diff --git a/app/controllers/application.rb b/app/controllers/application.rb index 2a23c311..2a8e1515 100644 --- a/app/controllers/application.rb +++ b/app/controllers/application.rb @@ -71,7 +71,7 @@ class ApplicationController < ActionController::Base def require_admin return unless require_login unless self.logged_in_user.admin? - render :nothing => true, :status => 403 + render_403 return false end true @@ -91,7 +91,7 @@ class ApplicationController < ActionController::Base if logged_in_user_membership and Permission.allowed_to_role( "%s/%s" % [ ctrl, action ], logged_in_user_membership ) return true end - render :nothing => true, :status => 403 + render_403 false end @@ -101,7 +101,7 @@ class ApplicationController < ActionController::Base return true if @project.is_public? return false unless logged_in_user return true if logged_in_user.admin? || logged_in_user_membership - render :nothing => true, :status => 403 + render_403 false end @@ -121,6 +121,13 @@ class ApplicationController < ActionController::Base end end + def render_403 + @html_title = "403" + @project = nil + render :template => "common/403", :layout => true, :status => 403 + return false + end + def render_404 @html_title = "404" render :template => "common/404", :layout => true, :status => 404 diff --git a/app/views/common/403.rhtml b/app/views/common/403.rhtml new file mode 100644 index 00000000..138c1a2f --- /dev/null +++ b/app/views/common/403.rhtml @@ -0,0 +1,4 @@ +

403

+ +

<%= l(:notice_not_authorized) %>

+

Back

diff --git a/lang/de.yml b/lang/de.yml index 3cf43bf4..efd5e38b 100644 --- a/lang/de.yml +++ b/lang/de.yml @@ -66,6 +66,7 @@ notice_successful_connection: Verbindung erfolgreich. notice_file_not_found: Anhang besteht nicht oder ist gelöscht worden. notice_locking_conflict: Datum wurde von einem anderen Benutzer geändert. notice_scm_error: Eintrag und/oder Revision besteht nicht im SVN. +notice_not_authorized: You are not authorized to access this page. mail_subject_lost_password: Ihr redMine Kennwort mail_subject_register: redMine Kontoaktivierung diff --git a/lang/en.yml b/lang/en.yml index e1329bed..7fcb2b14 100644 --- a/lang/en.yml +++ b/lang/en.yml @@ -66,6 +66,7 @@ notice_successful_connection: Successful connection. notice_file_not_found: The page you were trying to access doesn't exist or has been removed. notice_locking_conflict: Data have been updated by another user. notice_scm_error: Entry and/or revision doesn't exist in the repository. +notice_not_authorized: You are not authorized to access this page. mail_subject_lost_password: Your redMine password mail_subject_register: redMine account activation diff --git a/lang/es.yml b/lang/es.yml index 3522bd42..806c8d46 100644 --- a/lang/es.yml +++ b/lang/es.yml @@ -66,6 +66,7 @@ notice_successful_connection: Successful connection. notice_file_not_found: La página que intentabas tener acceso no existe ni se ha quitado. notice_locking_conflict: Data have been updated by another user. notice_scm_error: La entrada y/o la revisión no existe en el depósito. +notice_not_authorized: You are not authorized to access this page. mail_subject_lost_password: Tu contraseña del redMine mail_subject_register: Activación de la cuenta del redMine diff --git a/lang/fr.yml b/lang/fr.yml index 0541f09f..8423ba93 100644 --- a/lang/fr.yml +++ b/lang/fr.yml @@ -66,6 +66,7 @@ notice_successful_connection: Connection réussie. notice_file_not_found: La page à laquelle vous souhaitez accéder n'existe pas ou a été supprimée. notice_locking_conflict: Les données ont été mises à jour par un autre utilisateur. Mise à jour impossible. notice_scm_error: L'entrée et/ou la révision demandée n'existe pas dans le dépôt. +notice_not_authorized: Vous n'êtes pas autorisés à accéder à cette page. mail_subject_lost_password: Votre mot de passe redMine mail_subject_register: Activation de votre compte redMine diff --git a/lang/it.yml b/lang/it.yml index 2861ced3..0c48ee20 100644 --- a/lang/it.yml +++ b/lang/it.yml @@ -66,6 +66,7 @@ notice_successful_connection: Connessione effettuata. notice_file_not_found: La pagina desiderata non esiste o è stata rimossa. notice_locking_conflict: Le informazioni sono state modificate da un altro utente. notice_scm_error: La risorsa e/o la versione non esistono nel repository. +notice_not_authorized: You are not authorized to access this page. mail_subject_lost_password: Password redMine mail_subject_register: Attivazione utenza redMine diff --git a/lang/ja.yml b/lang/ja.yml index 3b62421d..274171d6 100644 --- a/lang/ja.yml +++ b/lang/ja.yml @@ -67,6 +67,7 @@ notice_successful_connection: 接続しました。 notice_file_not_found: アクセスしようとしたページは存在しないか削除されています。 notice_locking_conflict: 別のユーザがデータを更新しています。 notice_scm_error: リポジトリに、エントリ/リビジョンが存在しません。 +notice_not_authorized: You are not authorized to access this page. mail_subject_lost_password: redMine パスワード mail_subject_register: redMine アカウントが有効になりました diff --git a/lang/pt.yml b/lang/pt.yml index 8cc98aa8..4719e417 100644 --- a/lang/pt.yml +++ b/lang/pt.yml @@ -66,6 +66,7 @@ notice_successful_connection: Conectado com sucesso. notice_file_not_found: A pagina que voce esta tentando acessar nao existe ou foi excluida. notice_locking_conflict: Os dados foram atualizados por um outro usuario. notice_scm_error: A entrada e/ou a revisao nao existem no repositorio. +notice_not_authorized: You are not authorized to access this page. mail_subject_lost_password: Sua senha do redMine. mail_subject_register: Ativacao de conta do redMine. diff --git a/lang/zh.yml b/lang/zh.yml index 3a5ad7c8..79f998c1 100644 --- a/lang/zh.yml +++ b/lang/zh.yml @@ -69,6 +69,7 @@ notice_successful_connection: 连接成功 notice_file_not_found: 您访问的页面不存在或已被删除。 notice_locking_conflict: 数据已被另一个用户更新 notice_scm_error: 在版本库中不存在该条目或修订 +notice_not_authorized: You are not authorized to access this page. mail_subject_lost_password: 您的redMine口令 mail_subject_register: redMine帐户激活