summaryrefslogtreecommitdiffstats
path: root/app/models/project.rb
diff options
context:
space:
mode:
authorJean-Philippe Lang <jp_lang@yahoo.fr>2014-09-28 14:51:08 +0000
committerJean-Philippe Lang <jp_lang@yahoo.fr>2014-09-28 14:51:08 +0000
commit7e7ac5340a281ed767066af0b5f4dd45a3d7076f (patch)
tree891640b0548c0d3063daddb219006d120fa312c3 /app/models/project.rb
parent9a7fb0ad7be0ee3403f5b89eb0c16b68c991d519 (diff)
downloadredmine-7e7ac5340a281ed767066af0b5f4dd45a3d7076f.tar.gz
redmine-7e7ac5340a281ed767066af0b5f4dd45a3d7076f.zip
Adds buit-in groups to give specific permissions to anonymous and non members users per project (#17976).
git-svn-id: http://svn.redmine.org/redmine/trunk@13417 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/models/project.rb')
-rw-r--r--app/models/project.rb26
1 files changed, 18 insertions, 8 deletions
diff --git a/app/models/project.rb b/app/models/project.rb
index 96de85517..6a428b209 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -32,7 +32,7 @@ class Project < ActiveRecord::Base
has_many :memberships, :class_name => 'Member'
has_many :member_principals, :class_name => 'Member',
:include => :principal,
- :conditions => "#{Principal.table_name}.type='Group' OR (#{Principal.table_name}.type='User' AND #{Principal.table_name}.status=#{Principal::STATUS_ACTIVE})"
+ :conditions => "#{Principal.table_name}.status=#{Principal::STATUS_ACTIVE}"
has_many :enabled_modules, :dependent => :delete_all
has_and_belongs_to_many :trackers, :order => "#{Tracker.table_name}.position"
@@ -191,11 +191,9 @@ class Project < ActiveRecord::Base
statement_by_role[role] = "#{Project.table_name}.is_public = #{connection.quoted_true}"
end
end
- if user.logged?
- user.projects_by_role.each do |role, projects|
- if role.allowed_to?(permission) && projects.any?
- statement_by_role[role] = "#{Project.table_name}.id IN (#{projects.collect(&:id).join(',')})"
- end
+ user.projects_by_role.each do |role, projects|
+ if role.allowed_to?(permission) && projects.any?
+ statement_by_role[role] = "#{Project.table_name}.id IN (#{projects.collect(&:id).join(',')})"
end
end
if statement_by_role.empty?
@@ -213,6 +211,12 @@ class Project < ActiveRecord::Base
end
end
+ def override_roles(role)
+ @override_members ||= memberships.where(:user_id => [GroupAnonymous.instance_id, GroupNonMember.instance_id]).all
+ member = @override_members.detect {|m| role.anonymous? ^ (m.user_id == GroupNonMember.instance_id)}
+ member ? member.roles : [role]
+ end
+
def principals
@principals ||= Principal.active.joins(:members).where("#{Member.table_name}.project_id = ?", id).uniq
end
@@ -305,6 +309,7 @@ class Project < ActiveRecord::Base
@actions_allowed = nil
@start_date = nil
@due_date = nil
+ @override_members = nil
base_reload(*args)
end
@@ -498,8 +503,13 @@ class Project < ActiveRecord::Base
# Users/groups issues can be assigned to
def assignable_users
- assignable = Setting.issue_group_assignment? ? member_principals : members
- assignable.select {|m| m.roles.detect {|role| role.assignable?}}.collect {|m| m.principal}.sort
+ types = ['User']
+ types << 'Group' if Setting.issue_group_assignment?
+
+ member_principals.
+ select {|m| types.include?(m.principal.type) && m.roles.detect(&:assignable?)}.
+ map(&:principal).
+ sort
end
# Returns the mail addresses of users that should be always notified on project events