diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2009-05-10 10:54:31 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2009-05-10 10:54:31 +0000 |
| commit | 7dccf9fda6f30d8f4b0c5eaad9f6e2a1e67cd643 (patch) | |
| tree | ba6a18abff6ca69af528b3d295263d049a22266f /app/models/user.rb | |
| parent | 814e138c2a1105f8d9d10c4362a889dd71aff32d (diff) | |
| download | redmine-7dccf9fda6f30d8f4b0c5eaad9f6e2a1e67cd643.tar.gz redmine-7dccf9fda6f30d8f4b0c5eaad9f6e2a1e67cd643.zip | |
Allows multiple roles on the same project (#706). Prerequisite for user groups feature.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2726 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/models/user.rb')
| -rw-r--r-- | app/models/user.rb | 24 |
1 files changed, 14 insertions, 10 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index 3c9a1c753..3c6f72387 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -33,7 +33,7 @@ class User < ActiveRecord::Base :username => '#{login}' } - has_many :memberships, :class_name => 'Member', :include => [ :project, :role ], :conditions => "#{Project.table_name}.status=#{Project::STATUS_ACTIVE}", :order => "#{Project.table_name}.name" + has_many :memberships, :class_name => 'Member', :include => [ :project, :roles ], :conditions => "#{Project.table_name}.status=#{Project::STATUS_ACTIVE}", :order => "#{Project.table_name}.name" has_many :members, :dependent => :delete_all has_many :projects, :through => :memberships has_many :issue_categories, :foreign_key => 'assigned_to_id', :dependent => :nullify @@ -229,26 +229,30 @@ class User < ActiveRecord::Base !logged? end - # Return user's role for project - def role_for_project(project) + # Return user's roles for project + def roles_for_project(project) + roles = [] # No role on archived projects - return nil unless project && project.active? + return roles unless project && project.active? if logged? # Find project membership membership = memberships.detect {|m| m.project_id == project.id} if membership - membership.role + roles = membership.roles else @role_non_member ||= Role.non_member + roles << @role_non_member end else @role_anonymous ||= Role.anonymous + roles << @role_anonymous end + roles end # Return true if the user is a member of project def member_of?(project) - role_for_project(project).member? + !roles_for_project(project).detect {|role| role.member?}.nil? end # Return true if the user is allowed to do the specified action on project @@ -264,13 +268,13 @@ class User < ActiveRecord::Base # Admin users are authorized for anything else return true if admin? - role = role_for_project(project) - return false unless role - role.allowed_to?(action) && (project.is_public? || role.member?) + roles = roles_for_project(project) + return false unless roles + roles.detect {|role| (project.is_public? || role.member?) && role.allowed_to?(action)} elsif options[:global] # authorize if user has at least one role that has this permission - roles = memberships.collect {|m| m.role}.uniq + roles = memberships.collect {|m| m.roles}.flatten.uniq roles.detect {|r| r.allowed_to?(action)} || (self.logged? ? Role.non_member.allowed_to?(action) : Role.anonymous.allowed_to?(action)) else false |