|
|
|
@ -26,330 +26,330 @@ |
|
|
|
|
# See COPYRIGHT and LICENSE files for more details. |
|
|
|
|
#++ |
|
|
|
|
|
|
|
|
|
require 'open_project/access_control' |
|
|
|
|
|
|
|
|
|
OpenProject::AccessControl.map do |map| |
|
|
|
|
map.project_module nil, order: 100 do |
|
|
|
|
map.permission :add_project, |
|
|
|
|
{ projects: %i[new] }, |
|
|
|
|
require: :loggedin, |
|
|
|
|
global: true, |
|
|
|
|
contract_actions: { projects: %i[create] } |
|
|
|
|
|
|
|
|
|
map.permission :create_backup, |
|
|
|
|
{ backups: %i[index] }, |
|
|
|
|
require: :loggedin, |
|
|
|
|
global: true, |
|
|
|
|
enabled: -> { OpenProject::Configuration.backup_enabled? } |
|
|
|
|
|
|
|
|
|
map.permission :manage_user, |
|
|
|
|
{ |
|
|
|
|
users: %i[index show new create edit update resend_invitation], |
|
|
|
|
'users/memberships': %i[create update destroy], |
|
|
|
|
admin: %i[index] |
|
|
|
|
}, |
|
|
|
|
require: :loggedin, |
|
|
|
|
global: true, |
|
|
|
|
contract_actions: { users: %i[create read update] } |
|
|
|
|
|
|
|
|
|
map.permission :manage_placeholder_user, |
|
|
|
|
{ |
|
|
|
|
placeholder_users: %i[index show new create edit update deletion_info destroy], |
|
|
|
|
'placeholder_users/memberships': %i[create update destroy], |
|
|
|
|
admin: %i[index] |
|
|
|
|
}, |
|
|
|
|
require: :loggedin, |
|
|
|
|
global: true, |
|
|
|
|
contract_actions: { placeholder_users: %i[create read update] } |
|
|
|
|
|
|
|
|
|
map.permission :view_project, |
|
|
|
|
{ projects: [:show], |
|
|
|
|
activities: [:index] }, |
|
|
|
|
public: true |
|
|
|
|
|
|
|
|
|
map.permission :search_project, |
|
|
|
|
{ search: :index }, |
|
|
|
|
public: true |
|
|
|
|
|
|
|
|
|
map.permission :edit_project, |
|
|
|
|
{ |
|
|
|
|
'projects/settings/general': %i[show], |
|
|
|
|
'projects/settings/storage': %i[show], |
|
|
|
|
'projects/templated': %i[create destroy], |
|
|
|
|
'projects/identifier': %i[show update] |
|
|
|
|
}, |
|
|
|
|
require: :member, |
|
|
|
|
contract_actions: { projects: %i[update] } |
|
|
|
|
|
|
|
|
|
map.permission :select_project_modules, |
|
|
|
|
{ |
|
|
|
|
'projects/settings/modules': %i[show update] |
|
|
|
|
}, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
map.permission :manage_members, |
|
|
|
|
{ members: %i[index new create update destroy autocomplete_for_member] }, |
|
|
|
|
require: :member, |
|
|
|
|
dependencies: :view_members, |
|
|
|
|
contract_actions: { members: %i[create update destroy] } |
|
|
|
|
|
|
|
|
|
map.permission :view_members, |
|
|
|
|
{ members: [:index] }, |
|
|
|
|
contract_actions: { members: %i[read] } |
|
|
|
|
|
|
|
|
|
map.permission :manage_versions, |
|
|
|
|
{ |
|
|
|
|
'projects/settings/versions': [:show], |
|
|
|
|
versions: %i[new create edit update close_completed destroy] |
|
|
|
|
}, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
map.permission :manage_types, |
|
|
|
|
{ |
|
|
|
|
'projects/settings/types': %i[show update] |
|
|
|
|
}, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
map.permission :select_custom_fields, |
|
|
|
|
{ |
|
|
|
|
'projects/settings/custom_fields': %i[show update] |
|
|
|
|
}, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
map.permission :add_subprojects, |
|
|
|
|
{ projects: %i[new] }, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
map.permission :copy_projects, |
|
|
|
|
{ |
|
|
|
|
projects: %i[copy] |
|
|
|
|
}, |
|
|
|
|
require: :member, |
|
|
|
|
contract_actions: { projects: %i[copy] } |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
map.project_module :work_package_tracking, order: 90 do |wpt| |
|
|
|
|
wpt.permission :view_work_packages, |
