redmine_plugins/redmine_dmsf
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

DMSF access for anonymous users #881

Browse Source
This commit is contained in:
Karel Pičman 2018-07-13 09:54:39 +02:00
parent 397cb98e14
commit 2b1747ad19
2 changed files with 15 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/models/dmsf_folder.rb
View File

@ -51,7 +51,6 @@ class DmsfFolder < ActiveRecord::Base
def self.visible_condition(system=true)
Project.allowed_to_condition(User.current, :view_dmsf_folders) do |role, user|
if user.id && user.logged?
permissions = "#{DmsfFolderPermission.table_name}"
folders = "#{DmsfFolder.table_name}"
group_ids = user.group_ids.join(',')
@ -63,9 +62,6 @@ class DmsfFolder < ActiveRecord::Base
((#{permissions}.object_id = #{user.id} OR #{permissions}.object_id IN (#{group_ids})) AND #{permissions}.object_type = 'User')) AND
(#{folders}.system = #{DmsfFolder.connection.quoted_false} OR 1 = #{allowed})
}
else
'0 = 1'
end
end
end

4
test/unit/dmsf_folder_test.rb
View File

@ -65,6 +65,10 @@ class DmsfFolderTest < RedmineDmsf::Test::UnitTest
# Hasn't got permissions for @folder7
@folder7.dmsf_folder_permissions.where(:object_type => 'User').delete_all
assert_equal 4, DmsfFolder.visible.where(:project_id => 1).count
# Anonymous user
User.current = User.anonymous
@project.add_default_member User.anonymous
assert_equal 5, DmsfFolder.visible.where(:project_id => 1).count
end
def test_permissions