#-- copyright # ChiliProject is a project management system. # # Copyright (C) 2010-2011 the ChiliProject Team # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # See doc/COPYRIGHT.rdoc for more details. #++ class ProjectsController < ApplicationController menu_item :overview menu_item :roadmap, :only => :roadmap menu_item :settings, :only => :settings before_filter :find_project, :except => [ :index, :new, :create, :copy ] before_filter :authorize, :only => [ :show, :settings, :edit, :update, :modules ] before_filter :authorize_global, :only => [:new, :create] before_filter :require_admin, :only => [ :copy, :archive, :unarchive, :destroy ] before_filter :jump_to_project_menu_item, :only => :show before_filter :load_project_settings, :only => :settings accept_key_auth :index, :show, :create, :update, :destroy after_filter :only => [:create, :edit, :update, :archive, :unarchive, :destroy] do |controller| if controller.request.post? controller.send :expire_action, :controller => 'welcome', :action => 'robots.txt' end end include SortHelper include CustomFieldsHelper include QueriesHelper include RepositoriesHelper include ProjectsHelper # Lists visible projects def index respond_to do |format| format.html { @projects = Project.visible.find(:all, :order => 'lft') } format.api { @offset, @limit = api_offset_and_limit @project_count = Project.visible.count @projects = Project.visible.all(:offset => @offset, :limit => @limit, :order => 'lft') } format.atom { projects = Project.visible.find(:all, :order => 'created_on DESC', :limit => Setting.feeds_limit.to_i) render_feed(projects, :title => "#{Setting.app_title}: #{l(:label_project_latest)}") } end end def new @issue_custom_fields = IssueCustomField.find(:all, :order => "#{CustomField.table_name}.position") @trackers = Tracker.all @project = Project.new(params[:project]) end verify :method => :post, :only => :create, :render => {:nothing => true, :status => :method_not_allowed } def create @issue_custom_fields = IssueCustomField.find(:all, :order => "#{CustomField.table_name}.position") @trackers = Tracker.all @project = Project.new @project.safe_attributes = params[:project] if validate_parent_id && @project.save @project.set_allowed_parent!(params[:project]['parent_id']) if params[:project].has_key?('parent_id') # Add current user as a project member if he is not admin unless User.current.admin? r = Role.givable.find_by_id(Setting.new_project_user_role_id.to_i) || Role.givable.first m = Member.new(:user => User.current, :roles => [r]) @project.members << m end respond_to do |format| format.html { flash[:notice] = l(:notice_successful_create) redirect_to :controller => 'projects', :action => 'settings', :id => @project } format.api { render :action => 'show', :status => :created, :location => url_for(:controller => 'projects', :action => 'show', :id => @project.id) } end else respond_to do |format| format.html { render :action => 'new' } format.api { render_validation_errors(@project) } end end end def copy @issue_custom_fields = IssueCustomField.find(:all, :order => "#{CustomField.table_name}.position") @trackers = Tracker.all @root_projects = Project.find(:all, :conditions => "parent_id IS NULL AND status = #{Project::STATUS_ACTIVE}", :order => 'name') @source_project = Project.find(params[:id]) if request.get? @project = Project.copy_from(@source_project) if @project @project.identifier = Project.next_identifier if Setting.sequential_project_identifiers? else redirect_to :controller => 'admin', :action => 'projects' end else Mailer.with_deliveries(params[:notifications] == '1') do @project = Project.new @project.safe_attributes = params[:project] @project.enabled_module_names = params[:enabled_modules] if validate_parent_id && @project.copy(@source_project, :only => params[:only]) @project.set_allowed_parent!(params[:project]['parent_id']) if params[:project].has_key?('parent_id') flash[:notice] = l(:notice_successful_create) redirect_to :controller => 'projects', :action => 'settings', :id => @project elsif !@project.new_record? # Project was created # But some objects were not copied due to validation failures # (eg. issues from disabled trackers) # TODO: inform about that redirect_to :controller => 'projects', :action => 'settings', :id => @project end end end rescue ActiveRecord::RecordNotFound redirect_to :controller => 'admin', :action => 'projects' end # Show @project def show @users_by_role = @project.users_by_role @subprojects = @project.children.visible.all @news = @project.news.find(:all, :limit => 5, :include => [ :author, :project ], :order => "#{News.table_name}.created_on DESC") @trackers = @project.rolled_up_trackers cond = @project.project_condition(Setting.display_subprojects_issues?) @open_issues_by_tracker = Issue.visible.count(:group => :tracker, :include => [:project, :status, :tracker], :conditions => ["(#{cond}) AND #{IssueStatus.table_name}.is_closed=?", false]) @total_issues_by_tracker = Issue.visible.count(:group => :tracker, :include => [:project, :status, :tracker], :conditions => cond) if User.current.allowed_to?(:view_time_entries, @project) @total_hours = TimeEntry.visible.sum(:hours, :include => :project, :conditions => cond).to_f end respond_to do |format| format.html format.api end end def settings end def edit end # TODO: convert to PUT only verify :method => [:post, :put], :only => :update, :render => {:nothing => true, :status => :method_not_allowed } def update @project.safe_attributes = params[:project] if validate_parent_id && @project.save @project.set_allowed_parent!(params[:project]['parent_id']) if params[:project].has_key?('parent_id') respond_to do |format| format.html { flash[:notice] = l(:notice_successful_update) redirect_to :action => 'settings', :id => @project } format.api { head :ok } end else respond_to do |format| format.html { load_project_settings render :action => 'settings' } format.api { render_validation_errors(@project) } end end end verify :method => :post, :only => :modules, :render => {:nothing => true, :status => :method_not_allowed } def modules @project.enabled_module_names = params[:enabled_module_names] flash[:notice] = l(:notice_successful_update) redirect_to :action => 'settings', :id => @project, :tab => 'modules' end def archive if request.post? unless @project.archive flash[:error] = l(:error_can_not_archive_project) end end redirect_to(url_for(:controller => 'admin', :action => 'projects', :status => params[:status])) end def unarchive @project.unarchive if request.post? && !@project.active? redirect_to(url_for(:controller => 'admin', :action => 'projects', :status => params[:status])) end # Delete @project def destroy @project_to_destroy = @project if request.get? # display confirmation view else if api_request? || params[:confirm] @project_to_destroy.destroy respond_to do |format| format.html { redirect_to :controller => 'admin', :action => 'projects' } format.api { head :ok } end end end hide_project_in_layout end private def find_optional_project return true unless params[:id] @project = Project.find(params[:id]) authorize rescue ActiveRecord::RecordNotFound render_404 end # Validates parent_id param according to user's permissions # TODO: move it to Project model in a validation that depends on User.current def validate_parent_id return true if User.current.admin? parent_id = params[:project] && params[:project][:parent_id] if parent_id || @project.new_record? parent = parent_id.blank? ? nil : Project.find_by_id(parent_id.to_i) unless @project.allowed_parents.include?(parent) @project.errors.add :parent_id, :invalid return false end end true end def jump_to_project_menu_item if params[:jump] # try to redirect to the requested menu item redirect_to_project_menu_item(@project, params[:jump]) && return end end def load_project_settings @issue_custom_fields = IssueCustomField.find(:all, :order => "#{CustomField.table_name}.position") @issue_category ||= IssueCategory.new @member ||= @project.members.new @trackers = Tracker.all @repository ||= @project.repository @wiki ||= @project.wiki end def hide_project_in_layout @project = nil end end