94 |
94 |
# Returns a SQL conditions string used to find all issues visible by the specified user
|
95 |
95 |
def self.visible_condition(user, options={})
|
96 |
96 |
Project.allowed_to_condition(user, :view_issues, options) do |role, user|
|
|
97 |
# Keep the code DRY
|
|
98 |
if [ 'default', 'own' ].include?(role.issues_visibility)
|
|
99 |
user_ids = [user.id] + user.groups.map(&:id).compact
|
|
100 |
watched_issues = Issue.watched_by(user).map(&:id)
|
|
101 |
watched_issues_clause = watched_issues.empty? ? "" : " OR #{table_name}.id IN (#{watched_issues.join(',')})"
|
|
102 |
end
|
|
103 |
|
97 |
104 |
if user.logged?
|
98 |
105 |
case role.issues_visibility
|
99 |
106 |
when 'all'
|
100 |
107 |
nil
|
101 |
108 |
when 'default'
|
102 |
|
user_ids = [user.id] + user.groups.map(&:id)
|
103 |
|
"(#{table_name}.is_private = #{connection.quoted_false} OR #{table_name}.author_id = #{user.id} OR #{table_name}.assigned_to_id IN (#{user_ids.join(',')}))"
|
|
109 |
"(#{table_name}.is_private = #{connection.quoted_false} OR #{table_name}.author_id = #{user.id} OR #{table_name}.assigned_to_id IN (#{user_ids.join(',')}) #{watched_issues_clause})"
|
104 |
110 |
when 'own'
|
105 |
|
user_ids = [user.id] + user.groups.map(&:id)
|
106 |
|
"(#{table_name}.author_id = #{user.id} OR #{table_name}.assigned_to_id IN (#{user_ids.join(',')}))"
|
|
111 |
"(#{table_name}.author_id = #{user.id} OR #{table_name}.assigned_to_id IN (#{user_ids.join(',')}) #{watched_issues_clause})"
|
107 |
112 |
else
|
108 |
113 |
'1=0'
|
109 |
114 |
end
|
... | ... | |
121 |
126 |
when 'all'
|
122 |
127 |
true
|
123 |
128 |
when 'default'
|
124 |
|
!self.is_private? || (self.author == user || user.is_or_belongs_to?(assigned_to))
|
|
129 |
!self.is_private? || (self.author == user || self.watched_by?(user) || user.is_or_belongs_to?(assigned_to))
|
125 |
130 |
when 'own'
|
126 |
|
self.author == user || user.is_or_belongs_to?(assigned_to)
|
|
131 |
self.author == user || self.watched_by?(user) || user.is_or_belongs_to?(assigned_to)
|
127 |
132 |
else
|
128 |
133 |
false
|
129 |
134 |
end
|
... | ... | |
133 |
138 |
end
|
134 |
139 |
end
|
135 |
140 |
|
|
141 |
# Override the acts_as_watchble default to allow any user with view issues
|
|
142 |
# rights to watch/see this issue.
|
|
143 |
def addable_watcher_users
|
|
144 |
users = self.project.users.sort - self.watcher_users
|
|
145 |
users.reject! {|user| !user.allowed_to?(:view_issues, self.project)}
|
|
146 |
users
|
|
147 |
end
|
|
148 |
|
|
149 |
|
136 |
150 |
def initialize(attributes=nil, *args)
|
137 |
151 |
super
|
138 |
152 |
if new_record?
|