summaryrefslogtreecommitdiffstats
path: root/app
diff options
context:
space:
mode:
authorJean-Philippe Lang <jp_lang@yahoo.fr>2007-08-29 16:52:35 +0000
committerJean-Philippe Lang <jp_lang@yahoo.fr>2007-08-29 16:52:35 +0000
commit603e11d7a5aa62f923e7b013cac6c66462131232 (patch)
treefbbb204d2b92b5a87b787d56fe3f9c62cc3f259b /app
parent8da5bad29516be6cbe1bc52e78837ac1ec292026 (diff)
downloadredmine-603e11d7a5aa62f923e7b013cac6c66462131232.tar.gz
redmine-603e11d7a5aa62f923e7b013cac6c66462131232.zip
Merged 0.6 branch into trunk.
Permissions management was rewritten. Some permissions can now be specifically defined for non member and anonymous users. This migration: * is irreversible (please, don't forget to *backup* your database before upgrading) * resets role's permissions (go to "Admin -> Roles & Permissions" to set them after upgrading) git-svn-id: http://redmine.rubyforge.org/svn/trunk@674 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app')
-rw-r--r--app/controllers/account_controller.rb22
-rw-r--r--app/controllers/admin_controller.rb12
-rw-r--r--app/controllers/application.rb92
-rw-r--r--app/controllers/boards_controller.rb4
-rw-r--r--app/controllers/documents_controller.rb2
-rw-r--r--app/controllers/issues_controller.rb30
-rw-r--r--app/controllers/messages_controller.rb3
-rw-r--r--app/controllers/projects_controller.rb115
-rw-r--r--app/controllers/queries_controller.rb9
-rw-r--r--app/controllers/repositories_controller.rb9
-rw-r--r--app/controllers/roles_controller.rb35
-rw-r--r--app/controllers/timelog_controller.rb7
-rw-r--r--app/controllers/users_controller.rb2
-rw-r--r--app/controllers/watchers_controller.rb4
-rw-r--r--app/controllers/welcome_controller.rb2
-rw-r--r--app/controllers/wiki_controller.rb3
-rw-r--r--app/helpers/application_helper.rb24
-rw-r--r--app/helpers/projects_helper.rb8
-rw-r--r--app/helpers/watchers_helper.rb2
-rw-r--r--app/models/attachment.rb6
-rw-r--r--app/models/changeset.rb6
-rw-r--r--app/models/document.rb2
-rw-r--r--app/models/issue.rb2
-rw-r--r--app/models/mail_handler.rb2
-rw-r--r--app/models/member.rb4
-rw-r--r--app/models/news.rb4
-rw-r--r--app/models/permission.rb68
-rw-r--r--app/models/query.rb2
-rw-r--r--app/models/role.rb78
-rw-r--r--app/models/user.rb83
-rw-r--r--app/models/wiki_content.rb7
-rw-r--r--app/views/admin/mail_options.rhtml23
-rw-r--r--app/views/boards/show.rhtml4
-rw-r--r--app/views/common/feed.atom.rxml26
-rw-r--r--app/views/issues/show.rhtml25
-rw-r--r--app/views/layouts/base.rhtml77
-rw-r--r--app/views/messages/show.rhtml2
-rw-r--r--app/views/projects/_form.rhtml2
-rw-r--r--app/views/projects/_members.rhtml2
-rw-r--r--app/views/projects/activity.rhtml33
-rw-r--r--app/views/projects/list.rhtml4
-rw-r--r--app/views/projects/list_issues.rhtml6
-rw-r--r--app/views/projects/list_news.rhtml4
-rw-r--r--app/views/projects/show.rhtml3
-rw-r--r--app/views/queries/_form.rhtml2
-rw-r--r--app/views/queries/index.rhtml6
-rw-r--r--app/views/reports/issue_report.rhtml2
-rw-r--r--app/views/repositories/revisions.rhtml1
-rw-r--r--app/views/repositories/show.rhtml7
-rw-r--r--app/views/roles/_form.rhtml25
-rw-r--r--app/views/roles/list.rhtml6
-rw-r--r--app/views/roles/report.rhtml37
-rw-r--r--app/views/wiki/show.rhtml4
53 files changed, 474 insertions, 476 deletions
diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb
index 8ee046a0c..44e4cc221 100644
--- a/app/controllers/account_controller.rb
+++ b/app/controllers/account_controller.rb
@@ -22,7 +22,6 @@ class AccountController < ApplicationController
# prevents login action to be filtered by check_if_login_required application scope filter
skip_before_filter :check_if_login_required, :only => [:login, :lost_password, :register]
- before_filter :require_login, :only => :logout
# Show user's account
def show
@@ -31,7 +30,7 @@ class AccountController < ApplicationController
# show only public projects and private projects that the logged in user is also a member of
@memberships = @user.memberships.select do |membership|
- membership.project.is_public? || (logged_in_user && logged_in_user.role_for_project(membership.project))
+ membership.project.is_public? || (User.current.role_for_project(membership.project))
end
rescue ActiveRecord::RecordNotFound
render_404
@@ -41,12 +40,12 @@ class AccountController < ApplicationController
def login
if request.get?
# Logout user
- self.logged_in_user = nil
+ self.logged_user = nil
else
# Authenticate user
user = User.try_to_login(params[:login], params[:password])
if user
- self.logged_in_user = user
+ self.logged_user = user
# generate a key and set cookie if autologin
if params[:autologin] && Setting.autologin?
token = Token.create(:user => user, :action => 'autologin')
@@ -62,8 +61,8 @@ class AccountController < ApplicationController
# Log out current user and redirect to welcome page
def logout
cookies.delete :autologin
- Token.delete_all(["user_id = ? AND action = ?", logged_in_user.id, "autologin"]) if logged_in_user
- self.logged_in_user = nil
+ Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin']) if User.current.logged?
+ self.logged_user = nil
redirect_to :controller => 'welcome'
end
@@ -140,4 +139,15 @@ class AccountController < ApplicationController
end
end
end
+
+private
+ def logged_user=(user)
+ if user && user.is_a?(User)
+ User.current = user
+ session[:user_id] = user.id
+ else
+ User.current = User.anonymous
+ session[:user_id] = nil
+ end
+ end
end
diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb
index 95d3505c7..78fd1aa15 100644
--- a/app/controllers/admin_controller.rb
+++ b/app/controllers/admin_controller.rb
@@ -46,14 +46,6 @@ class AdminController < ApplicationController
end
def mail_options
- @actions = Permission.find(:all, :conditions => ["mail_option=?", true]) || []
- if request.post?
- @actions.each { |a|
- a.mail_enabled = (params[:action_ids] || []).include? a.id.to_s
- a.save
- }
- flash.now[:notice] = l(:notice_successful_update)
- end
end
def test_email
@@ -61,8 +53,8 @@ class AdminController < ApplicationController
# Force ActionMailer to raise delivery errors so we can catch it
ActionMailer::Base.raise_delivery_errors = true
begin
- @test = Mailer.deliver_test(logged_in_user)
- flash[:notice] = l(:notice_email_sent, logged_in_user.mail)
+ @test = Mailer.deliver_test(User.current)
+ flash[:notice] = l(:notice_email_sent, User.current.mail)
rescue Exception => e
flash[:error] = l(:notice_email_error, e.message)
end
diff --git a/app/controllers/application.rb b/app/controllers/application.rb
index 3f5a2c76f..cac2d6464 100644
--- a/app/controllers/application.rb
+++ b/app/controllers/application.rb
@@ -16,48 +16,47 @@
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class ApplicationController < ActionController::Base
- before_filter :check_if_login_required, :set_localization
+ before_filter :user_setup, :check_if_login_required, :set_localization
filter_parameter_logging :password
REDMINE_SUPPORTED_SCM.each do |scm|
require_dependency "repository/#{scm.underscore}"
end
- def logged_in_user=(user)
- @logged_in_user = user
- session[:user_id] = (user ? user.id : nil)
+ def logged_in_user
+ User.current.logged? ? User.current : nil
end
- def logged_in_user
+ def current_role
+ @current_role ||= User.current.role_for_project(@project)
+ end
+
+ def user_setup
if session[:user_id]
- @logged_in_user ||= User.find(session[:user_id])
+ # existing session
+ User.current = User.find(session[:user_id])
+ elsif cookies[:autologin] && Setting.autologin?
+ # auto-login feature
+ User.current = User.find_by_autologin_key(autologin_key)
+ elsif params[:key] && accept_key_auth_actions.include?(params[:action])
+ # RSS key authentication
+ User.current = User.find_by_rss_key(params[:key])
else
- nil
+ User.current = User.anonymous
end
end
- # Returns the role that the logged in user has on the current project
- # or nil if current user is not a member of the project
- def logged_in_user_membership
- @user_membership ||= logged_in_user.role_for_project(@project)
- end
-
# check if login is globally required to access the application
def check_if_login_required
# no check needed if user is already logged in
- return true if logged_in_user
- # auto-login feature
- autologin_key = cookies[:autologin]
- if autologin_key && Setting.autologin?
- self.logged_in_user = User.find_by_autologin_key(autologin_key)
- end
+ return true if User.current.logged?
require_login if Setting.login_required?
end
def set_localization
lang = begin
- if self.logged_in_user and self.logged_in_user.language and !self.logged_in_user.language.empty? and GLoc.valid_languages.include? self.logged_in_user.language.to_sym
- self.logged_in_user.language
+ if !User.current.language.blank? and GLoc.valid_languages.include? User.current.language.to_sym
+ User.current.language
elsif request.env['HTTP_ACCEPT_LANGUAGE']
accept_lang = parse_qvalues(request.env['HTTP_ACCEPT_LANGUAGE']).first.split('-').first
if accept_lang and !accept_lang.empty? and GLoc.valid_languages.include? accept_lang.to_sym
@@ -71,7 +70,7 @@ class ApplicationController < ActionController::Base
end
def require_login
- unless self.logged_in_user
+ if !User.current.logged?
store_location
redirect_to :controller => "account", :action => "login"
return false
@@ -81,34 +80,17 @@ class ApplicationController < ActionController::Base
def require_admin
return unless require_login
- unless self.logged_in_user.admin?
+ if !User.current.admin?
render_403
return false
end
true
end
- # authorizes the user for the requested action.
+ # Authorize the user for the requested action
def authorize(ctrl = params[:controller], action = params[:action])
- unless @project.active?
- @project = nil
- render_404
- return false
- end
- # check if action is allowed on public projects
- if @project.is_public? and Permission.allowed_to_public "%s/%s" % [ ctrl, action ]
- return true
- end
- # if action is not public, force login
- return unless require_login
- # admin is always authorized
- return true if self.logged_in_user.admin?
- # if not admin, check membership permission
- if logged_in_user_membership and Permission.allowed_to_role( "%s/%s" % [ ctrl, action ], logged_in_user_membership )
- return true
- end
- render_403
- false
+ allowed = User.current.allowed_to?({:controller => ctrl, :action => action}, @project)
+ allowed ? true : (User.current.logged? ? render_403 : require_login)
end
# make sure that the user is a member of the project (or admin) if project is private
@@ -119,11 +101,8 @@ class ApplicationController < ActionController::Base
render_404
return false
end
- return true if @project.is_public?
- return false unless logged_in_user
- return true if logged_in_user.admin? || logged_in_user_membership
- render_403
- false
+ return true if @project.is_public? || User.current.member_of?(@project) || User.current.admin?
