summaryrefslogtreecommitdiffstats
path: root/app/models/issue_query.rb
diff options
context:
space:
mode:
authorJean-Philippe Lang <jp_lang@yahoo.fr>2013-07-11 17:45:10 +0000
committerJean-Philippe Lang <jp_lang@yahoo.fr>2013-07-11 17:45:10 +0000
commit888c3581eb0fbfc5ede87a24f7f03bfa4f7d810b (patch)
tree17bb48e3b640635b2fa62b85e2b10ccaf5b4f65c /app/models/issue_query.rb
parent4545b906b4c58e2bd1d201fd18a49249aa571dfc (diff)
downloadredmine-888c3581eb0fbfc5ede87a24f7f03bfa4f7d810b.tar.gz
redmine-888c3581eb0fbfc5ede87a24f7f03bfa4f7d810b.zip
Role based custom queries (#1019).
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@11994 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/models/issue_query.rb')
-rw-r--r--app/models/issue_query.rb45
1 files changed, 41 insertions, 4 deletions
diff --git a/app/models/issue_query.rb b/app/models/issue_query.rb
index f9adf4697..b2e470d7a 100644
--- a/app/models/issue_query.rb
+++ b/app/models/issue_query.rb
@@ -45,9 +45,25 @@ class IssueQuery < Query
scope :visible, lambda {|*args|
user = args.shift || User.current
base = Project.allowed_to_condition(user, :view_issues, *args)
- user_id = user.logged? ? user.id : 0
-
- includes(:project).where("(#{table_name}.project_id IS NULL OR (#{base})) AND (#{table_name}.is_public = ? OR #{table_name}.user_id = ?)", true, user_id)
+ scope = includes(:project).where("#{table_name}.project_id IS NULL OR (#{base})")
+
+ if user.admin?
+ scope.where("#{table_name}.visibility <> ? OR #{table_name}.user_id = ?", VISIBILITY_PRIVATE, user.id)
+ elsif user.memberships.any?
+ scope.where("#{table_name}.visibility = ?" +
+ " OR (#{table_name}.visibility = ? AND #{table_name}.id IN (" +
+ "SELECT DISTINCT q.id FROM #{table_name} q" +
+ " INNER JOIN #{table_name_prefix}queries_roles#{table_name_suffix} qr on qr.query_id = q.id" +
+ " INNER JOIN #{MemberRole.table_name} mr ON mr.role_id = qr.role_id" +
+ " INNER JOIN #{Member.table_name} m ON m.id = mr.member_id AND m.user_id = ?" +
+ " WHERE q.project_id IS NULL OR q.project_id = m.project_id))" +
+ " OR #{table_name}.user_id = ?",
+ VISIBILITY_PUBLIC, VISIBILITY_ROLES, user.id, user.id)
+ elsif user.logged?
+ scope.where("#{table_name}.visibility = ? OR #{table_name}.user_id = ?", VISIBILITY_PUBLIC, user.id)
+ else
+ scope.where("#{table_name}.visibility = ?", VISIBILITY_PUBLIC)
+ end
}
def initialize(attributes=nil, *args)
@@ -57,7 +73,28 @@ class IssueQuery < Query
# Returns true if the query is visible to +user+ or the current user.
def visible?(user=User.current)
- (project.nil? || user.allowed_to?(:view_issues, project)) && (self.is_public? || self.user_id == user.id)
+ return true if user.admin?
+ return false unless project.nil? || user.allowed_to?(:view_issues, project)
+ case visibility
+ when VISIBILITY_PUBLIC
+ true
+ when VISIBILITY_ROLES
+ if project
+ (user.roles_for_project(project) & roles).any?
+ else
+ Member.where(:user_id => user.id).joins(:roles).where(:member_roles => {:role_id => roles.map(&:id)}).any?
+ end
+ else
+ user == self.user
+ end
+ end
+
+ def is_private?
+ visibility == VISIBILITY_PRIVATE
+ end
+
+ def is_public?
+ !is_private?
end
def initialize_available_filters
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-05 17:49:02 +0000