manuelcillero/suitepro
manuelcillero/suitepro
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Redmine 3.4.4

Browse source
This commit is contained in:
Manuel Cillero 2018-02-02 22:19:29 +01:00
commit 64924a6376
2112 changed files with 259028 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
CONTRIBUTING.md Normal file
View file

@ -0,0 +1,8 @@
**Do not send a pull request to this GitHub repository**.
For more detail, please see [official website] wiki [Contribute].
[official website]: http://www.redmine.org
[Contribute]: http://www.redmine.org/projects/redmine/wiki/Contribute

114
Gemfile Normal file
View file

@ -0,0 +1,114 @@
source 'https://rubygems.org'
if Gem::Version.new(Bundler::VERSION) < Gem::Version.new('1.5.0')
abort "Redmine requires Bundler 1.5.0 or higher (you're using #{Bundler::VERSION}).\nPlease update with 'gem update bundler'."
end
gem "rails", "4.2.8"
gem "addressable", "2.4.0" if RUBY_VERSION < "2.0"
if RUBY_VERSION < "2.1"
gem "public_suffix", (RUBY_VERSION < "2.0" ? "~> 1.4" : "~> 2.0.5")
end
gem "jquery-rails", "~> 3.1.4"
gem "coderay", "~> 1.1.1"
gem "request_store", "1.0.5"
gem "mime-types", (RUBY_VERSION >= "2.0" ? "~> 3.0" : "~> 2.99")
gem "protected_attributes"
gem "actionpack-xml_parser"
gem "roadie-rails", "~> 1.1.1"
gem "roadie", "~> 3.2.1"
gem "mimemagic"
gem "mail", "~> 2.6.4"
gem "nokogiri", (RUBY_VERSION >= "2.1" ? "~> 1.8.1" : "~> 1.6.8")
gem "i18n", "~> 0.7.0"
gem "ffi", "1.9.14", :platforms => :mingw if RUBY_VERSION < "2.0"
# Request at least rails-html-sanitizer 1.0.3 because of security advisories
gem "rails-html-sanitizer", ">= 1.0.3"
# Windows does not include zoneinfo files, so bundle the tzinfo-data gem
gem 'tzinfo-data', platforms: [:mingw, :x64_mingw, :mswin]
gem "rbpdf", "~> 1.19.3"
# Optional gem for LDAP authentication
group :ldap do
gem "net-ldap", "~> 0.12.0"
end
# Optional gem for OpenID authentication
group :openid do
gem "ruby-openid", "~> 2.3.0", :require => "openid"
gem "rack-openid"
end
platforms :mri, :mingw, :x64_mingw do
# Optional gem for exporting the gantt to a PNG file, not supported with jruby
group :rmagick do
gem "rmagick", ">= 2.14.0"
end
# Optional Markdown support, not for JRuby
group :markdown do
gem "redcarpet", "~> 3.4.0"
end
end
# Include database gems for the adapters found in the database
# configuration file
require 'erb'
require 'yaml'
database_file = File.join(File.dirname(__FILE__), "config/database.yml")
if File.exist?(database_file)
database_config = YAML::load(ERB.new(IO.read(database_file)).result)
adapters = database_config.values.map {|c| c['adapter']}.compact.uniq
if adapters.any?
adapters.each do |adapter|
case adapter
when 'mysql2'
gem "mysql2", "~> 0.4.6", :platforms => [:mri, :mingw, :x64_mingw]
when /postgresql/
gem "pg", "~> 0.18.1", :platforms => [:mri, :mingw, :x64_mingw]
when /sqlite3/
gem "sqlite3", (RUBY_VERSION < "2.0" && RUBY_PLATFORM =~ /mingw/ ? "1.3.12" : "~>1.3.12"),
:platforms => [:mri, :mingw, :x64_mingw]
when /sqlserver/
gem "tiny_tds", (RUBY_VERSION >= "2.0" ? "~> 1.0.5" : "~> 0.7.0"), :platforms => [:mri, :mingw, :x64_mingw]
gem "activerecord-sqlserver-adapter", :platforms => [:mri, :mingw, :x64_mingw]
else
warn("Unknown database adapter `#{adapter}` found in config/database.yml, use Gemfile.local to load your own database gems")
end
end
else
warn("No adapter found in config/database.yml, please configure it first")
end
else
warn("Please configure your config/database.yml first")
end
group :development do
gem "rdoc", "~> 4.3"
gem "yard"
end
group :test do
gem "minitest"
gem "rails-dom-testing"
gem "mocha"
gem "simplecov", "~> 0.9.1", :require => false
# TODO: remove this after upgrading to Rails 5
gem "test_after_commit", "~> 0.4.2"
# For running UI tests
gem "capybara"
gem "selenium-webdriver", "~> 2.53.4"
end
local_gemfile = File.join(File.dirname(__FILE__), "Gemfile.local")
if File.exists?(local_gemfile)
eval_gemfile local_gemfile
end
# Load plugins' Gemfiles
Dir.glob File.expand_path("../plugins/*/{Gemfile,PluginGemfile}", __FILE__) do |file|
eval_gemfile file
end

5
README.rdoc Normal file
View file

@ -0,0 +1,5 @@
= Redmine
Redmine is a flexible project management web application written using Ruby on Rails framework.
More details can be found in the doc directory or on the official website http://www.redmine.org

7
Rakefile Normal file
View file

@ -0,0 +1,7 @@
#!/usr/bin/env rake
# Add your own tasks in files placed in lib/tasks ending in .rake,
# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
require File.expand_path('../config/application', __FILE__)
RedmineApp::Application.load_tasks

375
app/controllers/account_controller.rb Normal file
View file

@ -0,0 +1,375 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class AccountController < ApplicationController
helper :custom_fields
include CustomFieldsHelper
self.main_menu = false
# prevents login action to be filtered by check_if_login_required application scope filter
skip_before_action :check_if_login_required, :check_password_change
# Overrides ApplicationController#verify_authenticity_token to disable
# token verification on openid callbacks
def verify_authenticity_token
unless using_open_id?
super
end
end
# Login request and validation
def login
if request.post?
authenticate_user
else
if User.current.logged?
redirect_back_or_default home_url, :referer => true
end
end
rescue AuthSourceException => e
logger.error "An error occurred when authenticating #{params[:username]}: #{e.message}"
render_error :message => e.message
end
# Log out current user and redirect to welcome page
def logout
if User.current.anonymous?
redirect_to home_url
elsif request.post?
logout_user
redirect_to home_url
end
# display the logout form
end
# Lets user choose a new password
def lost_password
(redirect_to(home_url); return) unless Setting.lost_password?
if prt = (params[:token] || session[:password_recovery_token])
@token = Token.find_token("recovery", prt.to_s)
if @token.nil? || @token.expired?
redirect_to home_url
return
end
# redirect to remove the token query parameter from the URL and add it to the session
if request.query_parameters[:token].present?
session[:password_recovery_token] = @token.value
redirect_to lost_password_url
return
end
@user = @token.user
unless @user && @user.active?
redirect_to home_url
return
end
if request.post?
if @user.must_change_passwd? && @user.check_password?(params[:new_password])
flash.now[:error] = l(:notice_new_password_must_be_different)
else
@user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
@user.must_change_passwd = false
if @user.save
@token.destroy
Mailer.password_updated(@user)
flash[:notice] = l(:notice_account_password_updated)
redirect_to signin_path
return
end
end
end
render :template => "account/password_recovery"
return
else
if request.post?
email = params[:mail].to_s.strip
user = User.find_by_mail(email)
# user not found
unless user
flash.now[:error] = l(:notice_account_unknown_email)
return
end
unless user.active?
handle_inactive_user(user, lost_password_path)
return
end
# user cannot change its password
unless user.change_password_allowed?
flash.now[:error] = l(:notice_can_t_change_password)
return
end
# create a new token for password recovery
token = Token.new(:user => user, :action => "recovery")
if token.save
# Don't use the param to send the email
recipent = user.mails.detect {|e| email.casecmp(e) == 0} || user.mail
Mailer.lost_password(token, recipent).deliver
flash[:notice] = l(:notice_account_lost_email_sent)
redirect_to signin_path
return
end
end
end
end
# User self-registration
def register
(redirect_to(home_url); return) unless Setting.self_registration? || session[:auth_source_registration]
if !request.post?
session[:auth_source_registration] = nil
@user = User.new(:language => current_language.to_s)
else
user_params = params[:user] || {}
@user = User.new
@user.safe_attributes = user_params
@user.pref.safe_attributes = params[:pref]
@user.admin = false
@user.register
if session[:auth_source_registration]
@user.activate
@user.login = session[:auth_source_registration][:login]
@user.auth_source_id = session[:auth_source_registration][:auth_source_id]
if @user.save
session[:auth_source_registration] = nil
self.logged_user = @user
flash[:notice] = l(:notice_account_activated)
redirect_to my_account_path
end
else
unless user_params[:identity_url].present? && user_params[:password].blank? && user_params[:password_confirmation].blank?
@user.password, @user.password_confirmation = user_params[:password], user_params[:password_confirmation]
end
case Setting.self_registration
when '1'
register_by_email_activation(@user)
when '3'
register_automatically(@user)
else
register_manually_by_administrator(@user)
end
end
end
end
# Token based account activation
def activate
(redirect_to(home_url); return) unless Setting.self_registration? && params[:token].present?
token = Token.find_token('register', params[:token].to_s)
(redirect_to(home_url); return) unless token and !token.expired?
user = token.user
(redirect_to(home_url); return) unless user.registered?
user.activate
if user.save
token.destroy
flash[:notice] = l(:notice_account_activated)
end
redirect_to signin_path
end
# Sends a new account activation email
def activation_email
if session[:registered_user_id] && Setting.self_registration == '1'
user_id = session.delete(:registered_user_id).to_i
user = User.find_by_id(user_id)
if user && user.registered?
register_by_email_activation(user)
return
end
end
redirect_to(home_url)
end
private
def authenticate_user
if Setting.openid? && using_open_id?
open_id_authenticate(params[:openid_url])
else
password_authentication
end
end
def password_authentication
user = User.try_to_login(params[:username], params[:password], false)
if user.nil?
invalid_credentials
elsif user.new_record?
onthefly_creation_failed(user, {:login => user.login, :auth_source_id => user.auth_source_id })
else
# Valid user
if user.active?
successful_authentication(user)
update_sudo_timestamp! # activate Sudo Mode
else
handle_inactive_user(user)
end
end
end
def open_id_authenticate(openid_url)
back_url = signin_url(:autologin => params[:autologin])
authenticate_with_open_id(
openid_url, :required => [:nickname, :fullname, :email],
:return_to => back_url, :method => :post
) do |result, identity_url, registration|
if result.successful?
user = User.find_or_initialize_by_identity_url(identity_url)
if user.new_record?
# Self-registration off
(redirect_to(home_url); return) unless Setting.self_registration?
# Create on the fly
user.login = registration['nickname'] unless registration['nickname'].nil?
user.mail = registration['email'] unless registration['email'].nil?
user.firstname, user.lastname = registration['fullname'].split(' ') unless registration['fullname'].nil?
user.random_password
user.register
case Setting.self_registration
when '1'
register_by_email_activation(user) do
onthefly_creation_failed(user)
end
when '3'
register_automatically(user) do
onthefly_creation_failed(user)
end
else
register_manually_by_administrator(user) do
onthefly_creation_failed(user)
end
end
else
# Existing record
if user.active?
successful_authentication(user)
else
handle_inactive_user(user)
end
end
end
end
end
def successful_authentication(user)
logger.info "Successful authentication for '#{user.login}' from #{request.remote_ip} at #{Time.now.utc}"
# Valid user
self.logged_user = user
# generate a key and set cookie if autologin
if params[:autologin] && Setting.autologin?
set_autologin_cookie(user)
end
call_hook(:controller_account_success_authentication_after, {:user => user })
redirect_back_or_default my_page_path
end
def set_autologin_cookie(user)
token = user.generate_autologin_token
secure = Redmine::Configuration['autologin_cookie_secure']
if secure.nil?
secure = request.ssl?
end
cookie_options = {
:value => token,
:expires => 1.year.from_now,
:path => (Redmine::Configuration['autologin_cookie_path'] || RedmineApp::Application.config.relative_url_root || '/'),
:secure => secure,
:httponly => true
}
cookies[autologin_cookie_name] = cookie_options
end
# Onthefly creation failed, display the registration form to fill/fix attributes
def onthefly_creation_failed(user, auth_source_options = { })
@user = user
session[:auth_source_registration] = auth_source_options unless auth_source_options.empty?
render :action => 'register'
end
def invalid_credentials
logger.warn "Failed login for '#{params[:username]}' from #{request.remote_ip} at #{Time.now.utc}"
flash.now[:error] = l(:notice_account_invalid_credentials)
end
# Register a user for email activation.
#
# Pass a block for behavior when a user fails to save
def register_by_email_activation(user, &block)
token = Token.new(:user => user, :action => "register")
if user.save and token.save
Mailer.register(token).deliver
flash[:notice] = l(:notice_account_register_done, :email => ERB::Util.h(user.mail))
redirect_to signin_path
else
yield if block_given?
end
end
# Automatically register a user
#
# Pass a block for behavior when a user fails to save
def register_automatically(user, &block)
# Automatic activation
user.activate
user.last_login_on = Time.now
if user.save
self.logged_user = user
flash[:notice] = l(:notice_account_activated)
redirect_to my_account_path
else
yield if block_given?
end
end
# Manual activation by the administrator
#
# Pass a block for behavior when a user fails to save
def register_manually_by_administrator(user, &block)
if user.save
# Sends an email to the administrators
Mailer.account_activation_request(user).deliver
account_pending(user)
else
yield if block_given?
end
end
def handle_inactive_user(user, redirect_path=signin_path)
if user.registered?
account_pending(user, redirect_path)
else
account_locked(user, redirect_path)
end
end
def account_pending(user, redirect_path=signin_path)
if Setting.self_registration == '1'
flash[:error] = l(:notice_account_not_activated_yet, :url => activation_email_path)
session[:registered_user_id] = user.id
else
flash[:error] = l(:notice_account_pending)
end
redirect_to redirect_path
end
def account_locked(user, redirect_path=signin_path)
flash[:error] = l(:notice_account_locked)
redirect_to redirect_path
end
end

