A new permission (Close/reopen project) is available to give non-admin users the ability to close their projects. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@9883 e93f8b46-1217-0410-a6f0-8f06a7374b81tags/2.1.0
@@ -276,7 +276,7 @@ class ApplicationController < ActionController::Base | |||
# make sure that the user is a member of the project (or admin) if project is private | |||
# used as a before_filter for actions that do not require any particular permission on the project | |||
def check_project_privacy | |||
if @project && @project.active? | |||
if @project && !@project.archived? | |||
if @project.visible? | |||
true | |||
else |
@@ -48,7 +48,11 @@ class ProjectsController < ApplicationController | |||
def index | |||
respond_to do |format| | |||
format.html { | |||
@projects = Project.visible.find(:all, :order => 'lft') | |||
scope = Project | |||
unless params[:closed] | |||
scope = scope.active | |||
end | |||
@projects = scope.visible.order('lft').all | |||
} | |||
format.api { | |||
@offset, @limit = api_offset_and_limit | |||
@@ -224,6 +228,16 @@ class ProjectsController < ApplicationController | |||
redirect_to(url_for(:controller => 'admin', :action => 'projects', :status => params[:status])) | |||
end | |||
def close | |||
@project.close | |||
redirect_to project_path(@project) | |||
end | |||
def reopen | |||
@project.reopen | |||
redirect_to project_path(@project) | |||
end | |||
# Delete @project | |||
def destroy | |||
@project_to_destroy = @project |
@@ -20,6 +20,8 @@ | |||
module AdminHelper | |||
def project_status_options_for_select(selected) | |||
options_for_select([[l(:label_all), ''], | |||
[l(:status_active), '1']], selected.to_s) | |||
[l(:project_status_active), '1'], | |||
[l(:project_status_closed), '5'], | |||
[l(:project_status_archived), '9']], selected.to_s) | |||
end | |||
end |
@@ -145,11 +145,11 @@ module ApplicationHelper | |||
# link_to_project(project, {}, :class => "project") # => html options with default url (project overview) | |||
# | |||
def link_to_project(project, options={}, html_options = nil) | |||
if project.active? | |||
if project.archived? | |||
h(project) | |||
else | |||
url = {:controller => 'projects', :action => 'show', :id => project}.merge(options) | |||
link_to(h(project), url, html_options) | |||
else | |||
h(project) | |||
end | |||
end | |||
@@ -237,7 +237,7 @@ module ApplicationHelper | |||
# Renders the project quick-jump box | |||
def render_project_jump_box | |||
return unless User.current.logged? | |||
projects = User.current.memberships.collect(&:project).compact.uniq | |||
projects = User.current.memberships.collect(&:project).compact.select(&:active?).uniq | |||
if projects.any? | |||
s = '<select onchange="if (this.value != \'\') { window.location = this.value; }">' + | |||
"<option value=''>#{ l(:label_jump_to_a_project) }</option>" + |
@@ -19,7 +19,7 @@ class Principal < ActiveRecord::Base | |||
self.table_name = "#{table_name_prefix}users#{table_name_suffix}" | |||
has_many :members, :foreign_key => 'user_id', :dependent => :destroy | |||
has_many :memberships, :class_name => 'Member', :foreign_key => 'user_id', :include => [ :project, :roles ], :conditions => "#{Project.table_name}.status=#{Project::STATUS_ACTIVE}", :order => "#{Project.table_name}.name" | |||
has_many :memberships, :class_name => 'Member', :foreign_key => 'user_id', :include => [ :project, :roles ], :conditions => "#{Project.table_name}.status<>#{Project::STATUS_ARCHIVED}", :order => "#{Project.table_name}.name" | |||
has_many :projects, :through => :memberships | |||
has_many :issue_categories, :foreign_key => 'assigned_to_id', :dependent => :nullify | |||
@@ -20,6 +20,7 @@ class Project < ActiveRecord::Base | |||
# Project statuses | |||
STATUS_ACTIVE = 1 | |||
STATUS_CLOSED = 5 | |||
