Remove custom ACL calls. Add CanCan and some rules. Add bitmask_attribute
This commit is contained in:
parent
b36cc24a64
commit
827936a06c
3
Gemfile
3
Gemfile
|
@ -8,7 +8,8 @@ gem 'silent-postgres', '~> 0.1.1'
|
||||||
gem 'devise', '~> 1.4.8'
|
gem 'devise', '~> 1.4.8'
|
||||||
gem 'omniauth', '~> 0.3.2'
|
gem 'omniauth', '~> 0.3.2'
|
||||||
gem 'oa-openid', '~> 0.3.2', :require => 'omniauth/openid'
|
gem 'oa-openid', '~> 0.3.2', :require => 'omniauth/openid'
|
||||||
# gem 'cancan', '~> 1.6.7'
|
gem 'cancan', '~> 1.6.7'
|
||||||
|
gem 'bitmask_attributes'
|
||||||
|
|
||||||
gem "haml-rails", '~> 0.3.4'
|
gem "haml-rails", '~> 0.3.4'
|
||||||
gem "compass", '~> 0.11.5'
|
gem "compass", '~> 0.11.5'
|
||||||
|
|
|
@ -56,7 +56,10 @@ GEM
|
||||||
activerecord (>= 2.2.2)
|
activerecord (>= 2.2.2)
|
||||||
arel (2.0.10)
|
arel (2.0.10)
|
||||||
bcrypt-ruby (3.0.1)
|
bcrypt-ruby (3.0.1)
|
||||||
|
bitmask_attributes (0.2.3)
|
||||||
|
activerecord (~> 3.0)
|
||||||
builder (2.1.2)
|
builder (2.1.2)
|
||||||
|
cancan (1.6.7)
|
||||||
capistrano (2.9.0)
|
capistrano (2.9.0)
|
||||||
highline
|
highline
|
||||||
net-scp (>= 1.0.0)
|
net-scp (>= 1.0.0)
|
||||||
|
@ -273,6 +276,8 @@ PLATFORMS
|
||||||
DEPENDENCIES
|
DEPENDENCIES
|
||||||
airbrake!
|
airbrake!
|
||||||
ancestry (~> 1.2.4)
|
ancestry (~> 1.2.4)
|
||||||
|
bitmask_attributes
|
||||||
|
cancan (~> 1.6.7)
|
||||||
capistrano
|
capistrano
|
||||||
capistrano-ext
|
capistrano-ext
|
||||||
capistrano_colors
|
capistrano_colors
|
||||||
|
|
|
@ -8,6 +8,11 @@ class ApplicationController < ActionController::Base
|
||||||
after_filter lambda { EventLog.current_controller = nil }
|
after_filter lambda { EventLog.current_controller = nil }
|
||||||
|
|
||||||
helper_method :get_owner
|
helper_method :get_owner
|
||||||
|
|
||||||
|
rescue_from CanCan::AccessDenied do |exception|
|
||||||
|
redirect_to root_url, :alert => exception.message
|
||||||
|
end
|
||||||
|
|
||||||
protected
|
protected
|
||||||
def get_owner
|
def get_owner
|
||||||
params['user_id'] && User.find_by_id(params['user_id']) ||
|
params['user_id'] && User.find_by_id(params['user_id']) ||
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
class AutoBuildListsController < ApplicationController
|
class AutoBuildListsController < ApplicationController
|
||||||
before_filter :authenticate_user!, :except => :auto_build
|
before_filter :authenticate_user!, :except => :auto_build
|
||||||
before_filter :check_global_access
|
#before_filter :check_global_access
|
||||||
|
|
||||||
def index
|
def index
|
||||||
projects = Project.where(:owner_id => current_user.id, :owner_type => 'User')
|
projects = Project.where(:owner_id => current_user.id, :owner_type => 'User')
|
||||||
|
|
|
@ -5,7 +5,7 @@ class BuildListsController < ApplicationController
|
||||||
before_filter :find_arches, :only => [:index, :filter, :all]
|
before_filter :find_arches, :only => [:index, :filter, :all]
|
||||||
before_filter :find_project_versions, :only => [:index, :filter]
|
before_filter :find_project_versions, :only => [:index, :filter]
|
||||||
before_filter :find_build_list_by_bs, :only => [:status_build, :pre_build, :post_build]
|
before_filter :find_build_list_by_bs, :only => [:status_build, :pre_build, :post_build]
|
||||||
before_filter :check_global_access, :except => [:status_build, :post_build, :pre_build, :circle_build, :new_bbdt, :show, :publish, :cancel]
|
#before_filter :check_global_access, :except => [:status_build, :post_build, :pre_build, :circle_build, :new_bbdt, :show, :publish, :cancel]
|
||||||
|
|
||||||
def all
|
def all
|
||||||
if params[:filter]
|
if params[:filter]
|
||||||
|
@ -24,7 +24,7 @@ class BuildListsController < ApplicationController
|
||||||
|
|
||||||
def cancel
|
def cancel
|
||||||
build_list = BuildList.find(params[:id])
|
build_list = BuildList.find(params[:id])
|
||||||
can_perform? build_list.project if build_list
|
#can_perform? build_list.project if build_list
|
||||||
if build_list.delete_build_list
|
if build_list.delete_build_list
|
||||||
redirect_to :back, :notice => t('layout.build_lists.cancel_successed')
|
redirect_to :back, :notice => t('layout.build_lists.cancel_successed')
|
||||||
else
|
else
|
||||||
|
@ -47,13 +47,13 @@ class BuildListsController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def show
|
def show
|
||||||
can_perform? @project
|
#can_perform? @project
|
||||||
@build_list = @project.build_lists.find(params[:id])
|
@build_list = @project.build_lists.find(params[:id])
|
||||||
@item_groups = @build_list.items.group_by_level
|
@item_groups = @build_list.items.group_by_level
|
||||||
end
|
end
|
||||||
|
|
||||||
def publish
|
def publish
|
||||||
can_perform? @project if @project
|
#can_perform? @project if @project
|
||||||
@build_list = @project.build_lists.find(params[:id])
|
@build_list = @project.build_lists.find(params[:id])
|
||||||
@build_list.publish
|
@build_list.publish
|