+ User.current.logged? ? render_403 : require_login
end
# store current uri in session.
@@ -154,6 +133,21 @@ class ApplicationController < ActionController::Base
render :template => "common/404", :layout => true, :status => 404
return false
end
+
+ def render_feed(items, options={})
+ @items = items.sort {|x,y| y.event_datetime <=> x.event_datetime }
+ @title = options[:title] || Setting.app_title
+ render :template => "common/feed.atom.rxml", :layout => false, :content_type => 'application/atom+xml'
+ end
+
+ def self.accept_key_auth(*actions)
+ actions = actions.flatten.map(&:to_s)
+ write_inheritable_attribute('accept_key_auth_actions', actions)
+ end
+
+ def accept_key_auth_actions
+ self.class.read_inheritable_attribute('accept_key_auth_actions') || []
+ end
# qvalues http header parser
# code taken from webrick
@@ -173,4 +167,4 @@ class ApplicationController < ActionController::Base
end
return tmp
end
-end \ No newline at end of file
+end
diff --git a/app/controllers/boards_controller.rb b/app/controllers/boards_controller.rb
index 0ad2645f8..2a90e9857 100644
--- a/app/controllers/boards_controller.rb
+++ b/app/controllers/boards_controller.rb
@@ -17,9 +17,7 @@
class BoardsController < ApplicationController
layout 'base'
- before_filter :find_project
- before_filter :authorize, :except => [:index, :show]
- before_filter :check_project_privacy, :only => [:index, :show]
+ before_filter :find_project, :authorize
helper :messages
include MessagesHelper
diff --git a/app/controllers/documents_controller.rb b/app/controllers/documents_controller.rb
index 3c7e56b43..5659e9ced 100644
--- a/app/controllers/documents_controller.rb
+++ b/app/controllers/documents_controller.rb
@@ -52,7 +52,7 @@ class DocumentsController < ApplicationController
a = Attachment.create(:container => @document, :file => file, :author => logged_in_user)
@attachments << a unless a.new_record?
} if params[:attachments] and params[:attachments].is_a? Array
- Mailer.deliver_attachments_add(@attachments) if !@attachments.empty? and Permission.find_by_controller_and_action(params[:controller], params[:action]).mail_enabled?
+ Mailer.deliver_attachments_add(@attachments) if !@attachments.empty? #and Permission.find_by_controller_and_action(params[:controller], params[:action]).mail_enabled?
redirect_to :action => 'show', :id => @document
end
diff --git a/app/controllers/issues_controller.rb b/app/controllers/issues_controller.rb
index 31cc6ae7d..56a9b11ca 100644
--- a/app/controllers/issues_controller.rb
+++ b/app/controllers/issues_controller.rb
@@ -72,8 +72,15 @@ class IssuesController < ApplicationController
unless params[:notes].empty?
journal = @issue.init_journal(self.logged_in_user, params[:notes])
if @issue.save
+ params[:attachments].each { |file|
+ next unless file.size > 0
+ a = Attachment.create(:container => @issue, :file => file, :author => logged_in_user)
+ journal.details << JournalDetail.new(:property => 'attachment',
+ :prop_key => a.id,
+ :value => a.filename) unless a.new_record?
+ } if params[:attachments] and params[:attachments].is_a? Array
flash[:notice] = l(:notice_successful_update)
- Mailer.deliver_issue_edit(journal) if Permission.find_by_controller_and_action(params[:controller], params[:action]).mail_enabled?
+ Mailer.deliver_issue_edit(journal) #if Permission.find_by_controller_and_action(params[:controller], params[:action]).mail_enabled?
redirect_to :action => 'show', :id => @issue
return
end
@@ -100,14 +107,14 @@ class IssuesController < ApplicationController
} if params[:attachments] and params[:attachments].is_a? Array
# Log time
- if logged_in_user.authorized_to(@project, "timelog/edit")
+ if current_role.allowed_to?(:log_time)
@time_entry ||= TimeEntry.new(:project => @project, :issue => @issue, :user => logged_in_user, :spent_on => Date.today)
@time_entry.attributes = params[:time_entry]
@time_entry.save
end
flash[:notice] = l(:notice_successful_update)
- Mailer.deliver_issue_edit(journal) if Permission.find_by_controller_and_action(params[:controller], params[:action]).mail_enabled?
+ Mailer.deliver_issue_edit(journal) #if Permission.find_by_controller_and_action(params[:controller], params[:action]).mail_enabled?
redirect_to :action => 'show', :id => @issue
end
rescue ActiveRecord::StaleObjectError
@@ -124,23 +131,6 @@ class IssuesController < ApplicationController
redirect_to :controller => 'projects', :action => 'list_issues', :id => @project
end
- def add_attachment
- # Save the attachments
- @attachments = []
- journal = @issue.init_journal(self.logged_in_user)
- params[:attachments].each { |file|
- next unless file.size > 0
- a = Attachment.create(:container => @issue, :file => file, :author => logged_in_user)
- @attachments << a unless a.new_record?
- journal.details << JournalDetail.new(:property => 'attachment',
- :prop_key => a.id,
- :value => a.filename) unless a.new_record?
- } if params[:attachments] and params[:attachments].is_a? Array
- journal.save if journal.details.any?
- Mailer.deliver_attachments_add(@attachments) if !@attachments.empty? and Permission.find_by_controller_and_action(params[:controller], params[:action]).mail_enabled?
- redirect_to :action => 'show', :id => @issue
- end
-
def destroy_attachment
a = @issue.attachments.find(params[:attachment_id])
a.destroy
diff --git a/app/controllers/messages_controller.rb b/app/controllers/messages_controller.rb
index 1b0d2a680..74a957d6c 100644
--- a/app/controllers/messages_controller.rb
+++ b/app/controllers/messages_controller.rb
@@ -17,8 +17,7 @@
class MessagesController < ApplicationController
layout 'base'
- before_filter :find_project, :check_project_privacy
- before_filter :require_login, :only => [:new, :reply]
+ before_filter :find_project, :authorize
verify :method => :post, :only => [ :reply, :destroy ], :redirect_to => { :action => :show }
diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb
index 0613f9e40..2f5e24e28 100644
--- a/app/controllers/projects_controller.rb
+++ b/app/controllers/projects_controller.rb
@@ -22,6 +22,7 @@ class ProjectsController < ApplicationController
before_filter :find_project, :except => [ :index, :list, :add ]
before_filter :authorize, :except => [ :index, :list, :add, :archive, :unarchive, :destroy ]
before_filter :require_admin, :only => [ :add, :archive, :unarchive, :destroy ]
+ accept_key_auth :activity, :calendar
cache_sweeper :project_sweeper, :only => [ :add, :edit, :archive, :unarchive, :destroy ]
cache_sweeper :issue_sweeper, :only => [ :add_issue ]
@@ -97,8 +98,7 @@ class ProjectsController < ApplicationController
@trackers = Tracker.find(:all, :order => 'position')
@open_issues_by_tracker = Issue.count(:group => :tracker, :joins => "INNER JOIN #{IssueStatus.table_name} ON #{IssueStatus.table_name}.id = #{Issue.table_name}.status_id", :conditions => ["project_id=? and #{IssueStatus.table_name}.is_closed=?", @project.id, false])
@total_issues_by_tracker = Issue.count(:group => :tracker, :conditions => ["project_id=?", @project.id])
-
- @key = logged_in_user.get_or_create_rss_key.value if logged_in_user
+ @key = User.current.rss_key
end
def settings
@@ -224,7 +224,7 @@ class ProjectsController < ApplicationController
Attachment.create(:container => @document, :file => a, :author => logged_in_user) unless a.size == 0
} if params[:attachments] and params[:attachments].is_a? Array
flash[:notice] = l(:notice_successful_create)
- Mailer.deliver_document_add(@document) if Permission.find_by_controller_and_action(params[:controller], params[:action]).mail_enabled?
+ Mailer.deliver_document_add(@document) #if Permission.find_by_controller_and_action(params[:controller], params[:action]).mail_enabled?
redirect_to :action => 'list_documents', :id => @project
end
end
@@ -268,7 +268,7 @@ class ProjectsController < ApplicationController
if @issue.save
@attachments.each(&:save)
flash[:notice] = l(:notice_successful_create)
- Mailer.deliver_issue_add(@issue) if Permission.find_by_controller_and_action(params[:controller], params[:action]).mail_enabled?
+ Mailer.deliver_issue_add(@issue) #if Permission.find_by_controller_and_action(params[:controller], params[:action]).mail_enabled?
redirect_to :action => 'list_issues', :id => @project
end
end
@@ -383,7 +383,7 @@ class ProjectsController < ApplicationController
redirect_to :action => 'list_issues', :id => @project and return unless @issues
@projects = []
# find projects to which the user is allowed to move the issue
- @logged_in_user.memberships.each {|m| @projects << m.project if Permission.allowed_to_role("projects/move_issues", m.role)}
+ User.current.memberships.each {|m| @projects << m.project if m.role.allowed_to?(:controller => 'projects', :action => 'move_issues')}
# issue can be moved to any tracker
@trackers = Tracker.find(:all)
if request.post? and params[:new_project_id] and params[:new_tracker_id]
@@ -424,7 +424,11 @@ class ProjectsController < ApplicationController
# Show news list of @project
def list_news
@news_pages, @news = paginate :news, :per_page => 10, :conditions => ["project_id=?", @project.id], :include => :author, :order => "#{News.table_name}.created_on DESC"
- render :action => "list_news", :layout => false if request.xhr?
+
+ respond_to do |format|
+ format.html { render :layout => false if request.xhr? }
+ format.atom { render_feed(@news, :title => "#{@project.name}: #{l(:label_news_plural)}") }
+ end
end
def add_file
@@ -437,7 +441,7 @@ class ProjectsController < ApplicationController
a = Attachment.create(:container => @version, :file => file, :author => logged_in_user)
@attachments << a unless a.new_record?
} if params[:attachments] and params[:attachments].is_a? Array
- Mailer.deliver_attachments_add(@attachments) if !@attachments.empty? and Permission.find_by_controller_and_action(params[:controller], params[:action]).mail_enabled?
+ Mailer.deliver_attachments_add(@attachments) if !@attachments.empty? #and Permission.find_by_controller_and_action(params[:controller], params[:action]).mail_enabled?
redirect_to :controller => 'projects', :action => 'list_files', :id => @project
end
@versions = @project.versions.sort
@@ -471,80 +475,67 @@ class ProjectsController < ApplicationController
@year ||= Date.today.year
@month ||= Date.today.month
- @date_from = Date.civil(@year, @month, 1)
- @date_to = @date_from >> 1
+ case params[:format]
+ when 'rss'
+ # 30 last days
+ @date_from = Date.today - 30
+ @date_to = Date.today + 1
+ else
+ # current month
+ @date_from = Date.civil(@year, @month, 1)
+ @date_to = @date_from >> 1
+ end
- @events_by_day = Hash.new { |h,k| h[k] = [] }
+ @event_types = %w(issues news attachments documents wiki_edits revisions)
+ @event_types.delete('wiki_edits') unless @project.wiki
+ @event_types.delete('changesets') unless @project.repository
- unless params[:show_issues] == "0"
- @project.issues.find(:all, :include => [:author], :conditions => ["#{Issue.table_name}.created_on BETWEEN ? AND ?", @date_from, @date_to] ).each { |i|
- @events_by_day[i.created_on.to_date] << i
- }
- @project.issue_changes.find(:all, :include => :details, :conditions => ["(#{Journal.table_name}.created_on BETWEEN ? AND ?) AND (#{JournalDetail.table_name}.prop_key = 'status_id')", @date_from, @date_to] ).each { |i|
- @events_by_day[i.created_on.to_date] << i
- }
- @show_issues = 1
+ @scope = @event_types.select {|t| params["show_#{t}"]}
+ # default events if none is specified in parameters
+ @scope = (@event_types - %w(wiki_edits))if @scope.empty?
