soundsoftware-site: app/controllers/.svn/text-base/issues

comparison app/controllers/.svn/text-base/issues_controller.rb.svn-base @ 441:cbce1fd3b1b7 redmine-1.2

Update to Redmine 1.2-stable branch (Redmine SVN rev 6000)

author	Chris Cannam
date	Mon, 06 Jun 2011 14:24:13 +0100
parents	0579821a129a
children	0c939c159af4

comparison

equal deleted inserted replaced

-:051f544170fe
+:cbce1fd3b1b7
 # Redmine - project management software
-# Copyright (C) 2006-2008  Jean-Philippe Lang
+# Copyright (C) 2006-2011  Jean-Philippe Lang
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License
 # as published by the Free Software Foundation; either version 2
 # of the License, or (at your option) any later version.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 class IssuesController < ApplicationController
 menu_item :new_issue, :only => [:new, :create]
 default_search_scope :issues
 before_filter :find_issue, :only => [:show, :edit, :update]
 before_filter :find_issues, :only => [:bulk_edit, :bulk_update, :move, :perform_move, :destroy]
 before_filter :check_project_uniqueness, :only => [:move, :perform_move]
 before_filter :find_project, :only => [:new, :create]
 before_filter :authorize, :except => [:index]
 before_filter :check_for_default_issue_status, :only => [:new, :create]
 before_filter :build_new_issue_from_params, :only => [:new, :create]
 accept_key_auth :index, :show, :create, :update, :destroy
 rescue_from Query::StatementInvalid, :with => :query_statement_invalid
 helper :journals
 helper :projects
 include ProjectsHelper
 helper :custom_fields
 include CustomFieldsHelper
 helper :issue_relations
 include IssueRelationsHelper
 helper :watchers
 :render => { :nothing => true, :status => :method_not_allowed }
 verify :method => :post, :only => :create, :render => {:nothing => true, :status => :method_not_allowed }
 verify :method => :post, :only => :bulk_update, :render => {:nothing => true, :status => :method_not_allowed }
 verify :method => :put, :only => :update, :render => {:nothing => true, :status => :method_not_allowed }
 def index
 retrieve_query
 sort_init(@query.sort_criteria.empty? ? [['id', 'desc']] : @query.sort_criteria)
 sort_update(@query.sortable_columns)
 if @query.valid?
 case params[:format]
 when 'csv', 'pdf'
 @limit = Setting.issues_export_limit.to_i
 when 'atom'
 when 'xml', 'json'
 @offset, @limit = api_offset_and_limit
 else
 @limit = per_page_option
 end
 @issue_count = @query.issue_count
 @issue_pages = Paginator.new self, @issue_count, @limit, params['page']
 @offset ||= @issue_pages.current.offset
 @issues = @query.issues(:include => [:assigned_to, :tracker, :priority, :category, :fixed_version],
 :order => sort_clause,
 :offset => @offset,
 :limit => @limit)
 @issue_count_by_group = @query.issue_count_by_group
 respond_to do |format|
 format.html { render :template => 'issues/index.rhtml', :layout => !request.xhr? }
 format.api
 format.atom { render_feed(@issues, :title => "#{@project || Setting.app_title}: #{l(:label_issue_plural)}") }
 format.csv  { send_data(issues_to_csv(@issues, @project), :type => 'text/csv; header=present', :filename => 'export.csv') }
 render(:template => 'issues/index.rhtml', :layout => !request.xhr?)
 end
 rescue ActiveRecord::RecordNotFound
 render_404
 end
 def show
 @journals = @issue.journals.find(:all, :include => [:user, :details], :order => "#{Journal.table_name}.created_on ASC")
 @journals.each_with_index {|j,i| j.indice = i+1}
 @journals.reverse! if User.current.wants_comments_in_reverse_order?
-@changesets = @issue.changesets.visible.all
-@changesets.reverse! if User.current.wants_comments_in_reverse_order?