||||||
|
|
||||||
|
|
|
@ -3,7 +3,7 @@ class CategoriesController < ApplicationController
|
||||||
before_filter :find_category, :only => [:show, :edit, :update, :destroy]
|
before_filter :find_category, :only => [:show, :edit, :update, :destroy]
|
||||||
before_filter :find_platform, :only => [:show, :index]
|
before_filter :find_platform, :only => [:show, :index]
|
||||||
|
|
||||||
before_filter :check_global_access, :only => [:platforms, :new, :create]
|
#before_filter :check_global_access, :only => [:platforms, :new, :create]
|
||||||
|
|
||||||
def platforms
|
def platforms
|
||||||
@all_platforms = Platform.all
|
@all_platforms = Platform.all
|
||||||
|
@ -16,7 +16,7 @@ class CategoriesController < ApplicationController
|
||||||
|
|
||||||
def index
|
def index
|
||||||
if @platform
|
if @platform
|
||||||
can_perform? @platform
|
#can_perform? @platform
|
||||||
@categories = Category.select('categories.id, categories.name, categories.ancestry, count(projects.id) projects_count').
|
@categories = Category.select('categories.id, categories.name, categories.ancestry, count(projects.id) projects_count').
|
||||||
joins(:projects => :repositories).where('repositories.platform_id = ?', @platform.id).
|
joins(:projects => :repositories).where('repositories.platform_id = ?', @platform.id).
|
||||||
having('projects_count > 0').group('categories.id, categories.name, categories.ancestry, projects_count').default_order
|
having('projects_count > 0').group('categories.id, categories.name, categories.ancestry, projects_count').default_order
|
||||||
|
@ -27,8 +27,8 @@ class CategoriesController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def show
|
def show
|
||||||
can_perform? @platform if @platform
|
#can_perform? @platform if @platform
|
||||||
can_perform? @category if @category
|
#can_perform? @category if @category
|
||||||
|
|
||||||
@projects = @category.projects
|
@projects = @category.projects
|
||||||
@projects = @projects.joins(:repositories).where("repositories.platform_id = ?", @platform.id) if @platform
|
@projects = @projects.joins(:repositories).where("repositories.platform_id = ?", @platform.id) if @platform
|
||||||
|
@ -40,11 +40,11 @@ class CategoriesController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def edit
|
def edit
|
||||||
can_perform? @category if @category
|
#can_perform? @category if @category
|
||||||
end
|
end
|
||||||
|
|
||||||
def destroy
|
def destroy
|
||||||
can_perform? @category if @category
|
#can_perform? @category if @category
|
||||||
@category.destroy
|
@category.destroy
|
||||||
flash[:notice] = t("flash.category.destroyed")
|
flash[:notice] = t("flash.category.destroyed")
|
||||||
redirect_to categories_path
|
redirect_to categories_path
|
||||||
|
@ -62,7 +62,7 @@ class CategoriesController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def update
|
def update
|
||||||
can_perform? @category if @category
|
#can_perform? @category if @category
|
||||||
if @category.update_attributes(params[:category])
|
if @category.update_attributes(params[:category])
|
||||||
flash[:notice] = t('flash.category.saved')
|
flash[:notice] = t('flash.category.saved')
|
||||||
redirect_to categories_path
|
redirect_to categories_path
|
||||||
|
|
|
@ -10,7 +10,7 @@ class CollaboratorsController < ApplicationController
|
||||||
before_filter :find_groups
|
before_filter :find_groups
|
||||||
|
|
||||||
def index
|
def index
|
||||||
can_perform? @project if @project
|
#can_perform? @project if @project
|
||||||
redirect_to edit_project_collaborators_path(@project)
|
redirect_to edit_project_collaborators_path(@project)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -21,7 +21,7 @@ class CollaboratorsController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def edit
|
def edit
|
||||||
can_perform? @project if @project
|
#can_perform? @project if @project
|
||||||
if params[:id]
|
if params[:id]
|
||||||
@user = User.find params[:id]
|
@user = User.find params[:id]
|
||||||
render :edit_rights and return
|
render :edit_rights and return
|
||||||
|
@ -32,7 +32,7 @@ class CollaboratorsController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def update
|
def update
|
||||||
can_perform? @project if @project
|
#can_perform? @project if @project
|
||||||
unless params[:id]
|
unless params[:id]
|
||||||
if params[:user]
|
if params[:user]
|
||||||
users_for_removing = @project.collaborators.select do |u|
|
users_for_removing = @project.collaborators.select do |u|
|
||||||
|
|
|
@ -1,3 +1,3 @@
|
||||||
class ContainersController < ApplicationController
|
class ContainersController < ApplicationController
|
||||||
before_filter :check_global_access
|
#before_filter :check_global_access
|
||||||
end
|
end
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
class DownloadsController < ApplicationController
|
class DownloadsController < ApplicationController
|
||||||
before_filter :authenticate_user!