90
app/controllers/activities_controller.rb Normal file
View file

@ -0,0 +1,90 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class ActivitiesController < ApplicationController
menu_item :activity
before_action :find_optional_project
accept_rss_auth :index
def index
@days = Setting.activity_days_default.to_i
if params[:from]
begin; @date_to = params[:from].to_date + 1; rescue; end
end
@date_to ||= User.current.today + 1
@date_from = @date_to - @days
@with_subprojects = params[:with_subprojects].nil? ? Setting.display_subprojects_issues? : (params[:with_subprojects] == '1')
if params[:user_id].present?
@author = User.active.find(params[:user_id])
end
@activity = Redmine::Activity::Fetcher.new(User.current, :project => @project,
:with_subprojects => @with_subprojects,
:author => @author)
pref = User.current.pref
@activity.scope_select {|t| !params["show_#{t}"].nil?}
if @activity.scope.present?
if params[:submit].present?
pref.activity_scope = @activity.scope
pref.save
end
else
if @author.nil?
scope = pref.activity_scope & @activity.event_types
@activity.scope = scope.present? ? scope : :default
else
@activity.scope = :all
end
end
events = @activity.events(@date_from, @date_to)
if events.empty? || stale?(:etag => [@activity.scope, @date_to, @date_from, @with_subprojects, @author, events.first, events.size, User.current, current_language])
respond_to do |format|
format.html {
@events_by_day = events.group_by {|event| User.current.time_to_date(event.event_datetime)}
render :layout => false if request.xhr?
}
format.atom {
title = l(:label_activity)
if @author
title = @author.name
elsif @activity.scope.size == 1
title = l("label_#{@activity.scope.first.singularize}_plural")
end
render_feed(events, :title => "#{@project || Setting.app_title}: #{title}")
}
end
end
rescue ActiveRecord::RecordNotFound
render_404
end
private
# TODO: refactor, duplicated in projects_controller
def find_optional_project
return true unless params[:id]
@project = Project.find(params[:id])
authorize
rescue ActiveRecord::RecordNotFound
render_404
end
end

85
app/controllers/admin_controller.rb Normal file
View file

@ -0,0 +1,85 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class AdminController < ApplicationController
layout 'admin'
self.main_menu = false
menu_item :projects, :only => :projects
menu_item :plugins, :only => :plugins
menu_item :info, :only => :info
before_action :require_admin
def index
@no_configuration_data = Redmine::DefaultData::Loader::no_data?
end
def projects
@status = params[:status] || 1
scope = Project.status(@status).sorted
scope = scope.like(params[:name]) if params[:name].present?
@project_count = scope.count
@project_pages = Paginator.new @project_count, per_page_option, params['page']
@projects = scope.limit(@project_pages.per_page).offset(@project_pages.offset).to_a
render :action => "projects", :layout => false if request.xhr?
end
def plugins
@plugins = Redmine::Plugin.all
end
# Loads the default configuration
# (roles, trackers, statuses, workflow, enumerations)
def default_configuration
if request.post?
begin
Redmine::DefaultData::Loader::load(params[:lang])
flash[:notice] = l(:notice_default_data_loaded)
rescue Exception => e
flash[:error] = l(:error_can_t_load_default_data, ERB::Util.h(e.message))
end
end
redirect_to admin_path
end
def test_email
raise_delivery_errors = ActionMailer::Base.raise_delivery_errors
# Force ActionMailer to raise delivery errors so we can catch it
ActionMailer::Base.raise_delivery_errors = true
begin
@test = Mailer.test_email(User.current).deliver
flash[:notice] = l(:notice_email_sent, ERB::Util.h(User.current.mail))
rescue Exception => e
flash[:error] = l(:notice_email_error, ERB::Util.h(Redmine::CodesetUtil.replace_invalid_utf8(e.message.dup)))
end
ActionMailer::Base.raise_delivery_errors = raise_delivery_errors
redirect_to settings_path(:tab => 'notifications')
end
def info
@checklist = [
[:text_default_administrator_account_changed, User.default_admin_account_changed?],
[:text_file_repository_writable, File.writable?(Attachment.storage_path)],
["#{l :text_plugin_assets_writable} (./public/plugin_assets)", File.writable?(Redmine::Plugin.public_directory)],
[:text_rmagick_available, Object.const_defined?(:Magick)],
[:text_convert_available, Redmine::Thumbnail.convert_available?]
]
end
end

679
app/controllers/application_controller.rb Normal file
View file

@ -0,0 +1,679 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
require 'uri'
require 'cgi'
class Unauthorized < Exception; end
class ApplicationController < ActionController::Base
include Redmine::I18n
include Redmine::Pagination
include Redmine::Hook::Helper
include RoutesHelper
helper :routes
class_attribute :accept_api_auth_actions
class_attribute :accept_rss_auth_actions
class_attribute :model_object
layout 'base'
protect_from_forgery
def verify_authenticity_token
unless api_request?
super
end
end
def handle_unverified_request
unless api_request?
super
cookies.delete(autologin_cookie_name)
self.logged_user = nil
set_localization
render_error :status => 422, :message => "Invalid form authenticity token."
end
end
before_action :session_expiration, :user_setup, :check_if_login_required, :set_localization, :check_password_change
rescue_from ::Unauthorized, :with => :deny_access
rescue_from ::ActionView::MissingTemplate, :with => :missing_template
include Redmine::Search::Controller
include Redmine::MenuManager::MenuController
helper Redmine::MenuManager::MenuHelper
include Redmine::SudoMode::Controller
def session_expiration
if session[:user_id] && Rails.application.config.redmine_verify_sessions != false
if session_expired? && !try_to_autologin
set_localization(User.active.find_by_id(session[:user_id]))
self.logged_user = nil
flash[:error] = l(:error_session_expired)
require_login
end
end
end
def session_expired?
! User.verify_session_token(session[:user_id], session[:tk])
end
def start_user_session(user)
session[:user_id] = user.id
session[:tk] = user.generate_session_token
if user.must_change_password?
session[:pwd] = '1'
end
end
def user_setup
# Check the settings cache for each request
Setting.check_cache
# Find the current user
User.current = find_current_user
logger.info(" Current user: " + (User.current.logged? ? "#{User.current.login} (id=#{User.current.id})" : "anonymous")) if logger
end
# Returns the current user or nil if no user is logged in
# and starts a session if needed
def find_current_user
user = nil
unless api_request?
if session[:user_id]
# existing session
user = (User.active.find(session[:user_id]) rescue nil)
elsif autologin_user = try_to_autologin
user = autologin_user
elsif params[:format] == 'atom' && params[:key] && request.get? && accept_rss_auth?
# RSS key authentication does not start a session
user = User.find_by_rss_key(params[:key])
end
end
if user.nil? && Setting.rest_api_enabled? && accept_api_auth?
if (key = api_key_from_request)
# Use API key
user = User.find_by_api_key(key)
elsif request.authorization.to_s =~ /\ABasic /i
# HTTP Basic, either username/password or API key/random
authenticate_with_http_basic do |username, password|
user = User.try_to_login(username, password) || User.find_by_api_key(username)
end
if user && user.must_change_password?
render_error :message => 'You must change your password', :status => 403
return
end
end
# Switch user if requested by an admin user
if user && user.admin? && (username = api_switch_user_from_request)
su = User.find_by_login(username)
if su && su.active?
logger.info(" User switched by: #{user.login} (id=#{user.id})") if logger
user = su
else
render_error :message => 'Invalid X-Redmine-Switch-User header', :status => 412
end
end
end
# store current ip address in user object ephemerally
user.remote_ip = request.remote_ip if user
user
end
def autologin_cookie_name
Redmine::Configuration['autologin_cookie_name'].presence || 'autologin'
end
def try_to_autologin
if cookies[autologin_cookie_name] && Setting.autologin?
# auto-login feature starts a new session
user = User.try_to_autologin(cookies[autologin_cookie_name])
if user
reset_session
start_user_session(user)
end
user
end
end
# Sets the logged in user
def logged_user=(user)
reset_session
if user && user.is_a?(User)
User.current = user
start_user_session(user)
else
User.current = User.anonymous
end
end
# Logs out current user
def logout_user
if User.current.logged?
if autologin = cookies.delete(autologin_cookie_name)
User.current.delete_autologin_token(autologin)
end
User.current.delete_session_token(session[:tk])
self.logged_user = nil
end
end
# check if login is globally required to access the application
def check_if_login_required
# no check needed if user is already logged in
return true if User.current.logged?
require_login if Setting.login_required?
end
def check_password_change
if session[:pwd]
if User.current.must_change_password?
flash[:error] = l(:error_password_expired)
redirect_to my_password_path
else
session.delete(:pwd)
end
end
end
def set_localization(user=User.current)
lang = nil
if user && user.logged?
lang = find_language(user.language)
end
if lang.nil? && !Setting.force_default_language_for_anonymous? && request.env['HTTP_ACCEPT_LANGUAGE']
accept_lang = parse_qvalues(request.env['HTTP_ACCEPT_LANGUAGE']).first
if !accept_lang.blank?
accept_lang = accept_lang.downcase
lang = find_language(accept_lang) || find_language(accept_lang.split('-').first)
end
end
lang ||= Setting.default_language
set_language_if_valid(lang)
end
def require_login
if !User.current.logged?
# Extract only the basic url parameters on non-GET requests
if request.get?
url = request.original_url
else
url = url_for(:controller => params[:controller], :action => params[:action], :id => params[:id], :project_id => params[:project_id])
end
respond_to do |format|
format.html {
if request.xhr?
head :unauthorized
else
redirect_to signin_path(:back_url => url)
end
}
format.any(:atom, :pdf, :csv) {
redirect_to signin_path(:back_url => url)
}
format.xml { head :unauthorized, 'WWW-Authenticate' => 'Basic realm="Redmine API"' }
format.js { head :unauthorized, 'WWW-Authenticate' => 'Basic realm="Redmine API"' }
format.json { head :unauthorized, 'WWW-Authenticate' => 'Basic realm="Redmine API"' }
format.any { head :unauthorized }
end
return false
end
true
end
def require_admin
return unless require_login
if !User.current.admin?
render_403
return false
end
true
end
def deny_access
User.current.logged? ? render_403 : require_login
end
# Authorize the user for the requested action
def authorize(ctrl = params[:controller], action = params[:action], global = false)
allowed = User.current.allowed_to?({:controller => ctrl, :action => action}, @project || @projects, :global => global)
if allowed
true
else
if @project && @project.archived?
render_403 :message => :notice_not_authorized_archived_project
else
deny_access
end
end
end
# Authorize the user for the requested action outside a project
def authorize_global(ctrl = params[:controller], action = params[:action], global = true)
authorize(ctrl, action, global)
end
# Find project of id params[:id]
def find_project
@project = Project.find(params[:id])
rescue ActiveRecord::RecordNotFound
render_404
end
# Find project of id params[:project_id]
def find_project_by_project_id
@project = Project.find(params[:project_id])
rescue ActiveRecord::RecordNotFound
render_404
end
# Find a project based on params[:project_id]
# TODO: some subclasses override this, see about merging their logic
def find_optional_project
@project = Project.find(params[:project_id]) unless params[:project_id].blank?
allowed = User.current.allowed_to?({:controller => params[:controller], :action => params[:action]}, @project, :global => true)
allowed ? true : deny_access
rescue ActiveRecord::RecordNotFound
render_404
end
# Finds and sets @project based on @object.project
def find_project_from_association
render_404 unless @object.present?
@project = @object.project
end
def find_model_object
model = self.class.model_object
if model
@object = model.find(params[:id])
self.instance_variable_set('@' + controller_name.singularize, @object) if @object
end
rescue ActiveRecord::RecordNotFound
render_404
end
def self.model_object(model)
self.model_object = model
end
# Find the issue whose id is the :id parameter
# Raises a Unauthorized exception if the issue is not visible
def find_issue
# Issue.visible.find(...) can not be used to redirect user to the login form
# if the issue actually exists but requires authentication
@issue = Issue.find(params[:id])
raise Unauthorized unless @issue.visible?
@project = @issue.project
rescue ActiveRecord::RecordNotFound
render_404
end
# Find issues with a single :id param or :ids array param
# Raises a Unauthorized exception if one of the issues is not visible
def find_issues
@issues = Issue.
where(:id => (params[:id] || params[:ids])).
preload(:project, :status, :tracker, :priority, :author, :assigned_to, :relations_to, {:custom_values => :custom_field}).
to_a
raise ActiveRecord::RecordNotFound if @issues.empty?
raise Unauthorized unless @issues.all?(&:visible?)
@projects = @issues.collect(&:project).compact.uniq
@project = @projects.first if @projects.size == 1
rescue ActiveRecord::RecordNotFound
render_404
end
def find_attachments
if (attachments = params[:attachments]).present?
att = attachments.values.collect do |attachment|
Attachment.find_by_token( attachment[:token] ) if attachment[:token].present?
end
att.compact!
end
@attachments = att || []
end
def parse_params_for_bulk_update(params)
attributes = (params || {}).reject {|k,v| v.blank?}
attributes.keys.each {|k| attributes[k] = '' if attributes[k] == 'none'}
if custom = attributes[:custom_field_values]
custom.reject! {|k,v| v.blank?}
custom.keys.each do |k|
if custom[k].is_a?(Array)
custom[k] << '' if custom[k].delete('__none__')
else
custom[k] = '' if custom[k] == '__none__'
end
end
end
attributes
end
# make sure that the user is a member of the project (or admin) if project is private
# used as a before_action for actions that do not require any particular permission on the project
def check_project_privacy
if @project && !@project.archived?
if @project.visible?
true
else
deny_access
end
else
@project = nil
render_404
false
end
end
def back_url
url = params[:back_url]
if url.nil? && referer = request.env['HTTP_REFERER']
url = CGI.unescape(referer.to_s)
end
url
end
def redirect_back_or_default(default, options={})
back_url = params[:back_url].to_s
if back_url.present? && valid_url = validate_back_url(back_url)
redirect_to(valid_url)
return
elsif options[:referer]
redirect_to_referer_or default
return
end
redirect_to default
false
end
# Returns a validated URL string if back_url is a valid url for redirection,
# otherwise false
def validate_back_url(back_url)
if CGI.unescape(back_url).include?('..')
return false
end
begin
uri = URI.parse(back_url)
rescue URI::InvalidURIError
return false
end
[:scheme, :host, :port].each do |component|
if uri.send(component).present? && uri.send(component) != request.send(component)
return false
end
uri.send(:"#{component}=", nil)
end
# Always ignore basic user:password in the URL
uri.userinfo = nil
path = uri.to_s
# Ensure that the remaining URL starts with a slash, followed by a
# non-slash character or the end
if path !~ %r{\A/([^/]|\z)}
return false
end
if path.match(%r{/(login|account/register|account/lost_password)})
return false
end
if relative_url_root.present? && !path.starts_with?(relative_url_root)
return false
end
return path
end
private :validate_back_url
def valid_back_url?(back_url)
!!validate_back_url(back_url)
end
private :valid_back_url?
# Redirects to the request referer if present, redirects to args or call block otherwise.
def redirect_to_referer_or(*args, &block)
if referer = request.headers["Referer"]
redirect_to referer
else
if args.any?
redirect_to *args
elsif block_given?
block.call
else
raise "#redirect_to_referer_or takes arguments or a block"
end
end
end
def render_403(options={})
@project = nil
render_error({:message => :notice_not_authorized, :status => 403}.merge(options))
return false
end
def render_404(options={})
render_error({:message => :notice_file_not_found, :status => 404}.merge(options))
return false
end
# Renders an error response
def render_error(arg)
arg = {:message => arg} unless arg.is_a?(Hash)
@message = arg[:message]
@message = l(@message) if @message.is_a?(Symbol)
@status = arg[:status] || 500
respond_to do |format|
format.html {
render :template => 'common/error', :layout => use_layout, :status => @status
}
format.any { head @status }
end
end
# Handler for ActionView::MissingTemplate exception
def missing_template
logger.warn "Missing template, responding with 404"
@project = nil
render_404
end
# Filter for actions that provide an API response
# but have no HTML representation for non admin users
def require_admin_or_api_request
return true if api_request?
if User.current.admin?
true
elsif User.current.logged?
render_error(:status => 406)
else
deny_access
end
end
# Picks which layout to use based on the request
#
# @return [boolean, string] name of the layout to use or false for no layout
def use_layout
request.xhr? ? false : 'base'
end
def render_feed(items, options={})
@items = (items || []).to_a
@items.sort! {|x,y| y.event_datetime <=> x.event_datetime }
@items = @items.slice(0, Setting.feeds_limit.to_i)
@title = options[:title] || Setting.app_title
render :template => "common/feed", :formats => [:atom], :layout => false,
:content_type => 'application/atom+xml'
end
def self.accept_rss_auth(*actions)
if actions.any?
self.accept_rss_auth_actions = actions
else
self.accept_rss_auth_actions || []
end
end
def accept_rss_auth?(action=action_name)
self.class.accept_rss_auth.include?(action.to_sym)
end
def self.accept_api_auth(*actions)
if actions.any?
self.accept_api_auth_actions = actions
else
self.accept_api_auth_actions || []
end
end
def accept_api_auth?(action=action_name)
self.class.accept_api_auth.include?(action.to_sym)
end
# Returns the number of objects that should be displayed
# on the paginated list
def per_page_option
per_page = nil
if params[:per_page] && Setting.per_page_options_array.include?(params[:per_page].to_s.to_i)
per_page = params[:per_page].to_s.to_i
session[:per_page] = per_page
elsif session[:per_page]
per_page = session[:per_page]
else
per_page = Setting.per_page_options_array.first || 25
end
per_page
end
# Returns offset and limit used to retrieve objects
# for an API response based on offset, limit and page parameters
def api_offset_and_limit(options=params)
if options[:offset].present?
offset = options[:offset].to_i
if offset < 0
offset = 0
end
end
limit = options[:limit].to_i
if limit < 1
limit = 25
elsif limit > 100
limit = 100
end
if offset.nil? && options[:page].present?
offset = (options[:page].to_i - 1) * limit
offset = 0 if offset < 0
end
offset ||= 0
[offset, limit]
end
# qvalues http header parser
# code taken from webrick
def parse_qvalues(value)
tmp = []
if value
parts = value.split(/,\s*/)
parts.each {|part|
if m = %r{^([^\s,]+?)(?:;\s*q=(\d+(?:\.\d+)?))?$}.match(part)
val = m[1]
q = (m[2] or 1).to_f
tmp.push([val, q])
end
}
tmp = tmp.sort_by{|val, q| -q}
tmp.collect!{|val, q| val}
end
return tmp
rescue
nil
end
# Returns a string that can be used as filename value in Content-Disposition header
def filename_for_content_disposition(name)
request.env['HTTP_USER_AGENT'] =~ %r{(MSIE|Trident|Edge)} ? ERB::Util.url_encode(name) : name
end
def api_request?
%w(xml json).include? params[:format]
end
# Returns the API key present in the request
def api_key_from_request
if params[:key].present?
params[:key].to_s
elsif request.headers["X-Redmine-API-Key"].present?
request.headers["X-Redmine-API-Key"].to_s
end
end
# Returns the API 'switch user' value if present
def api_switch_user_from_request
request.headers["X-Redmine-Switch-User"].to_s.presence
end
# Renders a warning flash if obj has unsaved attachments
def render_attachment_warning_if_needed(obj)
flash[:warning] = l(:warning_attachments_not_saved, obj.unsaved_attachments.size) if obj.unsaved_attachments.present?
end
# Rescues an invalid query statement. Just in case...
def query_statement_invalid(exception)
logger.error "Query::StatementInvalid: #{exception.message}" if logger
session.delete(:issue_query)
render_error "An error occurred while executing the query and has been logged. Please report this error to your Redmine administrator."
end
# Renders a 200 response for successful updates or deletions via the API
def render_api_ok
render_api_head :ok
end
# Renders a head API response
def render_api_head(status)
head status
end
# Renders API response on validation failure
# for an object or an array of objects
def render_validation_errors(objects)
messages = Array.wrap(objects).map {|object| object.errors.full_messages}.flatten
render_api_errors(messages)
end
def render_api_errors(*messages)
@error_messages = messages.flatten
render :template => 'common/error_messages.api', :status => :unprocessable_entity, :layout => nil
end
# Overrides #_include_layout? so that #render with no arguments
# doesn't use the layout for api requests
def _include_layout?(*args)
api_request? ? false : super
end
end

