Project

General

Profile

Download (2.76 KB)

Improvement #1664 » allowed_to_condition.patch

liaham, 07/06/2023 01:10 PM

View differences:

app/models/issue.rb
# Returns a SQL conditions string used to find all issues visible by the specified user
def self.visible_condition(user, options={})
Project.allowed_to_condition(user, :view_issues, options) do |role, user|
Project.allowed_to_condition(user,
:view_issues,
{ pre_condition_project_field: "#{table_name}.project_id" }.merge(options)) do |role, user|
sql =
if user.id && user.logged?
case role.issues_visibility
app/models/project.rb
# * :project => project limit the condition to project
# * :with_subprojects => true limit the condition to project and its subprojects
# * :member => true limit the condition to the user projects
# * :pre_condition_project_field table field for where cause with enabled_modules to project_id
def self.allowed_to_condition(user, permission, options={})
perm = Redmine::AccessControl.permission(permission)
base_statement =
......
base_statement +=
" AND EXISTS (SELECT 1 AS one FROM #{EnabledModule.table_name} em" \
" WHERE em.project_id = #{Project.table_name}.id" \
" AND em.name='#{perm.project_module}')"
" AND em.name='#{perm.project_module}'"
base_statement += " AND em.project_id=#{options[:pre_condition_project_field]}" if options[:pre_condition_project_field]
base_statement += ')'
end
if project = options[:project]
project_statement = project.project_condition(options[:with_subprojects])
app/models/time_entry.rb
# Returns a SQL conditions string used to find all time entries visible by the specified user
def self.visible_condition(user, options={})
Project.allowed_to_condition(user, :view_time_entries, options) do |role, user|
Project.allowed_to_condition(user,
:view_time_entries,
{ pre_condition_project_field: "#{table_name}.project_id" }.merge(options)) do |role, user|
if role.time_entries_visibility == 'all'
nil
elsif role.time_entries_visibility == 'own' && user.id && user.logged?
    (1-1/1)