STATUS_ARCHIVED = 9 | |||
# Maximum length for project identifiers | |||
@@ -161,12 +162,11 @@ class Project < ActiveRecord::Base | |||
# * :with_subprojects => limit the condition to project and its subprojects | |||
# * :member => limit the condition to the user projects | |||
def self.allowed_to_condition(user, permission, options={}) | |||
base_statement = "#{Project.table_name}.status=#{Project::STATUS_ACTIVE}" | |||
if perm = Redmine::AccessControl.permission(permission) | |||
unless perm.project_module.nil? | |||
# If the permission belongs to a project module, make sure the module is enabled | |||
base_statement << " AND #{Project.table_name}.id IN (SELECT em.project_id FROM #{EnabledModule.table_name} em WHERE em.name='#{perm.project_module}')" | |||
end | |||
perm = Redmine::AccessControl.permission(permission) | |||
base_statement = (perm && perm.read? ? "#{Project.table_name}.status <> #{Project::STATUS_ARCHIVED}" : "#{Project.table_name}.status = #{Project::STATUS_ACTIVE}") | |||
if perm && perm.project_module | |||
# If the permission belongs to a project module, make sure the module is enabled | |||
base_statement << " AND #{Project.table_name}.id IN (SELECT em.project_id FROM #{EnabledModule.table_name} em WHERE em.name='#{perm.project_module}')" | |||
end | |||
if options[:project] | |||
project_statement = "#{Project.table_name}.id = #{options[:project].id}" | |||
@@ -325,6 +325,14 @@ class Project < ActiveRecord::Base | |||
update_attribute :status, STATUS_ACTIVE | |||
end | |||
def close | |||
self_and_descendants.status(STATUS_ACTIVE).update_all :status => STATUS_CLOSED | |||
end | |||
def reopen | |||
self_and_descendants.status(STATUS_CLOSED).update_all :status => STATUS_ACTIVE | |||
end | |||
# Returns an array of projects the project can be moved to | |||
# by the current user | |||
def allowed_parents | |||
@@ -404,7 +412,7 @@ class Project < ActiveRecord::Base | |||
@rolled_up_trackers ||= | |||
Tracker.find(:all, :joins => :projects, | |||
:select => "DISTINCT #{Tracker.table_name}.*", | |||
:conditions => ["#{Project.table_name}.lft >= ? AND #{Project.table_name}.rgt <= ? AND #{Project.table_name}.status = #{STATUS_ACTIVE}", lft, rgt], | |||
:conditions => ["#{Project.table_name}.lft >= ? AND #{Project.table_name}.rgt <= ? AND #{Project.table_name}.status <> #{STATUS_ARCHIVED}", lft, rgt], | |||
:order => "#{Tracker.table_name}.position") | |||
end | |||
@@ -423,20 +431,20 @@ class Project < ActiveRecord::Base | |||
def rolled_up_versions | |||
@rolled_up_versions ||= | |||
Version.scoped(:include => :project, | |||
:conditions => ["#{Project.table_name}.lft >= ? AND #{Project.table_name}.rgt <= ? AND #{Project.table_name}.status = #{STATUS_ACTIVE}", lft, rgt]) | |||
:conditions => ["#{Project.table_name}.lft >= ? AND #{Project.table_name}.rgt <= ? AND #{Project.table_name}.status <> #{STATUS_ARCHIVED}", lft, rgt]) | |||
end | |||
# Returns a scope of the Versions used by the project | |||
def shared_versions | |||
if new_record? | |||
Version.scoped(:include => :project, | |||
:conditions => "#{Project.table_name}.status = #{Project::STATUS_ACTIVE} AND #{Version.table_name}.sharing = 'system'") | |||
:conditions => "#{Project.table_name}.status <> #{Project::STATUS_ARCHIVED} AND #{Version.table_name}.sharing = 'system'") | |||
else | |||
@shared_versions ||= begin | |||
r = root? ? self : root | |||
Version.scoped(:include => :project, | |||
:conditions => "#{Project.table_name}.id = #{id}" + | |||
" OR (#{Project.table_name}.status = #{Project::STATUS_ACTIVE} AND (" + | |||
" OR (#{Project.table_name}.status <> #{Project::STATUS_ARCHIVED} AND (" + | |||
" #{Version.table_name}.sharing = 'system'" + | |||
" OR (#{Project.table_name}.lft >= #{r.lft} AND #{Project.table_name}.rgt <= #{r.rgt} AND #{Version.table_name}.sharing = 'tree')" + | |||