|
|
|
|
{ |
|
|
|
|
versions: %i[index show status_by], |
|
|
|
|
journals: %i[index diff], |
|
|
|
|
work_packages: %i[show index], |
|
|
|
|
work_packages_api: [:get], |
|
|
|
|
'work_packages/reports': %i[report report_details] |
|
|
|
|
}, |
|
|
|
|
contract_actions: { work_packages: %i[read] } |
|
|
|
|
|
|
|
|
|
wpt.permission :add_work_packages, |
|
|
|
|
{} |
|
|
|
|
|
|
|
|
|
wpt.permission :edit_work_packages, |
|
|
|
|
{ |
|
|
|
|
'work_packages/bulk': %i[edit update] |
|
|
|
|
}, |
|
|
|
|
require: :member, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
|
|
|
|
|
wpt.permission :move_work_packages, |
|
|
|
|
{ 'work_packages/moves': %i[new create] }, |
|
|
|
|
require: :loggedin, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
|
|
|
|
|
wpt.permission :add_work_package_notes, |
|
|
|
|
{ |
|
|
|
|
# FIXME: Although the endpoint is removed, the code checking whether a user |
|
|
|
|
# is eligible to add work packages through the API still seems to rely on this. |
|
|
|
|
journals: [:new] |
|
|
|
|
}, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
|
|
|
|
|
wpt.permission :edit_work_package_notes, |
|
|
|
|
{}, |
|
|
|
|
require: :loggedin, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
|
|
|
|
|
wpt.permission :edit_own_work_package_notes, |
|
|
|
|
{}, |
|
|
|
|
require: :loggedin, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
|
|
|
|
|
# WorkPackage categories |
|
|
|
|
wpt.permission :manage_categories, |
|
|
|
|
{ |
|
|
|
|
'projects/settings/categories': [:show], |
|
|
|
|
categories: %i[new create edit update destroy] |
|
|
|
|
}, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
wpt.permission :export_work_packages, |
|
|
|
|
{ |
|
|
|
|
work_packages: %i[index all] |
|
|
|
|
}, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
|
|
|
|
|
wpt.permission :delete_work_packages, |
|
|
|
|
{ |
|
|
|
|
work_packages: :destroy, |
|
|
|
|
'work_packages/bulk': :destroy |
|
|
|
|
}, |
|
|
|
|
require: :member, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
|
|
|
|
|
wpt.permission :manage_work_package_relations, |
|
|
|
|
{ |
|
|
|
|
work_package_relations: %i[create destroy] |
|
|
|
|
}, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
|
|
|
|
|
wpt.permission :manage_subtasks, |
|
|
|
|
{}, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
# Queries |
|
|
|
|
wpt.permission :manage_public_queries, |
|
|
|
|
{}, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
wpt.permission :save_queries, |
|
|
|
|
{}, |
|
|
|
|
require: :loggedin, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
# Watchers |
|
|
|
|
wpt.permission :view_work_package_watchers, |
|
|
|
|
{}, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
|
|
|
|
|
wpt.permission :add_work_package_watchers, |
|
|
|
|
{}, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
|
|
|
|
|
wpt.permission :delete_work_package_watchers, |
|
|
|
|
{}, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
|
|
|
|
|
wpt.permission :assign_versions, |
|
|
|
|
{}, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
|
|
|
|
|
# A user having the following permission can become assignee and/or responsible of a work package. |
|
|
|
|
# This is a passive permission in the sense that a user having the permission isn't eligible to perform |
|
|
|
|
# actions but rather to have actions taken together with him/her. |
|
|
|
|
wpt.permission :work_package_assigned, |
|
|
|
|
{}, |
|
|
|
|
require: :member, |
|
|
|
|
contract_actions: { work_packages: %i[assigned] }, |
|
|
|
|
grant_to_admin: false |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
