diff --git a/app/controllers/dmsf_controller.rb b/app/controllers/dmsf_controller.rb
index 9d50c59d..5fa504eb 100644
--- a/app/controllers/dmsf_controller.rb
+++ b/app/controllers/dmsf_controller.rb
@@ -711,14 +711,15 @@ class DmsfController < ApplicationController
@url_links = []
else
if @folder
- @subfolders = @folder.dmsf_folders.visible
+ @subfolders = @folder.dmsf_folders.visible.to_a
@files = @folder.dmsf_files.visible
@dir_links = @folder.folder_links.visible
@file_links = @folder.file_links.visible
@url_links = @folder.url_links.visible
@locked_for_user = @folder.locked_for_user?
else
- @subfolders = @project.dmsf_folders.visible
+ Rails.logger.info ">>> #{@project.dmsf_folders.visible.to_sql}"
+ @subfolders = @project.dmsf_folders.visible.to_a
@files = @project.dmsf_files.visible
@dir_links = @project.folder_links.visible
@file_links = @project.file_links.visible
@@ -726,6 +727,20 @@ class DmsfController < ApplicationController
@locked_for_user = false
end
end
+ # Remove system folders you are not allowed to see because you are not allowed to see the issue
+ @subfolders.delete_if{ |folder|
+ if folder.system
+ issue_id = folder.title.to_i
+ if issue_id > 0
+ issue = Issue.find_by_id issue_id
+ issue && !issue.visible?(User.current)
+ else
+ false
+ end
+ else
+ false
+ end
+ }
end
@ajax_upload_size = Setting.plugin_redmine_dmsf['dmsf_max_ajax_upload_filesize'].present? ? Setting.plugin_redmine_dmsf['dmsf_max_ajax_upload_filesize'] : 100
diff --git a/app/models/dmsf_folder.rb b/app/models/dmsf_folder.rb
index 127caeb7..fa311b79 100644
--- a/app/models/dmsf_folder.rb
+++ b/app/models/dmsf_folder.rb
@@ -85,23 +85,35 @@ class DmsfFolder < ActiveRecord::Base
before_create :default_values
def self.visible_condition(system=true)
- sql = Project.allowed_to_condition(User.current, :view_dmsf_folders) do |role, user|
+ Project.allowed_to_condition(User.current, :view_dmsf_folders) do |role, user|
if user.id && user.logged?
%{
- (#{DmsfFolderPermission.table_name}.object_id IS NULL) OR
- (#{DmsfFolderPermission.table_name}.object_id = #{role.id} AND #{DmsfFolderPermission.table_name}.object_type = 'Role') OR
- (#{DmsfFolderPermission.table_name}.object_id = #{user.id} AND #{DmsfFolderPermission.table_name}.object_type = 'User')
+ ((#{DmsfFolderPermission.table_name}.object_id IS NULL) OR
+ ((#{DmsfFolderPermission.table_name}.object_id = #{role.id} AND #{DmsfFolderPermission.table_name}.object_type = 'Role')) OR
+ ((#{DmsfFolderPermission.table_name}.object_id = #{user.id} AND #{DmsfFolderPermission.table_name}.object_type = 'User'))) AND
+ ((#{DmsfFolder.table_name}.system = 0 OR 1 = #{(system && role.allowed_to?(:display_system_folders)) ? 1 : 0}))
}
else
'0 = 1'
end
end
- "#{sql} AND (#{DmsfFolder.table_name}.system = 0 OR 1 = #{(system && Setting.plugin_redmine_dmsf['dmsf_show_system_folders']) ? 1 : 0})"
end
def self.permissions?(folder, allow_system = true)
- return false if folder && folder.system && (!allow_system || !Setting.plugin_redmine_dmsf['dmsf_show_system_folders'])
+ # Administrator?
return true if (User.current.admin? || folder.nil?)
+ # System folder?
