diff --git a/app/controllers/dmsf_controller.rb b/app/controllers/dmsf_controller.rb
index a3f361fd..424c4562 100644
--- a/app/controllers/dmsf_controller.rb
+++ b/app/controllers/dmsf_controller.rb
@@ -35,6 +35,7 @@ class DmsfController < ApplicationController
def show
@folder_manipulation_allowed = User.current.allowed_to?(:folder_manipulation, @project)
@file_manipulation_allowed = User.current.allowed_to?(:file_manipulation, @project)
+ @file_delete_allowed = User.current.allowed_to?(:file_delete, @project)
@force_file_unlock_allowed = User.current.allowed_to?(:force_file_unlock, @project)
@workflows_available = DmsfWorkflow.where(['project_id = ? OR project_id IS NULL', @project.id]).count > 0
diff --git a/app/controllers/dmsf_files_controller.rb b/app/controllers/dmsf_files_controller.rb
index 16dabde0..b3066160 100644
--- a/app/controllers/dmsf_files_controller.rb
+++ b/app/controllers/dmsf_files_controller.rb
@@ -29,15 +29,15 @@ class DmsfFilesController < ApplicationController
helper :dmsf_workflows
def show
+ @revision = @file.last_revision
+
# download is put here to provide more clear and usable links
if params.has_key?(:download)
if @file.deleted
render_404
return
end
- if params[:download].blank?
- @revision = @file.last_revision
- else
+ if params[:download].present?
@revision = DmsfFileRevision.visible.find(params[:download].to_i)
if @revision.file != @file
render_403
@@ -56,9 +56,9 @@ class DmsfFilesController < ApplicationController
render_404
end
return
- end
+ end
- @revision = @file.last_revision
+ @file_delete_allowed = User.current.allowed_to?(:file_delete, @project)
@revision_pages = Paginator.new @file.revisions.visible.count, params['per_page'] ? params['per_page'].to_i : 25, params['page']
@@ -139,6 +139,10 @@ class DmsfFilesController < ApplicationController
end
def delete
+ unless User.current.allowed_to?(:file_delete, @project)
+ render _403
+ return
+ end
if @file
if @file.delete
flash[:notice] = l(:notice_file_deleted)
@@ -160,6 +164,10 @@ class DmsfFilesController < ApplicationController
end
def delete_revision
+ unless User.current.allowed_to?(:file_delete, @project)
+ render _403
+ return
+ end
if @revision && !@revision.deleted
if @revision.delete
flash[:notice] = l(:notice_revision_deleted)
diff --git a/app/views/dmsf/_file.html.erb b/app/views/dmsf/_file.html.erb
index 3c22b7c2..fc698207 100644
--- a/app/views/dmsf/_file.html.erb
+++ b/app/views/dmsf/_file.html.erb
@@ -99,12 +99,16 @@
:title => l(:title_delete),
:class => 'icon icon-del') %>
<% else %>
- <%= link_to('',
- dmsf_file_path(:id => file),
- :data => {:confirm => l(:text_are_you_sure)},
- :method => :delete,
- :title => l(:title_delete),
- :class => 'icon icon-del') unless locked_for_user %>
+ <% if @file_delete_allowed %>
+ <%= link_to('',
+ dmsf_file_path(:id => file),
+ :data => {:confirm => l(:text_are_you_sure)},
+ :method => :delete,
+ :title => l(:title_delete),
+ :class => 'icon icon-del') unless locked_for_user %>
+ <% else %>
+
+ <% end %>
<% end %>
<% else %>
diff --git a/app/views/dmsf_files/show.html.erb b/app/views/dmsf_files/show.html.erb
index c58d28b5..d57e74c4 100644
--- a/app/views/dmsf_files/show.html.erb
+++ b/app/views/dmsf_files/show.html.erb
@@ -46,7 +46,7 @@
:class => 'icon icon-link') %>
<%= link_to("#{l(:button_copy)}/#{l(:button_move)}", copy_file_path(:id => @file),
:title => l(:title_copy), :class => 'icon icon-copy') %>
- <%= delete_link @file %>
+ <%= delete_link @file if @file_delete_allowed %>
<% else %>
<% if (!@file.locked_for_user? || User.current.allowed_to?(:force_file_unlock, @project)) && @file.unlockable? %>
<%= link_to(l(:button_unlock),
@@ -78,14 +78,12 @@
<%= link_to('',
dmsf_file_path(@file, :download => revision),
:title => l(:title_title_version_version_download, :title => h(revision.title), :version => revision.version),
- :class => 'icon icon-dmsf-rev-download') %>
- <% if User.current.allowed_to?(:file_manipulation, @project) %>
- <%= link_to '',
- delete_revision_path(revision),
- :data => {:confirm => l(:text_are_you_sure)},
- :title => l(:title_delete_revision),
- :class => 'icon icon-dmsf-rev-delete' %>
- <% end %>
+ :class => 'icon icon-dmsf-rev-download') %>
+ <%= link_to '',
+ delete_revision_path(revision),
+ :data => {:confirm => l(:text_are_you_sure)},
+ :title => l(:title_delete_revision),
+ :class => 'icon icon-dmsf-rev-delete' if @file_delete_allowed %>
<%= l(:info_revision, :rev => revision.id) %>
<%= (revision.source_revision.nil? ? l(:label_created) : l(:label_changed)).downcase %>
diff --git a/config/locales/cs.yml b/config/locales/cs.yml
index 380d9896..da1a01af 100644
--- a/config/locales/cs.yml
+++ b/config/locales/cs.yml
@@ -147,6 +147,7 @@ cs:
permission_file_manipulation: Manipulace se soubory
permission_force_file_unlock: Vynucené odemknutí souboru
permission_manage_workflows: Spravovat schvalovací procesy
+ permission_file_delete: Mazat dokumenty
