Mercurial > hg > soundsoftware-site
diff app/controllers/projects_controller.rb @ 117:af80e5618e9b redmine-1.1
* Update to Redmine 1.1-stable branch (Redmine SVN rev 4707)
| author | Chris Cannam |
|---|---|
| date | Thu, 13 Jan 2011 12:53:21 +0000 |
| parents | 94944d00e43c |
| children | 605adf7e1735 cbce1fd3b1b7 |
line wrap: on
line diff
--- a/app/controllers/projects_controller.rb Fri Nov 19 14:05:24 2010 +0000 +++ b/app/controllers/projects_controller.rb Thu Jan 13 12:53:21 2011 +0000 @@ -24,7 +24,7 @@ before_filter :authorize, :except => [ :index, :list, :new, :create, :copy, :archive, :unarchive, :destroy] before_filter :authorize_global, :only => [:new, :create] before_filter :require_admin, :only => [ :copy, :archive, :unarchive, :destroy ] - accept_key_auth :index + accept_key_auth :index, :show, :create, :update, :destroy after_filter :only => [:create, :edit, :update, :archive, :unarchive, :destroy] do |controller| if controller.request.post? @@ -32,9 +32,6 @@ end end - # TODO: convert to PUT only - verify :method => [:post, :put], :only => :update, :render => {:nothing => true, :status => :method_not_allowed } - helper :sort include SortHelper helper :custom_fields @@ -52,8 +49,10 @@ format.html { @projects = Project.visible.find(:all, :order => 'lft') } - format.xml { - @projects = Project.visible.find(:all, :order => 'lft') + format.api { + @offset, @limit = api_offset_and_limit + @project_count = Project.visible.count + @projects = Project.visible.all(:offset => @offset, :limit => @limit, :order => 'lft') } format.atom { projects = Project.visible.find(:all, :order => 'created_on DESC', @@ -67,19 +66,15 @@ @issue_custom_fields = IssueCustomField.find(:all, :order => "#{CustomField.table_name}.position") @trackers = Tracker.all @project = Project.new(params[:project]) - - @project.identifier = Project.next_identifier if Setting.sequential_project_identifiers? - @project.trackers = Tracker.all - @project.is_public = Setting.default_projects_public? - @project.enabled_module_names = Setting.default_projects_modules end + verify :method => :post, :only => :create, :render => {:nothing => true, :status => :method_not_allowed } def create @issue_custom_fields = IssueCustomField.find(:all, :order => "#{CustomField.table_name}.position") @trackers = Tracker.all - @project = Project.new(params[:project]) + @project = Project.new + @project.safe_attributes = params[:project] - @project.enabled_module_names = params[:enabled_modules] if validate_parent_id && @project.save @project.set_allowed_parent!(params[:project]['parent_id']) if params[:project].has_key?('parent_id') # Add current user as a project member if he is not admin @@ -93,12 +88,12 @@ flash[:notice] = l(:notice_successful_create) redirect_to :controller => 'projects', :action => 'settings', :id => @project } - format.xml { render :action => 'show', :status => :created, :location => url_for(:controller => 'projects', :action => 'show', :id => @project.id) } + format.api { render :action => 'show', :status => :created, :location => url_for(:controller => 'projects', :action => 'show', :id => @project.id) } end else respond_to do |format| format.html { render :action => 'new' } - format.xml { render :xml => @project.errors, :status => :unprocessable_entity } + format.api { render_validation_errors(@project) } end end @@ -120,18 +115,19 @@ end else Mailer.with_deliveries(params[:notifications] == '1') do - @project = Project.new(params[:project]) + @project = Project.new + @project.safe_attributes = params[:project] @project.enabled_module_names = params[:enabled_modules] if validate_parent_id && @project.copy(@source_project, :only => params[:only]) @project.set_allowed_parent!(params[:project]['parent_id']) if params[:project].has_key?('parent_id') flash[:notice] = l(:notice_successful_create) - redirect_to :controller => 'projects', :action => 'settings' + redirect_to :controller => 'projects', :action => 'settings', :id => @project elsif !@project.new_record? # Project was created # But some objects were not copied due to validation failures # (eg. issues from disabled trackers) # TODO: inform about that - redirect_to :controller => 'projects', :action => 'settings' + redirect_to :controller => 'projects', :action => 'settings', :id => @project end end end @@ -169,7 +165,7 @@ respond_to do |format| format.html - format.xml + format.api end end @@ -185,8 +181,10 @@ def edit end + # TODO: convert to PUT only + verify :method => [:post, :put], :only => :update, :render => {:nothing => true, :status => :method_not_allowed } def update - @project.attributes = params[:project] + @project.safe_attributes = params[:project] if validate_parent_id && @project.save @project.set_allowed_parent!(params[:project]['parent_id']) if params[:project].has_key?('parent_id') respond_to do |format| @@ -194,7 +192,7 @@ flash[:notice] = l(:notice_successful_update) redirect_to :action => 'settings', :id => @project } - format.xml { head :ok } + format.api { head :ok } end else respond_to do |format| @@ -202,13 +200,14 @@ settings render :action => 'settings' } - format.xml { render :xml => @project.errors, :status => :unprocessable_entity } + format.api { render_validation_errors(@project) } end end end - + + verify :method => :post, :only => :modules, :render => {:nothing => true, :status => :method_not_allowed } def modules - @project.enabled_module_names = params[:enabled_modules] + @project.enabled_module_names = params[:enabled_module_names] flash[:notice] = l(:notice_successful_update) redirect_to :action => 'settings', :id => @project, :tab => 'modules' end @@ -233,11 +232,11 @@ if request.get? # display confirmation view else - if params[:format] == 'xml' || params[:confirm] + if api_request? || params[:confirm] @project_to_destroy.destroy respond_to do |format| format.html { redirect_to :controller => 'admin', :action => 'projects' } - format.xml { head :ok } + format.api { head :ok } end end end