Mercurial > hg > soundsoftware-site
comparison .svn/pristine/6a/6ad1a9c5c31bdf856fc5268290ebc1f7efdb0480.svn-base @ 1298:4f746d8966dd redmine_2.3_integration
Merge from redmine-2.3 branch to create new branch redmine-2.3-integration
| author | Chris Cannam |
|---|---|
| date | Fri, 14 Jun 2013 09:28:30 +0100 |
| parents | 622f24f53b42 |
| children |
comparison
equal
deleted
inserted
replaced
| 1297:0a574315af3e | 1298:4f746d8966dd |
|---|---|
| 1 # Redmine - project management software | |
| 2 # Copyright (C) 2006-2013 Jean-Philippe Lang | |
| 3 # | |
| 4 # This program is free software; you can redistribute it and/or | |
| 5 # modify it under the terms of the GNU General Public License | |
| 6 # as published by the Free Software Foundation; either version 2 | |
| 7 # of the License, or (at your option) any later version. | |
| 8 # | |
| 9 # This program is distributed in the hope that it will be useful, | |
| 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
| 12 # GNU General Public License for more details. | |
| 13 # | |
| 14 # You should have received a copy of the GNU General Public License | |
| 15 # along with this program; if not, write to the Free Software | |
| 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |
| 17 | |
| 18 class Role < ActiveRecord::Base | |
| 19 # Custom coder for the permissions attribute that should be an | |
| 20 # array of symbols. Rails 3 uses Psych which can be *unbelievably* | |
| 21 # slow on some platforms (eg. mingw32). | |
| 22 class PermissionsAttributeCoder | |
| 23 def self.load(str) | |
| 24 str.to_s.scan(/:([a-z0-9_]+)/).flatten.map(&:to_sym) | |
| 25 end | |
| 26 | |
| 27 def self.dump(value) | |
| 28 YAML.dump(value) | |
| 29 end | |
| 30 end | |
| 31 | |
| 32 # Built-in roles | |
| 33 BUILTIN_NON_MEMBER = 1 | |
| 34 BUILTIN_ANONYMOUS = 2 | |
| 35 | |
| 36 ISSUES_VISIBILITY_OPTIONS = [ | |
| 37 ['all', :label_issues_visibility_all], | |
| 38 ['default', :label_issues_visibility_public], | |
| 39 ['own', :label_issues_visibility_own] | |
| 40 ] | |
| 41 | |
| 42 scope :sorted, lambda { order("#{table_name}.builtin ASC, #{table_name}.position ASC") } | |
| 43 scope :givable, lambda { order("#{table_name}.position ASC").where(:builtin => 0) } | |
| 44 scope :builtin, lambda { |*args| | |
| 45 compare = (args.first == true ? 'not' : '') | |
| 46 where("#{compare} builtin = 0") | |
| 47 } | |
| 48 | |
| 49 before_destroy :check_deletable | |
| 50 has_many :workflow_rules, :dependent => :delete_all do | |
| 51 def copy(source_role) | |
| 52 WorkflowRule.copy(nil, source_role, nil, proxy_association.owner) | |
| 53 end | |
| 54 end | |
| 55 | |
| 56 has_many :member_roles, :dependent => :destroy | |
| 57 has_many :members, :through => :member_roles | |
| 58 acts_as_list | |
| 59 | |
| 60 serialize :permissions, ::Role::PermissionsAttributeCoder | |
| 61 attr_protected :builtin | |
| 62 | |
| 63 validates_presence_of :name | |
| 64 validates_uniqueness_of :name | |
| 65 validates_length_of :name, :maximum => 30 | |
| 66 validates_inclusion_of :issues_visibility, | |
| 67 :in => ISSUES_VISIBILITY_OPTIONS.collect(&:first), | |
| 68 :if => lambda {|role| role.respond_to?(:issues_visibility)} | |
| 69 | |
| 70 # Copies attributes from another role, arg can be an id or a Role | |
| 71 def copy_from(arg, options={}) | |
| 72 return unless arg.present? | |
| 73 role = arg.is_a?(Role) ? arg : Role.find_by_id(arg.to_s) | |
| 74 self.attributes = role.attributes.dup.except("id", "name", "position", "builtin", "permissions") | |
| 75 self.permissions = role.permissions.dup | |
| 76 self | |
| 77 end | |
| 78 | |
| 79 def permissions=(perms) | |
| 80 perms = perms.collect {|p| p.to_sym unless p.blank? }.compact.uniq if perms | |
| 81 write_attribute(:permissions, perms) | |
| 82 end | |
| 83 | |
| 84 def add_permission!(*perms) | |
| 85 self.permissions = [] unless permissions.is_a?(Array) | |
| 86 | |
| 87 permissions_will_change! | |
| 88 perms.each do |p| | |
| 89 p = p.to_sym | |