|
before_filter :authenticate_user!
|
||||||
before_filter :check_global_access, :except => [:test_sudo]
|
#before_filter :check_global_access, :except => [:test_sudo]
|
||||||
|
|
||||||
def index
|
def index
|
||||||
@downloads = Download.paginate :page => params[:page], :per_page => 30
|
@downloads = Download.paginate :page => params[:page], :per_page => 30
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
# coding: UTF-8
|
# coding: UTF-8
|
||||||
class EventLogsController < ApplicationController
|
class EventLogsController < ApplicationController
|
||||||
before_filter :authenticate_user!
|
before_filter :authenticate_user!
|
||||||
before_filter :check_global_access
|
#before_filter :check_global_access
|
||||||
|
|
||||||
def index
|
def index
|
||||||
@event_logs = EventLog.default_order.eager_loading.paginate :page => params[:page]
|
@event_logs = EventLog.default_order.eager_loading.paginate :page => params[:page]
|
||||||
|
|
|
@ -2,14 +2,14 @@
|
||||||
class GroupsController < ApplicationController
|
class GroupsController < ApplicationController
|
||||||
before_filter :authenticate_user!
|
before_filter :authenticate_user!
|
||||||
before_filter :find_group, :only => [:show, :edit, :update, :destroy]
|
before_filter :find_group, :only => [:show, :edit, :update, :destroy]
|
||||||
before_filter :check_global_access, :only => [:index, :new, :create]
|
#before_filter :check_global_access, :only => [:index, :new, :create]
|
||||||
|
|
||||||
def index
|
def index
|
||||||
@groups = Group.paginate(:page => params[:group_page])
|
@groups = Group.paginate(:page => params[:group_page])
|
||||||
end
|
end
|
||||||
|
|
||||||
def show
|
def show
|
||||||
can_perform? @group if @group
|
#can_perform? @group if @group
|
||||||
@platforms = @group.platforms.paginate(:page => params[:platform_page], :per_page => 10)
|
@platforms = @group.platforms.paginate(:page => params[:platform_page], :per_page => 10)
|
||||||
@repositories = @group.repositories.paginate(:page => params[:repository_page], :per_page => 10)
|
@repositories = @group.repositories.paginate(:page => params[:repository_page], :per_page => 10)
|
||||||
@projects = @group.projects.paginate(:page => params[:project_page], :per_page => 10)
|
@projects = @group.projects.paginate(:page => params[:project_page], :per_page => 10)
|
||||||
|
@ -20,7 +20,7 @@ class GroupsController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def edit
|
def edit
|
||||||
can_perform? @group if @group
|
#can_perform? @group if @group
|
||||||
end
|
end
|
||||||
|
|
||||||
def create
|
def create
|
||||||
|
@ -37,7 +37,7 @@ class GroupsController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def update
|
def update
|
||||||
can_perform? @group if @group
|
#can_perform? @group if @group
|
||||||
if @group.update_attributes(params[:group])
|
if @group.update_attributes(params[:group])
|
||||||
flash[:notice] = t('flash.group.saved')
|
flash[:notice] = t('flash.group.saved')
|
||||||
redirect_to groups_path
|
redirect_to groups_path
|
||||||
|
@ -48,7 +48,7 @@ class GroupsController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def destroy
|
def destroy
|
||||||
can_perform? @group if @group
|
#can_perform? @group if @group
|
||||||
@group.destroy
|
@group.destroy
|
||||||
flash[:notice] = t("flash.group.destroyed")
|
flash[:notice] = t("flash.group.destroyed")
|
||||||
redirect_to groups_path
|
redirect_to groups_path
|
||||||
|
|
|
@ -5,7 +5,7 @@ class PersonalRepositoriesController < ApplicationController
|
||||||
#before_filter :check_global_access
|
#before_filter :check_global_access
|
||||||
|
|
||||||
def show
|
def show
|
||||||
can_perform? @repository if @repository
|
#can_perform? @repository if @repository
|
||||||
if params[:query]
|
if params[:query]
|
||||||
@projects = @repository.projects.recent.by_name(params[:query]).paginate :page => params[:project_page], :per_page => 30
|
@projects = @repository.projects.recent.by_name(params[:query]).paginate :page => params[:project_page], :per_page => 30
|
||||||
else
|
else
|
||||||
|
@ -16,18 +16,18 @@ class PersonalRepositoriesController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def change_visibility
|
def change_visibility
|
||||||
