kolan/Redmine
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Code cleanup.

Browse Source 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@10904 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Jean-Philippe Lang 2012-12-02 09:59:22 +00:00
parent 88d5663ad2
commit 6e1ff5bba6
3 changed files with 16 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
app/controllers/application_controller.rb
View File

@ -276,14 +276,24 @@ class ApplicationController < ActionController::Base
self.model_object = model self.model_object = model
end end
# Filter for bulk issue operations # Find the issue whose id is the :id parameter
# Raises a Unauthorized exception if the issue is not visible
def find_issue
# Issue.visible.find(...) can not be used to redirect user to the login form
# if the issue actually exists but requires authentication
@issue = Issue.find(params[:id])
raise Unauthorized unless @issue.visible?
@project = @issue.project
rescue ActiveRecord::RecordNotFound
render_404
end
# Find issues with a single :id param or :ids array param
# Raises a Unauthorized exception if one of the issues is not visible
def find_issues def find_issues
@issues = Issue.find_all_by_id(params[:id] || params[:ids]) @issues = Issue.find_all_by_id(params[:id] || params[:ids])
raise ActiveRecord::RecordNotFound if @issues.empty? raise ActiveRecord::RecordNotFound if @issues.empty?
if @issues.detect {|issue| !issue.visible?} raise Unauthorized if @issues.all?(&:visible?)
deny_access
return
end
@projects = @issues.collect(&:project).compact.uniq @projects = @issues.collect(&:project).compact.uniq
@project = @projects.first if @projects.size == 1 @project = @projects.first if @projects.size == 1
rescue ActiveRecord::RecordNotFound rescue ActiveRecord::RecordNotFound

14
app/controllers/issues_controller.rb
View File

@ -313,19 +313,7 @@ class IssuesController < ApplicationController
end end
end end
private private
def find_issue
# Issue.visible.find(...) can not be used to redirect user to the login form
# if the issue actually exists but requires authentication
@issue = Issue.find(params[:id], :include => [:project, :tracker, :status, :author, :priority, :category])
unless @issue.visible?
deny_access
return
end
@project = @issue.project
rescue ActiveRecord::RecordNotFound
render_404
end
def find_project def find_project
project_id = params[:project_id] || (params[:issue] && params[:issue][:project_id]) project_id = params[:project_id] || (params[:issue] && params[:issue][:project_id])

8
app/controllers/journals_controller.rb
View File

@ -102,12 +102,4 @@ class JournalsController < ApplicationController
rescue ActiveRecord::RecordNotFound rescue ActiveRecord::RecordNotFound
render_404 render_404
end end
# TODO: duplicated in IssuesController
def find_issue
@issue = Issue.find(params[:id], :include => [:project, :tracker, :status, :author, :priority, :category])
@project = @issue.project
rescue ActiveRecord::RecordNotFound
render_404
end
end end