Merged 0.6 branch into trunk.

Permissions management was rewritten. Some permissions can now be specifically defined for non member and anonymous users. This migration: * is irreversible (please, don't forget to *backup* your database before upgrading) * resets role's permissions (go to "Admin -> Roles & Permissions" to set them after upgrading) git-svn-id: http://redmine.rubyforge.org/svn/trunk@674 e93f8b46-1217-0410-a6f0-8f06a7374b81
author: Jean-Philippe Lang <jp_lang@yahoo.fr> 2007-08-29 16:52:35 +0000
committer: Jean-Philippe Lang <jp_lang@yahoo.fr> 2007-08-29 16:52:35 +0000
commit: 603e11d7a5aa62f923e7b013cac6c66462131232 (patch)
tree: fbbb204d2b92b5a87b787d56fe3f9c62cc3f259b /app/controllers/queries_controller.rb
parent: 8da5bad29516be6cbe1bc52e78837ac1ec292026 (diff)
download: redmine-603e11d7a5aa62f923e7b013cac6c66462131232.tar.gz
redmine-603e11d7a5aa62f923e7b013cac6c66462131232.zip
1 files changed, 4 insertions, 5 deletions
diff --git a/app/controllers/queries_controller.rb b/app/controllers/queries_controller.rb
index 631895284..bcc233699 100644
--- a/app/controllers/queries_controller.rb
+++ b/app/controllers/queries_controller.rb
@@ -16,9 +16,8 @@
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 
 class QueriesController < ApplicationController
-  layout 'base'  
-  before_filter :require_login, :except => :index
-  before_filter :find_project, :check_project_privacy
+  layout 'base'
+  before_filter :find_project, :authorize
 
   def index
     @queries = @project.queries.find(:all, 
@@ -31,7 +30,7 @@ class QueriesController < ApplicationController
     @query.project = @project
     @query.user = logged_in_user
     @query.executed_by = logged_in_user
-    @query.is_public = false unless logged_in_user.authorized_to(@project, 'projects/add_query')
+    @query.is_public = false unless current_role.allowed_to?(:manage_pulic_queries)
     
     params[:fields].each do |field|
       @query.add_filter(field, params[:operators][field], params[:values][field])
@@ -52,7 +51,7 @@ class QueriesController < ApplicationController
         @query.add_filter(field, params[:operators][field], params[:values][field])
       end if params[:fields]
       @query.attributes = params[:query]
-      @query.is_public = false unless logged_in_user.authorized_to(@project, 'projects/add_query')
+      @query.is_public = false unless current_role.allowed_to?(:manage_pulic_queries)
           
       if @query.save
         flash[:notice] = l(:notice_successful_update)
author	Jean-Philippe Lang <jp_lang@yahoo.fr>	2007-08-29 16:52:35 +0000
committer	Jean-Philippe Lang <jp_lang@yahoo.fr>	2007-08-29 16:52:35 +0000
commit	603e11d7a5aa62f923e7b013cac6c66462131232 (patch)
tree	fbbb204d2b92b5a87b787d56fe3f9c62cc3f259b /app/controllers/queries_controller.rb
parent	8da5bad29516be6cbe1bc52e78837ac1ec292026 (diff)
download	redmine-603e11d7a5aa62f923e7b013cac6c66462131232.tar.gz redmine-603e11d7a5aa62f923e7b013cac6c66462131232.zip