#136 'File Manipulation' permissions

2014-05-19 13:26:58 +02:00 · 2014-05-19 13:26:58 +02:00 · eda5637d45
commit eda5637d45
parent 7913a6883b
14 changed files with 42 additions and 21 deletions
--- a/app/controllers/dmsf_controller.rb
+++ b/app/controllers/dmsf_controller.rb
@ -35,6 +35,7 @@ class DmsfController < ApplicationController
  def show
    @folder_manipulation_allowed = User.current.allowed_to?(:folder_manipulation, @project)
    @file_manipulation_allowed = User.current.allowed_to?(:file_manipulation, @project)
+    @file_delete_allowed = User.current.allowed_to?(:file_delete, @project)
    @force_file_unlock_allowed = User.current.allowed_to?(:force_file_unlock, @project)
    
    @workflows_available = DmsfWorkflow.where(['project_id = ? OR project_id IS NULL', @project.id]).count > 0
--- a/app/controllers/dmsf_files_controller.rb
+++ b/app/controllers/dmsf_files_controller.rb
@ -29,15 +29,15 @@ class DmsfFilesController < ApplicationController
  helper :dmsf_workflows

  def show
+    @revision = @file.last_revision
+    
    # download is put here to provide more clear and usable links
    if params.has_key?(:download)
      if @file.deleted
        render_404
        return
      end
-      if params[:download].blank?
-        @revision = @file.last_revision
-      else
+      if params[:download].present?        
        @revision = DmsfFileRevision.visible.find(params[:download].to_i)
        if @revision.file != @file
          render_403
@ -56,9 +56,9 @@ class DmsfFilesController < ApplicationController
        render_404
      end
      return
-    end
+    end   
    
-    @revision = @file.last_revision
+    @file_delete_allowed = User.current.allowed_to?(:file_delete, @project)
    
    @revision_pages = Paginator.new @file.revisions.visible.count, params['per_page'] ? params['per_page'].to_i : 25, params['page']
    
@ -139,6 +139,10 @@ class DmsfFilesController < ApplicationController
  end

  def delete
+    unless User.current.allowed_to?(:file_delete, @project)
+      render _403
+      return
+    end
    if @file
      if @file.delete
        flash[:notice] = l(:notice_file_deleted)
@ -160,6 +164,10 @@ class DmsfFilesController < ApplicationController
  end