map.project_module :news do |news| |
|
|
|
|
news.permission :view_news, |
|
|
|
|
{ news: %i[index show] }, |
|
|
|
|
public: true |
|
|
|
|
|
|
|
|
|
news.permission :manage_news, |
|
|
|
|
{ |
|
|
|
|
news: %i[new create edit update destroy preview], |
|
|
|
|
'news/comments': [:destroy] |
|
|
|
|
}, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
news.permission :comment_news, |
|
|
|
|
{ 'news/comments': :create } |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
map.project_module :wiki do |wiki| |
|
|
|
|
wiki.permission :view_wiki_pages, |
|
|
|
|
{ wiki: %i[index show special date_index] } |
|
|
|
|
|
|
|
|
|
wiki.permission :list_attachments, |
|
|
|
|
{ wiki: :list_attachments }, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
wiki.permission :manage_wiki, |
|
|
|
|
{ wikis: %i[edit destroy] }, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
wiki.permission :manage_wiki_menu, |
|
|
|
|
{ wiki_menu_items: %i[edit update select_main_menu_item replace_main_menu_item] }, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
wiki.permission :rename_wiki_pages, |
|
|
|
|
{ wiki: :rename }, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
wiki.permission :change_wiki_parent_page, |
|
|
|
|
{ wiki: %i[edit_parent_page update_parent_page] }, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
wiki.permission :delete_wiki_pages, |
|
|
|
|
{ wiki: :destroy }, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
wiki.permission :export_wiki_pages, |
|
|
|
|
{ wiki: [:export] } |
|
|
|
|
|
|
|
|
|
wiki.permission :view_wiki_edits, |
|
|
|
|
{ wiki: %i[history diff annotate] } |
|
|
|
|
|
|
|
|
|
wiki.permission :edit_wiki_pages, |
|
|
|
|
{ wiki: %i[edit update preview add_attachment new new_child create] } |
|
|
|
|
|
|
|
|
|
wiki.permission :delete_wiki_pages_attachments, |
|
|
|
|
{} |
|
|
|
|
Rails.application.reloader.to_prepare do |
|
|
|
|
OpenProject::AccessControl.map do |map| |
|
|
|
|
map.project_module nil, order: 100 do |
|
|
|
|
map.permission :add_project, |
|
|
|
|
{ projects: %i[new] }, |
|
|
|
|
require: :loggedin, |
|
|
|
|
global: true, |
|
|
|
|
contract_actions: { projects: %i[create] } |
|
|
|
|
|
|
|
|
|
map.permission :create_backup, |
|
|
|
|
{ backups: %i[index] }, |
|
|
|
|
require: :loggedin, |
|
|
|
|
global: true, |
|
|
|
|
enabled: -> { OpenProject::Configuration.backup_enabled? } |
|
|
|
|
|
|
|
|
|
map.permission :manage_user, |
|
|
|
|
{ |
|
|
|
|
users: %i[index show new create edit update resend_invitation], |
|
|
|
|
'users/memberships': %i[create update destroy], |
|
|
|
|
admin: %i[index] |
|
|
|
|
}, |
|
|
|
|
require: :loggedin, |
|
|
|
|
global: true, |
|
|
|
|
contract_actions: { users: %i[create read update] } |
|
|
|
|
|
|
|
|
|
map.permission :manage_placeholder_user, |
|
|
|
|
{ |
|
|
|
|
placeholder_users: %i[index show new create edit update deletion_info destroy], |
|
|
|
|
'placeholder_users/memberships': %i[create update destroy], |
|
|
|
|
admin: %i[index] |
|
|
|
|
}, |
|
|
|
|
require: :loggedin, |
|
|
|
|
global: true, |
|
|
|
|
contract_actions: { placeholder_users: %i[create read update] } |
|
|
|
|
|
|
|
|
|
map.permission :view_project, |
|
|
|
|
{ projects: [:show], |
|
|
|
|
activities: [:index] }, |
|
|
|
|
public: true |
|
|
|
|
|
|
|
|
|
wiki.permission :protect_wiki_pages, |
|
|
|
|
{ wiki: :protect }, |
|
|
|
|
require: :member |
|
|
|
|
end |
|
|
|
|
map.permission :search_project, |
|
|
|
|
{ search: :index }, |
|
|
|
|
public: true |
|
|
|
|
|
|
|
|
|
map.project_module :repository do |repo| |
|
|
|
|
repo.permission :browse_repository, |
|
|