247
app/controllers/attachments_controller.rb Normal file
View file

@ -0,0 +1,247 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class AttachmentsController < ApplicationController
before_action :find_attachment, :only => [:show, :download, :thumbnail, :update, :destroy]
before_action :find_editable_attachments, :only => [:edit_all, :update_all]
before_action :file_readable, :read_authorize, :only => [:show, :download, :thumbnail]
before_action :update_authorize, :only => :update
before_action :delete_authorize, :only => :destroy
before_action :authorize_global, :only => :upload
# Disable check for same origin requests for JS files, i.e. attachments with
# MIME type text/javascript.
skip_after_action :verify_same_origin_request, :only => :download
accept_api_auth :show, :download, :thumbnail, :upload, :update, :destroy
def show
respond_to do |format|
format.html {
if @attachment.is_diff?
@diff = File.read(@attachment.diskfile, :mode => "rb")
@diff_type = params[:type] || User.current.pref[:diff_type] || 'inline'
@diff_type = 'inline' unless %w(inline sbs).include?(@diff_type)
# Save diff type as user preference
if User.current.logged? && @diff_type != User.current.pref[:diff_type]
User.current.pref[:diff_type] = @diff_type
User.current.preference.save
end
render :action => 'diff'
elsif @attachment.is_text? && @attachment.filesize <= Setting.file_max_size_displayed.to_i.kilobyte
@content = File.read(@attachment.diskfile, :mode => "rb")
render :action => 'file'
elsif @attachment.is_image?
render :action => 'image'
else
render :action => 'other'
end
}
format.api
end
end
def download
if @attachment.container.is_a?(Version) || @attachment.container.is_a?(Project)
@attachment.increment_download
end
if stale?(:etag => @attachment.digest)
# images are sent inline
send_file @attachment.diskfile, :filename => filename_for_content_disposition(@attachment.filename),
:type => detect_content_type(@attachment),
:disposition => disposition(@attachment)
end
end
def thumbnail
if @attachment.thumbnailable? && tbnail = @attachment.thumbnail(:size => params[:size])
if stale?(:etag => tbnail)
send_file tbnail,
:filename => filename_for_content_disposition(@attachment.filename),
:type => detect_content_type(@attachment),
:disposition => 'inline'
end
else
# No thumbnail for the attachment or thumbnail could not be created
head 404
end
end
def upload
# Make sure that API users get used to set this content type
# as it won't trigger Rails' automatic parsing of the request body for parameters
unless request.content_type == 'application/octet-stream'
head 406
return
end
@attachment = Attachment.new(:file => request.raw_post)
@attachment.author = User.current
@attachment.filename = params[:filename].presence || Redmine::Utils.random_hex(16)
@attachment.content_type = params[:content_type].presence
saved = @attachment.save
respond_to do |format|
format.js
format.api {
if saved
render :action => 'upload', :status => :created
else
render_validation_errors(@attachment)
end
}
end
end
# Edit all the attachments of a container
def edit_all
end
# Update all the attachments of a container
def update_all
if Attachment.update_attachments(@attachments, update_all_params)
redirect_back_or_default home_path
return
end
render :action => 'edit_all'
end
def update
@attachment.safe_attributes = params[:attachment]
saved = @attachment.save
respond_to do |format|
format.api {
if saved
render_api_ok
else
render_validation_errors(@attachment)
end
}
end
end
def destroy
if @attachment.container.respond_to?(:init_journal)
@attachment.container.init_journal(User.current)
end
if @attachment.container
# Make sure association callbacks are called
@attachment.container.attachments.delete(@attachment)
else
@attachment.destroy
end
respond_to do |format|
format.html { redirect_to_referer_or project_path(@project) }
format.js
format.api { render_api_ok }
end
end
# Returns the menu item that should be selected when viewing an attachment
def current_menu_item
if @attachment
case @attachment.container
when WikiPage
:wiki
when Message
:boards
when Project, Version
:files
else
@attachment.container.class.name.pluralize.downcase.to_sym
end
end
end
private
def find_attachment
@attachment = Attachment.find(params[:id])
# Show 404 if the filename in the url is wrong
raise ActiveRecord::RecordNotFound if params[:filename] && params[:filename] != @attachment.filename
@project = @attachment.project
rescue ActiveRecord::RecordNotFound
render_404
end
def find_editable_attachments
klass = params[:object_type].to_s.singularize.classify.constantize rescue nil
unless klass && klass.reflect_on_association(:attachments)
render_404
return
end
@container = klass.find(params[:object_id])
if @container.respond_to?(:visible?) && !@container.visible?
render_403
return
end
@attachments = @container.attachments.select(&:editable?)
if @container.respond_to?(:project)
@project = @container.project
end
render_404 if @attachments.empty?
rescue ActiveRecord::RecordNotFound
render_404
end
# Checks that the file exists and is readable
def file_readable
if @attachment.readable?
true
else
logger.error "Cannot send attachment, #{@attachment.diskfile} does not exist or is unreadable."
render_404
end
end
def read_authorize
@attachment.visible? ? true : deny_access
end
def update_authorize
@attachment.editable? ? true : deny_access
end
def delete_authorize
@attachment.deletable? ? true : deny_access
end
def detect_content_type(attachment)
content_type = attachment.content_type
if content_type.blank? || content_type == "application/octet-stream"
content_type = Redmine::MimeType.of(attachment.filename)
end
content_type.to_s
end
def disposition(attachment)
if attachment.is_pdf?
'inline'
else
'attachment'
end
end
# Returns attachments param for #update_all
def update_all_params
params.permit(:attachments => [:filename, :description]).require(:attachments)
end
end