can_perform? @repository if @repository
|
#can_perform? @repository if @repository
|
||||||
@repository.platform.change_visibility
|
@repository.platform.change_visibility
|
||||||
|
|
||||||
redirect_to settings_personal_repository_path(@repository)
|
redirect_to settings_personal_repository_path(@repository)
|
||||||
end
|
end
|
||||||
|
|
||||||
def settings
|
def settings
|
||||||
can_perform? @repository if @repository
|
#can_perform? @repository if @repository
|
||||||
end
|
end
|
||||||
|
|
||||||
def add_project
|
def add_project
|
||||||
can_perform? @repository if @repository
|
#can_perform? @repository if @repository
|
||||||
if params[:project_id]
|
if params[:project_id]
|
||||||
@project = Project.find(params[:project_id])
|
@project = Project.find(params[:project_id])
|
||||||
# params[:project_id] = nil
|
# params[:project_id] = nil
|
||||||
|
@ -45,7 +45,7 @@ class PersonalRepositoriesController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def remove_project
|
def remove_project
|
||||||
can_perform? @repository if @repository
|
#can_perform? @repository if @repository
|
||||||
@project = Project.find(params[:project_id])
|
@project = Project.find(params[:project_id])
|
||||||
ProjectToRepository.where(:project_id => @project.id, :repository_id => @repository.id).destroy_all
|
ProjectToRepository.where(:project_id => @project.id, :repository_id => @repository.id).destroy_all
|
||||||
redirect_to personal_repository_path(@repository), :notice => t('flash.repository.project_removed')
|
redirect_to personal_repository_path(@repository), :notice => t('flash.repository.project_removed')
|
||||||
|
|
|
@ -3,10 +3,11 @@ class PlatformsController < ApplicationController
|
||||||
before_filter :authenticate_user!, :except => :easy_urpmi
|
before_filter :authenticate_user!, :except => :easy_urpmi
|
||||||
before_filter :find_platform, :only => [:freeze, :unfreeze, :clone, :edit, :destroy]
|
before_filter :find_platform, :only => [:freeze, :unfreeze, :clone, :edit, :destroy]
|
||||||
before_filter :get_paths, :only => [:new, :create, :clone]
|
before_filter :get_paths, :only => [:new, :create, :clone]
|
||||||
before_filter :check_global_access, :only => [:index, :new, :create]#:except => :easy_urpmi
|
#before_filter :check_global_access, :only => [:index, :new, :create]#:except => :easy_urpmi
|
||||||
|
|
||||||
def index
|
def index
|
||||||
@platforms = Platform.visible_to(current_user).paginate(:page => params[:platform_page])
|
#@platforms = Platform.visible_to(current_user).paginate(:page => params[:platform_page])
|
||||||
|
@platforms = Platform.accessible_by(current_ability).paginate(:page => params[:platform_page])
|
||||||
end
|
end
|
||||||
|
|
||||||
def easy_urpmi
|
def easy_urpmi
|
||||||
|
@ -27,19 +28,19 @@ class PlatformsController < ApplicationController
|
||||||
|
|
||||||
def show
|
def show
|
||||||
@platform = Platform.find params[:id], :include => :repositories
|
@platform = Platform.find params[:id], :include => :repositories
|
||||||
can_perform? @platform if @platform
|
#can_perform? @platform if @platform
|
||||||
@repositories = @platform.repositories
|
@repositories = @platform.repositories
|
||||||
@members = @platform.members.uniq
|
@members = @platform.members.uniq
|
||||||
end
|
end
|
||||||
|
|
||||||
def new
|
def new
|
||||||
@platforms = Platform.visible_to current_user
|
#@platforms = Platform.visible_to current_user
|
||||||
@platform = Platform.new
|
@platform = Platform.new
|
||||||
end
|
end
|
||||||
|
|
||||||
def edit
|
def edit
|
||||||
can_perform? @platform if @platform
|
#can_perform? @platform if @platform
|
||||||
@platforms = Platform.visible_to current_user
|
#@platforms = Platform.visible_to current_user
|
||||||
end
|
end
|
||||||
|
|
||||||
def create
|
def create
|
||||||
|
@ -52,13 +53,13 @@ class PlatformsController < ApplicationController
|
||||||
redirect_to @platform
|
redirect_to @platform
|
||||||
else
|
else
|
||||||
flash[:error] = I18n.t("flash.platform.saved_error")
|
flash[:error] = I18n.t("flash.platform.saved_error")
|
||||||
@platforms = Platform.visible_to current_user
|
#@platforms = Platform.visible_to current_user
|
||||||
render :action => :new
|
render :action => :new