  def delete_revision
+    unless User.current.allowed_to?(:file_delete, @project)
+      render _403
+      return
+    end
    if @revision && !@revision.deleted
      if @revision.delete
        flash[:notice] = l(:notice_revision_deleted)
--- a/app/views/dmsf/_file.html.erb
+++ b/app/views/dmsf/_file.html.erb
@ -99,12 +99,16 @@
            :title => l(:title_delete),
            :class => 'icon icon-del') %>                       
        <% else %>
-          <%= link_to('',
-            dmsf_file_path(:id => file),
-            :data => {:confirm => l(:text_are_you_sure)},
-            :method => :delete,
-            :title => l(:title_delete),
-            :class => 'icon icon-del') unless locked_for_user %>             
+          <% if @file_delete_allowed %>
+            <%= link_to('',
+              dmsf_file_path(:id => file),
+              :data => {:confirm => l(:text_are_you_sure)},
+              :method => :delete,
+              :title => l(:title_delete),
+              :class => 'icon icon-del') unless locked_for_user %>
+          <% else %>
+            <span class="icon"></span>
+          <% end %>
        <% end %>        
      <% else %>
        <span class="icon"></span>
--- a/app/views/dmsf_files/show.html.erb
+++ b/app/views/dmsf_files/show.html.erb
@ -46,7 +46,7 @@
        :class => 'icon icon-link') %>
      <%= link_to("#{l(:button_copy)}/#{l(:button_move)}", copy_file_path(:id => @file),
        :title => l(:title_copy), :class => 'icon icon-copy') %>
-      <%= delete_link @file %>
+      <%= delete_link @file if @file_delete_allowed %>
    <% else %>
      <% if (!@file.locked_for_user? || User.current.allowed_to?(:force_file_unlock, @project)) && @file.unlockable? %>
        <%= link_to(l(:button_unlock),
@ -78,14 +78,12 @@
          <%= link_to('',            
            dmsf_file_path(@file, :download => revision),
            :title => l(:title_title_version_version_download, :title => h(revision.title), :version => revision.version),
-            :class => 'icon icon-dmsf-rev-download') %>
-          <% if User.current.allowed_to?(:file_manipulation, @project) %>          
-             <%= link_to '',
-              delete_revision_path(revision),
-              :data => {:confirm => l(:text_are_you_sure)},
-              :title => l(:title_delete_revision),
-              :class => 'icon icon-dmsf-rev-delete' %>
-          <% end %>
+            :class => 'icon icon-dmsf-rev-download') %>          
+          <%= link_to '',
+            delete_revision_path(revision),
+            :data => {:confirm => l(:text_are_you_sure)},
+            :title => l(:title_delete_revision),
+            :class => 'icon icon-dmsf-rev-delete' if @file_delete_allowed %>          
        </div>      
        <i><%= l(:info_revision, :rev => revision.id) %></i>
        <%= (revision.source_revision.nil? ? l(:label_created) : l(:label_changed)).downcase %>
--- a/config/locales/cs.yml
+++ b/config/locales/cs.yml
@ -147,6 +147,7 @@ cs:
  permission_file_manipulation: Manipulace se soubory  
  permission_force_file_unlock: Vynucené odemknutí souboru
  permission_manage_workflows: Spravovat schvalovací procesy
+  permission_file_delete: Mazat dokumenty
  label_file: Soubor
  field_folder: Složka
  error_create_cycle_in_folder_dependency: vytvořit smyčku v závislostech složky
--- a/config/locales/de.yml
+++ b/config/locales/de.yml
@ -147,6 +147,7 @@ de:
  permission_file_manipulation: Datei manipulation  
  permission_force_file_unlock: Erzwinge Aufhebung der Dateisperre
  permission_manage_workflows: Manage workflows
+  permission_file_delete: Delete documents
  label_file: Datei
  field_folder: Ordner
  error_create_cycle_in_folder_dependency: schaffen Zyklus in Abhängigkeit Ordner
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@ -147,6 +147,7 @@ en:
  permission_file_manipulation: File manipulation  
  permission_force_file_unlock: Force file unlock
  permission_manage_workflows: Manage workflows
+  permission_file_delete: Delete documents
  label_file: File
  field_folder: Folder
  error_create_cycle_in_folder_dependency: create cycle in folder dependency
--- a/config/locales/es.yml
+++ b/config/locales/es.yml
@ -147,6 +147,7 @@ es:
  permission_file_manipulation: File manipulation  
  permission_force_file_unlock: Force file unlock
  permission_manage_workflows: Manage workflows
+  permission_file_delete: Delete documents
  label_file: File
  field_folder: Folder
  error_create_cycle_in_folder_dependency: create cycle in folder dependency
--- a/config/locales/fr.yml
+++ b/config/locales/fr.yml
@ -147,6 +147,7 @@ fr:
  permission_file_manipulation: Gestion des documents  
  permission_force_file_unlock: Forcer le déverrouillage du document
  permission_manage_workflows: Gérer les flux de validation
+  permission_file_delete: Delete documents
  label_file: Fichier
  field_folder: Dossier
  error_create_cycle_in_folder_dependency: Crée une dépendance cyclique du dossier
--- a/config/locales/ja.yml
+++ b/config/locales/ja.yml
@ -147,6 +147,7 @@ ja:
  permission_file_manipulation: ファイルの操作  
  permission_force_file_unlock: ファイルの強制ロック解除
  permission_manage_workflows: Manage workflows
+  permission_file_delete: Delete documents
  label_file: ファイル
  field_folder: フォルダ
  error_create_cycle_in_folder_dependency: フォルダの依存関係が循環しています
--- a/config/locales/ru.yml
+++ b/config/locales/ru.yml
@ -147,6 +147,7 @@ ru:
  permission_file_manipulation: Управление файлами  
  permission_force_file_unlock: Разблокировка любых файлов
  permission_manage_workflows: Manage workflows
+  permission_file_delete: Delete documents
  label_file: Файл
  field_folder: Папка
  error_create_cycle_in_folder_dependency: создать циклическую зависимость в папке
--- a/config/locales/sl.yml
+++ b/config/locales/sl.yml
@ -147,6 +147,7 @@ sl:
  permission_file_manipulation: Upravljanje z datotekami  
  permission_force_file_unlock: Prisilno odkleni datoteko
  permission_manage_workflows: Manage workflows
+  permission_file_delete: Delete documents
  label_file: Datoteka
  field_folder: Pod mapo
  error_create_cycle_in_folder_dependency: naredi ciklično odvisnost med mapami
--- a/config/locales/zh.yml
+++ b/config/locales/zh.yml
@ -147,6 +147,7 @@ zh:
  permission_file_manipulation: 文件操作  
  permission_force_file_unlock: 强制文件解锁
  permission_manage_workflows: Manage workflows
+  permission_file_delete: Delete documents
  label_file: 文件
  field_folder: 件夹
  error_create_cycle_in_folder_dependency: create cycle in folder dependency
--- a/init.rb
+++ b/init.rb
@ -66,11 +66,12 @@ Redmine::Plugin.register :redmine_dmsf do
    permission :folder_manipulation, 
      {:dmsf => [:new, :create, :delete, :edit, :save, :edit_root, :save_root, :lock, :unlock, :notify_activate, :notify_deactivate, :delete_entries]}
    permission :file_manipulation, 
-      {:dmsf_files => [:create_revision, :delete, :lock, :unlock, :delete_revision, :notify_activate, :notify_deactivate], 
+      {:dmsf_files => [:create_revision, :lock, :unlock, :delete_revision, :notify_activate, :notify_deactivate], 
        :dmsf_upload => [:upload_files, :upload_file, :commit_files], 
        :dmsf_workflows => [:action, :new_action, :autocomplete_for_user, :start, :assign, :assignment],
        :dmsf_links => [:new, :create, :destroy]
        }
+    permission :file_delete, {:dmsf_files => [:delete]}
    permission :manage_workflows, 
      {:dmsf_workflows => [:index, :new, :create, :destroy, :show, :add_step, :remove_step, :reorder_steps, :update]}
    permission :force_file_unlock, {}