| 90 permissions << p unless permissions.include?(p) | |
| 91 end | |
| 92 save! | |
| 93 end | |
| 94 | |
| 95 def remove_permission!(*perms) | |
| 96 return unless permissions.is_a?(Array) | |
| 97 permissions_will_change! | |
| 98 perms.each { |p| permissions.delete(p.to_sym) } | |
| 99 save! | |
| 100 end | |
| 101 | |
| 102 # Returns true if the role has the given permission | |
| 103 def has_permission?(perm) | |
| 104 !permissions.nil? && permissions.include?(perm.to_sym) | |
| 105 end | |
| 106 | |
| 107 def <=>(role) | |
| 108 if role | |
| 109 if builtin == role.builtin | |
| 110 position <=> role.position | |
| 111 else | |
| 112 builtin <=> role.builtin | |
| 113 end | |
| 114 else | |
| 115 -1 | |
| 116 end | |
| 117 end | |
| 118 | |
| 119 def to_s | |
| 120 name | |
| 121 end | |
| 122 | |
| 123 def name | |
| 124 case builtin | |
| 125 when 1; l(:label_role_non_member, :default => read_attribute(:name)) | |
| 126 when 2; l(:label_role_anonymous, :default => read_attribute(:name)) | |
| 127 else; read_attribute(:name) | |
| 128 end | |
| 129 end | |
| 130 | |
| 131 # Return true if the role is a builtin role | |
| 132 def builtin? | |
| 133 self.builtin != 0 | |
| 134 end | |
| 135 | |
| 136 # Return true if the role is the anonymous role | |
| 137 def anonymous? | |
| 138 builtin == 2 | |
| 139 end | |
| 140 | |
| 141 # Return true if the role is a project member role | |
| 142 def member? | |
| 143 !self.builtin? | |
| 144 end | |
| 145 | |
| 146 # Return true if role is allowed to do the specified action | |
| 147 # action can be: | |
| 148 # * a parameter-like Hash (eg. :controller => 'projects', :action => 'edit') | |
| 149 # * a permission Symbol (eg. :edit_project) | |
| 150 def allowed_to?(action) | |
| 151 if action.is_a? Hash | |
| 152 allowed_actions.include? "#{action[:controller]}/#{action[:action]}" | |
| 153 else | |
| 154 allowed_permissions.include? action | |
| 155 end | |
| 156 end | |
| 157 | |
| 158 # Return all the permissions that can be given to the role | |
| 159 def setable_permissions | |
| 160 setable_permissions = Redmine::AccessControl.permissions - Redmine::AccessControl.public_permissions | |
| 161 setable_permissions -= Redmine::AccessControl.members_only_permissions if self.builtin == BUILTIN_NON_MEMBER | |
| 162 setable_permissions -= Redmine::AccessControl.loggedin_only_permissions if self.builtin == BUILTIN_ANONYMOUS | |
| 163 setable_permissions | |
| 164 end | |
| 165 | |
| 166 # Find all the roles that can be given to a project member | |
| 167 def self.find_all_givable | |
| 168 Role.givable.all | |
| 169 end | |
| 170 | |
| 171 # Return the builtin 'non member' role. If the role doesn't exist, | |
| 172 # it will be created on the fly. | |
| 173 def self.non_member | |
| 174 find_or_create_system_role(BUILTIN_NON_MEMBER, 'Non member') | |
| 175 end | |
| 176 | |
| 177 # Return the builtin 'anonymous' role. If the role doesn't exist, | |
| 178 # it will be created on the fly. | |
| 179 def self.anonymous | |
| 180 find_or_create_system_role(BUILTIN_ANONYMOUS, 'Anonymous') | |
| 181 end | |
| 182 | |
| 183 private | |
| 184 | |
| 185 def allowed_permissions | |
| 186 @allowed_permissions ||= permissions + Redmine::AccessControl.public_permissions.collect {|p| p.name} | |
| 187 end | |
| 188 | |
| 189 def allowed_actions | |
| 190 @actions_allowed ||= allowed_permissions.inject([]) { |actions, permission| actions += Redmine::AccessControl.allowed_actions(permission) }.flatten | |
| 191 end | |
| 192 | |
| 193 def check_deletable | |
| 194 raise "Can't delete role" if members.any? | |
| 195 raise "Can't delete builtin role" if builtin? | |
| 196 end | |
| 197 | |
| 198 def self.find_or_create_system_role(builtin, name) | |
| 199 role = where(:builtin => builtin).first | |
| 200 if role.nil? | |
| 201 role = create(:name => name, :position => 0) do |r| | |
| 202 r.builtin = builtin | |
| 203 end | |
| 204 raise "Unable to create the #{name} role." if role.new_record? | |
| 205 end | |
| 206 role | |
| 207 end | |
| 208 end |