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def freeze
|
def freeze
|
||||||
can_perform? @platform if @platform
|
#can_perform? @platform if @platform
|
||||||
@platform.released = true
|
@platform.released = true
|
||||||
if @platform.save
|
if @platform.save
|
||||||
flash[:notice] = I18n.t("flash.platform.freezed")
|
flash[:notice] = I18n.t("flash.platform.freezed")
|
||||||
|
@ -70,7 +71,7 @@ class PlatformsController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def unfreeze
|
def unfreeze
|
||||||
can_perform? @platform if @platform
|
#can_perform? @platform if @platform
|
||||||
@platform.released = false
|
@platform.released = false
|
||||||
if @platform.save
|
if @platform.save
|
||||||
flash[:notice] = I18n.t("flash.platform.unfreezed")
|
flash[:notice] = I18n.t("flash.platform.unfreezed")
|
||||||
|
@ -82,7 +83,7 @@ class PlatformsController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def clone
|
def clone
|
||||||
can_perform? @platform if @platform
|
#can_perform? @platform if @platform
|
||||||
if request.post?
|
if request.post?
|
||||||
@cloned = @platform.make_clone(:name => params[:platform]['name'], :unixname => params[:platform]['unixname'],
|
@cloned = @platform.make_clone(:name => params[:platform]['name'], :unixname => params[:platform]['unixname'],
|
||||||
:owner_id => current_user.id, :owner_type => current_user.class.to_s)
|
:owner_id => current_user.id, :owner_type => current_user.class.to_s)
|
||||||
|
@ -100,7 +101,7 @@ class PlatformsController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def destroy
|
def destroy
|
||||||
can_perform? @platform if @platform
|
#can_perform? @platform if @platform
|
||||||
@platform.destroy if @platform
|
@platform.destroy if @platform
|
||||||
|
|
||||||
flash[:notice] = t("flash.platform.destroyed")
|
flash[:notice] = t("flash.platform.destroyed")
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
class PrivateUsersController < ApplicationController
|
class PrivateUsersController < ApplicationController
|
||||||
before_filter :authenticate_user!
|
before_filter :authenticate_user!
|
||||||
before_filter :check_global_access, :except => [:destroy]
|
#before_filter :check_global_access, :except => [:destroy]
|
||||||
before_filter :find_platform_and_private_users
|
before_filter :find_platform_and_private_users
|
||||||
|
|
||||||
def index
|
def index
|
||||||
|
@ -20,7 +20,7 @@ class PrivateUsersController < ApplicationController
|
||||||
|
|
||||||
#def destroy
|
#def destroy
|
||||||
# user = PrivateUser.find(params[:id])
|
# user = PrivateUser.find(params[:id])
|
||||||
# can_perform? user if user
|
# #can_perform? user if user
|
||||||
# user.destroy
|
# user.destroy
|
||||||
# redirect_to platform_private_users_path(params[:platform_id])
|
# redirect_to platform_private_users_path(params[:platform_id])
|
||||||
#end
|
#end
|
||||||
|
|
|
@ -3,13 +3,13 @@ class ProductBuildListsController < ApplicationController
|
||||||
before_filter :find_product_build_list, :only => [:status_build]
|
before_filter :find_product_build_list, :only => [:status_build]
|
||||||
before_filter :find_product, :except => [:status_build]
|
before_filter :find_product, :except => [:status_build]
|
||||||
before_filter :find_platform, :except => [:status_build]
|
before_filter :find_platform, :except => [:status_build]
|
||||||
before_filter :check_global_access, :except => [:status_build]
|
#before_filter :check_global_access, :except => [:status_build]
|
||||||
|
|
||||||
# def index
|
# def index
|
||||||
# end
|
# end
|
||||||
|
|
||||||
def create
|
def create
|
||||||
can_perform? @product # if @product
|
#can_perform? @product # if @product
|
||||||
@product.product_build_lists.create! :base_url => "http://#{request.host_with_port}", :notified_at => Time.current
|
@product.product_build_lists.create! :base_url => "http://#{request.host_with_port}", :notified_at => Time.current
|
||||||
flash[:notice] = t('flash.product.build_started')
|
flash[:notice] = t('flash.product.build_started')
|
||||||
redirect_to [@platform, @product]
|
redirect_to [@platform, @product]
|
||||||
|
|
|
@ -2,7 +2,7 @@ class ProductsController < ApplicationController
|
||||||
before_filter :authenticate_user!
|
before_filter :authenticate_user!
