OpenProject is the leading open source project management software.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 
openproject/lib/user_patch.rb

265 lines
8.3 KiB

require_dependency 'user'
# Patches Redmine's Users dynamically.
module UserPatch
def self.included(base) # :nodoc:
base.extend(ClassMethods)
base.send(:include, InstanceMethods)
# Same as typing in the class
base.class_eval do
unloadable
has_many :groups_users, :class_name => 'GroupUser', :dependent => :destroy,
:after_add => Proc.new {|user, group_user| group_user.group.user_added(user)},
:after_remove => Proc.new {|user, group_user| group_user.group.user_removed(user)}
has_many :groups, :through => :groups_users,
:after_add => Proc.new {|user, group| group.user_added(user)},
:after_remove => Proc.new {|user, group| group.user_removed(user)}
has_many :rates, :class_name => 'HourlyRate'
has_many :default_rates, :class_name => 'DefaultHourlyRate'
before_save :save_rates
unless instance_methods.include? "allowed_to_without_inheritance?"
alias_method_chain :allowed_to?, :inheritance
end
end
end
module ClassMethods
end
module InstanceMethods
def allowed_for_role(action, project, role, users, options={})
allowed = role.allowed_to?(action)
if action.is_a? Symbol
perm = Redmine::AccessControl.permission(action)
if perm.granular_for
allowed && users.include?(options[:for] || self)
elsif !allowed && options[:for] && granulars = Redmine::AccessControl.permissions.select{|p| p.granular_for == perm}
granulars.detect{|p| self.allowed_to? p.name, project, options}
else
allowed
end
else
allowed
end
end
def granular_roles_for_project(project)
roles = {}
# No role on archived projects
return roles unless project && project.active?
if logged?
# Find project membership
membership = memberships.detect {|m| m.project_id == project.id}
if membership
roles = granular_roles(membership.member_roles)
else
@role_non_member ||= Role.non_member
roles[@role_non_member] = [self]
end
else
@role_anonymous ||= Role.anonymous
roles[@role_anonymous] = [self]
end
roles
end
# Return true if the user is allowed to do the specified action on project
# action can be:
# * a parameter-like Hash (eg. :controller => 'projects', :action => 'edit')
# * a permission Symbol (eg. :edit_project)
def allowed_to_with_inheritance?(action, project, options={})
allowed_for_role = Proc.new do |role, users|
self.allowed_for_role(action, project, role, users, options)
end
if project
# No action allowed on archived projects
return false unless project.active?
# No action allowed on disabled modules
return false unless project.allows_to?(action)
# Admin users are authorized for anything else
return true if admin?
roles = granular_roles_for_project(project)
return false unless roles
roles.detect do |role, users|
if (project.is_public? || role.member?)
allowed_for_role.call(role, users)
else
false
end
end
elsif options[:global]
# Admin users are always authorized
return true if admin?
# authorize if user has at least one role that has this permission
roles = memberships.inject({}) do |roles, m|
granular_roles(m.member_roles).each_pair do |role, users|
if roles[role]
roles[role] |= users unless users.nil?
else
roles[role] = users
end
roles
end
end
roles.detect(&allowed_for_role) || (self.logged? ? allowed_for_role.call(Role.non_member, [self]) : allowed_for_role.call(Role.anonymous, [self]))
else
false
end
end
def allowed_for(permission, projects = nil)
if projects
projects = [projects] unless projects.is_a? Array
projects, ids = projects.partition{|p| p.is_a?(Project)}
projects += Project.find_all_by_id(ids)
else
projects = Project.find(:all, :conditions => Project.visible_by(self), :include => [:enabled_modules])
end
user_list = projects.inject({}) do |user_list, project|
roles = granular_roles_for_project(project)
if roles
users_for_project = []
roles.each_pair do |role, users|
if (project.is_public? || role.member?) && self.allowed_for_role(permission, project, role, users, :for => self)
users_for_project += users.collect(&:id)
end
end
unless users_for_project.blank?
users_for_project.sort!.uniq!
user_list[users_for_project] ||= []
user_list[users_for_project] << project.id
end
end
user_list
end
cond = []
user_list.each_pair do |users, projects|
cond << "(#{Project.table_name}.id in (#{projects.join(", ")}) AND #{User.table_name}.id IN (#{users.join(", ")}))"
end
cond.blank? ? "(0=1)" : "(#{cond.join " OR "})"
end
def current_rate(project = nil, include_default = true)
rate_at(Date.today, project, include_default)
end
def rate_at(date, project = nil, include_default = true)
unless project.nil?
rate = HourlyRate.find(:first, :conditions => [ "user_id = ? and project_id = ? and valid_from <= ?", id, project, date], :order => "valid_from DESC")
# TODO: this is Redmine 0.8 specific. Sort by project.lft first if using redmine 0.9!
if rate.nil?
project = Project.find(project) unless project.is_a?(Project)
rate = HourlyRate.find(:first, :conditions => [ "user_id = ? and project_id in (?) and valid_from <= ?", id, project.ancestors, date], :order => "valid_from DESC")
end
end
rate ||= default_rate_at(date) if include_default
rate
end
def current_default_rate()
default_rate_at(Date.today)
end
def default_rate_at(date)
DefaultHourlyRate.find(:first, :conditions => [ "user_id = ? and valid_from <= ?", id, date], :order => "valid_from DESC")
end
def add_rates(project, rate_attributes)
# set project to nil to set the default rates
return unless rate_attributes
rate_attributes.each do |index, attributes|
attributes[:rate] = Rate.clean_currency(attributes[:rate])
if project.nil?
default_rates.build(attributes) if attributes[:rate].to_f > 0
else
attributes[:project] = project
rates.build(attributes) if attributes[:rate].to_f > 0
end
end
end
def set_existing_rates (project, rate_attributes)
if project.nil?
default_rates.reject(&:new_record?).each do |rate|
update_rate(rate, rate_attributes, false)
end
else
rates.reject{|r| r.new_record? || r.project_id != project.id}.each do |rate|
update_rate(rate, rate_attributes, true)
end
end
end
def save_rates
(default_rates + rates).each do |rate|
rate.save(false)
end
end
private
def granular_roles(member_roles)
roles = {}
member_roles.each do |r|
roles[r.role] = [self]
if r.inherited_from
# the role was inherited from a group
case r.membership_type
when :controller
inherited = MemberRole.find_by_id(r.inherited_from)
users = [self]
users += inherited.member.users# if inherited.member.principal.is_a? Group
roles[r.role] = users
else # :default
#nothing
end
end
end
roles
end
def update_rate(rate, rate_attributes, project_rate = true)
attributes = rate_attributes[rate.id.to_s] if rate_attributes
has_rate = false
if attributes && attributes[:rate]
attributes[:rate] = Rate.clean_currency(attributes[:rate])
has_rate = attributes[:rate].to_f > 0
end
if has_rate
rate.attributes = attributes
else
project_rate ? rates.delete(rate) : default_rates.delete(rate)
end
end
end
end