+
+ @events = []
+
+ if @scope.include?('issues')
+ @events += @project.issues.find(:all, :include => [:author, :tracker], :conditions => ["#{Issue.table_name}.created_on>=? and #{Issue.table_name}.created_on<=?", @date_from, @date_to] )
end
- unless params[:show_news] == "0"
- @project.news.find(:all, :conditions => ["#{News.table_name}.created_on BETWEEN ? AND ?", @date_from, @date_to], :include => :author ).each { |i|
- @events_by_day[i.created_on.to_date] << i
- }
- @show_news = 1
+ if @scope.include?('news')
+ @events += @project.news.find(:all, :conditions => ["#{News.table_name}.created_on>=? and #{News.table_name}.created_on<=?", @date_from, @date_to], :include => :author )
end
- unless params[:show_files] == "0"
- Attachment.find(:all, :select => "#{Attachment.table_name}.*",
- :joins => "LEFT JOIN #{Version.table_name} ON #{Version.table_name}.id = #{Attachment.table_name}.container_id",
- :conditions => ["#{Attachment.table_name}.container_type='Version' and #{Version.table_name}.project_id=? and #{Attachment.table_name}.created_on BETWEEN ? AND ? ", @project.id, @date_from, @date_to],
- :include => :author ).each { |i|
- @events_by_day[i.created_on.to_date] << i
- }
- @show_files = 1
+ if @scope.include?('attachments')
+ @events += Attachment.find(:all, :select => "#{Attachment.table_name}.*", :joins => "LEFT JOIN #{Version.table_name} ON #{Version.table_name}.id = #{Attachment.table_name}.container_id", :conditions => ["#{Attachment.table_name}.container_type='Version' and #{Version.table_name}.project_id=? and #{Attachment.table_name}.created_on>=? and #{Attachment.table_name}.created_on<=?", @project.id, @date_from, @date_to], :include => :author )
end
- unless params[:show_documents] == "0"
- @project.documents.find(:all, :conditions => ["#{Document.table_name}.created_on BETWEEN ? AND ?", @date_from, @date_to] ).each { |i|
- @events_by_day[i.created_on.to_date] << i
- }
- Attachment.find(:all, :select => "attachments.*",
- :joins => "LEFT JOIN #{Document.table_name} ON #{Document.table_name}.id = #{Attachment.table_name}.container_id",
- :conditions => ["#{Attachment.table_name}.container_type='Document' and #{Document.table_name}.project_id=? and #{Attachment.table_name}.created_on BETWEEN ? AND ? ", @project.id, @date_from, @date_to],
- :include => :author ).each { |i|
- @events_by_day[i.created_on.to_date] << i
- }
- @show_documents = 1
+ if @scope.include?('documents')
+ @events += @project.documents.find(:all, :conditions => ["#{Document.table_name}.created_on>=? and #{Document.table_name}.created_on<=?", @date_from, @date_to] )
+ @events += Attachment.find(:all, :select => "attachments.*", :joins => "LEFT JOIN #{Document.table_name} ON #{Document.table_name}.id = #{Attachment.table_name}.container_id", :conditions => ["#{Attachment.table_name}.container_type='Document' and #{Document.table_name}.project_id=? and #{Attachment.table_name}.created_on>=? and #{Attachment.table_name}.created_on<=?", @project.id, @date_from, @date_to], :include => :author )
end
- unless @project.wiki.nil? || params[:show_wiki_edits] == "0"
+ if @scope.include?('wiki_edits') && @project.wiki
select = "#{WikiContent.versioned_table_name}.updated_on, #{WikiContent.versioned_table_name}.comments, " +
- "#{WikiContent.versioned_table_name}.#{WikiContent.version_column}, #{WikiPage.table_name}.title"
+ "#{WikiContent.versioned_table_name}.#{WikiContent.version_column}, #{WikiPage.table_name}.title, " +
+ "#{WikiContent.versioned_table_name}.page_id, #{WikiContent.versioned_table_name}.author_id, " +
+ "#{WikiContent.versioned_table_name}.id"
joins = "LEFT JOIN #{WikiPage.table_name} ON #{WikiPage.table_name}.id = #{WikiContent.versioned_table_name}.page_id " +
"LEFT JOIN #{Wiki.table_name} ON #{Wiki.table_name}.id = #{WikiPage.table_name}.wiki_id "
conditions = ["#{Wiki.table_name}.project_id = ? AND #{WikiContent.versioned_table_name}.updated_on BETWEEN ? AND ?",
@project.id, @date_from, @date_to]
- WikiContent.versioned_class.find(:all, :select => select, :joins => joins, :conditions => conditions).each { |i|
- # We provide this alias so all events can be treated in the same manner
- def i.created_on
- self.updated_on
- end
- @events_by_day[i.created_on.to_date] << i
- }
- @show_wiki_edits = 1
+ @events += WikiContent.versioned_class.find(:all, :select => select, :joins => joins, :conditions => conditions)
end
- unless @project.repository.nil? || params[:show_changesets] == "0"
- @project.repository.changesets.find(:all, :conditions => ["#{Changeset.table_name}.committed_on BETWEEN ? AND ?", @date_from, @date_to]).each { |i|
- def i.created_on
- self.committed_on
- end
- @events_by_day[i.created_on.to_date] << i
- }
- @show_changesets = 1
+ if @scope.include?('revisions') && @project.repository
+ @events += @project.repository.changesets.find(:all, :conditions => ["#{Changeset.table_name}.committed_on BETWEEN ? AND ?", @date_from, @date_to])
end
- render :layout => false if request.xhr?
+ @events_by_day = @events.group_by(&:event_date)
+
+ respond_to do |format|
+ format.html { render :layout => false if request.xhr? }
+ format.atom { render_feed(@events, :title => "#{@project.name}: #{l(:label_activity)}") }
+ end
end
def calendar
@@ -630,7 +621,7 @@ class ProjectsController < ApplicationController
def feeds
@queries = @project.queries.find :all, :conditions => ["is_public=? or user_id=?", true, (logged_in_user ? logged_in_user.id : 0)]
- @key = logged_in_user.get_or_create_rss_key.value if logged_in_user
+ @key = User.current.rss_key
end
private
diff --git a/app/controllers/queries_controller.rb b/app/controllers/queries_controller.rb
index 631895284..bcc233699 100644
--- a/app/controllers/queries_controller.rb
+++ b/app/controllers/queries_controller.rb
@@ -16,9 +16,8 @@
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class QueriesController < ApplicationController
- layout 'base'
- before_filter :require_login, :except => :index
- before_filter :find_project, :check_project_privacy
+ layout 'base'
+ before_filter :find_project, :authorize
def index
@queries = @project.queries.find(:all,
@@ -31,7 +30,7 @@ class QueriesController < ApplicationController
@query.project = @project
@query.user = logged_in_user
@query.executed_by = logged_in_user
- @query.is_public = false unless logged_in_user.authorized_to(@project, 'projects/add_query')
+ @query.is_public = false unless current_role.allowed_to?(:manage_pulic_queries)
params[:fields].each do |field|
@query.add_filter(field, params[:operators][field], params[:values][field])
@@ -52,7 +51,7 @@ class QueriesController < ApplicationController
@query.add_filter(field, params[:operators][field], params[:values][field])
end if params[:fields]
@query.attributes = params[:query]
- @query.is_public = false unless logged_in_user.authorized_to(@project, 'projects/add_query')
+ @query.is_public = false unless current_role.allowed_to?(:manage_pulic_queries)
if @query.save
flash[:notice] = l(:notice_successful_update)
diff --git a/app/controllers/repositories_controller.rb b/app/controllers/repositories_controller.rb
index 5bcba8e3a..f99ea0b35 100644
--- a/app/controllers/repositories_controller.rb
+++ b/app/controllers/repositories_controller.rb
@@ -22,8 +22,8 @@ require 'digest/sha1'
class RepositoriesController < ApplicationController
layout 'base'
before_filter :find_project, :except => [:update_form]
- before_filter :authorize, :except => [:update_form, :stats, :graph]
- before_filter :check_project_privacy, :only => [:stats, :graph]
+ before_filter :authorize, :except => [:update_form]
+ accept_key_auth :revisions
def show
# check if new revisions have been committed in the repository
@@ -57,7 +57,10 @@ class RepositoriesController < ApplicationController
:limit => @changeset_pages.items_per_page,
:offset => @changeset_pages.current.offset)
- render :action => "revisions", :layout => false if request.xhr?
+ respond_to do |format|
+ format.html { render :layout => false if request.xhr? }
+ format.atom { render_feed(@changesets, :title => "#{@project.name}: #{l(:label_revision_plural)}") }
+ end
end
def entry
diff --git a/app/controllers/roles_controller.rb b/app/controllers/roles_controller.rb
index 6f1657675..24c7a3ffe 100644
--- a/app/controllers/roles_controller.rb
+++ b/app/controllers/roles_controller.rb
@@ -28,40 +28,35 @@ class RolesController < ApplicationController
end
def list
- @role_pages, @roles = paginate :roles, :per_page => 25, :order => "position"
+ @role_pages, @roles = paginate :roles, :per_page => 25, :order => 'builtin, position'
render :action => "list", :layout => false if request.xhr?
end
def new
@role = Role.new(params[:role])
- if request.post?
- @role.permissions = Permission.find(params[:permission_ids]) if params[:permission_ids]
- if @role.save
- flash[:notice] = l(:notice_successful_create)
- redirect_to :action => 'list'
- end
+ if request.post? && @role.save
+ flash[:notice] = l(:notice_successful_create)
+ redirect_to :action => 'list'
end
- @permissions = Permission.find(:all, :conditions => ["is_public=?", false], :order => 'sort ASC')
+ @permissions = @role.setable_permissions
end
def edit
@role = Role.find(params[:id])
if request.post? and @role.update_attributes(params[:role])
- @role.permissions = Permission.find(params[:permission_ids] || [])
- Permission.allowed_to_role_expired
flash[:notice] = l(:notice_successful_update)
redirect_to :action => 'list'
end
- @permissions = Permission.find(:all, :conditions => ["is_public=?", false], :order => 'sort ASC')
+ @permissions = @role.setable_permissions
end
def destroy
@role = Role.find(params[:id])
- unless @role.members.empty?
- flash[:error] = 'Some members have this role. Can\'t delete it.'
- else
+ #unless @role.members.empty?
+ # flash[:error] = 'Some members have this role. Can\'t delete it.'
+ #else
@role.destroy
- end
+ #end
redirect_to :action => 'list'
end
@@ -95,19 +90,19 @@ class RolesController < ApplicationController
flash[:notice] = l(:notice_successful_update)
end
end
- @roles = Role.find(:all, :order => 'position')
+ @roles = Role.find(:all, :order => 'builtin, position')
@trackers = Tracker.find(:all, :order => 'position')
@statuses = IssueStatus.find(:all, :include => :workflows, :order => 'position')
end
def report
- @roles = Role.find(:all, :order => 'position')
- @permissions = Permission.find :all, :conditions => ["is_public=?", false], :order => 'sort'
+ @roles = Role.find(:all, :order => 'builtin, position')
+ @permissions = Redmine::AccessControl.permissions.select { |p| !p.public? }
if request.post?