|
||||||
before_filter :find_product, :only => [:show, :edit, :update, :destroy]
|
before_filter :find_product, :only => [:show, :edit, :update, :destroy]
|
||||||
before_filter :find_platform
|
before_filter :find_platform
|
||||||
before_filter :check_global_access, :only => [:new, :create]
|
#before_filter :check_global_access, :only => [:new, :create]
|
||||||
|
|
||||||
def new
|
def new
|
||||||
@product = @platform.products.new
|
@product = @platform.products.new
|
||||||
|
@ -13,7 +13,7 @@ class ProductsController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
# def clone
|
# def clone
|
||||||
# can_perform? @platform if @platform
|
# #can_perform? @platform if @platform
|
||||||
# @template = @platform.products.find(params[:id])
|
# @template = @platform.products.find(params[:id])
|
||||||
# @product = @platform.products.new
|
# @product = @platform.products.new
|
||||||
# @product.clone_from!(@template)
|
# @product.clone_from!(@template)
|
||||||
|
@ -22,12 +22,12 @@ class ProductsController < ApplicationController
|
||||||
# end
|
# end
|
||||||
|
|
||||||
def edit
|
def edit
|
||||||
can_perform? @product if @product
|
#can_perform? @product if @product
|
||||||
can_perform? @platform if @platform
|
#can_perform? @platform if @platform
|
||||||
end
|
end
|
||||||
|
|
||||||
def create
|
def create
|
||||||
can_perform? @platform if @platform
|
#can_perform? @platform if @platform
|
||||||
@product = @platform.products.new params[:product]
|
@product = @platform.products.new params[:product]
|
||||||
if @product.save
|
if @product.save
|
||||||
flash[:notice] = t('flash.product.saved')
|
flash[:notice] = t('flash.product.saved')
|
||||||
|
@ -39,8 +39,8 @@ class ProductsController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def update
|
def update
|
||||||
can_perform? @platform if @platform
|
#can_perform? @platform if @platform
|
||||||
can_perform? @product if @product
|
#can_perform? @product if @product
|
||||||
if @product.update_attributes(params[:product])
|
if @product.update_attributes(params[:product])
|
||||||
flash[:notice] = t('flash.product.saved')
|
flash[:notice] = t('flash.product.saved')
|
||||||
redirect_to @platform
|
redirect_to @platform
|
||||||
|
@ -51,13 +51,13 @@ class ProductsController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def show
|
def show
|
||||||
can_perform? @platform if @platform
|
#can_perform? @platform if @platform
|
||||||
can_perform? @product if @product
|
#can_perform? @product if @product
|
||||||
end
|
end
|
||||||
|
|
||||||
def destroy
|
def destroy
|
||||||
can_perform? @platform if @platform
|
#can_perform? @platform if @platform
|
||||||
can_perform? @product if @product
|
#can_perform? @product if @product
|
||||||
@product.destroy
|
@product.destroy
|
||||||
flash[:notice] = t("flash.product.destroyed")
|
flash[:notice] = t("flash.product.destroyed")
|
||||||
redirect_to @platform
|
redirect_to @platform
|
||||||
|
|
|
@ -2,13 +2,17 @@ class ProjectsController < ApplicationController
|
||||||
before_filter :authenticate_user!, :except => :auto_build
|
before_filter :authenticate_user!, :except => :auto_build
|
||||||
before_filter :find_project, :only => [:show, :edit, :update, :destroy, :build, :process_build]
|
before_filter :find_project, :only => [:show, :edit, :update, :destroy, :build, :process_build]
|
||||||
before_filter :get_paths, :only => [:new, :create, :edit, :update]
|
before_filter :get_paths, :only => [:new, :create, :edit, :update]
|
||||||
before_filter :check_global_access, :only => [:index, :new, :create]#:except => :auto_build
|
#before_filter :check_global_access, :only => [:index, :new, :create]#:except => :auto_build
|
||||||
|
#check_authorization
|
||||||
|
#authorize_resource
|
||||||
|
|
||||||
def index
|
def index
|
||||||
if params[:query]
|
if params[:query]
|
||||||
@projects = Project.visible_to(current_user).where(:name => params[:query]).paginate(:page => params[:project_page])
|
#@projects = Project.visible_to(current_user).where(:name => params[:query]).paginate(:page => params[:project_page])
|
||||||
|
@projects = Project.accessible_by(current_ability).where(:name => params[:query]).paginate(:page => params[:project_page])
|
||||||
else
|
else
|
||||||
@projects = Project.visible_to(current_user).paginate(:page => params[:project_page])
|
#@projects = Project.visible_to(current_user).paginate(:page => params[:project_page])
|
||||||
|
@projects = Project.accessible_by(current_ability).paginate(:page => params[:project_page])
|
||||||
end
|
end
|
||||||
|
|
||||||
@own_projects = current_user.own_projects
|
@own_projects = current_user.own_projects
|
||||||
|
@ -16,7 +20,7 @@ class ProjectsController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def show
|
def show
|
||||||
can_perform? @project if @project
|
#can_perform? @project if @project
|
||||||
@current_build_lists = @project.build_lists.current.recent.paginate :page => params[:page]
|
@current_build_lists = @project.build_lists.current.recent.paginate :page => params[:page]
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -25,7 +29,7 @@ class ProjectsController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def edit
|
