From b20210e83c42807e6445b827504afe64323e272d Mon Sep 17 00:00:00 2001 From: Jean-Philippe Lang Date: Sun, 23 Jan 2011 16:47:59 +0000 Subject: [PATCH] Adds visible scope to redmine links queries. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4759 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- app/helpers/application_helper.rb | 17 +++++++++-------- app/models/document.rb | 3 +++ app/models/message.rb | 3 +++ 3 files changed, 15 insertions(+), 8 deletions(-) diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb index d5a658917..8e973d186 100644 --- a/app/helpers/application_helper.rb +++ b/app/helpers/application_helper.rb @@ -605,7 +605,8 @@ module ApplicationHelper end if esc.nil? if prefix.nil? && sep == 'r' - if project && (changeset = project.changesets.find_by_revision(identifier)) + # project.changesets.visible raises an SQL error because of a double join on repositories + if project && project.repository && (changeset = Changeset.visible.find_by_repository_id_and_revision(project.repository.id, identifier)) link = link_to("#{project_prefix}r#{identifier}", {:only_path => only_path, :controller => 'repositories', :action => 'revision', :id => project, :rev => changeset.revision}, :class => 'changeset', :title => truncate_single_line(changeset.comments, :length => 100)) @@ -620,17 +621,17 @@ module ApplicationHelper :title => "#{truncate(issue.subject, :length => 100)} (#{issue.status.name})") end when 'document' - if document = Document.find_by_id(oid, :include => [:project], :conditions => Project.visible_by(User.current)) + if document = Document.visible.find_by_id(oid) link = link_to h(document.title), {:only_path => only_path, :controller => 'documents', :action => 'show', :id => document}, :class => 'document' end when 'version' - if version = Version.find_by_id(oid, :include => [:project], :conditions => Project.visible_by(User.current)) + if version = Version.visible.find_by_id(oid) link = link_to h(version.name), {:only_path => only_path, :controller => 'versions', :action => 'show', :id => version}, :class => 'version' end when 'message' - if message = Message.find_by_id(oid, :include => [:parent, {:board => :project}], :conditions => Project.visible_by(User.current)) + if message = Message.visible.find_by_id(oid, :include => :parent) link = link_to h(truncate(message.subject, :length => 60)), {:only_path => only_path, :controller => 'messages', :action => 'show', @@ -649,23 +650,23 @@ module ApplicationHelper name = identifier.gsub(%r{^"(.*)"$}, "\\1") case prefix when 'document' - if project && document = project.documents.find_by_title(name) + if project && document = project.documents.visible.find_by_title(name) link = link_to h(document.title), {:only_path => only_path, :controller => 'documents', :action => 'show', :id => document}, :class => 'document' end when 'version' - if project && version = project.versions.find_by_name(name) + if project && version = project.versions.visible.find_by_name(name) link = link_to h(version.name), {:only_path => only_path, :controller => 'versions', :action => 'show', :id => version}, :class => 'version' end when 'commit' - if project && (changeset = project.changesets.find(:first, :conditions => ["scmid LIKE ?", "#{name}%"])) + if project && project.repository && (changeset = Changeset.visible.find(:first, :conditions => ["repository_id = ? AND scmid LIKE ?", project.repository.id, "#{name}%"])) link = link_to h("#{project_prefix}#{name}"), {:only_path => only_path, :controller => 'repositories', :action => 'revision', :id => project, :rev => changeset.identifier}, :class => 'changeset', :title => truncate_single_line(changeset.comments, :length => 100) end when 'source', 'export' - if project && project.repository + if project && project.repository && User.current.allowed_to?(:browse_repository, project) name =~ %r{^[/\\]*(.*?)(@([0-9a-f]+))?(#(L\d+))?$} path, rev, anchor = $1, $3, $5 link = link_to h("#{project_prefix}#{prefix}:#{name}"), {:controller => 'repositories', :action => 'entry', :id => project, diff --git a/app/models/document.rb b/app/models/document.rb index 3aae39850..21232a2d9 100644 --- a/app/models/document.rb +++ b/app/models/document.rb @@ -29,6 +29,9 @@ class Document < ActiveRecord::Base validates_presence_of :project, :title, :category validates_length_of :title, :maximum => 60 + named_scope :visible, lambda {|*args| { :include => :project, + :conditions => Project.allowed_to_condition(args.first || User.current, :view_documents) } } + def visible?(user=User.current) !user.nil? && user.allowed_to?(:view_documents, project) end diff --git a/app/models/message.rb b/app/models/message.rb index 3744c239b..77c9ff550 100644 --- a/app/models/message.rb +++ b/app/models/message.rb @@ -42,6 +42,9 @@ class Message < ActiveRecord::Base after_create :add_author_as_watcher + named_scope :visible, lambda {|*args| { :include => {:board => :project}, + :conditions => Project.allowed_to_condition(args.first || User.current, :view_messages) } } + def visible?(user=User.current) !user.nil? && user.allowed_to?(:view_messages, project) end -- 2.39.5