+if User.current.allowed_to?(:view_changesets, @project)
+@changesets = @issue.changesets.visible.all
+@changesets.reverse! if User.current.wants_comments_in_reverse_order?
+end
 @relations = @issue.relations.select {|r| r.other_issue(@issue) && r.other_issue(@issue).visible? }
 @allowed_statuses = @issue.new_statuses_allowed_to(User.current)
 @edit_allowed = User.current.allowed_to?(:edit_issues, @project)
 @priorities = IssuePriority.all
-@time_entry = TimeEntry.new
+@time_entry = TimeEntry.new(:issue => @issue, :project => @issue.project)
 respond_to do |format|
 format.html { render :template => 'issues/show.rhtml' }
 format.api
 format.atom { render :template => 'journals/index', :layout => false, :content_type => 'application/atom+xml' }
 format.pdf  { send_data(issue_to_pdf(@issue), :type => 'application/pdf', :filename => "#{@project.identifier}-#{@issue.id}.pdf") }
 format.html { render :action => 'new' }
 format.api  { render_validation_errors(@issue) }
 end
 end
 end
 def edit
 update_issue_from_params
 @journal = @issue.current_journal
 end
 end
 set_flash_from_bulk_issue_save(@issues, unsaved_issue_ids)
 redirect_back_or_default({:controller => 'issues', :action => 'index', :project_id => @project})
 end
 def destroy
 @hours = TimeEntry.sum(:hours, :conditions => ['issue_id IN (?)', @issues]).to_f
 if @hours > 0
 case params[:todo]
 when 'destroy'
 else
 # display the destroy form if it's a user request
 return unless api_request?
 end
 end
-@issues.each(&:destroy)
+@issues.each do |issue|
+begin
+issue.reload.destroy
+rescue ::ActiveRecord::RecordNotFound # raised by #reload if issue no longer exists
+# nothing to do, issue was already deleted (eg. by a parent)
+end
+end
 respond_to do |format|
 format.html { redirect_back_or_default(:action => 'index', :project_id => @project) }
 format.api  { head :ok }
 end
 end
 private
 def find_issue
+# Issue.visible.find(...) can not be used to redirect user to the login form
+# if the issue actually exists but requires authentication
 @issue = Issue.find(params[:id], :include => [:project, :tracker, :status, :author, :priority, :category])
+unless @issue.visible?
+deny_access
+return
+end
 @project = @issue.project
 rescue ActiveRecord::RecordNotFound
 render_404
 end
 def find_project
 project_id = (params[:issue] && params[:issue][:project_id]) || params[:project_id]
 @project = Project.find(project_id)
 rescue ActiveRecord::RecordNotFound
 render_404
 end
 # Used by #edit and #update to set some common instance variables
 # from the params
 # TODO: Refactor, not everything in here is needed by #edit
 def update_issue_from_params
 @allowed_statuses = @issue.new_statuses_allowed_to(User.current)
 @priorities = IssuePriority.all
 @edit_allowed = User.current.allowed_to?(:edit_issues, @project)
-@time_entry = TimeEntry.new
+@time_entry = TimeEntry.new(:issue => @issue, :project => @issue.project)
 @time_entry.attributes = params[:time_entry]
 @notes = params[:notes] || (params[:issue].present? ? params[:issue][:notes] : nil)
 @issue.init_journal(User.current, @notes)
 @issue.safe_attributes = params[:issue]
 end
 @issue.copy_from(params[:copy_from]) if params[:copy_from]
 @issue.project = @project
 else
 @issue = @project.issues.visible.find(params[:id])
 end
 @issue.project = @project
 # Tracker must be set before custom field values
 @issue.tracker ||= @project.trackers.find((params[:issue] && params[:issue][:tracker_id]) || params[:tracker_id] || :first)
 if @issue.tracker.nil?
 render_error l(:error_no_tracker_in_project)

Mercurial > hg > soundsoftware-site

comparison app/controllers/.svn/text-base/issues_controller.rb.svn-base @ 441:cbce1fd3b1b7 redmine-1.2