" OR (#{Project.table_name}.lft < #{lft} AND #{Project.table_name}.rgt > #{rgt} AND #{Version.table_name}.sharing IN ('hierarchy', 'descendants'))" + | |||
@@ -515,6 +523,13 @@ class Project < ActiveRecord::Base | |||
s << ' root' if root? | |||
s << ' child' if child? | |||
s << (leaf? ? ' leaf' : ' parent') | |||
unless active? | |||
if archived? | |||
s << ' archived' | |||
else | |||
s << ' closed' | |||
end | |||
end | |||
s | |||
end | |||
@@ -394,7 +394,7 @@ class User < Principal | |||
def roles_for_project(project) | |||
roles = [] | |||
# No role on archived projects | |||
return roles unless project && project.active? | |||
return roles if project.nil? || project.archived? | |||
if logged? | |||
# Find project membership | |||
membership = memberships.detect {|m| m.project_id == project.id} | |||
@@ -456,9 +456,11 @@ class User < Principal | |||
def allowed_to?(action, context, options={}, &block) | |||
if context && context.is_a?(Project) | |||
# No action allowed on archived projects | |||
return false unless context.active? | |||
return false if context.archived? | |||
# No action allowed on disabled modules | |||
return false unless context.allows_to?(action) | |||
# No write action allowed on closed projects | |||
return false unless context.active? || Redmine::AccessControl.read_action?(action) | |||
# Admin users are authorized for anything else | |||
return true if admin? | |||
@@ -27,12 +27,12 @@ | |||
<tbody> | |||
<% project_tree(@projects) do |project, level| %> | |||
<tr class="<%= cycle("odd", "even") %> <%= project.css_classes %> <%= level > 0 ? "idnt idnt-#{level}" : nil %>"> | |||
<td class="name"><span><%= link_to_project(project, {:action => 'settings'}, :title => project.short_description) %></span></td> | |||
<td class="name"><span><%= link_to_project(project, {:action => (project.active? ? 'settings' : 'show')}, :title => project.short_description) %></span></td> | |||
<td align="center"><%= checked_image project.is_public? %></td> | |||
<td align="center"><%= format_date(project.created_on) %></td> | |||
<td class="buttons"> | |||
<%= link_to(l(:button_archive), { :controller => 'projects', :action => 'archive', :id => project, :status => params[:status] }, :confirm => l(:text_are_you_sure), :method => :post, :class => 'icon icon-lock') if project.active? %> | |||
<%= link_to(l(:button_unarchive), { :controller => 'projects', :action => 'unarchive', :id => project, :status => params[:status] }, :method => :post, :class => 'icon icon-unlock') if !project.active? && (project.parent.nil? || project.parent.active?) %> | |||
<%= link_to(l(:button_archive), { :controller => 'projects', :action => 'archive', :id => project, :status => params[:status] }, :confirm => l(:text_are_you_sure), :method => :post, :class => 'icon icon-lock') unless project.archived? %> | |||
<%= link_to(l(:button_unarchive), { :controller => 'projects', :action => 'unarchive', :id => project, :status => params[:status] }, :method => :post, :class => 'icon icon-unlock') if project.archived? && (project.parent.nil? || !project.parent.archived?) %> | |||
<%= link_to(l(:button_copy), { :controller => 'projects', :action => 'copy', :id => project }, :class => 'icon icon-copy') %> | |||
<%= link_to(l(:button_delete), project_path(project), :method => :delete, :class => 'icon icon-del') %> | |||
</td> |
@@ -25,4 +25,12 @@ | |||
<%= f.link_to 'Atom', :url => {:key => User.current.rss_key} %> | |||
<% end %> | |||
<% content_for :sidebar do %> | |||
<%= form_tag({}, :method => :get) do %> | |||
<h3><%= l(:label_project_plural) %></h3> | |||
<label for="closed"><%= check_box_tag 'closed', 1, params[:closed] %> <%= l(:label_show_closed_projects) %></label> | |||
<p><%= submit_tag l(:button_apply), :class => 'button-small', :name => nil %></p> | |||