+ if folder && folder.system
+ if (!allow_system || !User.current.allowed_to?(:display_system_folders, folder.project))
+ return false
+ end
+ issue_id = folder.title.to_i
+ if issue_id > 0
+ issue = Issue.find_by_id issue_id
+ return false unless issue && issue.visible?(User.current)
+ end
+ end
+ # Permissions?
if !folder.dmsf_folder || permissions?(folder.dmsf_folder, allow_system)
if folder.dmsf_folder_permissions.any?
role_ids = User.current.roles_for_project(folder.project).map{ |r| r.id }
diff --git a/app/views/settings/_dmsf_settings.html.erb b/app/views/settings/_dmsf_settings.html.erb
index cb248e8b..719c4f6d 100644
--- a/app/views/settings/_dmsf_settings.html.erb
+++ b/app/views/settings/_dmsf_settings.html.erb
@@ -137,15 +137,6 @@
-
- <%= content_tag(:label, l(:label_show_system_folders)) %>
- <%= check_box_tag('settings[dmsf_show_system_folders]', true, @settings['dmsf_show_system_folders']) %>
-
- <%= l(:note_dmsf_show_system_folders) %>
- <%= l(:label_default)%>: <%= l(:general_text_No)%>
-
-
-
<%= l(:menu_dmsf) %> <%= l(:field_column_names) %>
diff --git a/config/locales/cs.yml b/config/locales/cs.yml
index 3c0dac75..cde60efb 100644
--- a/config/locales/cs.yml
+++ b/config/locales/cs.yml
@@ -154,6 +154,7 @@ cs:
permission_force_file_unlock: Vynucené odemknutí souboru
permission_manage_workflows: Spravovat schvalovací procesy
permission_file_delete: Mazat dokumenty
+ permission_display_system_folders: Zobrazit systémové adresáře
label_file: Soubor
field_folder: Složka
error_create_cycle_in_folder_dependency: vytvořit smyčku v závislostech složky
@@ -363,7 +364,5 @@ cs:
label_act_as_attachable: Jako příloha
note_dmsf_act_as_attachable: Umožní přikládat dokumenty k objektům např. úkolům.
- label_show_system_folders: Zobrazit systémové složky
- note_dmsf_show_system_folders: Systémové složky jsou složky se specifickým určením, např. pro dokumenty nahrané k úkolům.
label_user_search_add: Vyhledej uživatele pro přidání
\ No newline at end of file
diff --git a/config/locales/de.yml b/config/locales/de.yml
index 914f51c1..2b8cd7f9 100644
--- a/config/locales/de.yml
+++ b/config/locales/de.yml
@@ -154,6 +154,7 @@ de:
permission_force_file_unlock: Erzwinge Aufhebung der Dateisperre
permission_manage_workflows: Workflows verwalten
permission_file_delete: Datei löschen
+ permission_display_system_folders: Display system folders
label_file: Datei
field_folder: Ordner
error_create_cycle_in_folder_dependency: Zirkelabhängigkeit in der Ordnerstruktur erstellt
@@ -360,7 +361,5 @@ de:
label_act_as_attachable: Act as attachable
note_dmsf_act_as_attachable: Allows to attach documents to objects e.g. issues.
- label_show_system_folders: Show system folders
- note_dmsf_show_system_folders: System folders are folders with a specifics purpose, e.g. for documents attached to issues.
label_user_search_add: Search for user to add
\ No newline at end of file
diff --git a/config/locales/en.yml b/config/locales/en.yml
index c9021032..b53e0c09 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -154,6 +154,7 @@ en:
permission_force_file_unlock: Force file unlock
permission_manage_workflows: Manage workflows
permission_file_delete: Delete documents
+ permission_display_system_folders: Display system folders
label_file: File
field_folder: Folder
error_create_cycle_in_folder_dependency: create cycle in folder dependency
@@ -363,7 +364,5 @@ en:
label_act_as_attachable: Act as attachable
note_dmsf_act_as_attachable: Allows to attach documents to objects e.g. issues.
