diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2007-09-24 17:46:25 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2007-09-24 17:46:25 +0000 |
| commit | 42fe6c6e045659d4481eefbb824f9d15f5bdd29f (patch) | |
| tree | 78530dc2f0674926e6347cd60a7acc34010890c2 /app/controllers/search_controller.rb | |
| parent | dfffa0a7f8d315086515c784379af2ef8da616ef (diff) | |
| download | redmine-42fe6c6e045659d4481eefbb824f9d15f5bdd29f.tar.gz redmine-42fe6c6e045659d4481eefbb824f9d15f5bdd29f.zip | |
Search engine now only searches objects the user is allowed to view.
git-svn-id: http://redmine.rubyforge.org/svn/trunk@758 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/controllers/search_controller.rb')
| -rw-r--r-- | app/controllers/search_controller.rb | 21 |
1 files changed, 17 insertions, 4 deletions
diff --git a/app/controllers/search_controller.rb b/app/controllers/search_controller.rb index 01e78dc02..eeb9a679c 100644 --- a/app/controllers/search_controller.rb +++ b/app/controllers/search_controller.rb @@ -25,10 +25,9 @@ class SearchController < ApplicationController @question = params[:q] || "" @question.strip! @all_words = params[:all_words] || (params[:submit] ? false : true) - @scope = params[:scope] || (params[:submit] ? [] : %w(projects issues changesets news documents wiki messages) ) # quick jump to an issue - if @scope.include?('issues') && @question.match(/^#?(\d+)$/) && Issue.find_by_id($1, :include => :project, :conditions => Project.visible_by(logged_in_user)) + if @question.match(/^#?(\d+)$/) && Issue.find_by_id($1, :include => :project, :conditions => Project.visible_by(logged_in_user)) redirect_to :controller => "issues", :action => "show", :id => $1 return end @@ -38,6 +37,20 @@ class SearchController < ApplicationController return unless check_project_privacy end + if @project + @object_types = %w(projects issues changesets news documents wiki_pages messages) + @object_types.delete('wiki_pages') unless @project.wiki + @object_types.delete('changesets') unless @project.repository + # only show what the user is allowed to view + @object_types = @object_types.select {|o| User.current.allowed_to?("view_#{o}".to_sym, @project)} + + @scope = @object_types.select {|t| params[t]} + # default objects to search if none is specified in parameters + @scope = @object_types if @scope.empty? + else + @scope = %w(projects) + end + # tokens must be at least 3 character long @tokens = @question.split.uniq.select {|w| w.length > 2 } @@ -49,7 +62,7 @@ class SearchController < ApplicationController operator = @all_words ? " AND " : " OR " limit = 10 @results = [] - if @project + if @project @results += @project.issues.find(:all, :limit => limit, :include => :author, :conditions => [ (["(LOWER(subject) like ? OR LOWER(description) like ?)"] * like_tokens.size).join(operator), * (like_tokens * 2).sort] ) if @scope.include? 'issues' Journal.with_scope :find => {:conditions => ["#{Issue.table_name}.project_id = ?", @project.id]} do @results += Journal.find(:all, :include => :issue, :limit => limit, :conditions => [ (["(LOWER(notes) like ? OR LOWER(notes) like ?)"] * like_tokens.size).join(operator), * (like_tokens * 2).sort] ).collect(&:issue) if @scope.include? 'issues' @@ -57,7 +70,7 @@ class SearchController < ApplicationController @results.uniq! @results += @project.news.find(:all, :limit => limit, :conditions => [ (["(LOWER(title) like ? OR LOWER(description) like ?)"] * like_tokens.size).join(operator), * (like_tokens * 2).sort], :include => :author ) if @scope.include? 'news' @results += @project.documents.find(:all, :limit => limit, :conditions => [ (["(LOWER(title) like ? OR LOWER(description) like ?)"] * like_tokens.size).join(operator), * (like_tokens * 2).sort] ) if @scope.include? 'documents' - @results += @project.wiki.pages.find(:all, :limit => limit, :include => :content, :conditions => [ (["(LOWER(title) like ? OR LOWER(text) like ?)"] * like_tokens.size).join(operator), * (like_tokens * 2).sort] ) if @project.wiki && @scope.include?('wiki') + @results += @project.wiki.pages.find(:all, :limit => limit, :include => :content, :conditions => [ (["(LOWER(title) like ? OR LOWER(text) like ?)"] * like_tokens.size).join(operator), * (like_tokens * 2).sort] ) if @project.wiki && @scope.include?('wiki_pages') @results += @project.repository.changesets.find(:all, :limit => limit, :conditions => [ (["(LOWER(comments) like ?)"] * like_tokens.size).join(operator), * (like_tokens).sort] ) if @project.repository && @scope.include?('changesets') Message.with_scope :find => {:conditions => ["#{Board.table_name}.project_id = ?", @project.id]} do @results += Message.find(:all, :include => :board, :limit => limit, :conditions => [ (["(LOWER(subject) like ? OR LOWER(content) like ?)"] * like_tokens.size).join(operator), * (like_tokens * 2).sort] ) if @scope.include? 'messages' |