Index: app/controllers/reports_controller.rb =================================================================== --- app/controllers/reports_controller.rb (revision 14964) +++ app/controllers/reports_controller.rb (working copy) @@ -24,8 +24,12 @@ @versions = @project.shared_versions.sort @priorities = IssuePriority.all.reverse @categories = @project.issue_categories - @assignees = (Setting.issue_group_assignment? ? @project.principals : @project.users).sort - @authors = @project.users.sort + ## begin patch private role + #@assignees = (Setting.issue_group_assignment? ? @project.principals : @project.users).sort + @assignees = (Setting.issue_group_assignment? ? @project.principals : @project.users.visible).sort + #@authors = @project.users.sort + @authors = @project.users.visible.sort + ## end patch private role @subprojects = @project.descendants.visible @issues_by_tracker = Issue.by_tracker(@project) @@ -63,12 +67,18 @@ @report_title = l(:field_category) when "assigned_to" @field = "assigned_to_id" - @rows = (Setting.issue_group_assignment? ? @project.principals : @project.users).sort + ## begin patch private role + #@rows = (Setting.issue_group_assignment? ? @project.principals : @project.users).sort + @rows = (Setting.issue_group_assignment? ? @project.principals : @project.users).visible.sort + ## end patch private role @data = Issue.by_assigned_to(@project) @report_title = l(:field_assigned_to) when "author" @field = "author_id" - @rows = @project.users.sort + ## begin patch private role + #@rows = @project.users.sort + @rows = @project.users.visible.sort + ## end patch private role @data = Issue.by_author(@project) @report_title = l(:field_author) when "subproject" Index: app/controllers/users_controller.rb =================================================================== --- app/controllers/users_controller.rb (revision 14964) +++ app/controllers/users_controller.rb (working copy) @@ -62,14 +62,25 @@ end def show - unless @user.visible? - render_404 - return - end + ## begin patch private role (revert revision 13584 - if user with private role (or non-member?) acts on issue, user should be visible) + #unless @user.visible? + # render_404 + # return + #end + ## end patch private role # show projects based on current user visibility @memberships = @user.memberships.where(Project.visible_condition(User.current)).to_a + ## begin patch private role (revert revision 13584) + unless @user.visible? + if !@user.active? || (@user != User.current && @memberships.empty?) + render_403 + return + end + end + ## end patch private role + respond_to do |format| format.html { events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10) Index: app/models/principal.rb =================================================================== --- app/models/principal.rb (revision 14964) +++ app/models/principal.rb (working copy) @@ -54,7 +54,14 @@ active else # self and members of visible projects - active.where("#{table_name}.id = ? OR #{table_name}.id IN (SELECT user_id FROM #{Member.table_name} WHERE project_id IN (?))", + ## begin patch private role + #active.where("#{table_name}.id = ? OR #{table_name}.id IN (SELECT user_id FROM #{Member.table_name} WHERE project_id IN (?))", + active.where("#{table_name}.id = ? OR #{table_name}.id IN (" + + "SELECT m.user_id FROM #{Member.table_name} m" + + " INNER JOIN #{MemberRole.table_name} mr ON m.id = mr.member_id" + + " INNER JOIN #{Role.table_name} r ON mr.role_id = r.id" + + " WHERE m.project_id IN (?) AND r.name NOT LIKE 'private.%')", + ## end patch private role user.id, user.visible_project_ids ) end Index: app/models/project.rb =================================================================== --- app/models/project.rb (revision 14964) +++ app/models/project.rb (working copy) @@ -479,7 +479,10 @@ # Returns a hash of project users grouped by role def users_by_role members.includes(:user, :roles).inject({}) do |h, m| - m.roles.each do |r| + ## begin patch private role + #m.roles.each do |r| + m.roles.non_private.each do |r| + ## end patch private role h[r] ||= [] h[r] << m.user end @@ -510,6 +513,9 @@ @assignable_users ||= Principal. active. + ## begin patch private role + visible. + ## end patch private role joins(:members => :roles). where(:type => types, :members => {:project_id => id}, :roles => {:assignable => true}). uniq. Index: app/models/role.rb =================================================================== --- app/models/role.rb (revision 14964) +++ app/models/role.rb (working copy) @@ -50,7 +50,19 @@ ] scope :sorted, lambda { order(:builtin, :position) } - scope :givable, lambda { order(:position).where(:builtin => 0) } +## begin patch private role + #scope :givable, lambda { order(:position).where(:builtin => 0) } + scope :givable, lambda { + if User.current.admin? + order(:position).where(:builtin => 0) + else + order(:position).non_private.where(:builtin => 0) + end + } + + scope :non_private, lambda { order(:position).where("#{table_name}.name NOT LIKE 'private.%'") } +## end patch private role + scope :builtin, lambda { |*args| compare = (args.first == true ? 'not' : '') where("#{compare} builtin = 0")