- label_show_system_folders: Show system folders
- note_dmsf_show_system_folders: System folders are folders with a specifics purpose, e.g. for documents attached to issues.
label_user_search_add: Search for user to add
diff --git a/config/locales/es.yml b/config/locales/es.yml
index 5dd346a9..035eed88 100644
--- a/config/locales/es.yml
+++ b/config/locales/es.yml
@@ -154,6 +154,7 @@ es:
permission_force_file_unlock: Forzar desbloqueo de archivo
permission_manage_workflows: Gesti{on de flujo de trabajo
permission_file_delete: Eliminar documentos
+ permission_display_system_folders: Display system folders
label_file: Archivo
field_folder: Directorio
error_create_cycle_in_folder_dependency: crear ciclo en dependencia de directorio
@@ -363,7 +364,5 @@ es:
label_act_as_attachable: Act as attachable
note_dmsf_act_as_attachable: Allows to attach documents to objects e.g. issues.
- label_show_system_folders: Show system folders
- note_dmsf_show_system_folders: System folders are folders with a specifics purpose, e.g. for documents attached to issues.
label_user_search_add: Search for user to add
\ No newline at end of file
diff --git a/config/locales/fr.yml b/config/locales/fr.yml
index 320435c7..d5669a9d 100644
--- a/config/locales/fr.yml
+++ b/config/locales/fr.yml
@@ -154,6 +154,7 @@ fr:
permission_force_file_unlock: Forcer le déverrouillage du document
permission_manage_workflows: Gérer les flux de validation
permission_file_delete: Supprimer les documents
+ permission_display_system_folders: Display system folders
label_file: Fichier
field_folder: Dossier
error_create_cycle_in_folder_dependency: Crée une dépendance cyclique du dossier
@@ -363,7 +364,5 @@ fr:
label_act_as_attachable: Act as attachable
note_dmsf_act_as_attachable: Allows to attach documents to objects e.g. issues.
- label_show_system_folders: Show system folders
- note_dmsf_show_system_folders: System folders are folders with a specifics purpose, e.g. for documents attached to issues.
label_user_search_add: Search for user to add
\ No newline at end of file
diff --git a/config/locales/hu.yml b/config/locales/hu.yml
index 709ebb5e..4c822ff7 100644
--- a/config/locales/hu.yml
+++ b/config/locales/hu.yml
@@ -153,6 +153,7 @@ hu:
permission_force_file_unlock: Fájl kényszerített feloldása
permission_manage_workflows: Munkamenet kezelése
permission_file_delete: Dokumentumok törlése
+ permission_display_system_folders: Display system folders
label_file: Fájl
field_folder: Mappa
error_create_cycle_in_folder_dependency: hurok létrehozása a könyvtárstruktúrában
@@ -362,7 +363,5 @@ hu:
label_act_as_attachable: Act as attachable
note_dmsf_act_as_attachable: Allows to attach documents to objects e.g. issues.
- label_show_system_folders: Show system folders
- note_dmsf_show_system_folders: System folders are folders with a specifics purpose, e.g. for documents attached to issues.
label_user_search_add: Search for user to add
\ No newline at end of file
diff --git a/config/locales/it.yml b/config/locales/it.yml
index 62eca1ce..f2d0ba90 100644
--- a/config/locales/it.yml
+++ b/config/locales/it.yml
@@ -154,6 +154,7 @@ it: # Italian strings thx 2 Matteo Arceci!
permission_force_file_unlock: Forza lo sblocco del documento
permission_manage_workflows: Gestisci i flussi di lavoro
permission_file_delete: Elimina i documenti
+ permission_display_system_folders: Display system folders
label_file: Documento
field_folder: Cartella
error_create_cycle_in_folder_dependency: crea un ciclo nella dipendenza della cartella
@@ -363,7 +364,5 @@ it: # Italian strings thx 2 Matteo Arceci!
label_act_as_attachable: Act as attachable
note_dmsf_act_as_attachable: Allows to attach documents to objects e.g. issues.