|
|
{ repositories: %i[show browse entry annotate changes diff stats graph] } |
|
|
|
|
map.permission :edit_project, |
|
|
|
|
{ |
|
|
|
|
'projects/settings/general': %i[show], |
|
|
|
|
'projects/settings/storage': %i[show], |
|
|
|
|
'projects/templated': %i[create destroy], |
|
|
|
|
'projects/identifier': %i[show update] |
|
|
|
|
}, |
|
|
|
|
require: :member, |
|
|
|
|
contract_actions: { projects: %i[update] } |
|
|
|
|
|
|
|
|
|
map.permission :select_project_modules, |
|
|
|
|
{ |
|
|
|
|
'projects/settings/modules': %i[show update] |
|
|
|
|
}, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
repo.permission :commit_access, |
|
|
|
|
{} |
|
|
|
|
map.permission :manage_members, |
|
|
|
|
{ members: %i[index new create update destroy autocomplete_for_member] }, |
|
|
|
|
require: :member, |
|
|
|
|
dependencies: :view_members, |
|
|
|
|
contract_actions: { members: %i[create update destroy] } |
|
|
|
|
|
|
|
|
|
map.permission :view_members, |
|
|
|
|
{ members: [:index] }, |
|
|
|
|
contract_actions: { members: %i[read] } |
|
|
|
|
|
|
|
|
|
map.permission :manage_versions, |
|
|
|
|
{ |
|
|
|
|
'projects/settings/versions': [:show], |
|
|
|
|
versions: %i[new create edit update close_completed destroy] |
|
|
|
|
}, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
repo.permission :manage_repository, |
|
|
|
|
{ |
|
|
|
|
repositories: %i[edit create update committers destroy_info destroy], |
|
|
|
|
'projects/settings/repository': :show |
|
|
|
|
}, |
|
|
|
|
require: :member |
|
|
|
|
map.permission :manage_types, |
|
|
|
|
{ |
|
|
|
|
'projects/settings/types': %i[show update] |
|
|
|
|
}, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
repo.permission :view_changesets, |
|
|
|
|
{ repositories: %i[show revisions revision] } |
|
|
|
|
map.permission :select_custom_fields, |
|
|
|
|
{ |
|
|
|
|
'projects/settings/custom_fields': %i[show update] |
|
|
|
|
}, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
repo.permission :view_commit_author_statistics, |
|
|
|
|
{} |
|
|
|
|
end |
|
|
|
|
map.permission :add_subprojects, |
|
|
|
|
{ projects: %i[new] }, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
map.project_module :forums do |forum| |
|
|
|
|
forum.permission :manage_forums, |
|
|
|
|
{ forums: %i[new create edit update move destroy] }, |
|
|
|
|
map.permission :copy_projects, |
|
|
|
|
{ |
|
|
|
|
projects: %i[copy] |
|
|
|
|
}, |
|
|
|
|
require: :member, |
|
|
|
|
contract_actions: { projects: %i[copy] } |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
map.project_module :work_package_tracking, order: 90 do |wpt| |
|
|
|
|
wpt.permission :view_work_packages, |
|
|
|
|
{ |
|
|
|
|
versions: %i[index show status_by], |
|
|
|
|
journals: %i[index diff], |
|
|
|
|
work_packages: %i[show index], |
|
|
|
|
work_packages_api: [:get], |
|
|
|
|
'work_packages/reports': %i[report report_details] |
|
|
|
|
}, |
|
|
|
|
contract_actions: { work_packages: %i[read] } |
|
|
|
|
|
|
|
|
|
wpt.permission :add_work_packages, |
|
|
|
|
{} |
|
|
|
|
|
|
|
|
|
wpt.permission :edit_work_packages, |
|
|
|
|
{ |
|
|
|
|
'work_packages/bulk': %i[edit update] |
|
|
|
|
}, |
|
|
|
|
require: :member, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
|
|
|
|
|
wpt.permission :move_work_packages, |
|
|
|
|
{ 'work_packages/moves': %i[new create] }, |
|
|
|
|
require: :loggedin, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
|
|
|
|
|
wpt.permission :add_work_package_notes, |
|
|
|
|
{ |
|
|
|
|
# FIXME: Although the endpoint is removed, the code checking whether a user |
|
|
|
|