<% end %> | |||
<% end %> | |||
<% html_title(l(:label_project_plural)) -%> |
@@ -2,14 +2,27 @@ | |||
<% if User.current.allowed_to?(:add_subprojects, @project) %> | |||
<%= link_to l(:label_subproject_new), {:controller => 'projects', :action => 'new', :parent_id => @project}, :class => 'icon icon-add' %> | |||
<% end %> | |||
<% if User.current.allowed_to?(:close_project, @project) %> | |||
<% if @project.active? %> | |||
<%= link_to l(:button_close), close_project_path(@project), :data => {:confirm => l(:text_are_you_sure)}, :method => :post, :class => 'icon icon-lock' %> | |||
<% else %> | |||
<%= link_to l(:button_reopen), reopen_project_path(@project), :data => {:confirm => l(:text_are_you_sure)}, :method => :post, :class => 'icon icon-unlock' %> | |||
<% end %> | |||
<% end %> | |||
</div> | |||
<h2><%=l(:label_overview)%></h2> | |||
<% unless @project.active? %> | |||
<p class="warning"><span class="icon icon-lock"><%= l(:text_project_closed) %></span></p> | |||
<% end %> | |||
<div class="splitcontentleft"> | |||
<% if @project.description.present? %> | |||
<div class="wiki"> | |||
<%= textilizable @project.description %> | |||
</div> | |||
<% end %> | |||
<ul> | |||
<% unless @project.homepage.blank? %> | |||
<li><%=l(:field_homepage)%>: <%= link_to h(@project.homepage), @project.homepage %></li> |
@@ -395,6 +395,7 @@ en: | |||
permission_add_project: Create project | |||
permission_add_subprojects: Create subprojects | |||
permission_edit_project: Edit project | |||
permission_close_project: Close / reopen the project | |||
permission_select_project_modules: Select project modules | |||
permission_manage_members: Manage members | |||
permission_manage_project_activities: Manage project activities | |||
@@ -854,6 +855,7 @@ en: | |||
label_completed_versions: Completed versions | |||
label_search_for_watchers: Search for watchers to add | |||
label_session_expiration: Session expiration | |||
label_show_closed_projects: View closed projects | |||
button_login: Login | |||
button_submit: Submit | |||
@@ -904,11 +906,17 @@ en: | |||
button_edit_section: Edit this section | |||
button_export: Export | |||
button_delete_my_account: Delete my account | |||
button_close: Close | |||
button_reopen: Reopen | |||
status_active: active | |||
status_registered: registered | |||
status_locked: locked | |||
project_status_active: active | |||
project_status_closed: closed | |||
project_status_archived: archived | |||
version_status_open: open | |||
version_status_locked: locked | |||
version_status_closed: closed | |||
@@ -990,6 +998,7 @@ en: | |||
text_issue_conflict_resolution_cancel: "Discard all my changes and redisplay %{link}" | |||
text_account_destroy_confirmation: "Are you sure you want to proceed?\nYour account will be permanently deleted, with no way to reactivate it." | |||
text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." | |||
text_project_closed: This project is closed and read-only. | |||
default_role_manager: Manager | |||
default_role_developer: Developer |
@@ -391,6 +391,7 @@ fr: | |||
permission_add_project: Créer un projet | |||
permission_add_subprojects: Créer des sous-projets | |||
permission_edit_project: Modifier le projet | |||
permission_close_project: Fermer / réouvrir le projet | |||
permission_select_project_modules: Choisir les modules | |||
permission_manage_members: Gérer les membres | |||
permission_manage_versions: Gérer les versions | |||
@@ -829,6 +830,7 @@ fr: | |||
label_item_position: "%{position} sur %{count}" | |||
label_completed_versions: Versions passées | |||
label_session_expiration: Expiration des sessions | |||
label_show_closed_projects: Voir les projets fermés | |||
button_login: Connexion | |||
button_submit: Soumettre | |||
@@ -878,11 +880,17 @@ fr: | |||
button_edit_section: Modifier cette section | |||