@roles.each do |role|
- role.permissions = Permission.find(params[:permission_ids] ? (params[:permission_ids][role.id.to_s] || []) : [] )
+ role.permissions = params[:permissions][role.id.to_s]
+ role.save
end
- Permission.allowed_to_role_expired
flash[:notice] = l(:notice_successful_update)
redirect_to :action => 'list'
end
diff --git a/app/controllers/timelog_controller.rb b/app/controllers/timelog_controller.rb
index 01c4ddca9..1c15fa564 100644
--- a/app/controllers/timelog_controller.rb
+++ b/app/controllers/timelog_controller.rb
@@ -16,11 +16,8 @@
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class TimelogController < ApplicationController
- layout 'base'
-
- before_filter :find_project
- before_filter :authorize, :only => :edit
- before_filter :check_project_privacy, :except => :edit
+ layout 'base'
+ before_filter :find_project, :authorize
helper :sort
include SortHelper
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 3e107287b..7e3abc75c 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -87,7 +87,7 @@ class UsersController < ApplicationController
end
end
@auth_sources = AuthSource.find(:all)
- @roles = Role.find(:all, :order => 'position')
+ @roles = Role.find_all_givable
@projects = Project.find(:all, :order => 'name', :conditions => "status=#{Project::STATUS_ACTIVE}") - @user.projects
@membership ||= Member.new
end
diff --git a/app/controllers/watchers_controller.rb b/app/controllers/watchers_controller.rb
index f617a5b5a..206dc0843 100644
--- a/app/controllers/watchers_controller.rb
+++ b/app/controllers/watchers_controller.rb
@@ -20,7 +20,7 @@ class WatchersController < ApplicationController
before_filter :require_login, :find_project, :check_project_privacy
def add
- user = logged_in_user
+ user = User.current
@watched.add_watcher(user)
respond_to do |format|
format.html { render :text => 'Watcher added.', :layout => true }
@@ -29,7 +29,7 @@ class WatchersController < ApplicationController
end
def remove
- user = logged_in_user
+ user = User.current
@watched.remove_watcher(user)
respond_to do |format|
format.html { render :text => 'Watcher removed.', :layout => true }
diff --git a/app/controllers/welcome_controller.rb b/app/controllers/welcome_controller.rb
index 7b1c398d1..2eac2268f 100644
--- a/app/controllers/welcome_controller.rb
+++ b/app/controllers/welcome_controller.rb
@@ -21,7 +21,5 @@ class WelcomeController < ApplicationController
def index
@news = News.latest logged_in_user
@projects = Project.latest logged_in_user
-
- @key = logged_in_user.get_or_create_rss_key.value if logged_in_user
end
end
diff --git a/app/controllers/wiki_controller.rb b/app/controllers/wiki_controller.rb
index 748821d72..e9212a1c7 100644
--- a/app/controllers/wiki_controller.rb
+++ b/app/controllers/wiki_controller.rb
@@ -19,8 +19,7 @@ require 'diff'
class WikiController < ApplicationController
layout 'base'
- before_filter :find_wiki, :check_project_privacy
- before_filter :authorize, :only => [:destroy, :add_attachment, :destroy_attachment]
+ before_filter :find_wiki, :authorize
verify :method => :post, :only => [:destroy, :destroy_attachment], :redirect_to => { :action => :index }
diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index 41becd0f2..550ce3c59 100644
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -25,32 +25,18 @@ end
module ApplicationHelper
- # Return current logged in user or nil
- def loggedin?
- @logged_in_user
+ def current_role
+ @current_role ||= User.current.role_for_project(@project)
end
- # Return true if user is logged in and is admin, otherwise false
- def admin_loggedin?
- @logged_in_user and @logged_in_user.admin?
- end
-
# Return true if user is authorized for controller/action, otherwise false
- def authorize_for(controller, action)
- # check if action is allowed on public projects
- if @project.is_public? and Permission.allowed_to_public "%s/%s" % [ controller, action ]
- return true
- end
- # check if user is authorized
- if @logged_in_user and (@logged_in_user.admin? or Permission.allowed_to_role( "%s/%s" % [ controller, action ], @logged_in_user.role_for_project(@project) ) )
- return true
- end
- return false
+ def authorize_for(controller, action)
+ User.current.allowed_to?({:controller => controller, :action => action}, @project)
end
# Display a link if user is authorized
def link_to_if_authorized(name, options = {}, html_options = nil, *parameters_for_method_reference)
- link_to(name, options, html_options, *parameters_for_method_reference) if authorize_for(options[:controller], options[:action])
+ link_to(name, options, html_options, *parameters_for_method_reference) if authorize_for(options[:controller] || params[:controller], options[:action])
end
# Display a link to user's account page
diff --git a/app/helpers/projects_helper.rb b/app/helpers/projects_helper.rb
index abf2bcf86..da674985b 100644
--- a/app/helpers/projects_helper.rb
+++ b/app/helpers/projects_helper.rb
@@ -175,4 +175,12 @@ module ProjectsHelper
gc.draw(imgl)
imgl
end if Object.const_defined?(:Magick)
+
+ def new_issue_selector
+ trackers = Tracker.find(:all, :order => 'position')
+ form_tag({:controller => 'projects', :action => 'add_issue', :id => @project}, :method => :get) +
+ select_tag('tracker_id', '<option></option' + options_from_collection_for_select(trackers, 'id', 'name'),
+ :onchange => "if (this.value != '') {this.form.submit()}") +
+ end_form_tag
+ end
end
diff --git a/app/helpers/watchers_helper.rb b/app/helpers/watchers_helper.rb
index 87b381055..c83c785fc 100644
--- a/app/helpers/watchers_helper.rb
+++ b/app/helpers/watchers_helper.rb
@@ -21,7 +21,7 @@ module WatchersHelper
end
def watcher_link(object, user)
- return '' unless user && object.respond_to?('watched_by?')
+ return '' unless user && user.logged? && object.respond_to?('watched_by?')
watched = object.watched_by?(user)
url = {:controller => 'watchers',
:action => (watched ? 'remove' : 'add'),
diff --git a/app/models/attachment.rb b/app/models/attachment.rb
index 443a75bab..f57038b96 100644
--- a/app/models/attachment.rb
+++ b/app/models/attachment.rb
@@ -24,7 +24,11 @@ class Attachment < ActiveRecord::Base
validates_presence_of :container, :filename
validates_length_of :filename, :maximum => 255
validates_length_of :disk_filename, :maximum => 255
-
+
+ acts_as_event :title => :filename,
+ :description => :filename,
+ :url => Proc.new {|o| {:controller => 'attachment', :action => 'download', :id => o.id}}
+
cattr_accessor :storage_path
@@storage_path = "#{RAILS_ROOT}/files"
diff --git a/app/models/changeset.rb b/app/models/changeset.rb
index 57e2d74a4..9400df869 100644
--- a/app/models/changeset.rb
+++ b/app/models/changeset.rb
@@ -19,6 +19,12 @@ class Changeset < ActiveRecord::Base
belongs_to :repository
has_many :changes, :dependent => :delete_all
has_and_belongs_to_many :issues
+
+ acts_as_event :title => Proc.new {|o| "#{l(:label_revision)} #{o.revision}" + (o.comments.blank? ? '' : (': ' + o.comments))},
+ :description => :comments,
+ :datetime => :committed_on,
+ :author => :committer,
+ :url => Proc.new {|o| {:controller => 'repositories', :action => 'revision', :id => o.repository.project_id, :rev => o.revision}}
validates_presence_of :repository_id, :revision, :committed_on, :commit_date
validates_numericality_of :revision, :only_integer => true
diff --git a/app/models/document.rb b/app/models/document.rb
index 8b5d68e87..6989191ce 100644
--- a/app/models/document.rb
+++ b/app/models/document.rb
@@ -20,6 +20,8 @@ class Document < ActiveRecord::Base
belongs_to :category, :class_name => "Enumeration", :foreign_key => "category_id"
has_many :attachments, :as => :container, :dependent => :destroy
+ acts_as_event :url => Proc.new {|o| {:controller => 'documents', :action => 'show', :id => o.id}}
+
validates_presence_of :project, :title, :category
validates_length_of :title, :maximum => 60
end
diff --git a/app/models/issue.rb b/app/models/issue.rb
index 65b34cb92..b6eda1767 100644
--- a/app/models/issue.rb
+++ b/app/models/issue.rb
@@ -36,6 +36,8 @@ class Issue < ActiveRecord::Base
has_many :relations_to, :class_name => 'IssueRelation', :foreign_key => 'issue_to_id', :dependent => :delete_all
acts_as_watchable
+ acts_as_event :title => Proc.new {|o| "#{o.tracker.name} ##{o.id}: #{o.subject}"},
+ :url => Proc.new {|o| {:controller => 'issues', :action => 'show', :id => o.id}}
validates_presence_of :subject, :description, :priority, :tracker, :author, :status
validates_length_of :subject, :maximum => 255
diff --git a/app/models/mail_handler.rb b/app/models/mail_handler.rb
index 39b088bf4..7a1d73244 100644
--- a/app/models/mail_handler.rb
+++ b/app/models/mail_handler.rb
@@ -31,7 +31,7 @@ class MailHandler < ActionMailer::Base
user = User.find_active(:first, :conditions => {:mail => email.from.first})
return unless user
# check permission
- return unless Permission.allowed_to_role("issues/add_note", user.role_for_project(issue.project))
+ return unless user.allowed_to?(:add_issue_notes, issue.project)
# add the note
issue.init_journal(user, email.body.chomp)
diff --git a/app/models/member.rb b/app/models/member.rb
index 2aa26d42f..39703147d 100644
--- a/app/models/member.rb
+++ b/app/models/member.rb
@@ -23,6 +23,10 @@ class Member < ActiveRecord::Base
validates_presence_of :role, :user, :project
validates_uniqueness_of :user_id, :scope => :project_id
+ def validate
+ errors.add :role_id, :activerecord_error_invalid if role && !role.member?
+ end
+
def name
self.user.name
end
diff --git a/app/models/news.rb b/app/models/news.rb
index e9a48846a..4352363d9 100644
--- a/app/models/news.rb
+++ b/app/models/news.rb
@@ -23,7 +23,9 @@ class News < ActiveRecord::Base
validates_presence_of :title, :description
validates_length_of :title, :maximum => 60
validates_length_of :summary, :maximum => 255
-
+
+ acts_as_event :url => Proc.new {|o| {:controller => 'news', :action => 'show', :id => o.id}}
+
# returns latest news for projects visible by user
def self.latest(user=nil, count=5)
find(:all, :limit => count, :conditions => Project.visible_by(user), :include => [ :author, :project ], :order => "#{News.table_name}.created_on DESC")
diff --git a/app/models/permission.rb b/app/models/permission.rb
deleted file mode 100644
index bea670c4c..000000000
--- a/app/models/permission.rb
+++ /dev/null
@@ -1,68 +0,0 @@
-# redMine - project management software
-# Copyright (C) 2006 Jean-Philippe Lang
-#
-# This program is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License
-# as published by the Free Software Foundation; either version 2
-# of the License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-
-class Permission < ActiveRecord::Base
- has_and_belongs_to_many :roles
-
- validates_presence_of :controller, :action, :description
-
- GROUPS = {
- 100 => :label_project,
- 200 => :label_member_plural,
- 300 => :label_version_plural,
- 400 => :label_issue_category_plural,
- 600 => :label_query_plural,
- 1000 => :label_issue_plural,
- 1100 => :label_news_plural,
- 1200 => :label_document_plural,
- 1300 => :label_attachment_plural,
- 1400 => :label_repository,
- 1500 => :label_time_tracking,
- 1700 => :label_wiki_page_plural,
- 2000 => :label_board_plural
- }.freeze
-
- @@cached_perms_for_public = nil
- @@cached_perms_for_roles = nil
-
- def name
- self.controller + "/" + self.action
- end
-
- def group_id
- (self.sort / 100)*100
- end
-
- def self.allowed_to_public(action)
- @@cached_perms_for_public ||= find(:all, :conditions => ["is_public=?", true]).collect {|p| "#{p.controller}/#{p.action}"}
- @@cached_perms_for_public.include? action
- end
-
- def self.allowed_to_role(action, role)
- @@cached_perms_for_roles ||=
- begin
- perms = {}
- find(:all, :include => :roles).each {|p| perms.store "#{p.controller}/#{p.action}", p.roles.collect {|r| r.id } }
- perms
- end
- allowed_to_public(action) or (role && @@cached_perms_for_roles[action] && @@cached_perms_for_roles[action].include?(role.id))
- end
-
- def self.allowed_to_role_expired
- @@cached_perms_for_roles = nil
- end
-end
diff --git a/app/models/query.rb b/app/models/query.rb
index 28f65ddf6..ff519d71c 100644
--- a/app/models/query.rb
+++ b/app/models/query.rb
@@ -78,7 +78,7 @@ class Query < ActiveRecord::Base
def editable_by?(user)
return false unless user
return true if !is_public && self.user_id == user.id
- is_public && user.authorized_to(project, "projects/add_query")
+ is_public && user.allowed_to?(:manage_pulic_queries, project)
end
def available_filters
diff --git a/app/models/role.rb b/app/models/role.rb
index 98d735e8e..015146dc4 100644
--- a/app/models/role.rb
+++ b/app/models/role.rb
@@ -16,23 +16,93 @@
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class Role < ActiveRecord::Base
- before_destroy :check_integrity
- has_and_belongs_to_many :permissions
+ # Built-in roles
+ BUILTIN_NON_MEMBER = 1
+ BUILTIN_ANONYMOUS = 2
+
+ before_destroy :check_deletable
has_many :workflows, :dependent => :delete_all
has_many :members
acts_as_list
+
+ serialize :permissions
+ attr_protected :builtin
validates_presence_of :name
validates_uniqueness_of :name
validates_length_of :name, :maximum => 30
validates_format_of :name, :with => /^[\w\s\'\-]*$/i
+ def permissions
+ read_attribute(:permissions) || []
+ end
+
+ def permissions=(perms)
+ perms = perms.collect {|p| p.to_sym unless p.blank? }.compact if perms
+ write_attribute(:permissions, perms)
+ end
+
def <=>(role)
position <=> role.position
end
+ # Return true if the role is a builtin role
+ def builtin?