105
app/controllers/auth_sources_controller.rb Normal file
View file

@ -0,0 +1,105 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class AuthSourcesController < ApplicationController
layout 'admin'
self.main_menu = false
menu_item :ldap_authentication
before_action :require_admin
before_action :build_new_auth_source, :only => [:new, :create]
before_action :find_auth_source, :only => [:edit, :update, :test_connection, :destroy]
require_sudo_mode :update, :destroy
def index
@auth_source_pages, @auth_sources = paginate AuthSource, :per_page => 25
end
def new
end
def create
if @auth_source.save
flash[:notice] = l(:notice_successful_create)
redirect_to auth_sources_path
else
render :action => 'new'
end
end
def edit
end
def update
@auth_source.safe_attributes = params[:auth_source]
if @auth_source.save
flash[:notice] = l(:notice_successful_update)
redirect_to auth_sources_path
else
render :action => 'edit'
end
end
def test_connection
begin
@auth_source.test_connection
flash[:notice] = l(:notice_successful_connection)
rescue Exception => e
flash[:error] = l(:error_unable_to_connect, e.message)
end
redirect_to auth_sources_path
end
def destroy
unless @auth_source.users.exists?
@auth_source.destroy
flash[:notice] = l(:notice_successful_delete)
end
redirect_to auth_sources_path
end
def autocomplete_for_new_user
results = AuthSource.search(params[:term])
render :json => results.map {|result| {
'value' => result[:login],
'label' => "#{result[:login]} (#{result[:firstname]} #{result[:lastname]})",
'login' => result[:login].to_s,
'firstname' => result[:firstname].to_s,
'lastname' => result[:lastname].to_s,
'mail' => result[:mail].to_s,
'auth_source_id' => result[:auth_source_id].to_s
}}
end
private
def build_new_auth_source
@auth_source = AuthSource.new_subclass_instance(params[:type] || 'AuthSourceLdap')
if @auth_source
@auth_source.safe_attributes = params[:auth_source]
else
render_404
end
end
def find_auth_source
@auth_source = AuthSource.find(params[:id])
rescue ActiveRecord::RecordNotFound
render_404
end
end

53
app/controllers/auto_completes_controller.rb Normal file
View file

@ -0,0 +1,53 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class AutoCompletesController < ApplicationController
before_action :find_project
def issues
@issues = []
q = (params[:q] || params[:term]).to_s.strip
status = params[:status].to_s
issue_id = params[:issue_id].to_s
if q.present?
scope = Issue.cross_project_scope(@project, params[:scope]).visible
if status.present?
scope = scope.open(status == 'o')
end
if issue_id.present?
scope = scope.where.not(:id => issue_id.to_i)
end
if q.match(/\A#?(\d+)\z/)
@issues << scope.find_by_id($1.to_i)
end
@issues += scope.like(q).order(:id => :desc).limit(10).to_a
@issues.compact!
end
render :layout => false
end
private
def find_project
if params[:project_id].present?
@project = Project.find(params[:project_id])
end
rescue ActiveRecord::RecordNotFound
render_404
end
end

121
app/controllers/boards_controller.rb Normal file
View file

@ -0,0 +1,121 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class BoardsController < ApplicationController
default_search_scope :messages
before_action :find_project_by_project_id, :find_board_if_available, :authorize
accept_rss_auth :index, :show
helper :sort
include SortHelper
helper :watchers
def index
@boards = @project.boards.preload(:last_message => :author).to_a
# show the board if there is only one
if @boards.size == 1
@board = @boards.first
show
end
end
def show
respond_to do |format|
format.html {
sort_init 'updated_on', 'desc'
sort_update 'created_on' => "#{Message.table_name}.id",
'replies' => "#{Message.table_name}.replies_count",
'updated_on' => "COALESCE(#{Message.table_name}.last_reply_id, #{Message.table_name}.id)"
@topic_count = @board.topics.count
@topic_pages = Paginator.new @topic_count, per_page_option, params['page']
@topics = @board.topics.
reorder(:sticky => :desc).
limit(@topic_pages.per_page).
offset(@topic_pages.offset).
order(sort_clause).
preload(:author, {:last_reply => :author}).
to_a
@message = Message.new(:board => @board)
render :action => 'show', :layout => !request.xhr?
}
format.atom {
@messages = @board.messages.
reorder(:id => :desc).
includes(:author, :board).
limit(Setting.feeds_limit.to_i).
to_a
render_feed(@messages, :title => "#{@project}: #{@board}")
}
end
end
def new
@board = @project.boards.build
@board.safe_attributes = params[:board]
end
def create
@board = @project.boards.build
@board.safe_attributes = params[:board]
if @board.save
flash[:notice] = l(:notice_successful_create)
redirect_to_settings_in_projects
else
render :action => 'new'
end
end
def edit
end
def update
@board.safe_attributes = params[:board]
if @board.save
respond_to do |format|
format.html {
flash[:notice] = l(:notice_successful_update)
redirect_to_settings_in_projects
}
format.js { head 200 }
end
else
respond_to do |format|
format.html { render :action => 'edit' }
format.js { head 422 }
end
end
end
def destroy
if @board.destroy
flash[:notice] = l(:notice_successful_delete)
end
redirect_to_settings_in_projects
end
private
def redirect_to_settings_in_projects
redirect_to settings_project_path(@project, :tab => 'boards')
end
def find_board_if_available
@board = @project.boards.find(params[:id]) if params[:id]
rescue ActiveRecord::RecordNotFound
render_404
end
end

55
app/controllers/calendars_controller.rb Normal file
View file

@ -0,0 +1,55 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class CalendarsController < ApplicationController
menu_item :calendar
before_action :find_optional_project
rescue_from Query::StatementInvalid, :with => :query_statement_invalid
helper :issues
helper :projects
helper :queries
include QueriesHelper
def show
if params[:year] and params[:year].to_i > 1900
@year = params[:year].to_i
if params[:month] and params[:month].to_i > 0 and params[:month].to_i < 13
@month = params[:month].to_i
end
end
@year ||= User.current.today.year
@month ||= User.current.today.month
@calendar = Redmine::Helpers::Calendar.new(Date.civil(@year, @month, 1), current_language, :month)
retrieve_query
@query.group_by = nil
@query.sort_criteria = nil
if @query.valid?
events = []
events += @query.issues(:include => [:tracker, :assigned_to, :priority],
:conditions => ["((start_date BETWEEN ? AND ?) OR (due_date BETWEEN ? AND ?))", @calendar.startdt, @calendar.enddt, @calendar.startdt, @calendar.enddt]
)
events += @query.versions(:conditions => ["effective_date BETWEEN ? AND ?", @calendar.startdt, @calendar.enddt])
@calendar.events = events
end
render :action => 'show', :layout => false if request.xhr?
end
end

53
app/controllers/comments_controller.rb Normal file
View file

@ -0,0 +1,53 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class CommentsController < ApplicationController
default_search_scope :news
model_object News
before_action :find_model_object
before_action :find_project_from_association
before_action :authorize
def create
raise Unauthorized unless @news.commentable?
@comment = Comment.new
@comment.safe_attributes = params[:comment]
@comment.author = User.current
if @news.comments << @comment
flash[:notice] = l(:label_comment_added)
end
redirect_to news_path(@news)
end
def destroy
@news.comments.find(params[:comment_id]).destroy
redirect_to news_path(@news)
end
private
# ApplicationController's find_model_object sets it based on the controller
# name so it needs to be overridden and set to @news instead
def find_model_object
super
@news = @object
@comment = nil
@news
end
end

92
app/controllers/context_menus_controller.rb Normal file
View file

@ -0,0 +1,92 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class ContextMenusController < ApplicationController
helper :watchers
helper :issues
before_action :find_issues, :only => :issues
def issues
if (@issues.size == 1)
@issue = @issues.first
end
@issue_ids = @issues.map(&:id).sort
@allowed_statuses = @issues.map(&:new_statuses_allowed_to).reduce(:&)
@can = {:edit => @issues.all?(&:attributes_editable?),
:log_time => (@project && User.current.allowed_to?(:log_time, @project)),
:copy => User.current.allowed_to?(:copy_issues, @projects) && Issue.allowed_target_projects.any?,
:add_watchers => User.current.allowed_to?(:add_issue_watchers, @projects),
:delete => @issues.all?(&:deletable?)
}
@assignables = @issues.map(&:assignable_users).reduce(:&)
@trackers = @projects.map {|p| Issue.allowed_target_trackers(p) }.reduce(:&)
@versions = @projects.map {|p| p.shared_versions.open}.reduce(:&)
@priorities = IssuePriority.active.reverse
@back = back_url
@options_by_custom_field = {}
if @can[:edit]
custom_fields = @issues.map(&:editable_custom_fields).reduce(:&).reject(&:multiple?).select {|field| field.format.bulk_edit_supported}
custom_fields.each do |field|
values = field.possible_values_options(@projects)
if values.present?
@options_by_custom_field[field] = values
end
end
end
@safe_attributes = @issues.map(&:safe_attribute_names).reduce(:&)
render :layout => false
end
def time_entries
@time_entries = TimeEntry.where(:id => params[:ids]).
preload(:project => :time_entry_activities).
preload(:user).to_a
(render_404; return) unless @time_entries.present?
if (@time_entries.size == 1)
@time_entry = @time_entries.first
end
@projects = @time_entries.collect(&:project).compact.uniq
@project = @projects.first if @projects.size == 1
@activities = @projects.map(&:activities).reduce(:&)
edit_allowed = @time_entries.all? {|t| t.editable_by?(User.current)}
@can = {:edit => edit_allowed, :delete => edit_allowed}
@back = back_url
@options_by_custom_field = {}
if @can[:edit]
custom_fields = @time_entries.map(&:editable_custom_fields).reduce(:&).reject(&:multiple?).select {|field| field.format.bulk_edit_supported}
custom_fields.each do |field|
values = field.possible_values_options(@projects)
if values.present?
@options_by_custom_field[field] = values
end
end
end
render :layout => false
end
end

84
app/controllers/custom_field_enumerations_controller.rb Normal file
View file

@ -0,0 +1,84 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class CustomFieldEnumerationsController < ApplicationController
layout 'admin'
self.main_menu = false
before_action :require_admin
before_action :find_custom_field
before_action :find_enumeration, :only => :destroy
helper :custom_fields
def index
@values = @custom_field.enumerations.order(:position)
end
def create
@value = @custom_field.enumerations.build
@value.attributes = enumeration_params
@value.save
respond_to do |format|
format.html { redirect_to custom_field_enumerations_path(@custom_field) }
format.js
end
end
def update_each
saved = CustomFieldEnumeration.update_each(@custom_field, update_each_params)
if saved
flash[:notice] = l(:notice_successful_update)
end
redirect_to :action => 'index'
end
def destroy
reassign_to = @custom_field.enumerations.find_by_id(params[:reassign_to_id])
if reassign_to.nil? && @value.in_use?
@enumerations = @custom_field.enumerations - [@value]
render :action => 'destroy'
return
end
@value.destroy(reassign_to)
redirect_to custom_field_enumerations_path(@custom_field)
end
private
def find_custom_field
@custom_field = CustomField.find(params[:custom_field_id])
rescue ActiveRecord::RecordNotFound
render_404
end
def find_enumeration
@value = @custom_field.enumerations.find(params[:id])
rescue ActiveRecord::RecordNotFound
render_404
end
def enumeration_params
params.require(:custom_field_enumeration).permit(:name, :active, :position)
end
def update_each_params
# params.require(:custom_field_enumerations).permit(:name, :active, :position) does not work here with param like this:
# "custom_field_enumerations":{"0":{"name": ...}, "1":{"name...}}
params.permit(:custom_field_enumerations => [:name, :active, :position]).require(:custom_field_enumerations)
end
end

104
app/controllers/custom_fields_controller.rb Normal file
View file

@ -0,0 +1,104 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class CustomFieldsController < ApplicationController
layout 'admin'
self.main_menu = false
before_action :require_admin
before_action :build_new_custom_field, :only => [:new, :create]
before_action :find_custom_field, :only => [:edit, :update, :destroy]
accept_api_auth :index
def index
respond_to do |format|
format.html {
@custom_fields_by_type = CustomField.all.group_by {|f| f.class.name }
@custom_fields_projects_count =
IssueCustomField.where(is_for_all: false).joins(:projects).group(:custom_field_id).count
}
format.api {
@custom_fields = CustomField.all
}
end
end
def new
@custom_field.field_format = 'string' if @custom_field.field_format.blank?
@custom_field.default_value = nil
end
def create
if @custom_field.save
flash[:notice] = l(:notice_successful_create)
call_hook(:controller_custom_fields_new_after_save, :params => params, :custom_field => @custom_field)
redirect_to edit_custom_field_path(@custom_field)
else
render :action => 'new'
end
end
def edit
end
def update
@custom_field.safe_attributes = params[:custom_field]
if @custom_field.save
call_hook(:controller_custom_fields_edit_after_save, :params => params, :custom_field => @custom_field)
respond_to do |format|
format.html {
flash[:notice] = l(:notice_successful_update)
redirect_back_or_default edit_custom_field_path(@custom_field)
}
format.js { head 200 }
end
else
respond_to do |format|
format.html { render :action => 'edit' }
format.js { head 422 }
end
end
end
def destroy
begin
if @custom_field.destroy
flash[:notice] = l(:notice_successful_delete)
end
rescue
flash[:error] = l(:error_can_not_delete_custom_field)
end
redirect_to custom_fields_path(:tab => @custom_field.class.name)
end
private
def build_new_custom_field
@custom_field = CustomField.new_subclass_instance(params[:type])
if @custom_field.nil?
render :action => 'select_type'
else
@custom_field.safe_attributes = params[:custom_field]
end
end
def find_custom_field
@custom_field = CustomField.find(params[:id])
rescue ActiveRecord::RecordNotFound
render_404
end
end