button_export: Exporter | |||
button_delete_my_account: Supprimer mon compte | |||
button_close: Fermer | |||
button_reopen: Réouvrir | |||
status_active: actif | |||
status_registered: enregistré | |||
status_locked: verrouillé | |||
project_status_active: actif | |||
project_status_closed: fermé | |||
project_status_archived: archivé | |||
version_status_open: ouvert | |||
version_status_locked: verrouillé | |||
version_status_closed: fermé | |||
@@ -946,6 +954,7 @@ fr: | |||
text_issue_conflict_resolution_cancel: "Annuler ma mise à jour et réafficher %{link}" | |||
text_account_destroy_confirmation: "Êtes-vous sûr de vouloir continuer ?\nVotre compte sera définitivement supprimé, sans aucune possibilité de le réactiver." | |||
text_session_expiration_settings: "Attention : le changement de ces paramètres peut entrainer l'expiration des sessions utilisateurs en cours, y compris la vôtre." | |||
text_project_closed: Ce projet est fermé et accessible en lecture seule. | |||
default_role_manager: "Manager " | |||
default_role_developer: "Développeur " |
@@ -93,6 +93,8 @@ RedmineApp::Application.routes.draw do | |||
post 'modules' | |||
post 'archive' | |||
post 'unarchive' | |||
post 'close' | |||
post 'reopen' | |||
match 'copy', :via => [:get, :post] | |||
end | |||
@@ -47,10 +47,11 @@ end | |||
# Permissions | |||
Redmine::AccessControl.map do |map| | |||
map.permission :view_project, {:projects => [:show], :activities => [:index]}, :public => true | |||
map.permission :search_project, {:search => :index}, :public => true | |||
map.permission :view_project, {:projects => [:show], :activities => [:index]}, :public => true, :read => true | |||
map.permission :search_project, {:search => :index}, :public => true, :read => true | |||
map.permission :add_project, {:projects => [:new, :create]}, :require => :loggedin | |||
map.permission :edit_project, {:projects => [:settings, :edit, :update]}, :require => :member | |||
map.permission :close_project, {:projects => [:close, :reopen]}, :require => :member, :read => true | |||
map.permission :select_project_modules, {:projects => :modules}, :require => :member | |||
map.permission :manage_members, {:projects => :settings, :members => [:index, :show, :create, :update, :destroy, :autocomplete]}, :require => :member | |||
map.permission :manage_versions, {:projects => :settings, :versions => [:new, :create, :edit, :update, :close_completed, :destroy]}, :require => :member | |||
@@ -66,7 +67,8 @@ Redmine::AccessControl.map do |map| | |||
:versions => [:index, :show, :status_by], | |||
:journals => [:index, :diff], | |||
:queries => :index, | |||
:reports => [:issue_report, :issue_report_details]} | |||
:reports => [:issue_report, :issue_report_details]}, | |||
:read => true | |||
map.permission :add_issues, {:issues => [:new, :create, :update_form], :attachments => :upload} | |||
map.permission :edit_issues, {:issues => [:edit, :update, :bulk_edit, :bulk_update, :update_form], :journals => [:new], :attachments => :upload} | |||
map.permission :manage_issue_relations, {:issue_relations => [:index, :show, :create, :destroy]} | |||
@@ -82,14 +84,14 @@ Redmine::AccessControl.map do |map| | |||
map.permission :manage_public_queries, {:queries => [:new, :create, :edit, :update, :destroy]}, :require => :member | |||
map.permission :save_queries, {:queries => [:new, :create, :edit, :update, :destroy]}, :require => :loggedin | |||
# Watchers | |||
map.permission :view_issue_watchers, {} | |||
map.permission :view_issue_watchers, {}, :read => true | |||
map.permission :add_issue_watchers, {:watchers => :new} | |||
map.permission :delete_issue_watchers, {:watchers => :destroy} | |||
end | |||
map.project_module :time_tracking do |map| | |||
map.permission :log_time, {:timelog => [:new, :create]}, :require => :loggedin | |||