# is eligible to add work packages through the API still seems to rely on this. |
|
|
|
|
journals: [:new] |
|
|
|
|
}, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
|
|
|
|
|
wpt.permission :edit_work_package_notes, |
|
|
|
|
{}, |
|
|
|
|
require: :loggedin, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
|
|
|
|
|
wpt.permission :edit_own_work_package_notes, |
|
|
|
|
{}, |
|
|
|
|
require: :loggedin, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
|
|
|
|
|
# WorkPackage categories |
|
|
|
|
wpt.permission :manage_categories, |
|
|
|
|
{ |
|
|
|
|
'projects/settings/categories': [:show], |
|
|
|
|
categories: %i[new create edit update destroy] |
|
|
|
|
}, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
forum.permission :view_messages, |
|
|
|
|
{ forums: %i[index show], |
|
|
|
|
messages: [:show] }, |
|
|
|
|
public: true |
|
|
|
|
wpt.permission :export_work_packages, |
|
|
|
|
{ |
|
|
|
|
work_packages: %i[index all] |
|
|
|
|
}, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
|
|
|
|
|
wpt.permission :delete_work_packages, |
|
|
|
|
{ |
|
|
|
|
work_packages: :destroy, |
|
|
|
|
'work_packages/bulk': :destroy |
|
|
|
|
}, |
|
|
|
|
require: :member, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
|
|
|
|
|
wpt.permission :manage_work_package_relations, |
|
|
|
|
{ |
|
|
|
|
work_package_relations: %i[create destroy] |
|
|
|
|
}, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
|
|
|
|
|
wpt.permission :manage_subtasks, |
|
|
|
|
{}, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
# Queries |
|
|
|
|
wpt.permission :manage_public_queries, |
|
|
|
|
{}, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
forum.permission :add_messages, |
|
|
|
|
{ messages: %i[new create reply quote preview] } |
|
|
|
|
wpt.permission :save_queries, |
|
|
|
|
{}, |
|
|
|
|
require: :loggedin, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
# Watchers |
|
|
|
|
wpt.permission :view_work_package_watchers, |
|
|
|
|
{}, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
|
|
|
|
|
wpt.permission :add_work_package_watchers, |
|
|
|
|
{}, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
|
|
|
|
|
wpt.permission :delete_work_package_watchers, |
|
|
|
|
{}, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
|
|
|
|
|
wpt.permission :assign_versions, |
|
|
|
|
{}, |
|
|
|
|
dependencies: :view_work_packages |
|
|
|
|
|
|
|
|
|
# A user having the following permission can become assignee and/or responsible of a work package. |
|
|
|
|
# This is a passive permission in the sense that a user having the permission isn't eligible to perform |
|
|
|
|
# actions but rather to have actions taken together with him/her. |
|
|
|
|
wpt.permission :work_package_assigned, |
|
|
|
|
{}, |
|
|
|
|
require: :member, |
|
|
|
|
contract_actions: { work_packages: %i[assigned] }, |
|
|
|
|
grant_to_admin: false |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
map.project_module :news do |news| |
|
|
|
|
news.permission :view_news, |
|
|
|
|
{ news: %i[index show] }, |
|
|
|
|
public: true |
|
|
|
|
|
|
|
|
|
news.permission :manage_news, |
|
|
|
|
{ |
|
|
|
|
news: %i[new create edit update destroy preview], |
|
|
|
|
'news/comments': [:destroy] |
|
|
|
|
}, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
news.permission :comment_news, |
|
|
|
|
{ 'news/comments': :create } |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
map.project_module :wiki do |wiki| |
|
|
|
|
wiki.permission :view_wiki_pages, |
|
|
|
|
{ wiki: %i[index show special date_index] } |
|
|
|
|
|
|
|
|
|
wiki.permission :list_attachments, |
|
|
|
|