95
app/controllers/documents_controller.rb Normal file
View file

@ -0,0 +1,95 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class DocumentsController < ApplicationController
default_search_scope :documents
model_object Document
before_action :find_project_by_project_id, :only => [:index, :new, :create]
before_action :find_model_object, :except => [:index, :new, :create]
before_action :find_project_from_association, :except => [:index, :new, :create]
before_action :authorize
helper :attachments
helper :custom_fields
def index
@sort_by = %w(category date title author).include?(params[:sort_by]) ? params[:sort_by] : 'category'
documents = @project.documents.includes(:attachments, :category).to_a
case @sort_by
when 'date'
@grouped = documents.group_by {|d| d.updated_on.to_date }
when 'title'
@grouped = documents.group_by {|d| d.title.first.upcase}
when 'author'
@grouped = documents.select{|d| d.attachments.any?}.group_by {|d| d.attachments.last.author}
else
@grouped = documents.group_by(&:category)
end
@document = @project.documents.build
render :layout => false if request.xhr?
end
def show
@attachments = @document.attachments.to_a
end
def new
@document = @project.documents.build
@document.safe_attributes = params[:document]
end
def create
@document = @project.documents.build
@document.safe_attributes = params[:document]
@document.save_attachments(params[:attachments])
if @document.save
render_attachment_warning_if_needed(@document)
flash[:notice] = l(:notice_successful_create)
redirect_to project_documents_path(@project)
else
render :action => 'new'
end
end
def edit
end
def update
@document.safe_attributes = params[:document]
if @document.save
flash[:notice] = l(:notice_successful_update)
redirect_to document_path(@document)
else
render :action => 'edit'
end
end
def destroy
@document.destroy if request.delete?
redirect_to project_documents_path(@project)
end
def add_attachment
attachments = Attachment.attach_files(@document, params[:attachments])
render_attachment_warning_if_needed(@document)
if attachments.present? && attachments[:files].present? && Setting.notified_events.include?('document_added')
Mailer.attachments_added(attachments[:files]).deliver
end
redirect_to document_path(@document)
end
end

104
app/controllers/email_addresses_controller.rb Normal file
View file

@ -0,0 +1,104 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class EmailAddressesController < ApplicationController
self.main_menu = false
before_action :find_user, :require_admin_or_current_user
before_action :find_email_address, :only => [:update, :destroy]
require_sudo_mode :create, :update, :destroy
def index
@addresses = @user.email_addresses.order(:id).where(:is_default => false).to_a
@address ||= EmailAddress.new
end
def create
saved = false
if @user.email_addresses.count <= Setting.max_additional_emails.to_i
@address = EmailAddress.new(:user => @user, :is_default => false)
@address.safe_attributes = params[:email_address]
saved = @address.save
end
respond_to do |format|
format.html {
if saved
redirect_to user_email_addresses_path(@user)
else
index
render :action => 'index'
end
}
format.js {
@address = nil if saved
index
render :action => 'index'
}
end
end
def update
if params[:notify].present?
@address.notify = params[:notify].to_s
end
@address.save
respond_to do |format|
format.html {
redirect_to user_email_addresses_path(@user)
}
format.js {
@address = nil
index
render :action => 'index'
}
end
end
def destroy
@address.destroy
respond_to do |format|
format.html {
redirect_to user_email_addresses_path(@user)
}
format.js {
@address = nil
index
render :action => 'index'
}
end
end
private
def find_user
@user = User.find(params[:user_id])
end
def find_email_address
@address = @user.email_addresses.where(:is_default => false).find(params[:id])
rescue ActiveRecord::RecordNotFound
render_404
end
def require_admin_or_current_user
unless @user == User.current
require_admin
end
end
end

110
app/controllers/enumerations_controller.rb Normal file
View file

@ -0,0 +1,110 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class EnumerationsController < ApplicationController
layout 'admin'
self.main_menu = false
before_action :require_admin, :except => :index
before_action :require_admin_or_api_request, :only => :index
before_action :build_new_enumeration, :only => [:new, :create]
before_action :find_enumeration, :only => [:edit, :update, :destroy]
accept_api_auth :index
helper :custom_fields
def index
respond_to do |format|
format.html
format.api {
@klass = Enumeration.get_subclass(params[:type])
if @klass
@enumerations = @klass.shared.sorted.to_a
else
render_404
end
}
end
end
def new
end
def create
if request.post? && @enumeration.save
flash[:notice] = l(:notice_successful_create)
redirect_to enumerations_path
else
render :action => 'new'
end
end
def edit
end
def update
if @enumeration.update_attributes(enumeration_params)
respond_to do |format|
format.html {
flash[:notice] = l(:notice_successful_update)
redirect_to enumerations_path
}
format.js { head 200 }
end
else
respond_to do |format|
format.html { render :action => 'edit' }
format.js { head 422 }
end
end
end
def destroy
if !@enumeration.in_use?
# No associated objects
@enumeration.destroy
redirect_to enumerations_path
return
elsif params[:reassign_to_id].present? && (reassign_to = @enumeration.class.find_by_id(params[:reassign_to_id].to_i))
@enumeration.destroy(reassign_to)
redirect_to enumerations_path
return
end
@enumerations = @enumeration.class.system.to_a - [@enumeration]
end
private
def build_new_enumeration
class_name = params[:enumeration] && params[:enumeration][:type] || params[:type]
@enumeration = Enumeration.new_subclass_instance(class_name, enumeration_params)
if @enumeration.nil?
render_404
end
end
def find_enumeration
@enumeration = Enumeration.find(params[:id])
rescue ActiveRecord::RecordNotFound
render_404
end
def enumeration_params
# can't require enumeration on #new action
params.permit(:enumeration => [:name, :active, :is_default, :position])[:enumeration]
end
end

76
app/controllers/files_controller.rb Normal file
View file

@ -0,0 +1,76 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class FilesController < ApplicationController
menu_item :files
before_action :find_project_by_project_id
before_action :authorize
accept_api_auth :index, :create
helper :attachments
helper :sort
include SortHelper
def index
sort_init 'filename', 'asc'
sort_update 'filename' => "#{Attachment.table_name}.filename",
'created_on' => "#{Attachment.table_name}.created_on",
'size' => "#{Attachment.table_name}.filesize",
'downloads' => "#{Attachment.table_name}.downloads"
@containers = [Project.includes(:attachments).
references(:attachments).reorder(sort_clause).find(@project.id)]
@containers += @project.versions.includes(:attachments).
references(:attachments).reorder(sort_clause).to_a.sort.reverse
respond_to do |format|
format.html { render :layout => !request.xhr? }
format.api
end
end
def new
@versions = @project.versions.sort
end
def create
version_id = params[:version_id] || (params[:file] && params[:file][:version_id])
container = version_id.blank? ? @project : @project.versions.find_by_id(version_id)
attachments = Attachment.attach_files(container, (params[:attachments] || (params[:file] && params[:file][:token] && params)))
render_attachment_warning_if_needed(container)
if attachments[:files].present?
if Setting.notified_events.include?('file_added')
Mailer.attachments_added(attachments[:files]).deliver
end
respond_to do |format|
format.html {
flash[:notice] = l(:label_file_added)
redirect_to project_files_path(@project) }
format.api { render_api_ok }
end
else
respond_to do |format|
format.html {
flash.now[:error] = l(:label_attachment) + " " + l('activerecord.errors.messages.invalid')
new
render :action => 'new' }
format.api { render :status => :bad_request }
end
end
end
end

46
app/controllers/gantts_controller.rb Normal file
View file

@ -0,0 +1,46 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class GanttsController < ApplicationController
menu_item :gantt
before_action :find_optional_project
rescue_from Query::StatementInvalid, :with => :query_statement_invalid
helper :gantt
helper :issues
helper :projects
helper :queries
include QueriesHelper
include Redmine::Export::PDF
def show
@gantt = Redmine::Helpers::Gantt.new(params)
@gantt.project = @project
retrieve_query
@query.group_by = nil
@gantt.query = @query if @query.valid?
basename = (@project ? "#{@project.identifier}-" : '') + 'gantt'
respond_to do |format|
format.html { render :action => "show", :layout => !request.xhr? }
format.png { send_data(@gantt.to_image, :disposition => 'inline', :type => 'image/png', :filename => "#{basename}.png") } if @gantt.respond_to?('to_image')
format.pdf { send_data(@gantt.to_pdf, :type => 'application/pdf', :filename => "#{basename}.pdf") }
end
end
end

155
app/controllers/groups_controller.rb Normal file
View file

@ -0,0 +1,155 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class GroupsController < ApplicationController
layout 'admin'
self.main_menu = false
before_action :require_admin
before_action :find_group, :except => [:index, :new, :create]
accept_api_auth :index, :show, :create, :update, :destroy, :add_users, :remove_user
require_sudo_mode :add_users, :remove_user, :create, :update, :destroy, :edit_membership, :destroy_membership
helper :custom_fields
helper :principal_memberships
def index
respond_to do |format|
format.html {
scope = Group.sorted
scope = scope.like(params[:name]) if params[:name].present?
@group_count = scope.count
@group_pages = Paginator.new @group_count, per_page_option, params['page']
@groups = scope.limit(@group_pages.per_page).offset(@group_pages.offset).to_a
@user_count_by_group_id = user_count_by_group_id
}
format.api {
scope = Group.sorted
scope = scope.givable unless params[:builtin] == '1'
@groups = scope.to_a
}
end
end
def show
respond_to do |format|
format.html
format.api
end
end
def new
@group = Group.new
end
def create
@group = Group.new
@group.safe_attributes = params[:group]
respond_to do |format|
if @group.save
format.html {
flash[:notice] = l(:notice_successful_create)
redirect_to(params[:continue] ? new_group_path : groups_path)
}
format.api { render :action => 'show', :status => :created, :location => group_url(@group) }
else
format.html { render :action => "new" }
format.api { render_validation_errors(@group) }
end
end
end
def edit
end
def update
@group.safe_attributes = params[:group]
respond_to do |format|
if @group.save
flash[:notice] = l(:notice_successful_update)
format.html { redirect_to_referer_or(groups_path) }
format.api { render_api_ok }
else
format.html { render :action => "edit" }
format.api { render_validation_errors(@group) }
end
end
end
def destroy
@group.destroy
respond_to do |format|
format.html { redirect_to_referer_or(groups_path) }
format.api { render_api_ok }
end
end
def new_users
end
def add_users
@users = User.not_in_group(@group).where(:id => (params[:user_id] || params[:user_ids])).to_a
@group.users << @users
respond_to do |format|
format.html { redirect_to edit_group_path(@group, :tab => 'users') }
format.js
format.api {
if @users.any?
render_api_ok
else
render_api_errors "#{l(:label_user)} #{l('activerecord.errors.messages.invalid')}"
end
}
end
end
def remove_user
@group.users.delete(User.find(params[:user_id])) if request.delete?
respond_to do |format|
format.html { redirect_to edit_group_path(@group, :tab => 'users') }
format.js
format.api { render_api_ok }
end
end
def autocomplete_for_user
respond_to do |format|
format.js
end
end
private
def find_group
@group = Group.find(params[:id])
rescue ActiveRecord::RecordNotFound
render_404
end
def user_count_by_group_id
h = User.joins(:groups).group('group_id').count
h.keys.each do |key|
h[key.to_i] = h.delete(key)
end
h
end
end

122
app/controllers/imports_controller.rb Normal file
View file

@ -0,0 +1,122 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
require 'csv'
class ImportsController < ApplicationController
menu_item :issues
before_action :find_import, :only => [:show, :settings, :mapping, :run]
before_action :authorize_global
helper :issues
helper :queries
def new
end
def create
@import = IssueImport.new
@import.user = User.current
@import.file = params[:file]
@import.set_default_settings
if @import.save
redirect_to import_settings_path(@import)
else
render :action => 'new'
end
end
def show
end
def settings
if request.post? && @import.parse_file
redirect_to import_mapping_path(@import)
end
rescue CSV::MalformedCSVError => e
flash.now[:error] = l(:error_invalid_csv_file_or_settings)
rescue ArgumentError, EncodingError => e
flash.now[:error] = l(:error_invalid_file_encoding, :encoding => ERB::Util.h(@import.settings['encoding']))
rescue SystemCallError => e
flash.now[:error] = l(:error_can_not_read_import_file)
end
def mapping
@custom_fields = @import.mappable_custom_fields
if request.post?
respond_to do |format|
format.html {
if params[:previous]
redirect_to import_settings_path(@import)
else
redirect_to import_run_path(@import)
end
}
format.js # updates mapping form on project or tracker change
end
end
end
def run
if request.post?
@current = @import.run(
:max_items => max_items_per_request,
:max_time => 10.seconds
)
respond_to do |format|
format.html {
if @import.finished?
redirect_to import_path(@import)
else
redirect_to import_run_path(@import)
end
}
format.js
end
end
end
private
def find_import
@import = Import.where(:user_id => User.current.id, :filename => params[:id]).first
if @import.nil?
render_404
return
elsif @import.finished? && action_name != 'show'
redirect_to import_path(@import)
return
end
update_from_params if request.post?
end
def update_from_params
if params[:import_settings].is_a?(Hash)
@import.settings ||= {}
@import.settings.merge!(params[:import_settings])
@import.save!
end
end
def max_items_per_request
5
end
end