map.permission :view_time_entries, :timelog => [:index, :report, :show] | |||
map.permission :view_time_entries, {:timelog => [:index, :report, :show]}, :read => true | |||
map.permission :edit_time_entries, {:timelog => [:edit, :update, :destroy, :bulk_edit, :bulk_update]}, :require => :member | |||
map.permission :edit_own_time_entries, {:timelog => [:edit, :update, :destroy,:bulk_edit, :bulk_update]}, :require => :loggedin | |||
map.permission :manage_project_activities, {:project_enumerations => [:update, :destroy]}, :require => :member | |||
@@ -97,27 +99,27 @@ Redmine::AccessControl.map do |map| | |||
map.project_module :news do |map| | |||
map.permission :manage_news, {:news => [:new, :create, :edit, :update, :destroy], :comments => [:destroy]}, :require => :member | |||
map.permission :view_news, {:news => [:index, :show]}, :public => true | |||
map.permission :view_news, {:news => [:index, :show]}, :public => true, :read => true | |||
map.permission :comment_news, {:comments => :create} | |||
end | |||
map.project_module :documents do |map| | |||
map.permission :manage_documents, {:documents => [:new, :create, :edit, :update, :destroy, :add_attachment]}, :require => :loggedin | |||
map.permission :view_documents, :documents => [:index, :show, :download] | |||
map.permission :view_documents, {:documents => [:index, :show, :download]}, :read => true | |||
end | |||
map.project_module :files do |map| | |||
map.permission :manage_files, {:files => [:new, :create]}, :require => :loggedin | |||
map.permission :view_files, :files => :index, :versions => :download | |||
map.permission :view_files, {:files => :index, :versions => :download}, :read => true | |||
end | |||
map.project_module :wiki do |map| | |||
map.permission :manage_wiki, {:wikis => [:edit, :destroy]}, :require => :member | |||
map.permission :rename_wiki_pages, {:wiki => :rename}, :require => :member | |||
map.permission :delete_wiki_pages, {:wiki => :destroy}, :require => :member | |||
map.permission :view_wiki_pages, :wiki => [:index, :show, :special, :date_index] | |||
map.permission :export_wiki_pages, :wiki => [:export] | |||
map.permission :view_wiki_edits, :wiki => [:history, :diff, :annotate] | |||
map.permission :view_wiki_pages, {:wiki => [:index, :show, :special, :date_index]}, :read => true | |||
map.permission :export_wiki_pages, {:wiki => [:export]}, :read => true | |||
map.permission :view_wiki_edits, {:wiki => [:history, :diff, :annotate]}, :read => true | |||
map.permission :edit_wiki_pages, :wiki => [:edit, :update, :preview, :add_attachment] | |||
map.permission :delete_wiki_pages_attachments, {} | |||
map.permission :protect_wiki_pages, {:wiki => :protect}, :require => :member | |||
@@ -125,15 +127,15 @@ Redmine::AccessControl.map do |map| | |||
map.project_module :repository do |map| | |||
map.permission :manage_repository, {:repositories => [:new, :create, :edit, :update, :committers, :destroy]}, :require => :member | |||
map.permission :browse_repository, :repositories => [:show, :browse, :entry, :raw, :annotate, :changes, :diff, :stats, :graph] | |||
map.permission :view_changesets, :repositories => [:show, :revisions, :revision] | |||
map.permission :browse_repository, {:repositories => [:show, :browse, :entry, :raw, :annotate, :changes, :diff, :stats, :graph]}, :read => true | |||
map.permission :view_changesets, {:repositories => [:show, :revisions, :revision]}, :read => true | |||
map.permission :commit_access, {} | |||
map.permission :manage_related_issues, {:repositories => [:add_related_issue, :remove_related_issue]} | |||
end | |||
map.project_module :boards do |map| | |||
map.permission :manage_boards, {:boards => [:new, :create, :edit, :update, :destroy]}, :require => :member | |||
