Mercurial > hg > soundsoftware-site

annotate lib/redmine/access_control.rb @ 8:0c83d98252d9 yuya

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
* Add custom repo prefix and proper auth realm, remove auth cache (seems like an unwise feature), pass DB handle around, various other bits of tidying
author Chris Cannam
date Thu, 12 Aug 2010 15:31:37 +0100
parents 513646585e45
children cbb26bc654de
rev   line source
Chris@0 1 # redMine - project management software
Chris@0 2 # Copyright (C) 2006-2007 Jean-Philippe Lang
Chris@0 3 #
Chris@0 4 # This program is free software; you can redistribute it and/or
Chris@0 5 # modify it under the terms of the GNU General Public License
Chris@0 6 # as published by the Free Software Foundation; either version 2
Chris@0 7 # of the License, or (at your option) any later version.
Chris@0 8 #
Chris@0 9 # This program is distributed in the hope that it will be useful,
Chris@0 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
Chris@0 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
Chris@0 12 # GNU General Public License for more details.
Chris@0 13 #
Chris@0 14 # You should have received a copy of the GNU General Public License
Chris@0 15 # along with this program; if not, write to the Free Software
Chris@0 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
Chris@0 17
Chris@0 18 module Redmine
Chris@0 19 module AccessControl
Chris@0 20
Chris@0 21 class << self
Chris@0 22 def map
Chris@0 23 mapper = Mapper.new
Chris@0 24 yield mapper
Chris@0 25 @permissions ||= []
Chris@0 26 @permissions += mapper.mapped_permissions
Chris@0 27 end
Chris@0 28
Chris@0 29 def permissions
Chris@0 30 @permissions
Chris@0 31 end
Chris@0 32
Chris@0 33 # Returns the permission of given name or nil if it wasn't found
Chris@0 34 # Argument should be a symbol
Chris@0 35 def permission(name)
Chris@0 36 permissions.detect {|p| p.name == name}
Chris@0 37 end
Chris@0 38
Chris@0 39 # Returns the actions that are allowed by the permission of given name
Chris@0 40 def allowed_actions(permission_name)
Chris@0 41 perm = permission(permission_name)
Chris@0 42 perm ? perm.actions : []
Chris@0 43 end
Chris@0 44
Chris@0 45 def public_permissions
Chris@0 46 @public_permissions ||= @permissions.select {|p| p.public?}
Chris@0 47 end
Chris@0 48
Chris@0 49 def members_only_permissions
Chris@0 50 @members_only_permissions ||= @permissions.select {|p| p.require_member?}
Chris@0 51 end
Chris@0 52
Chris@0 53 def loggedin_only_permissions
Chris@0 54 @loggedin_only_permissions ||= @permissions.select {|p| p.require_loggedin?}
Chris@0 55 end
Chris@0 56
Chris@0 57 def available_project_modules
Chris@0 58 @available_project_modules ||= @permissions.collect(&:project_module).uniq.compact
Chris@0 59 end
Chris@0 60
Chris@0 61 def modules_permissions(modules)
Chris@0 62 @permissions.select {|p| p.project_module.nil? || modules.include?(p.project_module.to_s)}
Chris@0 63 end
Chris@0 64 end
Chris@0 65
Chris@0 66 class Mapper
Chris@0 67 def initialize
Chris@0 68 @project_module = nil
Chris@0 69 end
Chris@0 70
Chris@0 71 def permission(name, hash, options={})
Chris@0 72 @permissions ||= []
Chris@0 73 options.merge!(:project_module => @project_module)
Chris@0 74 @permissions << Permission.new(name, hash, options)
Chris@0 75 end
Chris@0 76
Chris@0 77 def project_module(name, options={})
Chris@0 78 @project_module = name
Chris@0 79 yield self
Chris@0 80 @project_module = nil
Chris@0 81 end
Chris@0 82
Chris@0 83 def mapped_permissions
Chris@0 84 @permissions
Chris@0 85 end
Chris@0 86 end
Chris@0 87
Chris@0 88 class Permission
Chris@0 89 attr_reader :name, :actions, :project_module
Chris@0 90
Chris@0 91 def initialize(name, hash, options)
Chris@0 92 @name = name
Chris@0 93 @actions = []
Chris@0 94 @public = options[:public] || false
Chris@0 95 @require = options[:require]
Chris@0 96 @project_module = options[:project_module]
Chris@0 97 hash.each do |controller, actions|
Chris@0 98 if actions.is_a? Array
Chris@0 99 @actions << actions.collect {|action| "#{controller}/#{action}"}
Chris@0 100 else
Chris@0 101 @actions << "#{controller}/#{actions}"
Chris@0 102 end
Chris@0 103 end
Chris@0 104 @actions.flatten!
Chris@0 105 end
Chris@0 106
Chris@0 107 def public?
Chris@0 108 @public
Chris@0 109 end
Chris@0 110
Chris@0 111 def require_member?
Chris@0 112 @require && @require == :member
Chris@0 113 end
Chris@0 114
Chris@0 115 def require_loggedin?
Chris@0 116 @require && (@require == :member || @require == :loggedin)
Chris@0 117 end
Chris@0 118 end
Chris@0 119 end
Chris@0 120 end