Mercurial > hg > soundsoftware-site

comparison .svn/pristine/d3/d36525152d9efe5f33a9df496757a5193831f75b.svn-base @ 1464:261b3d9a4903 redmine-2.4

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update to Redmine 2.4 branch rev 12663
author Chris Cannam
date Tue, 14 Jan 2014 14:37:42 +0000
parents
children
comparison
equal deleted inserted replaced
1296:038ba2d95de8 1464:261b3d9a4903
1 # Redmine - project management software
2 # Copyright (C) 2006-2013 Jean-Philippe Lang
3 #
4 # This program is free software; you can redistribute it and/or
5 # modify it under the terms of the GNU General Public License
6 # as published by the Free Software Foundation; either version 2
7 # of the License, or (at your option) any later version.
8 #
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
13 #
14 # You should have received a copy of the GNU General Public License
15 # along with this program; if not, write to the Free Software
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17
18 class Role < ActiveRecord::Base
19 # Custom coder for the permissions attribute that should be an
20 # array of symbols. Rails 3 uses Psych which can be *unbelievably*
21 # slow on some platforms (eg. mingw32).
22 class PermissionsAttributeCoder
23 def self.load(str)
24 str.to_s.scan(/:([a-z0-9_]+)/).flatten.map(&:to_sym)
25 end
26
27 def self.dump(value)
28 YAML.dump(value)
29 end
30 end
31
32 # Built-in roles
33 BUILTIN_NON_MEMBER = 1
34 BUILTIN_ANONYMOUS = 2
35
36 ISSUES_VISIBILITY_OPTIONS = [
37 ['all', :label_issues_visibility_all],
38 ['default', :label_issues_visibility_public],
39 ['own', :label_issues_visibility_own]
40 ]
41
42 scope :sorted, lambda { order("#{table_name}.builtin ASC, #{table_name}.position ASC") }
43 scope :givable, lambda { order("#{table_name}.position ASC").where(:builtin => 0) }
44 scope :builtin, lambda { |*args|
45 compare = (args.first == true ? 'not' : '')
46 where("#{compare} builtin = 0")
47 }
48
49 before_destroy :check_deletable
50 has_many :workflow_rules, :dependent => :delete_all do
51 def copy(source_role)
52 WorkflowRule.copy(nil, source_role, nil, proxy_association.owner)
53 end
54 end
55 has_and_belongs_to_many :custom_fields, :join_table => "#{table_name_prefix}custom_fields_roles#{table_name_suffix}", :foreign_key => "role_id"
56
57 has_many :member_roles, :dependent => :destroy
58 has_many :members, :through => :member_roles
59 acts_as_list
60
61 serialize :permissions, ::Role::PermissionsAttributeCoder
62 attr_protected :builtin
63
64 validates_presence_of :name
65 validates_uniqueness_of :name
66 validates_length_of :name, :maximum => 30
67 validates_inclusion_of :issues_visibility,
68 :in => ISSUES_VISIBILITY_OPTIONS.collect(&:first),
69 :if => lambda {|role| role.respond_to?(:issues_visibility)}
70
71 # Copies attributes from another role, arg can be an id or a Role
72 def copy_from(arg, options={})
73 return unless arg.present?
74 role = arg.is_a?(Role) ? arg : Role.find_by_id(arg.to_s)
75 self.attributes = role.attributes.dup.except("id", "name", "position", "builtin", "permissions")
76 self.permissions = role.permissions.dup
77 self
78 end
79
80 def permissions=(perms)
81 perms = perms.collect {|p| p.to_sym unless p.blank? }.compact.uniq if perms
82 write_attribute(:permissions, perms)
83 end
84
85 def add_permission!(*perms)
86 self.permissions = [] unless permissions.is_a?(Array)
87
88 permissions_will_change!
89 perms.each do |p|
90 p = p.to_sym
91 permissions << p unless permissions.include?(p)
92 end
93 save!
94 end
95
96 def remove_permission!(*perms)
97 return unless permissions.is_a?(Array)
98 permissions_will_change!
99 perms.each { |p| permissions.delete(p.to_sym) }
100 save!
101 end
102
103 # Returns true if the role has the given permission
104 def has_permission?(perm)
105 !permissions.nil? && permissions.include?(perm.to_sym)
106 end
107
108 def <=>(role)
109 if role
110 if builtin == role.builtin
111 position <=> role.position
112 else
113 builtin <=> role.builtin
114 end
115 else
116 -1
117 end
118 end
119
120 def to_s
121 name
122 end
123
124 def name
125 case builtin
126 when 1; l(:label_role_non_member, :default => read_attribute(:name))
127 when 2; l(:label_role_anonymous, :default => read_attribute(:name))
128 else; read_attribute(:name)
129 end
130 end
131
132 # Return true if the role is a builtin role
133 def builtin?
134 self.builtin != 0
135 end
136
137 # Return true if the role is the anonymous role
138 def anonymous?
139 builtin == 2
140 end
141
142 # Return true if the role is a project member role
143 def member?
144 !self.builtin?
145 end
146
147 # Return true if role is allowed to do the specified action
148 # action can be:
149 # * a parameter-like Hash (eg. :controller => 'projects', :action => 'edit')
150 # * a permission Symbol (eg. :edit_project)
151 def allowed_to?(action)
152 if action.is_a? Hash
153 allowed_actions.include? "#{action[:controller]}/#{action[:action]}"
154 else
155 allowed_permissions.include? action
156 end
157 end
158
159 # Return all the permissions that can be given to the role
160 def setable_permissions
161 setable_permissions = Redmine::AccessControl.permissions - Redmine::AccessControl.public_permissions
162 setable_permissions -= Redmine::AccessControl.members_only_permissions if self.builtin == BUILTIN_NON_MEMBER
163 setable_permissions -= Redmine::AccessControl.loggedin_only_permissions if self.builtin == BUILTIN_ANONYMOUS
164 setable_permissions
165 end
166
167 # Find all the roles that can be given to a project member
168 def self.find_all_givable
169 Role.givable.all
170 end
171
172 # Return the builtin 'non member' role. If the role doesn't exist,
173 # it will be created on the fly.
174 def self.non_member
175 find_or_create_system_role(BUILTIN_NON_MEMBER, 'Non member')
176 end
177
178 # Return the builtin 'anonymous' role. If the role doesn't exist,
179 # it will be created on the fly.
180 def self.anonymous
181 find_or_create_system_role(BUILTIN_ANONYMOUS, 'Anonymous')
182 end
183
184 private
185
186 def allowed_permissions
187 @allowed_permissions ||= permissions + Redmine::AccessControl.public_permissions.collect {|p| p.name}
188 end
189
190 def allowed_actions
191 @actions_allowed ||= allowed_permissions.inject([]) { |actions, permission| actions += Redmine::AccessControl.allowed_actions(permission) }.flatten
192 end
193
194 def check_deletable
195 raise "Can't delete role" if members.any?
196 raise "Can't delete builtin role" if builtin?
197 end
198
199 def self.find_or_create_system_role(builtin, name)
200 role = where(:builtin => builtin).first
201 if role.nil?
202 role = create(:name => name, :position => 0) do |r|
203 r.builtin = builtin
204 end
205 raise "Unable to create the #{name} role." if role.new_record?
206 end
207 role
208 end
209 end