Mercurial > hg > soundsoftware-site

annotate lib/redmine/access_control.rb @ 1516:b450a9d58aed redmine-2.4

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update to Redmine SVN revision 13356 on 2.4-stable branch
author Chris Cannam
date Tue, 09 Sep 2014 09:28:31 +0100
parents e248c7af89ec
children dffacf8a6908
rev   line source
Chris@909 1 # Redmine - project management software
Chris@1494 2 # Copyright (C) 2006-2014 Jean-Philippe Lang
Chris@0 3 #
Chris@0 4 # This program is free software; you can redistribute it and/or
Chris@0 5 # modify it under the terms of the GNU General Public License
Chris@0 6 # as published by the Free Software Foundation; either version 2
Chris@0 7 # of the License, or (at your option) any later version.
Chris@909 8 #
Chris@0 9 # This program is distributed in the hope that it will be useful,
Chris@0 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
Chris@0 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
Chris@0 12 # GNU General Public License for more details.
Chris@909 13 #
Chris@0 14 # You should have received a copy of the GNU General Public License
Chris@0 15 # along with this program; if not, write to the Free Software
Chris@0 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
Chris@0 17
Chris@0 18 module Redmine
Chris@0 19 module AccessControl
Chris@909 20
Chris@0 21 class << self
Chris@0 22 def map
Chris@0 23 mapper = Mapper.new
Chris@0 24 yield mapper
Chris@0 25 @permissions ||= []
Chris@0 26 @permissions += mapper.mapped_permissions
Chris@0 27 end
Chris@909 28
Chris@0 29 def permissions
Chris@0 30 @permissions
Chris@0 31 end
Chris@909 32
Chris@0 33 # Returns the permission of given name or nil if it wasn't found
Chris@0 34 # Argument should be a symbol
Chris@0 35 def permission(name)
Chris@0 36 permissions.detect {|p| p.name == name}
Chris@0 37 end
Chris@909 38
Chris@0 39 # Returns the actions that are allowed by the permission of given name
Chris@0 40 def allowed_actions(permission_name)
Chris@0 41 perm = permission(permission_name)
Chris@0 42 perm ? perm.actions : []
Chris@0 43 end
Chris@909 44
Chris@0 45 def public_permissions
Chris@0 46 @public_permissions ||= @permissions.select {|p| p.public?}
Chris@0 47 end
Chris@909 48
Chris@0 49 def members_only_permissions
Chris@0 50 @members_only_permissions ||= @permissions.select {|p| p.require_member?}
Chris@0 51 end
Chris@909 52
Chris@0 53 def loggedin_only_permissions
Chris@0 54 @loggedin_only_permissions ||= @permissions.select {|p| p.require_loggedin?}
Chris@0 55 end
Chris@909 56
Chris@1115 57 def read_action?(action)
Chris@1115 58 if action.is_a?(Symbol)
Chris@1115 59 perm = permission(action)
Chris@1115 60 !perm.nil? && perm.read?
Chris@1115 61 else
Chris@1115 62 s = "#{action[:controller]}/#{action[:action]}"
Chris@1115 63 permissions.detect {|p| p.actions.include?(s) && !p.read?}.nil?
Chris@1115 64 end
Chris@1115 65 end
Chris@1115 66
Chris@0 67 def available_project_modules
Chris@0 68 @available_project_modules ||= @permissions.collect(&:project_module).uniq.compact
Chris@0 69 end
Chris@909 70
Chris@0 71 def modules_permissions(modules)
Chris@0 72 @permissions.select {|p| p.project_module.nil? || modules.include?(p.project_module.to_s)}
Chris@0 73 end
Chris@0 74 end
Chris@909 75
Chris@0 76 class Mapper
Chris@0 77 def initialize
Chris@0 78 @project_module = nil
Chris@0 79 end
Chris@909 80
Chris@0 81 def permission(name, hash, options={})
Chris@0 82 @permissions ||= []
Chris@0 83 options.merge!(:project_module => @project_module)
Chris@0 84 @permissions << Permission.new(name, hash, options)
Chris@0 85 end
Chris@909 86
Chris@0 87 def project_module(name, options={})
Chris@0 88 @project_module = name
Chris@0 89 yield self
Chris@0 90 @project_module = nil
Chris@0 91 end
Chris@909 92
Chris@0 93 def mapped_permissions
Chris@0 94 @permissions
Chris@0 95 end
Chris@0 96 end
Chris@909 97
Chris@0 98 class Permission
Chris@0 99 attr_reader :name, :actions, :project_module
Chris@909 100
Chris@0 101 def initialize(name, hash, options)
Chris@0 102 @name = name
Chris@0 103 @actions = []
Chris@0 104 @public = options[:public] || false
Chris@0 105 @require = options[:require]
Chris@1115 106 @read = options[:read] || false
Chris@0 107 @project_module = options[:project_module]
Chris@0 108 hash.each do |controller, actions|
Chris@0 109 if actions.is_a? Array
Chris@0 110 @actions << actions.collect {|action| "#{controller}/#{action}"}
Chris@0 111 else
Chris@0 112 @actions << "#{controller}/#{actions}"
Chris@0 113 end
Chris@0 114 end
Chris@0 115 @actions.flatten!
Chris@0 116 end
Chris@909 117
Chris@0 118 def public?
Chris@0 119 @public
Chris@0 120 end
Chris@909 121
Chris@0 122 def require_member?
Chris@0 123 @require && @require == :member
Chris@0 124 end
Chris@909 125
Chris@0 126 def require_loggedin?
Chris@0 127 @require && (@require == :member || @require == :loggedin)
Chris@0 128 end
Chris@1115 129
Chris@1115 130 def read?
Chris@1115 131 @read
Chris@1115 132 end
Chris@909 133 end
Chris@0 134 end
Chris@0 135 end