OpenProject is the leading open source project management software.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
openproject/lib/open_project/principal_allowance_evaluator/default.rb

94 lines
3.0 KiB

#-- copyright
# OpenProject is a project management system.
# Copyright (C) 2012-2015 the OpenProject Foundation (OPF)
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
# Copyright (C) 2006-2013 Jean-Philippe Lang
# Copyright (C) 2010-2013 the ChiliProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
# See doc/COPYRIGHT.rdoc for more details.
#++
class OpenProject::PrincipalAllowanceEvaluator::Default < OpenProject::PrincipalAllowanceEvaluator::Base
def granted_for_global?(candidate, action, options)
granted = super
granted || if candidate.is_a?(Member)
candidate.roles.any? { |r| r.allowed_to?(action) }
elsif candidate.is_a?(Role)
candidate.allowed_to?(action)
end
end
def granted_for_project?(role, action, project, options)
return false unless role.is_a?(Role)
granted = super
granted || (project.is_public? || role.member?) && role.allowed_to?(action)
end
def global_granting_candidates
role = @user.logged? ?
Role.non_member :
Role.anonymous
@user.memberships + [role]
end
def self.eager_load_for_project_authorization(project)
User
.scoped
.eager_load(members: [:project, :roles])
.where(members: { project_id: project.id })
end
def project_granting_candidates(project)
if @user.memberships.loaded?
@user.roles_for_project(project)
else
roles_for_project(project)
end
end
def roles_for_project(project)
# This is a copy of User#roles_for_project. As we cannot use User's
# memberships association for joining (the projects.status condition is not
# fit to be used as part of the ON clause as projects is not joined at this
# point), and User#roles_for_project relies on this association, we are
# forced to use User's members association.
# No role on archived projects
return [] unless project && project.active?
if @user.logged?
# Find project membership
member = @user.members.detect { |m| m.project_id == project.id }
if member
member.roles
else
[Role.non_member]
end
else
[Role.anonymous]
end
end
end