To check out this repository please hg clone the following URL, or open the URL using EasyMercurial or your preferred Mercurial client.
root / .svn / pristine / 76 / 76c9364a72c309fc8295666ab0923fa136a43fd5.svn-base @ 1297:0a574315af3e
History | View | Annotate | Download (3.72 KB)
| 1 | 1296:038ba2d95de8 | Chris | # Redmine - project management software |
|---|---|---|---|
| 2 | # Copyright (C) 2006-2012 Jean-Philippe Lang |
||
| 3 | # |
||
| 4 | # This program is free software; you can redistribute it and/or |
||
| 5 | # modify it under the terms of the GNU General Public License |
||
| 6 | # as published by the Free Software Foundation; either version 2 |
||
| 7 | # of the License, or (at your option) any later version. |
||
| 8 | # |
||
| 9 | # This program is distributed in the hope that it will be useful, |
||
| 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
||
| 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||
| 12 | # GNU General Public License for more details. |
||
| 13 | # |
||
| 14 | # You should have received a copy of the GNU General Public License |
||
| 15 | # along with this program; if not, write to the Free Software |
||
| 16 | # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
||
| 17 | |||
| 18 | module Redmine |
||
| 19 | module AccessControl |
||
| 20 | |||
| 21 | class << self |
||
| 22 | def map |
||
| 23 | mapper = Mapper.new |
||
| 24 | yield mapper |
||
| 25 | @permissions ||= [] |
||
| 26 | @permissions += mapper.mapped_permissions |
||
| 27 | end |
||
| 28 | |||
| 29 | def permissions |
||
| 30 | @permissions |
||
| 31 | end |
||
| 32 | |||
| 33 | # Returns the permission of given name or nil if it wasn't found |
||
| 34 | # Argument should be a symbol |
||
| 35 | def permission(name) |
||
| 36 | permissions.detect {|p| p.name == name}
|
||
| 37 | end |
||
| 38 | |||
| 39 | # Returns the actions that are allowed by the permission of given name |
||
| 40 | def allowed_actions(permission_name) |
||
| 41 | perm = permission(permission_name) |
||
| 42 | perm ? perm.actions : [] |
||
| 43 | end |
||
| 44 | |||
| 45 | def public_permissions |
||
| 46 | @public_permissions ||= @permissions.select {|p| p.public?}
|
||
| 47 | end |
||
| 48 | |||
| 49 | def members_only_permissions |
||
| 50 | @members_only_permissions ||= @permissions.select {|p| p.require_member?}
|
||
| 51 | end |
||
| 52 | |||
| 53 | def loggedin_only_permissions |
||
| 54 | @loggedin_only_permissions ||= @permissions.select {|p| p.require_loggedin?}
|
||
| 55 | end |
||
| 56 | |||
| 57 | def read_action?(action) |
||
| 58 | if action.is_a?(Symbol) |
||
| 59 | perm = permission(action) |
||
| 60 | !perm.nil? && perm.read? |
||
| 61 | else |
||
| 62 | s = "#{action[:controller]}/#{action[:action]}"
|
||
| 63 | permissions.detect {|p| p.actions.include?(s) && !p.read?}.nil?
|
||
| 64 | end |
||
| 65 | end |
||
| 66 | |||
| 67 | def available_project_modules |
||
| 68 | @available_project_modules ||= @permissions.collect(&:project_module).uniq.compact |
||
| 69 | end |
||
| 70 | |||
| 71 | def modules_permissions(modules) |
||
| 72 | @permissions.select {|p| p.project_module.nil? || modules.include?(p.project_module.to_s)}
|
||
| 73 | end |
||
| 74 | end |
||
| 75 | |||
| 76 | class Mapper |
||
| 77 | def initialize |
||
| 78 | @project_module = nil |
||
| 79 | end |
||
| 80 | |||
| 81 | def permission(name, hash, options={})
|
||
| 82 | @permissions ||= [] |
||
| 83 | options.merge!(:project_module => @project_module) |
||
| 84 | @permissions << Permission.new(name, hash, options) |
||
| 85 | end |
||
| 86 | |||
| 87 | def project_module(name, options={})
|
||
| 88 | @project_module = name |
||
| 89 | yield self |
||
| 90 | @project_module = nil |
||
| 91 | end |
||
| 92 | |||
| 93 | def mapped_permissions |
||
| 94 | @permissions |
||
| 95 | end |
||
| 96 | end |
||
| 97 | |||
| 98 | class Permission |
||
| 99 | attr_reader :name, :actions, :project_module |
||
| 100 | |||
| 101 | def initialize(name, hash, options) |
||
| 102 | @name = name |
||
| 103 | @actions = [] |
||
| 104 | @public = options[:public] || false |
||
| 105 | @require = options[:require] |
||
| 106 | @read = options[:read] || false |
||
| 107 | @project_module = options[:project_module] |
||
| 108 | hash.each do |controller, actions| |
||
| 109 | if actions.is_a? Array |
||
| 110 | @actions << actions.collect {|action| "#{controller}/#{action}"}
|
||
| 111 | else |
||
| 112 | @actions << "#{controller}/#{actions}"
|
||
| 113 | end |
||
| 114 | end |
||
| 115 | @actions.flatten! |
||
| 116 | end |
||
| 117 | |||
| 118 | def public? |
||
| 119 | @public |
||
| 120 | end |
||
| 121 | |||
| 122 | def require_member? |
||
| 123 | @require && @require == :member |
||
| 124 | end |
||
| 125 | |||
| 126 | def require_loggedin? |
||
| 127 | @require && (@require == :member || @require == :loggedin) |
||
| 128 | end |
||
| 129 | |||
| 130 | def read? |
||
| 131 | @read |
||
| 132 | end |
||
| 133 | end |
||
| 134 | end |
||
| 135 | end |