map.permission :view_messages, {:boards => [:index, :show], :messages => [:show]}, :public => true | |||
map.permission :view_messages, {:boards => [:index, :show], :messages => [:show]}, :public => true, :read => true | |||
map.permission :add_messages, {:messages => [:new, :reply, :quote]} | |||
map.permission :edit_messages, {:messages => :edit}, :require => :member | |||
map.permission :edit_own_messages, {:messages => :edit}, :require => :loggedin | |||
@@ -142,11 +144,11 @@ Redmine::AccessControl.map do |map| | |||
end | |||
map.project_module :calendar do |map| | |||
map.permission :view_calendar, :calendars => [:show, :update] | |||
map.permission :view_calendar, {:calendars => [:show, :update]}, :read => true | |||
end | |||
map.project_module :gantt do |map| | |||
map.permission :view_gantt, :gantts => [:show, :update] | |||
map.permission :view_gantt, {:gantts => [:show, :update]}, :read => true | |||
end | |||
end | |||
@@ -54,6 +54,16 @@ module Redmine | |||
@loggedin_only_permissions ||= @permissions.select {|p| p.require_loggedin?} | |||
end | |||
def read_action?(action) | |||
if action.is_a?(Symbol) | |||
perm = permission(action) | |||
!perm.nil? && perm.read? | |||
else | |||
s = "#{action[:controller]}/#{action[:action]}" | |||
permissions.detect {|p| p.actions.include?(s) && !p.read?}.nil? | |||
end | |||
end | |||
def available_project_modules | |||
@available_project_modules ||= @permissions.collect(&:project_module).uniq.compact | |||
end | |||
@@ -93,6 +103,7 @@ module Redmine | |||
@actions = [] | |||
@public = options[:public] || false | |||
@require = options[:require] | |||
@read = options[:read] || false | |||
@project_module = options[:project_module] | |||
hash.each do |controller, actions| | |||
if actions.is_a? Array | |||
@@ -115,6 +126,10 @@ module Redmine | |||
def require_loggedin? | |||
@require && (@require == :member || @require == :loggedin) | |||
end | |||
def read? | |||
@read | |||
end | |||
end | |||
end | |||
end |
@@ -244,13 +244,15 @@ module Redmine #:nodoc: | |||
# permission :destroy_contacts, { :contacts => :destroy } | |||
# permission :view_contacts, { :contacts => [:index, :show] } | |||
# | |||
# The +options+ argument can be used to make the permission public (implicitly given to any user) | |||
# or to restrict users the permission can be given to. | |||
# The +options+ argument is a hash that accept the following keys: | |||
# * :public => the permission is public if set to true (implicitly given to any user) | |||
# * :require => can be set to one of the following values to restrict users the permission can be given to: :loggedin, :member | |||
# * :read => set it to true so that the permission is still granted on closed projects | |||
# | |||
# Examples | |||
# # A permission that is implicitly given to any user | |||
# # This permission won't appear on the Roles & Permissions setup screen | |||
# permission :say_hello, { :example => :say_hello }, :public => true | |||
# permission :say_hello, { :example => :say_hello }, :public => true, :read => true | |||
# | |||
# # A permission that can be given to any user | |||
# permission :say_hello, { :example => :say_hello } |
@@ -8,6 +8,7 @@ roles_001: | |||
--- | |||
- :add_project | |||
- :edit_project | |||
- :close_project | |||
- :select_project_modules | |||
- :manage_members | |||
- :manage_versions |
@@ -380,6 +380,21 @@ class ProjectsControllerTest < ActionController::TestCase | |||
assert_template 'settings' | |||
end | |||
def test_settings_should_be_denied_for_member_on_closed_project | |||
Project.find(1).close | |||
@request.session[:user_id] = 2 # manager | |||
get :settings, :id => 1 | |||
assert_response 403 | |||
end | |||
def test_settings_should_be_denied_for_anonymous_on_closed_project | |||
Project.find(1).close | |||
get :settings, :id => 1 | |||
assert_response 302 | |||