+ self.builtin != 0
+ end
+
+ # Return true if the role is a project member role
+ def member?
+ !self.builtin?
+ end
+
+ # Return true if role is allowed to do the specified action
+ # action can be:
+ # * a parameter-like Hash (eg. :controller => 'projects', :action => 'edit')
+ # * a permission Symbol (eg. :edit_project)
+ def allowed_to?(action)
+ if action.is_a? Hash
+ allowed_actions.include? "#{action[:controller]}/#{action[:action]}"
+ else
+ allowed_permissions.include? action
+ end
+ end
+
+ # Return all the permissions that can be given to the role
+ def setable_permissions
+ setable_permissions = Redmine::AccessControl.permissions - Redmine::AccessControl.public_permissions
+ setable_permissions -= Redmine::AccessControl.members_only_permissions if self.builtin == BUILTIN_NON_MEMBER
+ setable_permissions -= Redmine::AccessControl.loggedin_only_permissions if self.builtin == BUILTIN_ANONYMOUS
+ setable_permissions
+ end
+
+ # Find all the roles that can be given to a project member
+ def self.find_all_givable
+ find(:all, :conditions => {:builtin => 0}, :order => 'position')
+ end
+
+ # Return the builtin 'non member' role
+ def self.non_member
+ find(:first, :conditions => {:builtin => BUILTIN_NON_MEMBER}) || raise('Missing non-member builtin role.')
+ end
+
+ # Return the builtin 'anonymous' role
+ def self.anonymous
+ find(:first, :conditions => {:builtin => BUILTIN_ANONYMOUS}) || raise('Missing anonymous builtin role.')
+ end
+
+
private
- def check_integrity
- raise "Can't delete role" if Member.find(:first, :conditions =>["role_id=?", self.id])
+ def allowed_permissions
+ @allowed_permissions ||= permissions + Redmine::AccessControl.public_permissions.collect {|p| p.name}
+ end
+
+ def allowed_actions
+ @actions_allowed ||= allowed_permissions.inject([]) { |actions, permission| actions += Redmine::AccessControl.allowed_actions(permission) }.flatten
+ end
+
+ def check_deletable
+ raise "Can't delete role" if members.any?
+ raise "Can't delete builtin role" if builtin?
end
end
diff --git a/app/models/user.rb b/app/models/user.rb
index a017b4289..4cb8da1f9 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -28,7 +28,7 @@ class User < ActiveRecord::Base
has_many :custom_values, :dependent => :delete_all, :as => :customized
has_many :issue_categories, :foreign_key => 'assigned_to_id', :dependent => :nullify
has_one :preference, :dependent => :destroy, :class_name => 'UserPreference'
- has_one :rss_key, :dependent => :destroy, :class_name => 'Token', :conditions => "action='feeds'"
+ has_one :rss_token, :dependent => :destroy, :class_name => 'Token', :conditions => "action='feeds'"
belongs_to :auth_source
attr_accessor :password, :password_confirmation
@@ -121,24 +121,14 @@ class User < ActiveRecord::Base
User.hash_password(clear_password) == self.hashed_password
end
- def role_for_project(project)
- return nil unless project
- member = memberships.detect {|m| m.project_id == project.id}
- member ? member.role : nil
- end
-
- def authorized_to(project, action)
- return true if self.admin?
- role = role_for_project(project)
- role && Permission.allowed_to_role(action, role)
- end
-
def pref
self.preference ||= UserPreference.new(:user => self)
end
- def get_or_create_rss_key
- self.rss_key || Token.create(:user => self, :action => 'feeds')
+ # Return user's RSS key (a 40 chars long string), used to access feeds
+ def rss_key
+ token = self.rss_token || Token.create(:user => self, :action => 'feeds')
+ token.value
end
def self.find_by_rss_key(key)
@@ -155,9 +145,72 @@ class User < ActiveRecord::Base
lastname == user.lastname ? firstname <=> user.firstname : lastname <=> user.lastname
end
+ def to_s
+ name
+ end
+
+ def logged?
+ true
+ end
+
+ # Return user's role for project
+ def role_for_project(project)
+ # No role on archived projects
+ return nil unless project && project.active?
+ # Find project membership
+ membership = memberships.detect {|m| m.project_id == project.id}
+ if membership
+ membership.role
+ elsif logged?
+ Role.non_member
+ else
+ Role.anonymous
+ end
+ end
+
+ # Return true if the user is a member of project
+ def member_of?(project)
+ role_for_project(project).member?
+ end
+
+ # Return true if the user is allowed to do the specified action on project
+ # action can be:
+ # * a parameter-like Hash (eg. :controller => 'projects', :action => 'edit')
+ # * a permission Symbol (eg. :edit_project)
+ def allowed_to?(action, project)
+ return false unless project.active?
+ return true if admin?
+ role = role_for_project(project)
+ return false unless role
+ role.allowed_to?(action) && (project.is_public? || role.member?)
+ end
+
+ def self.current=(user)
+ @current_user = user
+ end
+
+ def self.current
+ @current_user ||= AnonymousUser.new
+ end
+
+ def self.anonymous
+ AnonymousUser.new
+ end
+
private
# Return password digest
def self.hash_password(clear_password)
Digest::SHA1.hexdigest(clear_password || "")
end
end
+
+class AnonymousUser < User
+ def logged?
+ false
+ end
+
+ # Anonymous user has no RSS key
+ def rss_key
+ nil
+ end
+end
diff --git a/app/models/wiki_content.rb b/app/models/wiki_content.rb
index 2d0be8225..4b60a4373 100644
--- a/app/models/wiki_content.rb
+++ b/app/models/wiki_content.rb
@@ -28,7 +28,12 @@ class WikiContent < ActiveRecord::Base
belongs_to :page, :class_name => 'WikiPage', :foreign_key => 'page_id'
belongs_to :author, :class_name => 'User', :foreign_key => 'author_id'
attr_protected :data
-
+
+ acts_as_event :title => Proc.new {|o| "#{l(:label_wiki_edit)}: #{o.page.title} (##{o.version})"},
+ :description => :comments,
+ :datetime => :updated_on,
+ :url => Proc.new {|o| {:controller => 'wiki', :id => o.page.wiki.project_id, :page => o.page.title, :version => o.version}}
+
def text=(plain)
case Setting.wiki_compression
when 'gzip'
diff --git a/app/views/admin/mail_options.rhtml b/app/views/admin/mail_options.rhtml
index c70965776..cab94294f 100644
--- a/app/views/admin/mail_options.rhtml
+++ b/app/views/admin/mail_options.rhtml
@@ -1,26 +1,3 @@
<h2><%=l(:field_mail_notification)%></h2>
-<% form_tag({:action => 'mail_options'}, :id => 'mail_options_form') do %>
-
-<div class="box">
-<p><%=l(:text_select_mail_notifications)%></p>
-
-<% actions = @actions.group_by {|p| p.group_id } %>
-<% actions.keys.sort.each do |group_id| %>
-<fieldset style="margin-top: 6px;"><legend><strong><%= l(Permission::GROUPS[group_id]) %></strong></legend>
-<% actions[group_id].each do |p| %>
- <div style="width:170px;float:left;"><%= check_box_tag "action_ids[]", p.id, p.mail_enabled? %>
- <%= l(p.description.to_sym) %>
- </div>
-<% end %>
-<div class="clear"></div>
-</fieldset>
-<% end %>
-<br />
-<%= check_all_links('mail_options_form') %>
-</div>
-
-<p><%= submit_tag l(:button_save) %></p>
-<% end %>
-
<%= link_to l(:label_send_test_email), :action => 'test_email' %>
diff --git a/app/views/boards/show.rhtml b/app/views/boards/show.rhtml
index cb38cdb53..c31ec67e9 100644
--- a/app/views/boards/show.rhtml
+++ b/app/views/boards/show.rhtml
@@ -1,6 +1,6 @@
<div class="contextual">
-<%= link_to l(:label_message_new), {:controller => 'messages', :action => 'new', :board_id => @board}, :class => "icon icon-add" %>
-<%= watcher_tag(@board, @logged_in_user) %>
+<%= link_to_if_authorized l(:label_message_new), {:controller => 'messages', :action => 'new', :board_id => @board}, :class => "icon icon-add" %>
+<%= watcher_tag(@board, User.current) %>
</div>
<h2><%=h @board.name %></h2>
diff --git a/app/views/common/feed.atom.rxml b/app/views/common/feed.atom.rxml
new file mode 100644
index 000000000..fa00d754a
--- /dev/null
+++ b/app/views/common/feed.atom.rxml
@@ -0,0 +1,26 @@
+xml.instruct!
