edit_own_messages.diff

Markus Knittig, 2008-11-08 19:01

Download (5.52 KB)

View differences:

app/controllers/messages_controller.rb
19 19
  menu_item :boards
20 20
  before_filter :find_board, :only => [:new, :preview]
21 21
  before_filter :find_message, :except => [:new, :preview]
22
  before_filter :authorize, :except => :preview
22
  before_filter :authorize, :except => [:preview, :edit, :destroy]
23 23

  
24 24
  verify :method => :post, :only => [ :reply, :destroy ], :redirect_to => { :action => :show }
25 25
  verify :xhr => true, :only => :quote
......
65 65

  
66 66
  # Edit a message
67 67
  def edit
68
    if params[:message] && User.current.allowed_to?(:edit_messages, @project)
68
    render_403 and return false unless @message.editable_by?(User.current)
69
    if params[:message]
69 70
      @message.locked = params[:message]['locked']
70 71
      @message.sticky = params[:message]['sticky']
71 72
    end
......
78 79
  
79 80
  # Delete a messages
80 81
  def destroy
82
    render_403 and return false unless @message.destroyable_by?(User.current)
81 83
    @message.destroy
82 84
    redirect_to @message.parent.nil? ?
83 85
      { :controller => 'boards', :action => 'show', :project_id => @project, :id => @board } :
app/models/message.rb
71 71
  def project
72 72
    board.project
73 73
  end
74

  
75
  def editable_by?(usr)
76
    usr && usr.logged? && (usr.allowed_to?(:edit_messages, project) || (self.author == usr && usr.allowed_to?(:edit_own_messages, project)))
77
  end
78

  
79
  def destroyable_by?(usr)
80
    usr && usr.logged? && (usr.allowed_to?(:delete_messages, project) || (self.author == usr && usr.allowed_to?(:delete_own_messages, project)))
81
  end
74 82
  
75 83
  private
76 84
  
app/views/messages/show.rhtml
4 4
<div class="contextual">
5 5
    <%= watcher_tag(@topic, User.current) %>
6 6
    <%= link_to_remote_if_authorized l(:button_quote), { :url => {:action => 'quote', :id => @topic} }, :class => 'icon icon-comment' %>
7
    <%= link_to_if_authorized l(:button_edit), {:action => 'edit', :id => @topic}, :class => 'icon icon-edit' %>
8
    <%= link_to_if_authorized l(:button_delete), {:action => 'destroy', :id => @topic}, :method => :post, :confirm => l(:text_are_you_sure), :class => 'icon icon-del' %>
7
    <% if @message.editable_by?(User.current) -%>
8
        <%= link_to l(:button_edit), {:action => 'edit', :id => @topic}, :class => 'icon icon-edit' %>
9
    <% end -%>
10
    <% if @message.destroyable_by?(User.current) -%>
11
        <%= link_to l(:button_delete), {:action => 'destroy', :id => @topic}, :method => :post, :confirm => l(:text_are_you_sure), :class => 'icon icon-del' %>
12
    <% end -%>
9 13
</div>
10 14

  
11 15
<h2><%=h @topic.subject %></h2>
lang/en.yml
269 269
permission_view_messages: View messages
270 270
permission_add_messages: Post messages
271 271
permission_edit_messages: Edit messages
272
permission_edit_own_messages: Edit own messages
272 273
permission_delete_messages: Delete messages
274
permission_delete_won_messages: Delete own messages
273 275

  
274 276
project_module_issue_tracking: Issue tracking
275 277
project_module_time_tracking: Time tracking
lib/redmine.rb
99 99
    map.permission :view_messages, {:boards => [:index, :show], :messages => [:show]}, :public => true
100 100
    map.permission :add_messages, {:messages => [:new, :reply, :quote]}
101 101
    map.permission :edit_messages, {:messages => :edit}, :require => :member
102
    map.permission :edit_own_messages, {:messages => :edit}, :require => :loggedin
102 103
    map.permission :delete_messages, {:messages => :destroy}, :require => :member
104
    map.permission :delete_own_messages, {:messages => :destroy}, :require => :loggedin
103 105
  end
104 106
end
105 107

  
lib/redmine/default_data/loader.rb
65 65
                                                      :edit_wiki_pages,
66 66
                                                      :delete_wiki_pages,
67 67
                                                      :add_messages,
68
                                                      :edit_own_messages,
68 69
                                                      :view_files,
69 70
                                                      :manage_files,
70 71
                                                      :browse_repository,
......
85 86
                                                    :view_wiki_pages,
86 87
                                                    :view_wiki_edits,
87 88
                                                    :add_messages,
89
                                                    :edit_own_messages,
88 90
                                                    :view_files,
89 91
                                                    :browse_repository,
90 92
                                                    :view_changesets]