122
app/controllers/issue_categories_controller.rb Normal file
View file

@ -0,0 +1,122 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class IssueCategoriesController < ApplicationController
menu_item :settings
model_object IssueCategory
before_action :find_model_object, :except => [:index, :new, :create]
before_action :find_project_from_association, :except => [:index, :new, :create]
before_action :find_project_by_project_id, :only => [:index, :new, :create]
before_action :authorize
accept_api_auth :index, :show, :create, :update, :destroy
def index
respond_to do |format|
format.html { redirect_to_settings_in_projects }
format.api { @categories = @project.issue_categories.to_a }
end
end
def show
respond_to do |format|
format.html { redirect_to_settings_in_projects }
format.api
end
end
def new
@category = @project.issue_categories.build
@category.safe_attributes = params[:issue_category]
respond_to do |format|
format.html
format.js
end
end
def create
@category = @project.issue_categories.build
@category.safe_attributes = params[:issue_category]
if @category.save
respond_to do |format|
format.html do
flash[:notice] = l(:notice_successful_create)
redirect_to_settings_in_projects
end
format.js
format.api { render :action => 'show', :status => :created, :location => issue_category_path(@category) }
end
else
respond_to do |format|
format.html { render :action => 'new'}
format.js { render :action => 'new'}
format.api { render_validation_errors(@category) }
end
end
end
def edit
end
def update
@category.safe_attributes = params[:issue_category]
if @category.save
respond_to do |format|
format.html {
flash[:notice] = l(:notice_successful_update)
redirect_to_settings_in_projects
}
format.api { render_api_ok }
end
else
respond_to do |format|
format.html { render :action => 'edit' }
format.api { render_validation_errors(@category) }
end
end
end
def destroy
@issue_count = @category.issues.size
if @issue_count == 0 || params[:todo] || api_request?
reassign_to = nil
if params[:reassign_to_id] && (params[:todo] == 'reassign' || params[:todo].blank?)
reassign_to = @project.issue_categories.find_by_id(params[:reassign_to_id])
end
@category.destroy(reassign_to)
respond_to do |format|
format.html { redirect_to_settings_in_projects }
format.api { render_api_ok }
end
return
end
@categories = @project.issue_categories - [@category]
end
private
def redirect_to_settings_in_projects
redirect_to settings_project_path(@project, :tab => 'categories')
end
# Wrap ApplicationController's find_model_object method to set
# @category instead of just @issue_category
def find_model_object
super
@category = @object
end
end

98
app/controllers/issue_relations_controller.rb Normal file
View file

@ -0,0 +1,98 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class IssueRelationsController < ApplicationController
helper :issues
before_action :find_issue, :authorize, :only => [:index, :create]
before_action :find_relation, :only => [:show, :destroy]
accept_api_auth :index, :show, :create, :destroy
def index
@relations = @issue.relations
respond_to do |format|
format.html { head 200 }
format.api
end
end
def show
raise Unauthorized unless @relation.visible?
respond_to do |format|
format.html { head 200 }
format.api
end
end
def create
@relation = IssueRelation.new
@relation.issue_from = @issue
@relation.safe_attributes = params[:relation]
@relation.init_journals(User.current)
begin
saved = @relation.save
rescue ActiveRecord::RecordNotUnique
saved = false
@relation.errors.add :base, :taken
end
respond_to do |format|
format.html { redirect_to issue_path(@issue) }
format.js {
@relations = @issue.reload.relations.select {|r| r.other_issue(@issue) && r.other_issue(@issue).visible? }
}
format.api {
if saved
render :action => 'show', :status => :created, :location => relation_url(@relation)
else
render_validation_errors(@relation)
end
}
end
end
def destroy
raise Unauthorized unless @relation.deletable?
@relation.init_journals(User.current)
@relation.destroy
respond_to do |format|
format.html { redirect_to issue_path(@relation.issue_from) }
format.js
format.api { render_api_ok }
end
end
private
def find_issue
@issue = Issue.find(params[:issue_id])
@project = @issue.project
rescue ActiveRecord::RecordNotFound
render_404
end
def find_relation
@relation = IssueRelation.find(params[:id])
rescue ActiveRecord::RecordNotFound
render_404
end
end

88
app/controllers/issue_statuses_controller.rb Normal file
View file

@ -0,0 +1,88 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class IssueStatusesController < ApplicationController
layout 'admin'
self.main_menu = false
before_action :require_admin, :except => :index
before_action :require_admin_or_api_request, :only => :index
accept_api_auth :index
def index
@issue_statuses = IssueStatus.sorted.to_a
respond_to do |format|
format.html { render :layout => false if request.xhr? }
format.api
end
end
def new
@issue_status = IssueStatus.new
end
def create
@issue_status = IssueStatus.new
@issue_status.safe_attributes = params[:issue_status]
if @issue_status.save
flash[:notice] = l(:notice_successful_create)
redirect_to issue_statuses_path
else
render :action => 'new'
end
end
def edit
@issue_status = IssueStatus.find(params[:id])
end
def update
@issue_status = IssueStatus.find(params[:id])
@issue_status.safe_attributes = params[:issue_status]
if @issue_status.save
respond_to do |format|
format.html {
flash[:notice] = l(:notice_successful_update)
redirect_to issue_statuses_path(:page => params[:page])
}
format.js { head 200 }
end
else
respond_to do |format|
format.html { render :action => 'edit' }
format.js { head 422 }
end
end
end
def destroy
IssueStatus.find(params[:id]).destroy
redirect_to issue_statuses_path
rescue
flash[:error] = l(:error_unable_delete_issue_status)
redirect_to issue_statuses_path
end
def update_issue_done_ratio
if request.post? && IssueStatus.update_issue_done_ratios
flash[:notice] = l(:notice_issue_done_ratios_updated)
else
flash[:error] = l(:error_issue_done_ratios_not_updated)
end
redirect_to issue_statuses_path
end
end

