Weird link_to_if_authorized behavior
|Resolution:||Wont fix||Affected version:|
See http://www.redmine.org/issues/4416#note-11 , better description once I've had time to have a better look at it ;-)
Update (EM) 03/16/2011 :
link_to_if_authorized always takes
@project as the current context when it calls
As a symptom (defect), e.g., the parent's shared version wiki page link is rendered as a link in the subproject settings even if the parent project is not accessible by the current user.
#1 Updated by Holger Just almost 7 years ago
Might be an issue here that
link_to_if_authorized checks permission for the project that is
@project which might be wrong here if the version is shared and actually lives in another project.
If this is the case (and else too),
link_to_if_authorized and subsequently
authorize_for should get an optional project parameter.
link_to_if_authorize could conveniently try to get the project_id from the
#3 Updated by Etienne Massip over 6 years ago
- File link_to_if_authorized_overridable_context.patch added
Here's a patch.
It also removes
parameters_for_method_reference argument in
#url_for, which is no more supported since of Rails 2.x.
A good location to test is the link to the wiki page of a forbidden project shared version in the project settings versions list, as mentioned in #6435.