diff options
| author | Eric Davis <edavis@littlestreamsoftware.com> | 2010-09-06 00:26:08 +0000 |
|---|---|---|
| committer | Eric Davis <edavis@littlestreamsoftware.com> | 2010-09-06 00:26:08 +0000 |
| commit | d771fa92892a8835168856b8a148d05b550440dc (patch) | |
| tree | 062f20ace1e13cf3ac7b8377a75d7f07b7898faf /app/helpers/application_helper.rb | |
| parent | 563c879e44237eff4846ef44ae93ec43c27ba47f (diff) | |
| download | redmine-d771fa92892a8835168856b8a148d05b550440dc.tar.gz redmine-d771fa92892a8835168856b8a148d05b550440dc.zip | |
Change link_to_if_authorized to allow url paths. (Fixes #6195)
Both url paths (/issues/1234) and params hashes (:controller => 'issues')
are now supported by link_to_if_authorized. The authorize_for method
requires a controller/action pair so urls need to be parsed against the
routes to find their controller/action.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4064 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/helpers/application_helper.rb')
| -rw-r--r-- | app/helpers/application_helper.rb | 21 |
1 files changed, 20 insertions, 1 deletions
diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb index 19dd654db..0fb44a22b 100644 --- a/app/helpers/application_helper.rb +++ b/app/helpers/application_helper.rb @@ -32,8 +32,27 @@ module ApplicationHelper end # Display a link if user is authorized + # + # @param [String] name Anchor text (passed to link_to) + # @param [Hash, String] options Hash params or url for the link target (passed to link_to). + # This will checked by authorize_for to see if the user is authorized + # @param [optional, Hash] html_options Options passed to link_to + # @param [optional, Hash] parameters_for_method_reference Extra parameters for link_to def link_to_if_authorized(name, options = {}, html_options = nil, *parameters_for_method_reference) - link_to(name, options, html_options, *parameters_for_method_reference) if authorize_for(options[:controller] || params[:controller], options[:action]) + if options.is_a?(String) + begin + route = ActionController::Routing::Routes.recognize_path(options.gsub(/\?.*/,''), :method => options[:method] || :get) + link_controller = route[:controller] + link_action = route[:action] + rescue ActionController::RoutingError # Parse failed, not a route + link_controller, link_action = nil, nil + end + else + link_controller = options[:controller] || params[:controller] + link_action = options[:action] + end + + link_to(name, options, html_options, *parameters_for_method_reference) if authorize_for(link_controller, link_action) end # Display a link to remote if user is authorized |