Fixed: cannot retrieve members for closed projects through the REST API (#15848).

git-svn-id: http://svn.redmine.org/redmine/trunk@12650 e93f8b46-1217-0410-a6f0-8f06a7374b81

2 files changed, 2 insertions, 1 deletions

diff --git a/lib/redmine.rb b/lib/redmine.rb
index 0c78b99d9..d35f82847 100644
--- a/lib/redmine.rb
+++ b/lib/redmine.rb
@@ -86,6 +86,7 @@ Redmine::AccessControl.map do |map|
   map.permission :edit_project, {:projects => [:settings, :edit, :update]}, :require => :member
   map.permission :close_project, {:projects => [:close, :reopen]}, :require => :member, :read => true
   map.permission :select_project_modules, {:projects => :modules}, :require => :member
+  map.permission :view_members, {:members => [:index, :show]}, :public => true, :read => true
   map.permission :manage_members, {:projects => :settings, :members => [:index, :show, :create, :update, :destroy, :autocomplete]}, :require => :member
   map.permission :manage_versions, {:projects => :settings, :versions => [:new, :create, :edit, :update, :close_completed, :destroy]}, :require => :member
   map.permission :add_subprojects, {:projects => [:new, :create]}, :require => :member
diff --git a/lib/redmine/access_control.rb b/lib/redmine/access_control.rb
index 7c4a5a5ec..56927845d 100644
--- a/lib/redmine/access_control.rb
+++ b/lib/redmine/access_control.rb
@@ -60,7 +60,7 @@ module Redmine
           !perm.nil? && perm.read?
         else
           s = "#{action[:controller]}/#{action[:action]}"
-          permissions.detect {|p| p.actions.include?(s) && !p.read?}.nil?
+          permissions.detect {|p| p.actions.include?(s) && p.read?}.present?
         end
       end