end | |||
def test_update | |||
@request.session[:user_id] = 2 # manager | |||
post :update, :id => 1, :project => {:name => 'Test changed name', | |||
@@ -397,6 +412,23 @@ class ProjectsControllerTest < ActionController::TestCase | |||
assert_error_tag :content => /name can't be blank/i | |||
end | |||
def test_update_should_be_denied_for_member_on_closed_project | |||
Project.find(1).close | |||
@request.session[:user_id] = 2 # manager | |||
post :update, :id => 1, :project => {:name => 'Closed'} | |||
assert_response 403 | |||
assert_equal 'eCookbook', Project.find(1).name | |||
end | |||
def test_update_should_be_denied_for_anonymous_on_closed_project | |||
Project.find(1).close | |||
post :update, :id => 1, :project => {:name => 'Closed'} | |||
assert_response 302 | |||
assert_equal 'eCookbook', Project.find(1).name | |||
end | |||
def test_modules | |||
@request.session[:user_id] = 2 | |||
Project.find(1).enabled_module_names = ['issue_tracking', 'news'] | |||
@@ -444,6 +476,21 @@ class ProjectsControllerTest < ActionController::TestCase | |||
assert Project.find(1).active? | |||
end | |||
def test_close | |||
@request.session[:user_id] = 2 | |||
post :close, :id => 1 | |||
assert_redirected_to '/projects/ecookbook' | |||
assert_equal Project::STATUS_CLOSED, Project.find(1).status | |||
end | |||
def test_reopen | |||
Project.find(1).close | |||
@request.session[:user_id] = 2 | |||
post :reopen, :id => 1 | |||
assert_redirected_to '/projects/ecookbook' | |||
assert Project.find(1).active? | |||
end | |||
def test_project_breadcrumbs_should_be_limited_to_3_ancestors | |||
CustomField.delete_all | |||
parent = nil |
@@ -69,6 +69,14 @@ class RoutingProjectsTest < ActionController::IntegrationTest | |||
{ :method => 'post', :path => "/projects/64/unarchive" }, | |||
{ :controller => 'projects', :action => 'unarchive', :id => '64' } | |||
) | |||
assert_routing( | |||
{ :method => 'post', :path => "/projects/64/close" }, | |||
{ :controller => 'projects', :action => 'close', :id => '64' } | |||
) | |||
assert_routing( | |||
{ :method => 'post', :path => "/projects/64/reopen" }, | |||
{ :controller => 'projects', :action => 'reopen', :id => '64' } | |||
) | |||
assert_routing( | |||
{ :method => 'put', :path => "/projects/4223" }, | |||
{ :controller => 'projects', :action => 'update', :id => '4223' } |
@@ -46,4 +46,14 @@ class Redmine::AccessControlTest < ActiveSupport::TestCase | |||
assert perm.actions.is_a?(Array) | |||
assert perm.actions.include?('projects/settings') | |||
end | |||
def test_read_action_should_return_true_for_read_actions | |||
assert_equal true, @access_module.read_action?(:view_project) | |||
assert_equal true, @access_module.read_action?(:controller => 'projects', :action => 'show') | |||
end | |||
def test_read_action_should_return_false_for_update_actions | |||
assert_equal false, @access_module.read_action?(:edit_project) | |||
assert_equal false, @access_module.read_action?(:controller => 'projects', :action => 'edit') | |||
end | |||
end |
@@ -874,6 +874,18 @@ class UserTest < ActiveSupport::TestCase | |||
assert ! @admin.allowed_to?(:view_issues, Project.find(1)) | |||
end | |||
should "return false for write action if project is closed" do | |||
project = Project.find(1) | |||
Project.any_instance.stubs(:status).returns(Project::STATUS_CLOSED) | |||
assert ! @admin.allowed_to?(:edit_project, Project.find(1)) | |||
end | |||
should "return true for read action if project is closed" do | |||
project = Project.find(1) | |||
Project.any_instance.stubs(:status).returns(Project::STATUS_CLOSED) | |||
assert @admin.allowed_to?(:view_project, Project.find(1)) | |||
end | |||
should "return false if related module is disabled" do | |||
project = Project.find(1) | |||
project.enabled_module_names = ["issue_tracking"] |