Change link_to_if_authorized to allow url paths. (Fixes #6195)
Both url paths (/issues/1234) and params hashes (:controller => 'issues') are now supported by link_to_if_authorized. The authorize_for method requires a controller/action pair so urls need to be parsed against the routes to find their controller/action. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4064 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
parent
563c879e44
commit
d771fa9289
|
@ -32,8 +32,27 @@ module ApplicationHelper
|
|||
end
|
||||
|
||||
# Display a link if user is authorized
|
||||
#
|
||||
# @param [String] name Anchor text (passed to link_to)
|
||||
# @param [Hash, String] options Hash params or url for the link target (passed to link_to).
|
||||
# This will checked by authorize_for to see if the user is authorized
|
||||
# @param [optional, Hash] html_options Options passed to link_to
|
||||
# @param [optional, Hash] parameters_for_method_reference Extra parameters for link_to
|
||||
def link_to_if_authorized(name, options = {}, html_options = nil, *parameters_for_method_reference)
|
||||
link_to(name, options, html_options, *parameters_for_method_reference) if authorize_for(options[:controller] || params[:controller], options[:action])
|
||||
if options.is_a?(String)
|
||||
begin
|
||||
route = ActionController::Routing::Routes.recognize_path(options.gsub(/\?.*/,''), :method => options[:method] || :get)
|
||||
link_controller = route[:controller]
|
||||
link_action = route[:action]
|
||||
rescue ActionController::RoutingError # Parse failed, not a route
|
||||
link_controller, link_action = nil, nil
|
||||
end
|
||||
else
|
||||
link_controller = options[:controller] || params[:controller]
|
||||
link_action = options[:action]
|
||||
end
|
||||
|
||||
link_to(name, options, html_options, *parameters_for_method_reference) if authorize_for(link_controller, link_action)
|
||||
end
|
||||
|
||||
# Display a link to remote if user is authorized
|
||||
|
|
|
@ -31,6 +31,35 @@ class ApplicationHelperTest < ActionView::TestCase
|
|||
super
|
||||
end
|
||||
|
||||
context "#link_to_if_authorized" do
|
||||
context "authorized user" do
|
||||
should "be tested"
|
||||
end
|
||||
|
||||
context "unauthorized user" do
|
||||
should "be tested"
|
||||
end
|
||||
|
||||
should "allow using the :controller and :action for the target link" do
|
||||
User.current = User.find_by_login('admin')
|
||||
|
||||
@project = Issue.first.project # Used by helper
|
||||
response = link_to_if_authorized("By controller/action",
|
||||
{:controller => 'issues', :action => 'edit', :id => Issue.first.id})
|
||||
assert_match /href/, response
|
||||
end
|
||||
|
||||
should "allow using the url for the target link" do
|
||||
User.current = User.find_by_login('admin')
|
||||
|
||||
@project = Issue.first.project # Used by helper
|
||||
response = link_to_if_authorized("By url",
|
||||
new_issue_move_path(:id => Issue.first.id))
|
||||
assert_match /href/, response
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
def test_auto_links
|
||||
to_test = {
|
||||
'http://foo.bar' => '<a class="external" href="http://foo.bar">http://foo.bar</a>',
|
||||
|
|
Loading…
Reference in New Issue