{ wiki: :list_attachments }, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
wiki.permission :manage_wiki, |
|
|
|
|
{ wikis: %i[edit destroy] }, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
wiki.permission :manage_wiki_menu, |
|
|
|
|
{ wiki_menu_items: %i[edit update select_main_menu_item replace_main_menu_item] }, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
wiki.permission :rename_wiki_pages, |
|
|
|
|
{ wiki: :rename }, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
wiki.permission :change_wiki_parent_page, |
|
|
|
|
{ wiki: %i[edit_parent_page update_parent_page] }, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
wiki.permission :delete_wiki_pages, |
|
|
|
|
{ wiki: :destroy }, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
wiki.permission :export_wiki_pages, |
|
|
|
|
{ wiki: [:export] } |
|
|
|
|
|
|
|
|
|
wiki.permission :view_wiki_edits, |
|
|
|
|
{ wiki: %i[history diff annotate] } |
|
|
|
|
|
|
|
|
|
wiki.permission :edit_wiki_pages, |
|
|
|
|
{ wiki: %i[edit update preview add_attachment new new_child create] } |
|
|
|
|
|
|
|
|
|
wiki.permission :delete_wiki_pages_attachments, |
|
|
|
|
{} |
|
|
|
|
|
|
|
|
|
wiki.permission :protect_wiki_pages, |
|
|
|
|
{ wiki: :protect }, |
|
|
|
|
require: :member |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
map.project_module :repository do |repo| |
|
|
|
|
repo.permission :browse_repository, |
|
|
|
|
{ repositories: %i[show browse entry annotate changes diff stats graph] } |
|
|
|
|
|
|
|
|
|
repo.permission :commit_access, |
|
|
|
|
{} |
|
|
|
|
|
|
|
|
|
repo.permission :manage_repository, |
|
|
|
|
{ |
|
|
|
|
repositories: %i[edit create update committers destroy_info destroy], |
|
|
|
|
'projects/settings/repository': :show |
|
|
|
|
}, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
repo.permission :view_changesets, |
|
|
|
|
{ repositories: %i[show revisions revision] } |
|
|
|
|
|
|
|
|
|
repo.permission :view_commit_author_statistics, |
|
|
|
|
{} |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
map.project_module :forums do |forum| |
|
|
|
|
forum.permission :manage_forums, |
|
|
|
|
{ forums: %i[new create edit update move destroy] }, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
forum.permission :view_messages, |
|
|
|
|
{ forums: %i[index show], |
|
|
|
|
messages: [:show] }, |
|
|
|
|
public: true |
|
|
|
|
|
|
|
|
|
forum.permission :add_messages, |
|
|
|
|
{ messages: %i[new create reply quote preview] } |
|
|
|
|
|
|
|
|
|
forum.permission :edit_messages, |
|
|
|
|
{ messages: %i[edit update preview] }, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
forum.permission :edit_messages, |
|
|
|
|
{ messages: %i[edit update preview] }, |
|
|
|
|
require: :member |
|
|
|
|
forum.permission :edit_own_messages, |
|
|
|
|
{ messages: %i[edit update preview] }, |
|
|
|
|
require: :loggedin |
|
|
|
|
|
|
|
|
|
forum.permission :edit_own_messages, |
|
|
|
|
{ messages: %i[edit update preview] }, |
|
|
|
|
require: :loggedin |
|
|
|
|
forum.permission :delete_messages, |
|
|
|
|
{ messages: :destroy }, |
|
|
|
|
require: :member |
|
|
|
|
|
|
|
|
|
forum.permission :delete_messages, |
|
|
|
|
{ messages: :destroy }, |
|
|
|
|
require: :member |
|
|
|
|
forum.permission :delete_own_messages, |
|
|
|
|
{ messages: :destroy }, |
|
|
|
|
require: :loggedin |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
forum.permission :delete_own_messages, |
|
|
|
|
{ messages: :destroy }, |
|
|
|
|
require: :loggedin |
|
|
|
|
map.project_module :activity |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
map.project_module :activity |
|
|
|
|
end |
|
|
|
|