No inheritance for folder permissions

2019-02-26 12:23:37 +01:00 · 2019-02-26 12:23:37 +01:00 · ae56c23b39
commit ae56c23b39
parent c30629c8bc
2 changed files with 19 additions and 15 deletions
--- a/app/helpers/dmsf_helper.rb
+++ b/app/helpers/dmsf_helper.rb
@ -101,7 +101,7 @@ module DmsfHelper
    allowed = Setting.plugin_redmine_dmsf['dmsf_act_as_attachable'] &&
      (project.dmsf_act_as_attachable == Project::ATTACHABLE_DMS_AND_ATTACHMENTS) &&
      User.current.allowed_to?(:display_system_folders, project)
-    folders.reject{ |folder|
+    folders.reject do |folder|
      if folder.system
        if allowed
          issue_id = folder.title.to_i
@ -117,7 +117,7 @@ module DmsfHelper
      else
        false
      end
-    }
+    end
  end

  def self.all_children_sorted(parent, pos, ident)
--- a/app/models/dmsf_folder.rb
+++ b/app/models/dmsf_folder.rb
@ -51,17 +51,19 @@ class DmsfFolder < ActiveRecord::Base

  def self.visible_condition(system=true)
    Project.allowed_to_condition(User.current, :view_dmsf_folders) do |role, user|
-      permissions = "#{DmsfFolderPermission.table_name}"
-      folders = "#{DmsfFolder.table_name}"
-      group_ids = user.group_ids.join(',')
-      group_ids = -1 if group_ids.blank?
-      allowed = (system && role.allowed_to?(:display_system_folders)) ? 1 : 0
-      %{
-        ((#{permissions}.object_id IS NULL) OR
-        (#{permissions}.object_id = #{role.id} AND #{permissions}.object_type = 'Role') OR
-        ((#{permissions}.object_id = #{user.id} OR #{permissions}.object_id IN (#{group_ids})) AND #{permissions}.object_type = 'User')) AND
-        (#{folders}.system = #{DmsfFolder.connection.quoted_false} OR 1 = #{allowed})
-      }
+      if role.member?
+        permissions = "#{DmsfFolderPermission.table_name}"
+        folders = "#{DmsfFolder.table_name}"
+        group_ids = user.group_ids.join(',')
+        group_ids = -1 if group_ids.blank?
+        allowed = (system && role.allowed_to?(:display_system_folders)) ? 1 : 0
+        %{
+          ((#{permissions}.object_id IS NULL) OR
+          (#{permissions}.object_id = #{role.id} AND #{permissions}.object_type = 'Role') OR
+          ((#{permissions}.object_id = #{user.id} OR #{permissions}.object_id IN (#{group_ids})) AND #{permissions}.object_type = 'User')) AND
+          (#{folders}.system = #{DmsfFolder.connection.quoted_false} OR 1 = #{allowed})
+        }
+      end
    end
  end

@ -564,7 +566,8 @@ class DmsfFolder < ActiveRecord::Base
    options[:checked] = folder.dmsf_folder_permissions.roles.exists?(object_id: role.id)
    if !options[:checked] && folder.dmsf_folder && !folder.dmsf_folder.deleted?
      options[:disabled] = true
-      permission_for_role_recursive(folder.dmsf_folder, role, options)
+      # TODO: No inheritance
+      #permission_for_role_recursive(folder.dmsf_folder, role, options)
    end
  end

@ -574,7 +577,8 @@ class DmsfFolder < ActiveRecord::Base
      usrs.each do |u|
        users << [u, disabled]
      end
-      permissions_users_recursive(folder.dmsf_folder, users, true)
+      # TODO: No inheritance
+      #permissions_users_recursive(folder.dmsf_folder, users, true)
    end
  end