def edit
|
||||||
can_perform? @project if @project
|
#can_perform? @project if @project
|
||||||
end
|
end
|
||||||
|
|
||||||
def create
|
def create
|
||||||
|
@ -43,7 +47,7 @@ class ProjectsController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def update
|
def update
|
||||||
can_perform? @project if @project
|
#can_perform? @project if @project
|
||||||
if @project.update_attributes(params[:project])
|
if @project.update_attributes(params[:project])
|
||||||
flash[:notice] = t('flash.project.saved')
|
flash[:notice] = t('flash.project.saved')
|
||||||
redirect_to @project
|
redirect_to @project
|
||||||
|
@ -54,7 +58,7 @@ class ProjectsController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def destroy
|
def destroy
|
||||||
can_perform? @project if @project
|
#can_perform? @project if @project
|
||||||
@project.destroy
|
@project.destroy
|
||||||
flash[:notice] = t("flash.project.destroyed")
|
flash[:notice] = t("flash.project.destroyed")
|
||||||
redirect_to @project.owner
|
redirect_to @project.owner
|
||||||
|
@ -91,7 +95,7 @@ class ProjectsController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def process_build
|
def process_build
|
||||||
can_perform? @project if @project
|
#can_perform? @project if @project
|
||||||
@arch_ids = params[:build][:arches].select{|_,v| v == "1"}.collect{|x| x[0].to_i }
|
@arch_ids = params[:build][:arches].select{|_,v| v == "1"}.collect{|x| x[0].to_i }
|
||||||
@arches = Arch.where(:id => @arch_ids)
|
@arches = Arch.where(:id => @arch_ids)
|
||||||
|
|
||||||
|
|
|
@ -4,7 +4,7 @@ class RepositoriesController < ApplicationController
|
||||||
before_filter :find_repository, :only => [:show, :destroy, :add_project, :remove_project]
|
before_filter :find_repository, :only => [:show, :destroy, :add_project, :remove_project]
|
||||||
before_filter :get_paths, :only => [:show, :new, :create, :add_project, :remove_project]
|
before_filter :get_paths, :only => [:show, :new, :create, :add_project, :remove_project]
|
||||||
before_filter :find_platforms, :only => [:new, :create]
|
before_filter :find_platforms, :only => [:new, :create]
|
||||||
before_filter :check_global_access, :only => [:index, :new, :create]
|
#before_filter :check_global_access, :only => [:index, :new, :create]
|
||||||
|
|
||||||
def index
|
def index
|
||||||
if params[:platform_id]
|
if params[:platform_id]
|
||||||
|
@ -15,7 +15,7 @@ class RepositoriesController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def show
|
def show
|
||||||
can_perform? @repository if @repository
|
#can_perform? @repository if @repository
|
||||||
if params[:query]
|
if params[:query]
|
||||||
@projects = @repository.projects.recent.by_name(params[:query]).paginate :page => params[:project_page], :per_page => 30
|
@projects = @repository.projects.recent.by_name(params[:query]).paginate :page => params[:project_page], :per_page => 30
|
||||||
else
|
else
|
||||||
|
@ -29,7 +29,7 @@ class RepositoriesController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def destroy
|
def destroy
|
||||||
can_perform? @repository if @repository
|
#can_perform? @repository if @repository
|
||||||
@repository.destroy
|
@repository.destroy
|
||||||
platform_id = @repository.platform_id
|
platform_id = @repository.platform_id
|
||||||
|
|
||||||
|
@ -50,7 +50,7 @@ class RepositoriesController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def add_project
|
def add_project
|
||||||
can_perform? @repository if @repository
|
#can_perform? @repository if @repository
|
||||||
if params[:project_id]
|
if params[:project_id]
|
||||||
@project = Project.find(params[:project_id])
|
@project = Project.find(params[:project_id])
|
||||||
# params[:project_id] = nil
|
# params[:project_id] = nil
|
||||||
|
@ -72,7 +72,7 @@ class RepositoriesController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def remove_project
|
def remove_project
|
||||||
can_perform? @repository if @repository
|
#can_perform? @repository if @repository
|
||||||
@project = Project.find(params[:project_id])
|
@project = Project.find(params[:project_id])
|
||||||
ProjectToRepository.where(:project_id => @project.id, :repository_id => @repository.id).destroy_all
|
ProjectToRepository.where(:project_id => @project.id, :repository_id => @repository.id).destroy_all
|
||||||
redirect_to repository_path(@repository), :notice => t('flash.repository.project_removed')
|
redirect_to repository_path(@repository), :notice => t('flash.repository.project_removed')
|
||||||
|
|
|
@ -3,7 +3,7 @@ class RolesController < ApplicationController
|
||||||
before_filter :find_role, :only => [:show, :edit, :update, :destroy]
|
before_filter :find_role, :only => [:show, :edit, :update, :destroy]
|
||||||
before_filter :find_visibilities, :only => [:new, :edit]
|
before_filter :find_visibilities, :only => [:new, :edit]
|
||||||
|
|
||||||
before_filter :check_global_access
|
# before_filter :check_global_access
|
||||||
|
|
||||||
def index
|
def index
|
||||||
@roles = Role.all
|
@roles = Role.all
|
||||||
|
|
|
@ -2,7 +2,7 @@ class RpcController < ApplicationController
|
||||||
exposes_xmlrpc_methods
|
exposes_xmlrpc_methods
|
||||||
|
|
||||||
before_filter :authenticate_user!
