{action[:controller]}/#{action[:action]}"
else
# or falls back to Non Member / Anonymous permissions depending if the user is logged
def allowed_to?(action, context, options={}, &block)
if context && context.is_a?(Project)
- # No action allowed on archived projects
- return false if context.archived?
- # No action allowed on disabled modules
return false unless context.allows_to?(action)
- # No write action allowed on closed projects
- return false unless context.active? || Redmine::AccessControl.read_action?(action)
# Admin users are authorized for anything else
return true if admin?