diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2011-04-11 17:53:15 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2011-04-11 17:53:15 +0000 |
| commit | aa0d01b3d9f5ae5634eda73e1becd75cc4668f3e (patch) | |
| tree | 8a2a59ba70b18777cf35940ff01b961709405893 /app/controllers/issues_controller.rb | |
| parent | 5fd891aa72243e7fff19a05d080c921ae420eeeb (diff) | |
| download | redmine-aa0d01b3d9f5ae5634eda73e1becd75cc4668f3e.tar.gz redmine-aa0d01b3d9f5ae5634eda73e1becd75cc4668f3e.zip | |
Adds an issues visibility level on roles (#7412).
It can be set so that users only see their own issues (created or assigned).
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@5416 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/controllers/issues_controller.rb')
| -rw-r--r-- | app/controllers/issues_controller.rb | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/app/controllers/issues_controller.rb b/app/controllers/issues_controller.rb index fdce296c4..4acd728ba 100644 --- a/app/controllers/issues_controller.rb +++ b/app/controllers/issues_controller.rb @@ -1,5 +1,5 @@ # Redmine - project management software -# Copyright (C) 2006-2008 Jean-Philippe Lang +# Copyright (C) 2006-2011 Jean-Philippe Lang # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -251,7 +251,13 @@ class IssuesController < ApplicationController private def find_issue + # Issue.visible.find(...) can not be used to redirect user to the login form + # if the issue actually exists but requires authentication @issue = Issue.find(params[:id], :include => [:project, :tracker, :status, :author, :priority, :category]) + unless @issue.visible? + deny_access + return + end @project = @issue.project rescue ActiveRecord::RecordNotFound render_404 |