New action for repositories controller

Added by Малъ Скрылёвъ about 7 years ago

Hello,

I want to add some action to repositories controller. Now I've tried to do this inside my redmine module with following patch:

require_dependency 'repositories_controller'

module DictionaryRepositoriesControllerPatch
  def self.included(base)
    base.class_eval do
      unloadable
    end
  end

  def edit_entry
    logger.debug 111111111
  end
end

RepositoriesController.send(:include, DictionaryRepositoriesControllerPatch)

But when I've followed the link http://host:3000/projects/dict-test/repository/revisions/master/edit_entry/newcs/main.c to the action, I've gotten the error 403.
Then I've tried to introduce the new action into repositories controller itself. I've copied method entry to method edit_entry, simply to verify adding a new action to a controller, but i failed. The 403 error had appeared yet. I've checked route file, and found that it contains proper rule:

      repository_views.connect 'projects/:id/repository/revisions/:rev/:action/*path', :requirements => { :rev => /[a-z0-9\.\-_]+/ }

When I've investigated the problem, i've found that the behavior was introduced by statement before_filter :authorize. So I have a few questions:
  • Why the statement induces the behaviour?
  • How can I properly add the new action to the controller (with or without a patch)

PS: Redmine commit 01d1a02df425cf5afb1036e57f2d148059472786

Replies (9)

RE: New action for repositories controller - Added by Felix Schäfer about 7 years ago

Have a look at your development logs to see where exactly the processing of the action stops. See the docs on creating plugins for more info on authorization Plugin_Tutorial and examples Plugin_Internals.

RE: New action for repositories controller - Added by Малъ Скрылёвъ about 7 years ago

The log is the following:

Processing RepositoriesController#edit_entry (for 192.168.123.1 at 2010-09-26 22:04:28) [GET]
  Parameters: {"rev"=>"master", "action"=>"edit_entry", "id"=>"dict-test", "path"=>["newcs", "main.c"], "controller"=>"repositories"}
  Setting Columns (2.4ms)   SHOW FIELDS FROM `settings`
  SQL (0.6ms)   SELECT max(`settings`.updated_on) AS max_updated_on FROM `settings` 
  User Columns (3.0ms)   SHOW FIELDS FROM `users`
  User Load (1.5ms)   SELECT * FROM `users` WHERE (`users`.`id` = 1) AND (users.status = 1) AND ( (`users`.`type` = 'User' OR `users`.`type` = 'AnonymousUser' ) ) 
  Project Columns (3.0ms)   SHOW FIELDS FROM `projects`
  Project Load (1.6ms)   SELECT * FROM `projects` WHERE (`projects`.`identifier` = 'dict-test') LIMIT 1
  Repository Load (1.2ms)   SELECT * FROM `repositories` WHERE (`repositories`.project_id = 1) LIMIT 1
  Repository Columns (2.2ms)   SHOW FIELDS FROM `repositories`
  EnabledModule Load (1.8ms)   SELECT * FROM `enabled_modules` WHERE (`enabled_modules`.project_id = 1) 
  EnabledModule Columns (2.0ms)   SHOW FIELDS FROM `enabled_modules`
  EnabledModule Load (1.8ms)   SELECT name FROM `enabled_modules` WHERE (`enabled_modules`.project_id = 1) 
Rendering template within layouts/base
Rendering common/403 (403)
  Setting Load (0.6ms)   SELECT * FROM `settings` WHERE (`settings`.`name` = 'app_title') LIMIT 1
  Setting Load (0.6ms)   SELECT * FROM `settings` WHERE (`settings`.`name` = 'ui_theme') LIMIT 1
  Setting Load (0.9ms)   SELECT * FROM `settings` WHERE (`settings`.`name` = 'text_formatting') LIMIT 1
  Project Load (0.9ms)   SELECT * FROM `projects` WHERE (projects.status=1 AND projects.id IN (SELECT em.project_id FROM enabled_modules em WHERE em.name='schedule_module')) 
  Project Load (0.8ms)   SELECT `projects`.* FROM `projects` INNER JOIN `members` ON `projects`.id = `members`.project_id WHERE ((`members`.user_id = 1) AND ((projects.status=1))) 
Filter chain halted as [:authorize] rendered_or_redirected.
Completed in 765ms (View: 705, DB: 24) | 403 Forbidden [http://derytopja/projects/dict-test/repository/revisions/master/edit_entry/newcs/main.c]

I've searching code and found that the new action isn't allowed. I looked at the permission list, and not found my controller/action pair in it. So I've tried to register the pair in the module but I can't for unknown reasons, no pair from ny module has been registered. The register procedure is the following:

  project_module :dictionary do
    permission :entry_edit, { :repositories => [:edit_entry] }, :public => true
    permission :entry_access, { :dictionary => [:edit_entry, :add_entry, :delete_entry, :build_entry] }, :public => true
    permission :scm_access, { :dictionary => [:build_and_download] }, :public => true
  end

RE: New action for repositories controller - Added by Felix Schäfer about 7 years ago

Have you activated the module for the project you are trying it on?

Anyway, I won't be of much more help with this, contact edavis10 on IRC, he should be the most knowledgeable in this matter.

RE: New action for repositories controller - Added by Малъ Скрылёвъ about 7 years ago

I have a trouble yet.

If i've defined a method(action) at the core repositories controller (app/controllers/repositories), and then i called the method (for example edir_entry) it has been processed properly (i.e. entered to the function, executed the procedure, and exit).

When I've defined a patch to the repositories controller (adding procedure edit_entry), the function has been added to the controller's method list, but processing didn't reach the function. and controller only renders its view, and in the case the view is absent, it raises an exception, as if the defined action method isn't found in the contoller.

What it could be?

RE: New action for repositories controller - Added by Andy Bolstridge almost 7 years ago

I can't help you with your problem, but you can help me with mine :)

I have the same authorise error, what/where do you edit to add a new method to a controller?
thanks.

RE: New action for repositories controller - Added by Малъ Скрылёвъ almost 7 years ago

An authorize error is healed by adding a right for the specified action method to the init.rb of your redmine module.

  project_module :redmine_module do
    permission :scm_read_access, { :repositories => [:action_method]}, :public => true
  end

RE: New action for repositories controller - Added by Andy Bolstridge almost 7 years ago

thanks - but I'm trying to modify the core Redmine code to improve a patch (and learn how to develop Redmine). I'll do more searching.

RE: New action for repositories controller - Added by Andy Bolstridge almost 7 years ago

FYI:

I found it,
in lib/redmine.rb is a list of all controller methods that are mapped to role permissions.

so I added my new method to the standard 'view_changesets' permission and it now allows me to call it.

(1-9/9)