- label_show_system_folders: Show system folders
- note_dmsf_show_system_folders: System folders are folders with a specifics purpose, e.g. for documents attached to issues.
label_user_search_add: Search for user to add
\ No newline at end of file
diff --git a/config/locales/ja.yml b/config/locales/ja.yml
index aea56677..8cfb61b3 100644
--- a/config/locales/ja.yml
+++ b/config/locales/ja.yml
@@ -154,6 +154,7 @@ ja:
permission_force_file_unlock: ファイルの強制ロック解除
permission_manage_workflows: ワークフロー管理
permission_file_delete: ファイルの削除
+ permission_display_system_folders: Display system folders
label_file: ファイル
field_folder: フォルダ
error_create_cycle_in_folder_dependency: フォルダの依存関係が循環しています
@@ -363,7 +364,5 @@ ja:
label_act_as_attachable: Act as attachable
note_dmsf_act_as_attachable: Allows to attach documents to objects e.g. issues.
- label_show_system_folders: Show system folders
- note_dmsf_show_system_folders: System folders are folders with a specifics purpose, e.g. for documents attached to issues.
label_user_search_add: Search for user to add
\ No newline at end of file
diff --git a/config/locales/pl.yml b/config/locales/pl.yml
index 65d40a65..d8a7489f 100644
--- a/config/locales/pl.yml
+++ b/config/locales/pl.yml
@@ -154,6 +154,7 @@ pl:
permission_force_file_unlock: Wymuś odblokowanie pliku
permission_manage_workflows: Zarządzaj procesami
permission_file_delete: Usuń dokumenty
+ permission_display_system_folders: Display system folders
label_file: Plik
field_folder: Folder
error_create_cycle_in_folder_dependency: utworzono pętlę zależności pomiędzy folderami
@@ -363,7 +364,5 @@ pl:
label_act_as_attachable: Act as attachable
note_dmsf_act_as_attachable: Allows to attach documents to objects e.g. issues.
- label_show_system_folders: Show system folders
- note_dmsf_show_system_folders: System folders are folders with a specifics purpose, e.g. for documents attached to issues.
label_user_search_add: Search for user to add
\ No newline at end of file
diff --git a/config/locales/pt-BR.yml b/config/locales/pt-BR.yml
index 7e2d86fc..e18895ed 100644
--- a/config/locales/pt-BR.yml
+++ b/config/locales/pt-BR.yml
@@ -154,6 +154,7 @@ pt-BR:
permission_force_file_unlock: Force file unlock
permission_manage_workflows: Manage workflows
permission_file_delete: Delete documents
+ permission_display_system_folders: Display system folders
label_file: Arquivo
field_folder: Pasta
error_create_cycle_in_folder_dependency: Dependência entre pastas
@@ -363,7 +364,5 @@ pt-BR:
label_act_as_attachable: Act as attachable
note_dmsf_act_as_attachable: Allows to attach documents to objects e.g. issues.
- label_show_system_folders: Show system folders
- note_dmsf_show_system_folders: System folders are folders with a specifics purpose, e.g. for documents attached to issues.
label_user_search_add: Search for user to add
\ No newline at end of file
diff --git a/config/locales/ru.yml b/config/locales/ru.yml
index bae508a5..8add2c5d 100644
--- a/config/locales/ru.yml
+++ b/config/locales/ru.yml
@@ -154,6 +154,7 @@ ru:
permission_force_file_unlock: Разблокировка любых файлов
permission_manage_workflows: Управление согласованиями
permission_file_delete: Удаление документов
+ permission_display_system_folders: Display system folders
label_file: Файл
field_folder: Папка
error_create_cycle_in_folder_dependency: создать циклическую зависимость в папке
@@ -363,7 +364,5 @@ ru:
label_act_as_attachable: Act as attachable
note_dmsf_act_as_attachable: Allows to attach documents to objects e.g. issues.