label_file: Soubor
field_folder: Složka
error_create_cycle_in_folder_dependency: vytvořit smyčku v závislostech složky
diff --git a/config/locales/de.yml b/config/locales/de.yml
index 708045bf..8c8ebdaf 100644
--- a/config/locales/de.yml
+++ b/config/locales/de.yml
@@ -147,6 +147,7 @@ de:
permission_file_manipulation: Datei manipulation
permission_force_file_unlock: Erzwinge Aufhebung der Dateisperre
permission_manage_workflows: Manage workflows
+ permission_file_delete: Delete documents
label_file: Datei
field_folder: Ordner
error_create_cycle_in_folder_dependency: schaffen Zyklus in Abhängigkeit Ordner
diff --git a/config/locales/en.yml b/config/locales/en.yml
index 810044c1..f86a0183 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -147,6 +147,7 @@ en:
permission_file_manipulation: File manipulation
permission_force_file_unlock: Force file unlock
permission_manage_workflows: Manage workflows
+ permission_file_delete: Delete documents
label_file: File
field_folder: Folder
error_create_cycle_in_folder_dependency: create cycle in folder dependency
diff --git a/config/locales/es.yml b/config/locales/es.yml
index f9d46ab9..a0e10394 100644
--- a/config/locales/es.yml
+++ b/config/locales/es.yml
@@ -147,6 +147,7 @@ es:
permission_file_manipulation: File manipulation
permission_force_file_unlock: Force file unlock
permission_manage_workflows: Manage workflows
+ permission_file_delete: Delete documents
label_file: File
field_folder: Folder
error_create_cycle_in_folder_dependency: create cycle in folder dependency
diff --git a/config/locales/fr.yml b/config/locales/fr.yml
index 73aaaed9..dce8a1f3 100644
--- a/config/locales/fr.yml
+++ b/config/locales/fr.yml
@@ -147,6 +147,7 @@ fr:
permission_file_manipulation: Gestion des documents
permission_force_file_unlock: Forcer le déverrouillage du document
permission_manage_workflows: Gérer les flux de validation
+ permission_file_delete: Delete documents
label_file: Fichier
field_folder: Dossier
error_create_cycle_in_folder_dependency: Crée une dépendance cyclique du dossier
diff --git a/config/locales/ja.yml b/config/locales/ja.yml
index b47b27e9..61e1a02e 100644
--- a/config/locales/ja.yml
+++ b/config/locales/ja.yml
@@ -147,6 +147,7 @@ ja:
permission_file_manipulation: ファイルの操作
permission_force_file_unlock: ファイルの強制ロック解除
permission_manage_workflows: Manage workflows
+ permission_file_delete: Delete documents
label_file: ファイル
field_folder: フォルダ
error_create_cycle_in_folder_dependency: フォルダの依存関係が循環しています
diff --git a/config/locales/ru.yml b/config/locales/ru.yml
index 90485e91..0f6d45e3 100644
--- a/config/locales/ru.yml
+++ b/config/locales/ru.yml
@@ -147,6 +147,7 @@ ru:
permission_file_manipulation: Управление файлами
permission_force_file_unlock: Разблокировка любых файлов
permission_manage_workflows: Manage workflows
+ permission_file_delete: Delete documents
label_file: Файл
field_folder: Папка
error_create_cycle_in_folder_dependency: создать циклическую зависимость в папке
diff --git a/config/locales/sl.yml b/config/locales/sl.yml
index 146689b5..ee1a34cb 100644
--- a/config/locales/sl.yml
+++ b/config/locales/sl.yml
@@ -147,6 +147,7 @@ sl:
permission_file_manipulation: Upravljanje z datotekami
permission_force_file_unlock: Prisilno odkleni datoteko
permission_manage_workflows: Manage workflows
+ permission_file_delete: Delete documents
label_file: Datoteka
field_folder: Pod mapo
error_create_cycle_in_folder_dependency: naredi ciklično odvisnost med mapami
diff --git a/config/locales/zh.yml b/config/locales/zh.yml
index 8ca49c32..03febf8d 100644
--- a/config/locales/zh.yml
+++ b/config/locales/zh.yml
@@ -147,6 +147,7 @@ zh:
permission_file_manipulation: 文件操作
permission_force_file_unlock: 强制文件解锁
permission_manage_workflows: Manage workflows
+ permission_file_delete: Delete documents
label_file: 文件
field_folder: 件夹
error_create_cycle_in_folder_dependency: create cycle in folder dependency
diff --git a/init.rb b/init.rb
index 3998a490..fa176c8a 100644
--- a/init.rb
+++ b/init.rb
@@ -66,11 +66,12 @@ Redmine::Plugin.register :redmine_dmsf do
permission :folder_manipulation,
{:dmsf => [:new, :create, :delete, :edit, :save, :edit_root, :save_root, :lock, :unlock, :notify_activate, :notify_deactivate, :delete_entries]}
permission :file_manipulation,
- {:dmsf_files => [:create_revision, :delete, :lock, :unlock, :delete_revision, :notify_activate, :notify_deactivate],
+ {:dmsf_files => [:create_revision, :lock, :unlock, :delete_revision, :notify_activate, :notify_deactivate],
:dmsf_upload => [:upload_files, :upload_file, :commit_files],
:dmsf_workflows => [:action, :new_action, :autocomplete_for_user, :start, :assign, :assignment],
:dmsf_links => [:new, :create, :destroy]
}
+ permission :file_delete, {:dmsf_files => [:delete]}
permission :manage_workflows,
{:dmsf_workflows => [:index, :new, :create, :destroy, :show, :add_step, :remove_step, :reorder_steps, :update]}
permission :force_file_unlock, {}