|
before_filter :authenticate_user!
|
||||||
before_filter :check_global_access
|
#before_filter :check_global_access
|
||||||
before_filter lambda { EventLog.current_controller = self }, :only => :xe_index # should be after auth callback
|
before_filter lambda { EventLog.current_controller = self }, :only => :xe_index # should be after auth callback
|
||||||
|
|
||||||
## Usage example:
|
## Usage example:
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
class UsersController < ApplicationController
|
class UsersController < ApplicationController
|
||||||
before_filter :authenticate_user!
|
before_filter :authenticate_user!
|
||||||
before_filter :find_user, :only => [:show, :edit, :update, :destroy]
|
before_filter :find_user, :only => [:show, :edit, :update, :destroy]
|
||||||
before_filter :check_global_access
|
#before_filter :check_global_access
|
||||||
|
|
||||||
def index
|
def index
|
||||||
@users = User.paginate(:page => params[:user_page])
|
@users = User.paginate(:page => params[:user_page])
|
||||||
|
|
|
@ -0,0 +1,31 @@
|
||||||
|
class Ability
|
||||||
|
include CanCan::Ability
|
||||||
|
|
||||||
|
def initialize(user)
|
||||||
|
# Define abilities for the passed in user here. For example:
|
||||||
|
#
|
||||||
|
user ||= User.new # guest user (not logged in)
|
||||||
|
if user.admin?
|
||||||
|
can :manage, :all
|
||||||
|
else
|
||||||
|
# Block access to all objects on the site
|
||||||
|
cannot :read, :all
|
||||||
|
|
||||||
|
# Shared rights between guests and registered users
|
||||||
|
can :read, Platform
|
||||||
|
|
||||||
|
# Guest rights
|
||||||
|
if user.guest?
|
||||||
|
can :read, Project, :visibility => 'open'
|
||||||
|
|
||||||
|
# Registered user rights
|
||||||
|
else
|
||||||
|
# If rule has multiple conditions CanCan joins them by 'AND' sql operator
|
||||||
|
can [:read, :update, :process_build, :build], Project, :owner_type => 'User', :owner_id => user.id
|
||||||
|
# If rules goes one by one CanCan joins them by 'OR' sql operator
|
||||||
|
can :read, Project, :visibility => 'open'
|
||||||
|
can [:read, :update, :process_build, :build], Project, :collaborators => {:id => user.id}
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
|
@ -5,6 +5,8 @@ class Relation < ActiveRecord::Base
|
||||||
has_many :role_lines
|
has_many :role_lines
|
||||||
has_many :roles, :autosave => true, :through => :role_lines
|
has_many :roles, :autosave => true, :through => :role_lines
|
||||||
|
|
||||||
|
bitmask :roles, :as => [:read, :update]
|
||||||
|
|
||||||
after_create {
|
after_create {
|
||||||
with_ga do |ga|
|
with_ga do |ga|
|
||||||
if repo = ga.find_repo(target.git_repo_name) and key = object.ssh_key and key.present?
|
if repo = ga.find_repo(target.git_repo_name) and key = object.ssh_key and key.present?
|
||||||
|
|
|
@ -50,6 +50,14 @@ class User < ActiveRecord::Base
|
||||||
before_destroy { destroy_ssh_key(ssh_key) if ssh_key.present? }
|
before_destroy { destroy_ssh_key(ssh_key) if ssh_key.present? }
|
||||||
# after_create() { UserMailer.new_user_notification(self).deliver }
|
# after_create() { UserMailer.new_user_notification(self).deliver }
|
||||||
|
|
||||||
|
def admin?
|
||||||
|
self.id == 1
|
||||||
|
end
|
||||||
|
|
||||||
|
def guest?
|
||||||
|
self.id.blank?
|
||||||
|
end
|
||||||
|
|
||||||
class << self
|
class << self
|
||||||
def find_for_database_authentication(warden_conditions)
|
def find_for_database_authentication(warden_conditions)
|
||||||
conditions = warden_conditions.dup
|
conditions = warden_conditions.dup
|
||||||
|
|
Loading…
Reference in New Issue