- label_show_system_folders: Show system folders
- note_dmsf_show_system_folders: System folders are folders with a specifics purpose, e.g. for documents attached to issues.
label_user_search_add: Search for user to add
\ No newline at end of file
diff --git a/config/locales/sl.yml b/config/locales/sl.yml
index 0d2d504a..14004db1 100644
--- a/config/locales/sl.yml
+++ b/config/locales/sl.yml
@@ -154,6 +154,7 @@ sl:
permission_force_file_unlock: Prisilno odkleni datoteko
permission_manage_workflows: Manage workflows
permission_file_delete: Delete documents
+ permission_display_system_folders: Display system folders
label_file: Datoteka
field_folder: Pod mapo
error_create_cycle_in_folder_dependency: naredi ciklično odvisnost med mapami
@@ -363,7 +364,5 @@ sl:
label_act_as_attachable: Act as attachable
note_dmsf_act_as_attachable: Allows to attach documents to objects e.g. issues.
- label_show_system_folders: Show system folders
- note_dmsf_show_system_folders: System folders are folders with a specifics purpose, e.g. for documents attached to issues.
label_user_search_add: Search for user to add
\ No newline at end of file
diff --git a/config/locales/zh-TW.yml b/config/locales/zh-TW.yml
index 0746d8b4..6bf95967 100644
--- a/config/locales/zh-TW.yml
+++ b/config/locales/zh-TW.yml
@@ -154,6 +154,7 @@ zh-TW:
permission_force_file_unlock: 強制解除檔案鎖定
permission_manage_workflows: Manage workflows
permission_file_delete: Delete documents
+ permission_display_system_folders: Display system folders
label_file: 檔案
field_folder: 資料夾
error_create_cycle_in_folder_dependency: 資料夾之間的關係,不得為一個cycle循環。
@@ -363,7 +364,5 @@ zh-TW:
label_act_as_attachable: Act as attachable
note_dmsf_act_as_attachable: Allows to attach documents to objects e.g. issues.
- label_show_system_folders: Show system folders
- note_dmsf_show_system_folders: System folders are folders with a specifics purpose, e.g. for documents attached to issues.
label_user_search_add: Search for user to add
\ No newline at end of file
diff --git a/config/locales/zh.yml b/config/locales/zh.yml
index 7ec776a2..4111e0fd 100644
--- a/config/locales/zh.yml
+++ b/config/locales/zh.yml
@@ -154,6 +154,7 @@ zh:
permission_force_file_unlock: 强制文件解锁
permission_manage_workflows: Manage workflows
permission_file_delete: Delete documents
+ permission_display_system_folders: Display system folders
label_file: 文件
field_folder: 件夹
error_create_cycle_in_folder_dependency: create cycle in folder dependency
@@ -363,7 +364,5 @@ zh:
label_act_as_attachable: Act as attachable
note_dmsf_act_as_attachable: Allows to attach documents to objects e.g. issues.
- label_show_system_folders: Show system folders
- note_dmsf_show_system_folders: System folders are folders with a specifics purpose, e.g. for documents attached to issues.
label_user_search_add: Search for user to add
\ No newline at end of file
diff --git a/init.rb b/init.rb
index 61b182b0..cbeb5bb9 100644
--- a/init.rb
+++ b/init.rb
@@ -99,6 +99,8 @@ Redmine::Plugin.register :redmine_dmsf do
permission :manage_workflows,
{ :dmsf_workflows => [:index, :new, :create, :destroy, :show, :new_step, :add_step, :remove_step, :reorder_steps,
:update, :update_step, :delete_step, :edit] }
+ permission :display_system_folders,
+ :read => true
end
# Administration menu extension