596
app/controllers/issues_controller.rb Normal file
View file

@ -0,0 +1,596 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class IssuesController < ApplicationController
default_search_scope :issues
before_action :find_issue, :only => [:show, :edit, :update]
before_action :find_issues, :only => [:bulk_edit, :bulk_update, :destroy]
before_action :authorize, :except => [:index, :new, :create]
before_action :find_optional_project, :only => [:index, :new, :create]
before_action :build_new_issue_from_params, :only => [:new, :create]
accept_rss_auth :index, :show
accept_api_auth :index, :show, :create, :update, :destroy
rescue_from Query::StatementInvalid, :with => :query_statement_invalid
helper :journals
helper :projects
helper :custom_fields
helper :issue_relations
helper :watchers
helper :attachments
helper :queries
include QueriesHelper
helper :repositories
helper :timelog
def index
retrieve_query
if @query.valid?
respond_to do |format|
format.html {
@issue_count = @query.issue_count
@issue_pages = Paginator.new @issue_count, per_page_option, params['page']
@issues = @query.issues(:offset => @issue_pages.offset, :limit => @issue_pages.per_page)
render :layout => !request.xhr?
}
format.api {
@offset, @limit = api_offset_and_limit
@query.column_names = %w(author)
@issue_count = @query.issue_count
@issues = @query.issues(:offset => @offset, :limit => @limit)
Issue.load_visible_relations(@issues) if include_in_api_response?('relations')
}
format.atom {
@issues = @query.issues(:limit => Setting.feeds_limit.to_i)
render_feed(@issues, :title => "#{@project || Setting.app_title}: #{l(:label_issue_plural)}")
}
format.csv {
@issues = @query.issues(:limit => Setting.issues_export_limit.to_i)
send_data(query_to_csv(@issues, @query, params[:csv]), :type => 'text/csv; header=present', :filename => 'issues.csv')
}
format.pdf {
@issues = @query.issues(:limit => Setting.issues_export_limit.to_i)
send_file_headers! :type => 'application/pdf', :filename => 'issues.pdf'
}
end
else
respond_to do |format|
format.html { render :layout => !request.xhr? }
format.any(:atom, :csv, :pdf) { head 422 }
format.api { render_validation_errors(@query) }
end
end
rescue ActiveRecord::RecordNotFound
render_404
end
def show
@journals = @issue.visible_journals_with_index
@changesets = @issue.changesets.visible.preload(:repository, :user).to_a
@relations = @issue.relations.select {|r| r.other_issue(@issue) && r.other_issue(@issue).visible? }
if User.current.wants_comments_in_reverse_order?
@journals.reverse!
@changesets.reverse!
end
if User.current.allowed_to?(:view_time_entries, @project)
Issue.load_visible_spent_hours([@issue])
Issue.load_visible_total_spent_hours([@issue])
end
respond_to do |format|
format.html {
@allowed_statuses = @issue.new_statuses_allowed_to(User.current)
@priorities = IssuePriority.active
@time_entry = TimeEntry.new(:issue => @issue, :project => @issue.project)
@relation = IssueRelation.new
retrieve_previous_and_next_issue_ids
render :template => 'issues/show'
}
format.api
format.atom { render :template => 'journals/index', :layout => false, :content_type => 'application/atom+xml' }
format.pdf {
send_file_headers! :type => 'application/pdf', :filename => "#{@project.identifier}-#{@issue.id}.pdf"
}
end
end
def new
respond_to do |format|
format.html { render :action => 'new', :layout => !request.xhr? }
format.js
end
end
def create
unless User.current.allowed_to?(:add_issues, @issue.project, :global => true)
raise ::Unauthorized
end
call_hook(:controller_issues_new_before_save, { :params => params, :issue => @issue })
@issue.save_attachments(params[:attachments] || (params[:issue] && params[:issue][:uploads]))
if @issue.save
call_hook(:controller_issues_new_after_save, { :params => params, :issue => @issue})
respond_to do |format|
format.html {
render_attachment_warning_if_needed(@issue)
flash[:notice] = l(:notice_issue_successful_create, :id => view_context.link_to("##{@issue.id}", issue_path(@issue), :title => @issue.subject))
redirect_after_create
}
format.api { render :action => 'show', :status => :created, :location => issue_url(@issue) }
end
return
else
respond_to do |format|
format.html {
if @issue.project.nil?
render_error :status => 422
else
render :action => 'new'
end
}
format.api { render_validation_errors(@issue) }
end
end
end
def edit
return unless update_issue_from_params
respond_to do |format|
format.html { }
format.js
end
end
def update
return unless update_issue_from_params
@issue.save_attachments(params[:attachments] || (params[:issue] && params[:issue][:uploads]))
saved = false
begin
saved = save_issue_with_child_records
rescue ActiveRecord::StaleObjectError
@conflict = true
if params[:last_journal_id]
@conflict_journals = @issue.journals_after(params[:last_journal_id]).to_a
@conflict_journals.reject!(&:private_notes?) unless User.current.allowed_to?(:view_private_notes, @issue.project)
end
end
if saved
render_attachment_warning_if_needed(@issue)
flash[:notice] = l(:notice_successful_update) unless @issue.current_journal.new_record?
respond_to do |format|
format.html { redirect_back_or_default issue_path(@issue, previous_and_next_issue_ids_params) }
format.api { render_api_ok }
end
else
respond_to do |format|
format.html { render :action => 'edit' }
format.api { render_validation_errors(@issue) }
end
end
end
# Bulk edit/copy a set of issues
def bulk_edit
@issues.sort!
@copy = params[:copy].present?
@notes = params[:notes]
if @copy
unless User.current.allowed_to?(:copy_issues, @projects)
raise ::Unauthorized
end
else
unless @issues.all?(&:attributes_editable?)
raise ::Unauthorized
end
end
edited_issues = Issue.where(:id => @issues.map(&:id)).to_a
@values_by_custom_field = {}
edited_issues.each do |issue|
issue.custom_field_values.each do |c|
if c.value_present?
@values_by_custom_field[c.custom_field] ||= []
@values_by_custom_field[c.custom_field] << issue.id
end
end
end
@allowed_projects = Issue.allowed_target_projects
if params[:issue]
@target_project = @allowed_projects.detect {|p| p.id.to_s == params[:issue][:project_id].to_s}
if @target_project
target_projects = [@target_project]
edited_issues.each {|issue| issue.project = @target_project}
end
end
target_projects ||= @projects
@trackers = target_projects.map {|p| Issue.allowed_target_trackers(p) }.reduce(:&)
if params[:issue]
@target_tracker = @trackers.detect {|t| t.id.to_s == params[:issue][:tracker_id].to_s}
if @target_tracker
edited_issues.each {|issue| issue.tracker = @target_tracker}
end
end
if @copy
# Copied issues will get their default statuses
@available_statuses = []
else
@available_statuses = edited_issues.map(&:new_statuses_allowed_to).reduce(:&)
end
if params[:issue]
@target_status = @available_statuses.detect {|t| t.id.to_s == params[:issue][:status_id].to_s}
if @target_status
edited_issues.each {|issue| issue.status = @target_status}
end
end
edited_issues.each do |issue|
issue.custom_field_values.each do |c|
if c.value_present? && @values_by_custom_field[c.custom_field]
@values_by_custom_field[c.custom_field].delete(issue.id)
end
end
end
@values_by_custom_field.delete_if {|k,v| v.blank?}
@custom_fields = edited_issues.map{|i|i.editable_custom_fields}.reduce(:&).select {|field| field.format.bulk_edit_supported}
@assignables = target_projects.map(&:assignable_users).reduce(:&)
@versions = target_projects.map {|p| p.shared_versions.open}.reduce(:&)
@categories = target_projects.map {|p| p.issue_categories}.reduce(:&)
if @copy
@attachments_present = @issues.detect {|i| i.attachments.any?}.present?
@subtasks_present = @issues.detect {|i| !i.leaf?}.present?
@watchers_present = User.current.allowed_to?(:add_issue_watchers, @projects) && Watcher.where(:watchable_type => 'Issue', :watchable_id => @issues.map(&:id)).exists?
end
@safe_attributes = edited_issues.map(&:safe_attribute_names).reduce(:&)
@issue_params = params[:issue] || {}
@issue_params[:custom_field_values] ||= {}
end
def bulk_update
@issues.sort!
@copy = params[:copy].present?
attributes = parse_params_for_bulk_update(params[:issue])
copy_subtasks = (params[:copy_subtasks] == '1')
copy_attachments = (params[:copy_attachments] == '1')
copy_watchers = (params[:copy_watchers] == '1')
if @copy
unless User.current.allowed_to?(:copy_issues, @projects)
raise ::Unauthorized
end
target_projects = @projects
if attributes['project_id'].present?
target_projects = Project.where(:id => attributes['project_id']).to_a
end
unless User.current.allowed_to?(:add_issues, target_projects)
raise ::Unauthorized
end
unless User.current.allowed_to?(:add_issue_watchers, @projects)
copy_watchers = false
end
else
unless @issues.all?(&:attributes_editable?)
raise ::Unauthorized
end
end
unsaved_issues = []
saved_issues = []
if @copy && copy_subtasks
# Descendant issues will be copied with the parent task
# Don't copy them twice
@issues.reject! {|issue| @issues.detect {|other| issue.is_descendant_of?(other)}}
end
@issues.each do |orig_issue|
orig_issue.reload
if @copy
issue = orig_issue.copy({},
:attachments => copy_attachments,
:subtasks => copy_subtasks,
:watchers => copy_watchers,
:link => link_copy?(params[:link_copy])
)
else
issue = orig_issue
end
journal = issue.init_journal(User.current, params[:notes])
issue.safe_attributes = attributes
call_hook(:controller_issues_bulk_edit_before_save, { :params => params, :issue => issue })
if issue.save
saved_issues << issue
else
unsaved_issues << orig_issue
end
end
if unsaved_issues.empty?
flash[:notice] = l(:notice_successful_update) unless saved_issues.empty?
if params[:follow]
if @issues.size == 1 && saved_issues.size == 1
redirect_to issue_path(saved_issues.first)
elsif saved_issues.map(&:project).uniq.size == 1
redirect_to project_issues_path(saved_issues.map(&:project).first)
end
else
redirect_back_or_default _project_issues_path(@project)
end
else
@saved_issues = @issues
@unsaved_issues = unsaved_issues
@issues = Issue.visible.where(:id => @unsaved_issues.map(&:id)).to_a
bulk_edit
render :action => 'bulk_edit'
end
end
def destroy
raise Unauthorized unless @issues.all?(&:deletable?)
# all issues and their descendants are about to be deleted
issues_and_descendants_ids = Issue.self_and_descendants(@issues).pluck(:id)
time_entries = TimeEntry.where(:issue_id => issues_and_descendants_ids)
@hours = time_entries.sum(:hours).to_f
if @hours > 0
case params[:todo]
when 'destroy'
# nothing to do
when 'nullify'
time_entries.update_all(:issue_id => nil)
when 'reassign'
reassign_to = @project && @project.issues.find_by_id(params[:reassign_to_id])
if reassign_to.nil?
flash.now[:error] = l(:error_issue_not_found_in_project)
return
elsif issues_and_descendants_ids.include?(reassign_to.id)
flash.now[:error] = l(:error_cannot_reassign_time_entries_to_an_issue_about_to_be_deleted)
return
else
time_entries.update_all(:issue_id => reassign_to.id, :project_id => reassign_to.project_id)
end
else
# display the destroy form if it's a user request
return unless api_request?
end
end
@issues.each do |issue|
begin
issue.reload.destroy
rescue ::ActiveRecord::RecordNotFound # raised by #reload if issue no longer exists
# nothing to do, issue was already deleted (eg. by a parent)
end
end
respond_to do |format|
format.html { redirect_back_or_default _project_issues_path(@project) }
format.api { render_api_ok }
end
end
# Overrides Redmine::MenuManager::MenuController::ClassMethods for
# when the "New issue" tab is enabled
def current_menu_item
if Setting.new_item_menu_tab == '1' && [:new, :create].include?(action_name.to_sym)
:new_issue
else
super
end
end
private
def retrieve_previous_and_next_issue_ids
if params[:prev_issue_id].present? || params[:next_issue_id].present?
@prev_issue_id = params[:prev_issue_id].presence.try(:to_i)
@next_issue_id = params[:next_issue_id].presence.try(:to_i)
@issue_position = params[:issue_position].presence.try(:to_i)
@issue_count = params[:issue_count].presence.try(:to_i)
else
retrieve_query_from_session
if @query
@per_page = per_page_option
limit = 500
issue_ids = @query.issue_ids(:limit => (limit + 1))
if (idx = issue_ids.index(@issue.id)) && idx < limit
if issue_ids.size < 500
@issue_position = idx + 1
@issue_count = issue_ids.size
end
@prev_issue_id = issue_ids[idx - 1] if idx > 0
@next_issue_id = issue_ids[idx + 1] if idx < (issue_ids.size - 1)
end
query_params = @query.as_params
if @issue_position
query_params = query_params.merge(:page => (@issue_position / per_page_option) + 1, :per_page => per_page_option)
end
@query_path = _project_issues_path(@query.project, query_params)
end
end
end
def previous_and_next_issue_ids_params
{
:prev_issue_id => params[:prev_issue_id],
:next_issue_id => params[:next_issue_id],
:issue_position => params[:issue_position],
:issue_count => params[:issue_count]
}.reject {|k,v| k.blank?}
end
# Used by #edit and #update to set some common instance variables
# from the params
def update_issue_from_params
@time_entry = TimeEntry.new(:issue => @issue, :project => @issue.project)
if params[:time_entry]
@time_entry.safe_attributes = params[:time_entry]
end
@issue.init_journal(User.current)
issue_attributes = params[:issue]
if issue_attributes && params[:conflict_resolution]
case params[:conflict_resolution]
when 'overwrite'
issue_attributes = issue_attributes.dup
issue_attributes.delete(:lock_version)
when 'add_notes'
issue_attributes = issue_attributes.slice(:notes, :private_notes)
when 'cancel'
redirect_to issue_path(@issue)
return false
end
end
@issue.safe_attributes = issue_attributes
@priorities = IssuePriority.active
@allowed_statuses = @issue.new_statuses_allowed_to(User.current)
true
end
# Used by #new and #create to build a new issue from the params
# The new issue will be copied from an existing one if copy_from parameter is given
def build_new_issue_from_params
@issue = Issue.new
if params[:copy_from]
begin
@issue.init_journal(User.current)
@copy_from = Issue.visible.find(params[:copy_from])
unless User.current.allowed_to?(:copy_issues, @copy_from.project)
raise ::Unauthorized
end
@link_copy = link_copy?(params[:link_copy]) || request.get?
@copy_attachments = params[:copy_attachments].present? || request.get?
@copy_subtasks = params[:copy_subtasks].present? || request.get?
@copy_watchers = User.current.allowed_to?(:add_issue_watchers, @project)
@issue.copy_from(@copy_from, :attachments => @copy_attachments, :subtasks => @copy_subtasks, :watchers => @copy_watchers, :link => @link_copy)
@issue.parent_issue_id = @copy_from.parent_id
rescue ActiveRecord::RecordNotFound
render_404
return
end
end
@issue.project = @project
if request.get?
@issue.project ||= @issue.allowed_target_projects.first
end
@issue.author ||= User.current
@issue.start_date ||= User.current.today if Setting.default_issue_start_date_to_creation_date?
attrs = (params[:issue] || {}).deep_dup
if action_name == 'new' && params[:was_default_status] == attrs[:status_id]
attrs.delete(:status_id)
end
if action_name == 'new' && params[:form_update_triggered_by] == 'issue_project_id'
# Discard submitted version when changing the project on the issue form
# so we can use the default version for the new project
attrs.delete(:fixed_version_id)
end
@issue.safe_attributes = attrs
if @issue.project
@issue.tracker ||= @issue.allowed_target_trackers.first
if @issue.tracker.nil?
if @issue.project.trackers.any?
# None of the project trackers is allowed to the user
render_error :message => l(:error_no_tracker_allowed_for_new_issue_in_project), :status => 403
else
# Project has no trackers
render_error l(:error_no_tracker_in_project)
end
return false
end
if @issue.status.nil?
render_error l(:error_no_default_issue_status)
return false
end
elsif request.get?
render_error :message => l(:error_no_projects_with_tracker_allowed_for_new_issue), :status => 403
return false
end
@priorities = IssuePriority.active
@allowed_statuses = @issue.new_statuses_allowed_to(User.current)
end
# Saves @issue and a time_entry from the parameters
def save_issue_with_child_records
Issue.transaction do
if params[:time_entry] && (params[:time_entry][:hours].present? || params[:time_entry][:comments].present?) && User.current.allowed_to?(:log_time, @issue.project)
time_entry = @time_entry || TimeEntry.new
time_entry.project = @issue.project
time_entry.issue = @issue
time_entry.user = User.current
time_entry.spent_on = User.current.today
time_entry.safe_attributes = params[:time_entry]
@issue.time_entries << time_entry
end
call_hook(:controller_issues_edit_before_save, { :params => params, :issue => @issue, :time_entry => time_entry, :journal => @issue.current_journal})
if @issue.save
call_hook(:controller_issues_edit_after_save, { :params => params, :issue => @issue, :time_entry => time_entry, :journal => @issue.current_journal})
else
raise ActiveRecord::Rollback
end
end
end
# Returns true if the issue copy should be linked
# to the original issue
def link_copy?(param)
case Setting.link_copied_issue
when 'yes'
true
when 'no'
false
when 'ask'
param == '1'
end
end
# Redirects user after a successful issue creation
def redirect_after_create
if params[:continue]
url_params = {}
url_params[:issue] = {:tracker_id => @issue.tracker, :parent_issue_id => @issue.parent_issue_id}.reject {|k,v| v.nil?}
url_params[:back_url] = params[:back_url].presence
if params[:project_id]
redirect_to new_project_issue_path(@issue.project, url_params)
else
url_params[:issue].merge! :project_id => @issue.project_id
redirect_to new_issue_path(url_params)
end
else
redirect_back_or_default issue_path(@issue)
end
end
end

107
app/controllers/journals_controller.rb Normal file
View file

@ -0,0 +1,107 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class JournalsController < ApplicationController
before_action :find_journal, :only => [:edit, :update, :diff]
before_action :find_issue, :only => [:new]
before_action :find_optional_project, :only => [:index]
before_action :authorize, :only => [:new, :edit, :update, :diff]
accept_rss_auth :index
menu_item :issues
helper :issues
helper :custom_fields
helper :queries
include QueriesHelper
def index
retrieve_query
if @query.valid?
@journals = @query.journals(:order => "#{Journal.table_name}.created_on DESC",
:limit => 25)
end
@title = (@project ? @project.name : Setting.app_title) + ": " + (@query.new_record? ? l(:label_changes_details) : @query.name)
render :layout => false, :content_type => 'application/atom+xml'
rescue ActiveRecord::RecordNotFound
render_404
end
def diff
@issue = @journal.issue
if params[:detail_id].present?
@detail = @journal.details.find_by_id(params[:detail_id])
else
@detail = @journal.details.detect {|d| d.property == 'attr' && d.prop_key == 'description'}
end
unless @issue && @detail
render_404
return false
end
if @detail.property == 'cf'
unless @detail.custom_field && @detail.custom_field.visible_by?(@issue.project, User.current)
raise ::Unauthorized
end
end
@diff = Redmine::Helpers::Diff.new(@detail.value, @detail.old_value)
end
def new
@journal = Journal.visible.find(params[:journal_id]) if params[:journal_id]
if @journal
user = @journal.user
text = @journal.notes
else
user = @issue.author
text = @issue.description
end
# Replaces pre blocks with [...]
text = text.to_s.strip.gsub(%r{<pre>(.*?)</pre>}m, '[...]')
@content = "#{ll(Setting.default_language, :text_user_wrote, user)}\n> "
@content << text.gsub(/(\r?\n|\r\n?)/, "\n> ") + "\n\n"
rescue ActiveRecord::RecordNotFound
render_404
end
def edit
(render_403; return false) unless @journal.editable_by?(User.current)
respond_to do |format|
# TODO: implement non-JS journal update
format.js
end
end
def update
(render_403; return false) unless @journal.editable_by?(User.current)
@journal.safe_attributes = params[:journal]
@journal.save
@journal.destroy if @journal.details.empty? && @journal.notes.blank?
call_hook(:controller_journals_edit_post, { :journal => @journal, :params => params})
respond_to do |format|
format.html { redirect_to issue_path(@journal.journalized) }
format.js
end
end
private
def find_journal
@journal = Journal.visible.find(params[:id])
@project = @journal.journalized.project
rescue ActiveRecord::RecordNotFound
render_404
end
end

44
app/controllers/mail_handler_controller.rb Normal file
View file

@ -0,0 +1,44 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class MailHandlerController < ActionController::Base
before_action :check_credential
# Displays the email submission form
def new
end
# Submits an incoming email to MailHandler
def index
options = params.dup
email = options.delete(:email)
if MailHandler.receive(email, options)
head :created
else
head :unprocessable_entity
end
end
private
def check_credential
User.current = nil
unless Setting.mail_handler_api_enabled? && params[:key].to_s == Setting.mail_handler_api_key
render :plain => 'Access denied. Incoming emails WS is disabled or key is invalid.', :status => 403
end
end
end