+xml.feed "xmlns" => "http://www.w3.org/2005/Atom" do
+ xml.title @title
+ xml.link "rel" => "self", "href" => url_for(params.merge({:format => nil, :only_path => false}))
+ xml.link "rel" => "alternate", "href" => url_for(:controller => 'welcome', :only_path => false)
+ xml.id url_for(:controller => 'welcome', :only_path => false)
+ xml.updated((@items.first ? @items.first.event_datetime : Time.now).xmlschema)
+ xml.author { xml.name "#{Setting.app_title}" }
+ xml.generator(:uri => Redmine::Info.url, :version => Redmine::VERSION) { xml.text! "#{Redmine::Info.name} #{Redmine::VERSION}" }
+ @items.each do |item|
+ xml.entry do
+ xml.title truncate(item.event_title, 100)
+ xml.link "rel" => "alternate", "href" => url_for(item.event_url(:only_path => false))
+ xml.id url_for(item.event_url(:only_path => false))
+ xml.updated item.event_datetime.xmlschema
+ author = item.event_author
+ xml.author do
+ xml.name(author.is_a?(User) ? author.name : author)
+ xml.email(author.mail) if author.is_a?(User)
+ end if author
+ xml.content "type" => "html" do
+ xml.text! textilizable(item.event_description)
+ end
+ end
+ end
+end
diff --git a/app/views/issues/show.rhtml b/app/views/issues/show.rhtml
index 078ecd1f5..70b19d1fc 100644
--- a/app/views/issues/show.rhtml
+++ b/app/views/issues/show.rhtml
@@ -58,7 +58,7 @@ end %>
<div class="contextual">
<%= link_to_if_authorized l(:button_edit), {:controller => 'issues', :action => 'edit', :id => @issue}, :class => 'icon icon-edit' %>
<%= link_to_if_authorized l(:button_log_time), {:controller => 'timelog', :action => 'edit', :issue_id => @issue}, :class => 'icon icon-time' %>
-<%= watcher_tag(@issue, @logged_in_user) %>
+<%= watcher_tag(@issue, User.current) %>
<%= link_to_if_authorized l(:button_move), {:controller => 'projects', :action => 'move_issues', :id => @project, "issue_ids[]" => @issue.id }, :class => 'icon icon-move' %>
<%= link_to_if_authorized l(:button_delete), {:controller => 'issues', :action => 'destroy', :id => @issue}, :confirm => l(:text_are_you_sure), :method => :post, :class => 'icon icon-del' %>
</div>
@@ -81,6 +81,13 @@ end %>
</div>
<% end %>
+<% if @issue.attachments.any? %>
+<div class="box">
+<h3><%=l(:label_attachment_plural)%></h3>
+<%= link_to_attachments @issue.attachments, :delete_url => (authorize_for('issues', 'destroy_attachment') ? {:controller => 'issues', :action => 'destroy_attachment', :id => @issue} : nil) %>
+</div>
+<% end %>
+
<% if @journals.any? %>
<div id="history" class="box">
<h3><%=l(:label_history)%></h3>
@@ -88,26 +95,14 @@ end %>
</div>
<% end %>
-<div class="box">
-<h3><%=l(:label_attachment_plural)%></h3>
-<%= link_to_attachments @issue.attachments, :delete_url => (authorize_for('issues', 'destroy_attachment') ? {:controller => 'issues', :action => 'destroy_attachment', :id => @issue} : nil) %>
-
-<% if authorize_for('issues', 'add_attachment') %>
-<p><%= toggle_link l(:label_attachment_new), "add_attachment_form" %></p>
-<% form_tag({ :controller => 'issues', :action => 'add_attachment', :id => @issue }, :multipart => true, :class => "tabular", :id => "add_attachment_form", :style => "display:none;") do %>
- <%= render :partial => 'attachments/form' %>
-<%= submit_tag l(:button_add) %>
-<% end %>
-<% end %>
-</div>
-
<% if authorize_for('issues', 'add_note') %>
<div class="box">
<h3><%= l(:label_add_note) %></h3>
- <% form_tag({:controller => 'issues', :action => 'add_note', :id => @issue}, :class => "tabular" ) do %>
+ <% form_tag({:controller => 'issues', :action => 'add_note', :id => @issue}, :class => "tabular", :multipart => true) do %>
<p><label for="notes"><%=l(:field_notes)%></label>
<%= text_area_tag 'notes', '', :cols => 60, :rows => 10, :class => 'wiki-edit' %></p>
<%= wikitoolbar_for 'notes' %>
+ <%= render :partial => 'attachments/form' %>
<%= submit_tag l(:button_add) %>
<% end %>
</div>
diff --git a/app/views/layouts/base.rhtml b/app/views/layouts/base.rhtml
index 38a2dbeb6..9c81a313b 100644
--- a/app/views/layouts/base.rhtml
+++ b/app/views/layouts/base.rhtml
@@ -27,7 +27,7 @@
<h2><%= Setting.app_subtitle %></h2>
</div>
<div style="float: right; padding-right: 1em; padding-top: 0.2em;">
- <% if loggedin? %><small><%=l(:label_logged_as)%> <strong><%= @logged_in_user.login %></strong> -</small><% end %>
+ <% if User.current.logged? %><small><%=l(:label_logged_as)%> <strong><%= User.current.login %></strong> -</small><% end %>
<small><%= toggle_link l(:label_search), 'quick-search-form', :focus => 'quick-search-input' %></small>
<% form_tag({:controller => 'search', :action => 'index', :id => @project}, :method => :get, :id => 'quick-search-form', :style => "display:none;" ) do %>
<%= text_field_tag 'q', @question, :size => 15, :class => 'small', :id => 'quick-search-input' %>
@@ -40,27 +40,23 @@
<li><%= link_to l(:label_home), { :controller => 'welcome' }, :class => "icon icon-home" %></li>
<li><%= link_to l(:label_my_page), { :controller => 'my', :action => 'page'}, :class => "icon icon-mypage" %></li>
- <% if loggedin? and @logged_in_user.memberships.any? %>
+ <% if User.current.memberships.any? %>
<li class="submenu"><%= link_to l(:label_project_plural), { :controller => 'projects' }, :class => "icon icon-projects", :onmouseover => "buttonMouseover(event, 'menuAllProjects');" %></li>
<% else %>
<li><%= link_to l(:label_project_plural), { :controller => 'projects' }, :class => "icon icon-projects" %></li>
<% end %>
-
- <% unless @project.nil? || @project.id.nil? %>
- <li class="submenu"><%= link_to @project.name, { :controller => 'projects', :action => 'show', :id => @project }, :class => "icon icon-projects", :onmouseover => "buttonMouseover(event, 'menuProject');" %></li>
- <% end %>
- <% if loggedin? %>
+ <% if User.current.logged? %>
<li><%= link_to l(:label_my_account), { :controller => 'my', :action => 'account' }, :class => "icon icon-user" %></li>
<% end %>
- <% if admin_loggedin? %>
+ <% if User.current.admin? %>
<li class="submenu"><%= link_to l(:label_administration), { :controller => 'admin' }, :class => "icon icon-admin", :onmouseover => "buttonMouseover(event, 'menuAdmin');" %></li>
<% end %>
<li class="right"><%= link_to l(:label_help), { :controller => 'help', :ctrl => params[:controller], :page => params[:action] }, :onclick => "window.open(this.href); return false;", :class => "icon icon-help" %></li>
- <% if loggedin? %>
+ <% if User.current.logged? %>
<li class="right"><%= link_to l(:label_logout), { :controller => 'account', :action => 'logout' }, :class => "icon icon-user" %></li>
<% else %>
<li class="right"><%= link_to l(:label_login), { :controller => 'account', :action => 'login' }, :class => "icon icon-user" %></li>
@@ -68,71 +64,28 @@
</ul>
</div>
- <% if admin_loggedin? %>
+ <% if User.current.admin? %>
<%= render :partial => 'admin/menu' %>
<% end %>
-
- <% unless @project.nil? || @project.id.nil? %>
- <div id="menuProject" class="menu" onmouseover="menuMouseover(event)">
- <%= link_to l(:label_calendar), {:controller => 'projects', :action => 'calendar', :id => @project }, :class => "menuItem" %>
- <%= link_to l(:label_gantt), {:controller => 'projects', :action => 'gantt', :id => @project }, :class => "menuItem" %>
- <%= link_to l(:label_issue_plural), {:controller => 'projects', :action => 'list_issues', :id => @project }, :class => "menuItem" %>
- <% if @project && authorize_for('projects', 'add_issue') %>
- <a class="menuItem" href="#" onmouseover="menuItemMouseover(event,'menuNewIssue');" onclick="this.blur(); return false;"><span class="menuItemText"><%= l(:label_issue_new) %></span><span class="menuItemArrow">&#9654;</span></a>
- <% end %>
- <%= link_to l(:label_report_plural), {:controller => 'reports', :action => 'issue_report', :id => @project }, :class => "menuItem" %>
- <%= link_to l(:label_activity), {:controller => 'projects', :action => 'activity', :id => @project }, :class => "menuItem" %>
- <%= link_to l(:label_news_plural), {:controller => 'projects', :action => 'list_news', :id => @project }, :class => "menuItem" %>
- <%= link_to l(:label_change_log), {:controller => 'projects', :action => 'changelog', :id => @project }, :class => "menuItem" %>
- <%= link_to l(:label_roadmap), {:controller => 'projects', :action => 'roadmap', :id => @project }, :class => "menuItem" %>
- <%= link_to l(:label_document_plural), {:controller => 'projects', :action => 'list_documents', :id => @project }, :class => "menuItem" %>
- <%= link_to l(:label_wiki), {:controller => 'wiki', :id => @project, :page => nil }, :class => "menuItem" if @project.wiki and !@project.wiki.new_record? %>
- <%= link_to l(:label_board_plural), {:controller => 'boards', :action => 'index', :project_id => @project, :id => nil }, :class => "menuItem" unless @project.boards.empty? %>
- <%= link_to l(:label_attachment_plural), {:controller => 'projects', :action => 'list_files', :id => @project }, :class => "menuItem" %>
- <%= link_to l(:label_search), {:controller => 'search', :action => 'index', :id => @project }, :class => "menuItem" %>
- <%= link_to l(:label_repository), {:controller => 'repositories', :action => 'show', :id => @project}, :class => "menuItem" if @project.repository and !@project.repository.new_record? %>
- <%= link_to_if_authorized l(:label_settings), {:controller => 'projects', :action => 'settings', :id => @project }, :class => "menuItem" %>
- </div>
- <% end %>
-
- <% if @project && authorize_for('projects', 'add_issue') %>
- <div id="menuNewIssue" class="menu" onmouseover="menuMouseover(event)">
- <% Tracker.find(:all, :order => 'position').each do |tracker| %>
- <%= link_to tracker.name, {:controller => 'projects', :action => 'add_issue', :id => @project, :tracker_id => tracker}, :class => "menuItem" %>
- <% end %>
- </div>
- <% end %>
- <% if loggedin? and @logged_in_user.memberships.any? %>
+ <% if User.current.memberships.any? %>
<div id="menuAllProjects" class="menu" onmouseover="menuMouseover(event)">
<%= link_to l(:label_project_all), {:controller => 'projects' }, :class => "menuItem" %>
- <% @logged_in_user.memberships.find(:all, :limit => 20).each do |membership| %>
+ <% User.current.memberships.find(:all, :limit => 20).each do |membership| %>
<%= link_to membership.project.name, {:controller => 'projects',:action => 'show', :id => membership.project }, :class => "menuItem" %>
<% end %>
</div>
<% end %>
- <div id="subcontent">
-
- <% unless @project.nil? || @project.id.nil? %>
+ <div id="subcontent">
+ <% if @project && !@project.new_record? %>
<h2><%= @project.name %></h2>
<ul class="menublock">
- <li><%= link_to l(:label_overview), :controller => 'projects', :action => 'show', :id => @project %></li>
- <li><%= link_to l(:label_calendar), :controller => 'projects', :action => 'calendar', :id => @project %></li>
- <li><%= link_to l(:label_gantt), :controller => 'projects', :action => 'gantt', :id => @project %></li>
- <li><%= link_to l(:label_issue_plural), :controller => 'projects', :action => 'list_issues', :id => @project %></li>
- <li><%= link_to l(:label_report_plural), :controller => 'reports', :action => 'issue_report', :id => @project %></li>
