From 455abea32042a9e612b72cdf88d158fa72cb7144 Mon Sep 17 00:00:00 2001 From: Jean-Philippe Lang Date: Sat, 13 Sep 2008 16:45:01 +0000 Subject: [PATCH] Adds a permission 'view wiki edits' so that wiki history can be hidden to certain users (#1154). A migration automatically adds this permission to roles that were allowed to view wiki pages. git-svn-id: http://redmine.rubyforge.org/svn/trunk@1815 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- app/controllers/wiki_controller.rb | 5 +++++ app/models/role.rb | 5 +++++ app/models/wiki_content.rb | 4 ++-- app/views/wiki/show.rhtml | 2 +- db/migrate/097_add_wiew_wiki_edits_permission.rb | 13 +++++++++++++ lib/redmine.rb | 5 +++-- test/fixtures/roles.yml | 5 +++++ 7 files changed, 34 insertions(+), 5 deletions(-) create mode 100644 db/migrate/097_add_wiew_wiki_edits_permission.rb diff --git a/app/controllers/wiki_controller.rb b/app/controllers/wiki_controller.rb index 46df2931e..5c8158db8 100644 --- a/app/controllers/wiki_controller.rb +++ b/app/controllers/wiki_controller.rb @@ -38,6 +38,11 @@ class WikiController < ApplicationController end return end + if params[:version] && !User.current.allowed_to?(:view_wiki_edits, @project) + # Redirects user to the current version if he's not allowed to view previous versions + redirect_to :version => nil + return + end @content = @page.content_for_version(params[:version]) if params[:export] == 'html' export = render_to_string :action => 'export', :layout => false diff --git a/app/models/role.rb b/app/models/role.rb index 5ff9470f9..beb13c03b 100644 --- a/app/models/role.rb +++ b/app/models/role.rb @@ -76,6 +76,11 @@ class Role < ActiveRecord::Base save! end + # Returns true if the role has the given permission + def has_permission?(perm) + !permissions.nil? && permissions.include?(perm.to_sym) + end + def <=>(role) position <=> role.position end diff --git a/app/models/wiki_content.rb b/app/models/wiki_content.rb index f2ee39c4d..4a4c5c270 100644 --- a/app/models/wiki_content.rb +++ b/app/models/wiki_content.rb @@ -35,9 +35,9 @@ class WikiContent < ActiveRecord::Base :type => 'wiki-page', :url => Proc.new {|o| {:controller => 'wiki', :id => o.page.wiki.project_id, :page => o.page.title, :version => o.version}} - acts_as_activity_provider :type => 'wiki_pages', + acts_as_activity_provider :type => 'wiki_edits', :timestamp => "#{WikiContent.versioned_table_name}.updated_on", - :permission => :view_wiki_pages, + :permission => :view_wiki_edits, :find_options => {:select => "#{WikiContent.versioned_table_name}.updated_on, #{WikiContent.versioned_table_name}.comments, " + "#{WikiContent.versioned_table_name}.#{WikiContent.version_column}, #{WikiPage.table_name}.title, " + "#{WikiContent.versioned_table_name}.page_id, #{WikiContent.versioned_table_name}.author_id, " + diff --git a/app/views/wiki/show.rhtml b/app/views/wiki/show.rhtml index 255b904f5..844c6c0f8 100644 --- a/app/views/wiki/show.rhtml +++ b/app/views/wiki/show.rhtml @@ -7,7 +7,7 @@ <%= link_to_if_authorized(l(:button_delete), {:action => 'destroy', :page => @page.title}, :method => :post, :confirm => l(:text_are_you_sure), :class => 'icon icon-del') %> <%= link_to_if_authorized(l(:button_rollback), {:action => 'edit', :page => @page.title, :version => @content.version }, :class => 'icon icon-cancel') if @content.version < @page.content.version %> <% end %> -<%= link_to(l(:label_history), {:action => 'history', :page => @page.title}, :class => 'icon icon-history') %> +<%= link_to_if_authorized(l(:label_history), {:action => 'history', :page => @page.title}, :class => 'icon icon-history') %> <%= breadcrumb(@page.ancestors.reverse.collect {|parent| link_to h(parent.pretty_title), {:page => parent.title}}) %> diff --git a/db/migrate/097_add_wiew_wiki_edits_permission.rb b/db/migrate/097_add_wiew_wiki_edits_permission.rb new file mode 100644 index 000000000..0f87ada28 --- /dev/null +++ b/db/migrate/097_add_wiew_wiki_edits_permission.rb @@ -0,0 +1,13 @@ +class AddWiewWikiEditsPermission < ActiveRecord::Migration + def self.up + Role.find(:all).each do |r| + r.add_permission!(:view_wiki_edits) if r.has_permission?(:view_wiki_pages) + end + end + + def self.down + Role.find(:all).each do |r| + r.remove_permission!(:view_wiki_edits) + end + end +end diff --git a/lib/redmine.rb b/lib/redmine.rb index fdacb23b9..5529e0bf5 100644 --- a/lib/redmine.rb +++ b/lib/redmine.rb @@ -79,7 +79,8 @@ Redmine::AccessControl.map do |map| map.permission :manage_wiki, {:wikis => [:edit, :destroy]}, :require => :member map.permission :rename_wiki_pages, {:wiki => :rename}, :require => :member map.permission :delete_wiki_pages, {:wiki => :destroy}, :require => :member - map.permission :view_wiki_pages, :wiki => [:index, :history, :diff, :annotate, :special] + map.permission :view_wiki_pages, :wiki => [:index, :special] + map.permission :view_wiki_edits, :wiki => [:history, :diff, :annotate] map.permission :edit_wiki_pages, :wiki => [:edit, :preview, :add_attachment, :destroy_attachment] map.permission :protect_wiki_pages, {:wiki => :protect}, :require => :member end @@ -145,6 +146,6 @@ Redmine::Activity.map do |activity| activity.register :news activity.register :documents, :class_name => %w(Document Attachment) activity.register :files, :class_name => 'Attachment' - activity.register :wiki_pages, :class_name => 'WikiContent::Version', :default => false + activity.register :wiki_edits, :class_name => 'WikiContent::Version', :default => false activity.register :messages, :default => false end diff --git a/test/fixtures/roles.yml b/test/fixtures/roles.yml index 234e971c4..74cba2706 100644 --- a/test/fixtures/roles.yml +++ b/test/fixtures/roles.yml @@ -30,6 +30,7 @@ roles_001: - :view_documents - :manage_documents - :view_wiki_pages + - :view_wiki_edits - :edit_wiki_pages - :protect_wiki_pages - :delete_wiki_pages @@ -72,6 +73,7 @@ roles_002: - :view_documents - :manage_documents - :view_wiki_pages + - :view_wiki_edits - :edit_wiki_pages - :protect_wiki_pages - :delete_wiki_pages @@ -109,6 +111,7 @@ roles_003: - :view_documents - :manage_documents - :view_wiki_pages + - :view_wiki_edits - :edit_wiki_pages - :delete_wiki_pages - :add_messages @@ -139,6 +142,7 @@ roles_004: - :view_documents - :manage_documents - :view_wiki_pages + - :view_wiki_edits - :edit_wiki_pages - :add_messages - :view_files @@ -159,6 +163,7 @@ roles_005: - :view_time_entries - :view_documents - :view_wiki_pages + - :view_wiki_edits - :view_files - :browse_repository - :view_changesets -- 2.39.5