fixed: non public projects were shown on welcome screen even if current user is not a member
git-svn-id: http://redmine.rubyforge.org/svn/trunk@129 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
parent
e6fa690d65
commit
7a03cf92ba
|
@ -19,7 +19,7 @@ class WelcomeController < ApplicationController
|
|||
layout 'base'
|
||||
|
||||
def index
|
||||
@news = News.latest
|
||||
@projects = Project.latest
|
||||
@news = News.latest logged_in_user
|
||||
@projects = Project.latest logged_in_user
|
||||
end
|
||||
end
|
||||
|
|
|
@ -22,8 +22,8 @@ class News < ActiveRecord::Base
|
|||
|
||||
validates_presence_of :title, :description
|
||||
|
||||
# returns last created news
|
||||
def self.latest
|
||||
find(:all, :limit => 5, :include => [ :author, :project ], :order => "news.created_on DESC")
|
||||
# returns latest news for projects visible by user
|
||||
def self.latest(user=nil, count=5)
|
||||
find(:all, :limit => count, :conditions => Project.visible_by(user), :include => [ :author, :project ], :order => "news.created_on DESC")
|
||||
end
|
||||
end
|
||||
|
|
|
@ -35,11 +35,20 @@ class Project < ActiveRecord::Base
|
|||
validates_associated :repository
|
||||
validates_format_of :name, :with => /^[\w\s\'\-]*$/i
|
||||
|
||||
# returns 5 last created projects
|
||||
def self.latest
|
||||
find(:all, :limit => 5, :order => "created_on DESC")
|
||||
# returns latest created projects
|
||||
# non public projects will be returned only if user is a member of those
|
||||
def self.latest(user=nil, count=5)
|
||||
find(:all, :limit => count, :conditions => visible_by(user), :order => "projects.created_on DESC")
|
||||
end
|
||||
|
||||
def self.visible_by(user=nil)
|
||||
if user && !user.memberships.empty?
|
||||
return ["projects.is_public = ? or projects.id IN (#{user.memberships.collect{|m| m.project_id}.join(',')})", true]
|
||||
else
|
||||
return ["projects.is_public = ?", true]
|
||||
end
|
||||
end
|
||||
|
||||
# Returns an array of all custom fields enabled for project issues
|
||||
# (explictly associated custom fields and custom fields enabled for all projects)
|
||||
def custom_fields_for_issues(tracker)
|
||||
|
|
Loading…
Reference in New Issue