- <li><%= link_to l(:label_activity), :controller => 'projects', :action => 'activity', :id => @project %></li>
- <li><%= link_to l(:label_news_plural), :controller => 'projects', :action => 'list_news', :id => @project %></li>
- <li><%= link_to l(:label_change_log), :controller => 'projects', :action => 'changelog', :id => @project %></li>
- <li><%= link_to l(:label_roadmap), :controller => 'projects', :action => 'roadmap', :id => @project %></li>
- <li><%= link_to l(:label_document_plural), :controller => 'projects', :action => 'list_documents', :id => @project %></li>
- <%= content_tag("li", link_to(l(:label_wiki), :controller => 'wiki', :id => @project, :page => nil)) if @project.wiki and !@project.wiki.new_record? %>
- <%= content_tag("li", link_to(l(:label_board_plural), :controller => 'boards', :action => 'index', :project_id => @project, :id => nil)) unless @project.boards.empty? %>
- <li><%= link_to l(:label_attachment_plural), :controller => 'projects', :action => 'list_files', :id => @project %></li>
- <li><%= link_to l(:label_search), :controller => 'search', :action => 'index', :id => @project %></li>
- <%= content_tag("li", link_to(l(:label_repository), :controller => 'repositories', :action => 'show', :id => @project)) if @project.repository and !@project.repository.new_record? %>
- <li><%= link_to_if_authorized l(:label_settings), :controller => 'projects', :action => 'settings', :id => @project %></li>
+ <% Redmine::MenuManager.allowed_items(:project_menu, current_role).each do |item| %>
+ <% unless item.condition && !item.condition.call(@project) %>
+ <li><%= link_to l(item.name), {item.param => @project}.merge(item.url) %></li>
+ <% end %>
+ <% end %>
</ul>
<% end %>
</div>
diff --git a/app/views/messages/show.rhtml b/app/views/messages/show.rhtml
index c18eb524e..3e546ceea 100644
--- a/app/views/messages/show.rhtml
+++ b/app/views/messages/show.rhtml
@@ -13,7 +13,7 @@
<div class="wiki"><p><%= textilizable message.content %></p></div>
<% end %>
-<% if @logged_in_user %>
+<% if authorize_for('messages', 'reply') %>
<p><%= toggle_link l(:button_reply), "reply", :focus => "reply_content" %></p>
<div id="reply" style="display:none;">
<%= error_messages_for 'message' %>
diff --git a/app/views/projects/_form.rhtml b/app/views/projects/_form.rhtml
index 585217e16..55527e080 100644
--- a/app/views/projects/_form.rhtml
+++ b/app/views/projects/_form.rhtml
@@ -4,7 +4,7 @@
<!--[form:project]-->
<p><%= f.text_field :name, :required => true %><br /><em><%= l(:text_caracters_maximum, 30) %></em></p>
-<% if admin_loggedin? and !@root_projects.empty? %>
+<% if User.current.admin? and !@root_projects.empty? %>
<p><%= f.select :parent_id, (@root_projects.collect {|p| [p.name, p.id]}), { :include_blank => true } %></p>
<% end %>
diff --git a/app/views/projects/_members.rhtml b/app/views/projects/_members.rhtml
index 1924e430a..affaf7854 100644
--- a/app/views/projects/_members.rhtml
+++ b/app/views/projects/_members.rhtml
@@ -1,5 +1,5 @@
<%= error_messages_for 'member' %>
-<% roles = Role.find(:all, :order => 'position') %>
+<% roles = Role.find_all_givable %>
<% users = User.find_active(:all) - @project.users %>
<table class="list">
diff --git a/app/views/projects/activity.rhtml b/app/views/projects/activity.rhtml
index d510ce08b..fd731cd8f 100644
--- a/app/views/projects/activity.rhtml
+++ b/app/views/projects/activity.rhtml
@@ -5,14 +5,11 @@
<% form_tag do %>
<p><%= select_month(@month, :prefix => "month", :discard_type => true) %>
<%= select_year(@year, :prefix => "year", :discard_type => true) %></p>
-<p>
- <%= check_box_tag 'show_issues', 1, @show_issues %><%= hidden_field_tag 'show_issues', 0, :id => nil %> <%=l(:label_issue_plural)%><br />
- <% if @project.repository %><%= check_box_tag 'show_changesets', 1, @show_changesets %><%= hidden_field_tag 'show_changesets', 0, :id => nil %> <%=l(:label_revision_plural)%><br /><% end %>
- <%= check_box_tag 'show_news', 1, @show_news %><%= hidden_field_tag 'show_news', 0, :id => nil %> <%=l(:label_news_plural)%><br />
- <%= check_box_tag 'show_files', 1, @show_files %><%= hidden_field_tag 'show_files', 0, :id => nil %> <%=l(:label_attachment_plural)%><br />
- <%= check_box_tag 'show_documents', 1, @show_documents %><%= hidden_field_tag 'show_documents', 0, :id => nil %> <%=l(:label_document_plural)%><br />
- <% if @project.wiki %><%= check_box_tag 'show_wiki_edits', 1, @show_wiki_edits %><%= hidden_field_tag 'show_wiki_edits', 0, :id => nil %> <%=l(:label_wiki_edit_plural)%><% end %>
-</p>
+
+<p><% @event_types.each do |t| %>
+<%= check_box_tag "show_#{t}", 1, @scope.include?(t) %> <%= l("label_#{t.singularize}_plural")%><br />
+<% end %></p>
+
<p class="textcenter"><%= submit_tag l(:button_apply), :class => 'button-small' %></p>
<% end %>
</div>
@@ -20,33 +17,33 @@
<% @events_by_day.keys.sort {|x,y| y <=> x }.each do |day| %>
<h3><%= day_name(day.cwday) %> <%= day.day %></h3>
<ul>
- <% @events_by_day[day].sort {|x,y| y.created_on <=> x.created_on }.each do |e| %>
+ <% @events_by_day[day].sort {|x,y| y.event_datetime <=> x.event_datetime }.each do |e| %>
<li><p>
<% if e.is_a? Issue %>
- <%= e.created_on.strftime("%H:%M") %> <%= link_to_issue e %>: <%=h e.subject %><br />
+ <%= e.event_datetime.strftime("%H:%M") %> <%= link_to_issue e %>: <%=h e.subject %><br />
<i><%= e.author.name %></i>
<% elsif e.is_a? Journal %>
<%= e.created_on.strftime("%H:%M") %> <%= link_to_issue e.journalized %>
(<%=h (status = IssueStatus.find_by_id(e.details.first.value)) ? status.name : '?' %>): <%=h e.journalized.subject %><br />
<em><%=h e.user.name %><%=h ": #{truncate(e.notes, 500)}" unless e.notes.blank? %></em>
<% elsif e.is_a? News %>
- <%= e.created_on.strftime("%H:%M") %> <%=l(:label_news)%>: <%= link_to h(e.title), :controller => 'news', :action => 'show', :id => e %><br />
+ <%= e.event_datetime.strftime("%H:%M") %> <%=l(:label_news)%>: <%= link_to h(e.title), :controller => 'news', :action => 'show', :id => e %><br />
<% unless e.summary.empty? %><%=h e.summary %><br /><% end %>
<i><%= e.author.name %></i>
<% elsif (e.is_a? Attachment) and (e.container.is_a? Version) %>
- <%= e.created_on.strftime("%H:%M") %> <%=l(:label_attachment)%> (<%=h e.container.name %>): <%= link_to e.filename, :controller => 'projects', :action => 'list_files', :id => @project %><br />
+ <%= e.event_datetime.strftime("%H:%M") %> <%=l(:label_attachment)%> (<%=h e.container.name %>): <%= link_to e.filename, :controller => 'projects', :action => 'list_files', :id => @project %><br />
<i><%= e.author.name %></i>
<% elsif (e.is_a? Attachment) and (e.container.is_a? Document) %>
- <%= e.created_on.strftime("%H:%M") %> <%=l(:label_attachment)%>: <%= e.filename %> (<%= link_to h(e.container.title), :controller => 'documents', :action => 'show', :id => e.container %>)<br />
+ <%= e.event_datetime.strftime("%H:%M") %> <%=l(:label_attachment)%>: <%= e.filename %> (<%= link_to h(e.container.title), :controller => 'documents', :action => 'show', :id => e.container %>)<br />
<i><%= e.author.name %></i>
<% elsif e.is_a? Document %>
- <%= e.created_on.strftime("%H:%M") %> <%=l(:label_document)%>: <%= link_to h(e.title), :controller => 'documents', :action => 'show', :id => e %><br />
+ <%= e.event_datetime.strftime("%H:%M") %> <%=l(:label_document)%>: <%= link_to h(e.title), :controller => 'documents', :action => 'show', :id => e %><br />
<% elsif e.is_a? WikiContent.versioned_class %>
- <%= e.created_on.strftime("%H:%M") %> <%=l(:label_wiki_edit)%>: <%= link_to h(WikiPage.pretty_title(e.title)), :controller => 'wiki', :page => e.title %>
+ <%= e.event_datetime.strftime("%H:%M") %> <%=l(:label_wiki_edit)%>: <%= link_to h(WikiPage.pretty_title(e.title)), :controller => 'wiki', :page => e.title %>
(<%= link_to '#' + e.version.to_s, :controller => 'wiki', :page => e.title, :version => e.version %><%= ', ' + link_to('diff', :controller => 'wiki', :action => 'diff', :page => e.title, :version => e.version) if e.version > 1 %>)<br />
<% unless e.comments.blank? %><em><%=h e.comments %></em><% end %>
<% elsif e.is_a? Changeset %>
- <%= e.created_on.strftime("%H:%M") %> <%=l(:label_revision)%> <%= link_to h(e.revision), :controller => 'repositories', :action => 'revision', :id => @project, :rev => e.revision %><br />
+ <%= e.event_datetime.strftime("%H:%M") %> <%=l(:label_revision)%> <%= link_to h(e.revision), :controller => 'repositories', :action => 'revision', :id => @project, :rev => e.revision %><br />
<em><%=h e.committer.blank? ? "anonymous" : e.committer %><%= h(": #{truncate(e.comments, 500)}") unless e.comments.blank? %></em>
<% end %>
</p></li>
@@ -69,3 +66,7 @@
</div>
<br />
</div>
+
+<% content_for :header_tags do %>
+<%= auto_discovery_link_tag(:atom, params.merge({:format => 'atom', :year => nil, :month => nil, :key => User.current.rss_key})) %>
+<% end %>
diff --git a/app/views/projects/list.rhtml b/app/views/projects/list.rhtml
index 24448be48..1fc3aab56 100644
--- a/app/views/projects/list.rhtml
+++ b/app/views/projects/list.rhtml
@@ -10,7 +10,7 @@
<% for project in @projects %>
<tr class="<%= cycle("odd", "even") %>">
<td>
- <%= link_to project.name, {:action => 'show', :id => project}, :class => (@logged_in_user && @logged_in_user.role_for_project(project) ? "icon icon-fav" : "") %><br />
+ <%= link_to project.name, {:action => 'show', :id => project}, :class => (User.current.member_of?(project) ? "icon icon-fav" : "") %><br />
<%= textilizable project.description, :project => project %>
</td>
<td><%= link_to(project.parent.name, :action => 'show', :id => project.parent) unless project.parent.nil? %></td>
@@ -20,7 +20,7 @@
</tbody>
</table>
-<% if @logged_in_user %>
+<% if User.current.logged? %>
<div class="contextual">
<span class="icon icon-fav"><%= l(:label_my_projects) %></span>
</div>
diff --git a/app/views/projects/list_issues.rhtml b/app/views/projects/list_issues.rhtml
index 1cacf0055..5ebc4107e 100644
--- a/app/views/projects/list_issues.rhtml
+++ b/app/views/projects/list_issues.rhtml
@@ -1,6 +1,7 @@
<% if @query.new_record? %>
<div class="contextual">
<%= link_to l(:label_query_plural), :controller => 'queries', :project_id => @project %>
+ <% if authorize_for('projects', 'add_issues') %>| <%= l(:label_issue_new) %>: <%= new_issue_selector %><% end %>
</div>
<h2><%=l(:label_issue_plural)%></h2>
@@ -19,7 +20,7 @@
:update => "content",
}, :class => 'icon icon-reload' %>
- <% if loggedin? %>
+ <% if current_role.allowed_to?(:save_queries) %>
<%= link_to_remote l(:button_save),
{ :url => { :controller => 'queries', :action => 'new', :project_id => @project },
:method => 'get',
@@ -33,6 +34,7 @@
<div class="contextual">
<%= link_to l(:label_query_plural), {:controller => 'queries', :project_id => @project} %> |
<%= link_to l(:label_issue_view_all), {:controller => 'projects', :action => 'list_issues', :id => @project, :set_filter => 1} %>
+ <% if authorize_for('projects', 'add_issues') %>| <%= l(:label_issue_new) %>: <%= new_issue_selector %><% end %>
</div>
<h2><%= @query.name %></h2>
<% end %>
@@ -81,4 +83,4 @@
</p>
<% end %>
<% end %>
-<% end %> \ No newline at end of file
