validates_uniqueness_of :scmid, :scope => :repository_id, :allow_nil => true
named_scope :visible, lambda {|*args| { :include => {:repository => :project},
- :conditions => Project.allowed_to_condition(args.first || User.current, :view_changesets) } }
+ :conditions => Project.allowed_to_condition(args.shift || User.current, :view_changesets, *args) } }
def revision=(r)
write_attribute :revision, (r.nil? ? nil : r.to_s)
validates_length_of :title, :maximum => 60
named_scope :visible, lambda {|*args| { :include => :project,
- :conditions => Project.allowed_to_condition(args.first || User.current, :view_documents) } }
+ :conditions => Project.allowed_to_condition(args.shift || User.current, :view_documents, *args) } }
def visible?(user=User.current)
!user.nil? && user.allowed_to?(:view_documents, project)
validates_numericality_of :estimated_hours, :allow_nil => true
named_scope :visible, lambda {|*args| { :include => :project,
- :conditions => Issue.visible_condition(args.first || User.current) } }
+ :conditions => Issue.visible_condition(args.shift || User.current, *args) } }
named_scope :open, :conditions => ["#{IssueStatus.table_name}.is_closed = ?", false], :include => :status
named_scope :visible, lambda {|*args| {
:include => {:issue => :project},
- :conditions => Issue.visible_condition(args.first || User.current)
+ :conditions => Issue.visible_condition(args.shift || User.current, *args)
}}
def save(*args)
acts_as_searchable :columns => ['subject', 'content'],
:include => {:board => :project},
- :project_key => 'project_id',
+ :project_key => "#{Board.table_name}.project_id",
:date_column => "#{table_name}.created_on"
acts_as_event :title => Proc.new {|o| "#{o.board.name}: #{o.subject}"},
:description => :content,
after_create :add_author_as_watcher
named_scope :visible, lambda {|*args| { :include => {:board => :project},
- :conditions => Project.allowed_to_condition(args.first || User.current, :view_messages) } }
+ :conditions => Project.allowed_to_condition(args.shift || User.current, :view_messages, *args) } }
def visible?(user=User.current)
!user.nil? && user.allowed_to?(:view_messages, project)
named_scope :visible, lambda {|*args| {
:include => :project,
- :conditions => Project.allowed_to_condition(args.first || User.current, :view_news)
+ :conditions => Project.allowed_to_condition(args.shift || User.current, :view_news, *args)
}}
def visible?(user=User.current)
named_scope :has_module, lambda { |mod| { :conditions => ["#{Project.table_name}.id IN (SELECT em.project_id FROM #{EnabledModule.table_name} em WHERE em.name=?)", mod.to_s] } }
named_scope :active, { :conditions => "#{Project.table_name}.status = #{STATUS_ACTIVE}"}
named_scope :all_public, { :conditions => { :is_public => true } }
- named_scope :visible, lambda { { :conditions => Project.visible_by(User.current) } }
+ named_scope :visible, lambda {|*args| {:conditions => Project.visible_condition(args.shift || User.current, *args) }}
def initialize(attributes = nil)
super
# returns latest created projects
# non public projects will be returned only if user is a member of those
def self.latest(user=nil, count=5)
- find(:all, :limit => count, :conditions => visible_by(user), :order => "created_on DESC")
+ visible(user).find(:all, :limit => count, :order => "created_on DESC")
end
- # Returns a SQL :conditions string used to find all active projects for the specified user.
+ def self.visible_by(user=nil)
+ ActiveSupport::Deprecation.warn "Project.visible_by is deprecated and will be removed in Redmine 1.3.0. Use Project.visible_condition instead."
+ visible_condition(user || User.current)
+ end
+
+ # Returns a SQL conditions string used to find all projects visible by the specified user.
#
# Examples:
- # Projects.visible_by(admin) => "projects.status = 1"
- # Projects.visible_by(normal_user) => "projects.status = 1 AND projects.is_public = 1"
- def self.visible_by(user=nil)
- user ||= User.current
- if user && user.admin?
- return "#{Project.table_name}.status=#{Project::STATUS_ACTIVE}"
- elsif user && user.memberships.any?
- return "#{Project.table_name}.status=#{Project::STATUS_ACTIVE} AND (#{Project.table_name}.is_public = #{connection.quoted_true} or #{Project.table_name}.id IN (#{user.memberships.collect{|m| m.project_id}.join(',')}))"
- else
- return "#{Project.table_name}.status=#{Project::STATUS_ACTIVE} AND #{Project.table_name}.is_public = #{connection.quoted_true}"
- end
+ # Project.visible_condition(admin) => "projects.status = 1"
+ # Project.visible_condition(normal_user) => "((projects.status = 1) AND (projects.is_public = 1 OR projects.id IN (1,3,4)))"
+ # Project.visible_condition(anonymous) => "((projects.status = 1) AND (projects.is_public = 1))"
+ def self.visible_condition(user, options={})
+ allowed_to_condition(user, :view_project, options)
end
+ # Returns a SQL conditions string used to find all projects for which +user+ has the given +permission+
+ #
+ # Valid options:
+ # * :project => limit the condition to project
+ # * :with_subprojects => limit the condition to project and its subprojects
+ # * :member => limit the condition to the user projects
def self.allowed_to_condition(user, permission, options={})
base_statement = "#{Project.table_name}.status=#{Project::STATUS_ACTIVE}"
if perm = Redmine::AccessControl.permission(permission)
named_scope :visible, lambda {|*args| {
:include => :project,
- :conditions => Project.allowed_to_condition(args.first || User.current, :view_time_entries)
+ :conditions => Project.allowed_to_condition(args.shift || User.current, :view_time_entries, *args)
}}
def after_initialize
assert issues.detect {|issue| !issue.project.is_public?}
end
+ def test_visible_scope_with_project
+ project = Project.find(1)
+ issues = Issue.visible(User.find(2), :project => project).all
+ projects = issues.collect(&:project).uniq
+ assert_equal 1, projects.size
+ assert_equal project, projects.first
+ end
+
+ def test_visible_scope_with_project_and_subprojects
+ project = Project.find(1)
+ issues = Issue.visible(User.find(2), :project => project, :with_subprojects => true).all
+ projects = issues.collect(&:project).uniq
+ assert projects.size > 1
+ assert_equal [], projects.select {|p| !p.is_or_is_descendant_of?(project)}
+ end
+
def test_errors_full_messages_should_include_custom_fields_errors
field = IssueCustomField.find_by_name('Database')