+<% end %>
diff --git a/app/views/projects/list_news.rhtml b/app/views/projects/list_news.rhtml
index 17a786260..4ab086d55 100644
--- a/app/views/projects/list_news.rhtml
+++ b/app/views/projects/list_news.rhtml
@@ -7,3 +7,7 @@
<% if @news.empty? %><p><i><%= l(:label_no_data) %></i></p><% end %>
<%= render :partial => 'news/news', :collection => @news %>
<%= pagination_links_full @news_pages %>
+
+<% content_for :header_tags do %>
+ <%= auto_discovery_link_tag(:atom, params.merge({:format => 'atom', :page => nil, :key => User.current.rss_key})) %>
+<% end %>
diff --git a/app/views/projects/show.rhtml b/app/views/projects/show.rhtml
index 9419fb2a1..5f641f6a4 100644
--- a/app/views/projects/show.rhtml
+++ b/app/views/projects/show.rhtml
@@ -20,6 +20,7 @@
</ul>
<div class="box">
+ <div class="contextual"><% if authorize_for('projects', 'add_issues') %><%= l(:label_issue_new) %>: <%= new_issue_selector %><% end %></div>
<h3 class="icon22 icon22-tracker"><%=l(:label_issue_tracking)%></h3>
<ul>
<% for tracker in @trackers %>
@@ -49,7 +50,7 @@
</div>
<% end %>
- <% if @news.any? %>
+ <% if @news.any? && authorize_for('projects', 'list_news') %>
<div class="box">
<h3><%=l(:label_news_latest)%></h3>
<%= render :partial => 'news/news', :collection => @news %>
diff --git a/app/views/queries/_form.rhtml b/app/views/queries/_form.rhtml
index 9482bd33a..d641fa0b5 100644
--- a/app/views/queries/_form.rhtml
+++ b/app/views/queries/_form.rhtml
@@ -5,7 +5,7 @@
<p><label for="query_name"><%=l(:field_name)%></label>
<%= text_field 'query', 'name', :size => 80 %></p>
-<% if authorize_for('projects', 'add_query') %>
+<% if current_role.allowed_to?(:manage_pulic_queries) %>
<p><label for="query_is_public"><%=l(:field_is_public)%></label>
<%= check_box 'query', 'is_public' %></p>
<% end %>
diff --git a/app/views/queries/index.rhtml b/app/views/queries/index.rhtml
index 69cfb8f98..71aa37497 100644
--- a/app/views/queries/index.rhtml
+++ b/app/views/queries/index.rhtml
@@ -1,7 +1,5 @@
<div class="contextual">
-<% if loggedin? %>
-<%= link_to l(:label_query_new), {:controller => 'queries', :action => 'new', :project_id => @project}, :class => 'icon icon-add' %>
-<% end %>
+<%= link_to_if_authorized l(:label_query_new), {:controller => 'queries', :action => 'new', :project_id => @project}, :class => 'icon icon-add' %>
</div>
<h2><%= l(:label_query_plural) %></h2>
@@ -17,7 +15,7 @@
</td>
<td align="right">
<small>
- <% if query.editable_by?(@logged_in_user) %>
+ <% if query.editable_by?(User.current) %>
<%= link_to l(:button_edit), {:controller => 'queries', :action => 'edit', :id => query}, :class => 'icon icon-edit' %>
<%= link_to l(:button_delete), {:controller => 'queries', :action => 'destroy', :id => query}, :confirm => l(:text_are_you_sure), :method => :post, :class => 'icon icon-del' %>
</small>
diff --git a/app/views/reports/issue_report.rhtml b/app/views/reports/issue_report.rhtml
index bf40e79ae..1d865acbc 100644
--- a/app/views/reports/issue_report.rhtml
+++ b/app/views/reports/issue_report.rhtml
@@ -1,4 +1,4 @@
-<% if @total_hours %>
+<% if @total_hours && authorize_for('timelog', 'reports') %>
<div style="float:right;text-align:right;">
<strong><%= l(:label_spent_time) %></strong>: <span class="icon icon-time"><%= lwr(:label_f_hour, @total_hours) %></span><br />
<%= link_to(l(:label_details), {:controller => 'timelog', :action => 'details', :project_id => @project}) %> |
diff --git a/app/views/repositories/revisions.rhtml b/app/views/repositories/revisions.rhtml
index 0c2655d5f..882d5ea4f 100644
--- a/app/views/repositories/revisions.rhtml
+++ b/app/views/repositories/revisions.rhtml
@@ -14,4 +14,5 @@
<% content_for :header_tags do %>
<%= stylesheet_link_tag "scm" %>
+<%= auto_discovery_link_tag(:atom, params.merge({:format => 'atom', :page => nil, :key => User.current.rss_key})) %>
<% end %>
diff --git a/app/views/repositories/show.rhtml b/app/views/repositories/show.rhtml
index fcf954473..c9f44d575 100644
--- a/app/views/repositories/show.rhtml
+++ b/app/views/repositories/show.rhtml
@@ -4,15 +4,18 @@
<h2><%= l(:label_repository) %> (<%= @repository.scm_name %>)</h2>
-<% unless @entries.nil? %>
+<% if !@entries.nil? && authorize_for('repositories', 'browse') %>
<h3><%= l(:label_browse) %></h3>
<%= render :partial => 'dir_list' %>
<% end %>
-<% unless @changesets.empty? %>
+<% if !@changesets.empty? && authorize_for('repositories', 'revisions') %>
<h3><%= l(:label_latest_revision_plural) %></h3>
<%= render :partial => 'revisions', :locals => {:project => @project, :path => '', :revisions => @changesets, :entry => nil }%>
<p><%= link_to l(:label_view_revisions), :action => 'revisions', :id => @project %></p>
+<% content_for :header_tags do %>
+ <%= auto_discovery_link_tag(:atom, params.merge({:format => 'atom', :action => 'revisions', :id => @project, :page => nil, :key => User.current.rss_key})) %>
+<% end %>
<% end %>
<% content_for :header_tags do %>
diff --git a/app/views/roles/_form.rhtml b/app/views/roles/_form.rhtml
index d69fff132..62e25e337 100644
--- a/app/views/roles/_form.rhtml
+++ b/app/views/roles/_form.rhtml
@@ -1,23 +1,20 @@
<%= error_messages_for 'role' %>
+
<div class="box">
-<!--[form:role]-->
-<p><%= f.text_field :name, :required => true %></p>
+<p><%= f.text_field :name, :required => true, :disabled => @role.builtin? %></p>
+</div>
<p><%= f.check_box :assignable %></p>
<div class="clear"></div>
-<h3><%=l(:label_permissions)%></h3>
-<% permissions = @permissions.group_by {|p| p.group_id } %>
-<% permissions.keys.sort.each do |group_id| %>
-<fieldset style="margin-top: 6px;"><legend><strong><%= l(Permission::GROUPS[group_id]) %></strong></legend>
-<% permissions[group_id].each do |p| %>
- <div style="width:170px;float:left;"><%= check_box_tag "permission_ids[]", p.id, (@role.permissions.include? p) %>
- <%= l(p.description.to_sym) %>
- </div>
+<fieldset class="box"><legend><%=l(:label_permissions)%></legend>
+<% @permissions.each do |permission| %>
+ <div style="width:220px;float:left;">
+ <%= check_box_tag 'role[permissions][]', permission.name, (@role.permissions.include? permission.name) %>
+ <%= permission.name.to_s.humanize %>
+ </div>
<% end %>
+<%= hidden_field_tag 'role[permissions][]', '' %>
<div class="clear"></div>
-</fieldset>
-<% end %>
<br />
<%= check_all_links 'role_form' %>
-<!--[eoform:role]-->
-</div>
+</fieldset>
diff --git a/app/views/roles/list.rhtml b/app/views/roles/list.rhtml
index e3e576ed1..14ae260aa 100644
--- a/app/views/roles/list.rhtml
+++ b/app/views/roles/list.rhtml
@@ -13,15 +13,17 @@
<tbody>
<% for role in @roles %>
<tr class="<%= cycle("odd", "even") %>">
- <td><%= link_to role.name, :action => 'edit', :id => role %></td>
+ <td><%= content_tag(role.builtin? ? 'em' : 'span', link_to(role.name, :action => 'edit', :id => role)) %></td>
<td align="center" style="width:15%;">
+ <% unless role.builtin? %>
<%= link_to image_tag('2uparrow.png', :alt => l(:label_sort_highest)), {:action => 'move', :id => role, :position => 'highest'}, :method => :post, :title => l(:label_sort_highest) %>
<%= link_to image_tag('1uparrow.png', :alt => l(:label_sort_higher)), {:action => 'move', :id => role, :position => 'higher'}, :method => :post, :title => l(:label_sort_higher) %> -
<%= link_to image_tag('1downarrow.png', :alt => l(:label_sort_lower)), {:action => 'move', :id => role, :position => 'lower'}, :method => :post, :title => l(:label_sort_lower) %>
<%= link_to image_tag('2downarrow.png', :alt => l(:label_sort_lowest)), {:action => 'move', :id => role, :position => 'lowest'}, :method => :post, :title => l(:label_sort_lowest) %>
+ <% end %>
</td>
<td align="center" style="width:10%;">
- <%= button_to l(:button_delete), { :action => 'destroy', :id => role }, :confirm => l(:text_are_you_sure), :class => "button-small" %>
+ <%= button_to(l(:button_delete), { :action => 'destroy', :id => role }, :confirm => l(:text_are_you_sure), :class => "button-small") unless role.builtin? %>
</tr>
<% end %>
</tbody>
diff --git a/app/views/roles/report.rhtml b/app/views/roles/report.rhtml
index 61e1e18e4..676e25f39 100644
--- a/app/views/roles/report.rhtml
+++ b/app/views/roles/report.rhtml
@@ -1,32 +1,31 @@
<h2><%=l(:label_permissions_report)%></h2>
<%= start_form_tag({:action => 'report'}, :id => 'permissions_form') %>
-
+<%= hidden_field_tag 'permissions[0]', '' %>
<table class="list">
-<thead><tr>
- <th><%=l(:label_permissions)%></th>
- <th colspan="<%= @roles.length %>"><%= l(:label_role_plural) %></th>
-</tr>
-</thead>
-<tbody>
-<% permissions = @permissions.group_by {|p| p.group_id } %>
-<% permissions.keys.sort.each do |group_id| %>
+<thead>
<tr>
- <th><%= l(Permission::GROUPS[group_id]) %></th>
- <% @roles.each do |role| %><th align="center"><small><%= role.name %></small></th><% end %>
- </tr>
- <% permissions[group_id].each do |p| %>
- <tr class="<%= cycle("odd", "even") %>">
- <td><%= l(p.description.to_sym) %></td>
+ <th><%=l(:label_permissions)%></th>
<% @roles.each do |role| %>
- <td align="center"><%= check_box_tag "permission_ids[#{role.id}][]", p.id, (role.permissions.include? p) %></td>
+ <th><%= content_tag(role.builtin? ? 'em' : 'span', h(role.name)) %></th>
<% end %>
</tr>
+</thead>
+<tbody>
+<% @permissions.each do |permission| %>
+ <tr class="<%= cycle('odd', 'even') %>">
+ <td><%= permission.name.to_s.humanize %></td>
+ <% @roles.each do |role| %>
+ <td align="center">
+ <% if role.setable_permissions.include? permission %>
+ <%= check_box_tag "permissions[#{role.id}][]", permission.name, (role.permissions.include? permission.name) %>
<% end %>
-<% reset_cycle
-end %>
+ </td>
+ <% end %>
+ </tr>
+<% end %>
</tbody>
</table>
<p><%= check_all_links 'permissions_form' %></p>
<p><%= submit_tag l(:button_save) %></p>
-<%= end_form_tag %> \ No newline at end of file
+<%= end_form_tag %>
diff --git a/app/views/wiki/show.rhtml b/app/views/wiki/show.rhtml
index c7a2985be..06eca76ee 100644
--- a/app/views/wiki/show.rhtml
+++ b/app/views/wiki/show.rhtml
@@ -1,7 +1,7 @@
<div class="contextual">
-<%= link_to(l(:button_edit), {:action => 'edit', :page => @page.title}, :class => 'icon icon-edit') if @content.version == @page.content.version %>
+<%= link_to_if_authorized(l(:button_edit), {:action => 'edit', :page => @page.title}, :class => 'icon icon-edit') if @content.version == @page.content.version %>
<%= link_to_if_authorized(l(:button_delete), {:action => 'destroy', :page => @page.title}, :method => :post, :confirm => l(:text_are_you_sure), :class => 'icon icon-del') %>
-<%= link_to(l(:button_rollback), {:action => 'edit', :page => @page.title, :version => @content.version }, :class => 'icon icon-cancel') if @content.version < @page.content.version %>
+<%= link_to_if_authorized(l(:button_rollback), {:action => 'edit', :page => @page.title, :version => @content.version }, :class => 'icon icon-cancel') if @content.version < @page.content.version %>
<%= link_to(l(:label_history), {:action => 'history', :page => @page.title}, :class => 'icon icon-history') %>
<%= link_to(l(:label_page_index), {:action => 'special', :page => 'Page_index'}, :class => 'icon icon-index') %>
</div>