133
app/controllers/members_controller.rb Normal file
View file

@ -0,0 +1,133 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class MembersController < ApplicationController
model_object Member
before_action :find_model_object, :except => [:index, :new, :create, :autocomplete]
before_action :find_project_from_association, :except => [:index, :new, :create, :autocomplete]
before_action :find_project_by_project_id, :only => [:index, :new, :create, :autocomplete]
before_action :authorize
accept_api_auth :index, :show, :create, :update, :destroy
require_sudo_mode :create, :update, :destroy
def index
scope = @project.memberships
@offset, @limit = api_offset_and_limit
@member_count = scope.count
@member_pages = Paginator.new @member_count, @limit, params['page']
@offset ||= @member_pages.offset
@members = scope.order(:id).limit(@limit).offset(@offset).to_a
respond_to do |format|
format.html { head 406 }
format.api
end
end
def show
respond_to do |format|
format.html { head 406 }
format.api
end
end
def new
@member = Member.new
end
def create
members = []
if params[:membership]
user_ids = Array.wrap(params[:membership][:user_id] || params[:membership][:user_ids])
user_ids << nil if user_ids.empty?
user_ids.each do |user_id|
member = Member.new(:project => @project, :user_id => user_id)
member.set_editable_role_ids(params[:membership][:role_ids])
members << member
end
@project.members << members
end
respond_to do |format|
format.html { redirect_to_settings_in_projects }
format.js {
@members = members
@member = Member.new
}
format.api {
@member = members.first
if @member.valid?
render :action => 'show', :status => :created, :location => membership_url(@member)
else
render_validation_errors(@member)
end
}
end
end
def edit
@roles = Role.givable.to_a
end
def update
if params[:membership]
@member.set_editable_role_ids(params[:membership][:role_ids])
end
saved = @member.save
respond_to do |format|
format.html { redirect_to_settings_in_projects }
format.js
format.api {
if saved
render_api_ok
else
render_validation_errors(@member)
end
}
end
end
def destroy
if @member.deletable?
@member.destroy
end
respond_to do |format|
format.html { redirect_to_settings_in_projects }
format.js
format.api {
if @member.destroyed?
render_api_ok
else
head :unprocessable_entity
end
}
end
end
def autocomplete
respond_to do |format|
format.js
end
end
private
def redirect_to_settings_in_projects
redirect_to settings_project_path(@project, :tab => 'members')
end
end

142
app/controllers/messages_controller.rb Normal file
View file

@ -0,0 +1,142 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class MessagesController < ApplicationController
menu_item :boards
default_search_scope :messages
before_action :find_board, :only => [:new, :preview]
before_action :find_attachments, :only => [:preview]
before_action :find_message, :except => [:new, :preview]
before_action :authorize, :except => [:preview, :edit, :destroy]
helper :boards
helper :watchers
helper :attachments
include AttachmentsHelper
REPLIES_PER_PAGE = 25 unless const_defined?(:REPLIES_PER_PAGE)
# Show a topic and its replies
def show
page = params[:page]
# Find the page of the requested reply
if params[:r] && page.nil?
offset = @topic.children.where("#{Message.table_name}.id < ?", params[:r].to_i).count
page = 1 + offset / REPLIES_PER_PAGE
end
@reply_count = @topic.children.count
@reply_pages = Paginator.new @reply_count, REPLIES_PER_PAGE, page
@replies = @topic.children.
includes(:author, :attachments, {:board => :project}).
reorder("#{Message.table_name}.created_on ASC, #{Message.table_name}.id ASC").
limit(@reply_pages.per_page).
offset(@reply_pages.offset).
to_a
@reply = Message.new(:subject => "RE: #{@message.subject}")
render :action => "show", :layout => false if request.xhr?
end
# Create a new topic
def new
@message = Message.new
@message.author = User.current
@message.board = @board
@message.safe_attributes = params[:message]
if request.post?
@message.save_attachments(params[:attachments])
if @message.save
call_hook(:controller_messages_new_after_save, { :params => params, :message => @message})
render_attachment_warning_if_needed(@message)
redirect_to board_message_path(@board, @message)
end
end
end
# Reply to a topic
def reply
@reply = Message.new
@reply.author = User.current
@reply.board = @board
@reply.safe_attributes = params[:reply]
@topic.children << @reply
if !@reply.new_record?
call_hook(:controller_messages_reply_after_save, { :params => params, :message => @reply})
attachments = Attachment.attach_files(@reply, params[:attachments])
render_attachment_warning_if_needed(@reply)
end
redirect_to board_message_path(@board, @topic, :r => @reply)
end
# Edit a message
def edit
(render_403; return false) unless @message.editable_by?(User.current)
@message.safe_attributes = params[:message]
if request.post? && @message.save
attachments = Attachment.attach_files(@message, params[:attachments])
render_attachment_warning_if_needed(@message)
flash[:notice] = l(:notice_successful_update)
@message.reload
redirect_to board_message_path(@message.board, @message.root, :r => (@message.parent_id && @message.id))
end
end
# Delete a messages
def destroy
(render_403; return false) unless @message.destroyable_by?(User.current)
r = @message.to_param
@message.destroy
if @message.parent
redirect_to board_message_path(@board, @message.parent, :r => r)
else
redirect_to project_board_path(@project, @board)
end
end
def quote
@subject = @message.subject
@subject = "RE: #{@subject}" unless @subject.starts_with?('RE:')
@content = "#{ll(Setting.default_language, :text_user_wrote, @message.author)}\n> "
@content << @message.content.to_s.strip.gsub(%r{<pre>(.*?)</pre>}m, '[...]').gsub(/(\r?\n|\r\n?)/, "\n> ") + "\n\n"
end
def preview
message = @board.messages.find_by_id(params[:id])
@text = (params[:message] || params[:reply])[:content]
@previewed = message
render :partial => 'common/preview'
end
private
def find_message
return unless find_board
@message = @board.messages.includes(:parent).find(params[:id])
@topic = @message.root
rescue ActiveRecord::RecordNotFound
render_404
end
def find_board
@board = Board.includes(:project).find(params[:board_id])
@project = @board.project
rescue ActiveRecord::RecordNotFound
render_404
nil
end
end

186
app/controllers/my_controller.rb Normal file
View file

@ -0,0 +1,186 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class MyController < ApplicationController
self.main_menu = false
before_action :require_login
# let user change user's password when user has to
skip_before_action :check_password_change, :only => :password
require_sudo_mode :account, only: :post
require_sudo_mode :reset_rss_key, :reset_api_key, :show_api_key, :destroy
helper :issues
helper :users
helper :custom_fields
helper :queries
def index
page
render :action => 'page'
end
# Show user's page
def page
@user = User.current
@groups = @user.pref.my_page_groups
@blocks = @user.pref.my_page_layout
end
# Edit user's account
def account
@user = User.current
@pref = @user.pref
if request.post?
@user.safe_attributes = params[:user]
@user.pref.safe_attributes = params[:pref]
if @user.save
@user.pref.save
set_language_if_valid @user.language
flash[:notice] = l(:notice_account_updated)
redirect_to my_account_path
return
end
end
end
# Destroys user's account
def destroy
@user = User.current
unless @user.own_account_deletable?
redirect_to my_account_path
return
end
if request.post? && params[:confirm]
@user.destroy
if @user.destroyed?
logout_user
flash[:notice] = l(:notice_account_deleted)
end
redirect_to home_path
end
end
# Manage user's password
def password
@user = User.current
unless @user.change_password_allowed?
flash[:error] = l(:notice_can_t_change_password)
redirect_to my_account_path
return
end
if request.post?
if !@user.check_password?(params[:password])
flash.now[:error] = l(:notice_account_wrong_password)
elsif params[:password] == params[:new_password]
flash.now[:error] = l(:notice_new_password_must_be_different)
else
@user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
@user.must_change_passwd = false
if @user.save
# The session token was destroyed by the password change, generate a new one
session[:tk] = @user.generate_session_token
Mailer.password_updated(@user)
flash[:notice] = l(:notice_account_password_updated)
redirect_to my_account_path
end
end
end
end
# Create a new feeds key
def reset_rss_key
if request.post?
if User.current.rss_token
User.current.rss_token.destroy
User.current.reload
end
User.current.rss_key
flash[:notice] = l(:notice_feeds_access_key_reseted)
end
redirect_to my_account_path
end
def show_api_key
@user = User.current
end
# Create a new API key
def reset_api_key
if request.post?
if User.current.api_token
User.current.api_token.destroy
User.current.reload
end
User.current.api_key
flash[:notice] = l(:notice_api_access_key_reseted)
end
redirect_to my_account_path
end
def update_page
@user = User.current
block_settings = params[:settings] || {}
block_settings.each do |block, settings|
@user.pref.update_block_settings(block, settings)
end
@user.pref.save
@updated_blocks = block_settings.keys
end
# Add a block to user's page
# The block is added on top of the page
# params[:block] : id of the block to add
def add_block
@user = User.current
@block = params[:block]
if @user.pref.add_block @block
@user.pref.save
respond_to do |format|
format.html { redirect_to my_page_path }
format.js
end
else
render_error :status => 422
end
end
# Remove a block to user's page
# params[:block] : id of the block to remove
def remove_block
@user = User.current
@block = params[:block]
@user.pref.remove_block @block
@user.pref.save
respond_to do |format|
format.html { redirect_to my_page_path }
format.js
end
end
# Change blocks order on user's page
# params[:group] : group to order (top, left or right)
# params[:blocks] : array of block ids of the group
def order_blocks
@user = User.current
@user.pref.order_blocks params[:group], params[:blocks]
@user.pref.save
head 200
end
end

101
app/controllers/news_controller.rb Normal file
View file

@ -0,0 +1,101 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class NewsController < ApplicationController
default_search_scope :news
model_object News
before_action :find_model_object, :except => [:new, :create, :index]
before_action :find_project_from_association, :except => [:new, :create, :index]
before_action :find_project_by_project_id, :only => [:new, :create]
before_action :authorize, :except => [:index]
before_action :find_optional_project, :only => :index
accept_rss_auth :index
accept_api_auth :index
helper :watchers
helper :attachments
def index
case params[:format]
when 'xml', 'json'
@offset, @limit = api_offset_and_limit
else
@limit = 10
end
scope = @project ? @project.news.visible : News.visible
@news_count = scope.count
@news_pages = Paginator.new @news_count, @limit, params['page']
@offset ||= @news_pages.offset
@newss = scope.includes([:author, :project]).
order("#{News.table_name}.created_on DESC").
limit(@limit).
offset(@offset).
to_a
respond_to do |format|
format.html {
@news = News.new # for adding news inline
render :layout => false if request.xhr?
}
format.api
format.atom { render_feed(@newss, :title => (@project ? @project.name : Setting.app_title) + ": #{l(:label_news_plural)}") }
end
end
def show
@comments = @news.comments.to_a
@comments.reverse! if User.current.wants_comments_in_reverse_order?
end
def new
@news = News.new(:project => @project, :author => User.current)
end
def create
@news = News.new(:project => @project, :author => User.current)
@news.safe_attributes = params[:news]
@news.save_attachments(params[:attachments])
if @news.save
render_attachment_warning_if_needed(@news)
flash[:notice] = l(:notice_successful_create)
redirect_to project_news_index_path(@project)
else
render :action => 'new'
end
end
def edit
end
def update
@news.safe_attributes = params[:news]
@news.save_attachments(params[:attachments])
if @news.save
render_attachment_warning_if_needed(@news)
flash[:notice] = l(:notice_successful_update)
redirect_to news_path(@news)
else
render :action => 'edit'
end
end
def destroy
@news.destroy
redirect_to project_news_index_path(@project)
end
end

53
app/controllers/previews_controller.rb Normal file
View file

@ -0,0 +1,53 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class PreviewsController < ApplicationController
before_action :find_project, :find_attachments
def issue
@issue = Issue.visible.find_by_id(params[:id]) unless params[:id].blank?
if @issue
@description = params[:issue] && params[:issue][:description]
if @description && @description.gsub(/(\r?\n|\n\r?)/, "\n") == @issue.description.to_s.gsub(/(\r?\n|\n\r?)/, "\n")
@description = nil
end
@notes = params[:journal] ? params[:journal][:notes] : nil
@notes ||= params[:issue] ? params[:issue][:notes] : nil
else
@description = (params[:issue] ? params[:issue][:description] : nil)
end
render :layout => false
end
def news
if params[:id].present? && news = News.visible.find_by_id(params[:id])
@previewed = news
end
@text = (params[:news] ? params[:news][:description] : nil)
render :partial => 'common/preview'
end
private
def find_project
project_id = (params[:issue] && params[:issue][:project_id]) || params[:project_id]
@project = Project.find(project_id)
rescue ActiveRecord::RecordNotFound
render_404
end
end

85
app/controllers/principal_memberships_controller.rb Normal file
View file

@ -0,0 +1,85 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class PrincipalMembershipsController < ApplicationController
layout 'admin'
self.main_menu = false
before_action :require_admin
before_action :find_principal, :only => [:new, :create]
before_action :find_membership, :only => [:edit, :update, :destroy]
def new
@projects = Project.active.all
@roles = Role.find_all_givable
respond_to do |format|
format.html
format.js
end
end
def create
@members = Member.create_principal_memberships(@principal, params[:membership])
respond_to do |format|
format.html { redirect_to_principal @principal }
format.js
end
end
def edit
@roles = Role.givable.to_a
end
def update
@membership.attributes = params.require(:membership).permit(:role_ids => [])
@membership.save
respond_to do |format|
format.html { redirect_to_principal @principal }
format.js
end
end
def destroy
if @membership.deletable?
@membership.destroy
end
respond_to do |format|
format.html { redirect_to_principal @principal }
format.js
end
end
private
def find_principal
principal_id = params[:user_id] || params[:group_id]
@principal = Principal.find(principal_id)
rescue ActiveRecord::RecordNotFound
render_404
end
def find_membership
@membership = Member.find(params[:id])
@principal = @membership.principal
rescue ActiveRecord::RecordNotFound
render_404
end
def redirect_to_principal(principal)
redirect_to edit_polymorphic_path(principal, :tab => 'memberships')
end
end

44
app/controllers/project_enumerations_controller.rb Normal file
View file

@ -0,0 +1,44 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class ProjectEnumerationsController < ApplicationController
before_action :find_project_by_project_id
before_action :authorize
def update
if params[:enumerations]
saved = Project.transaction do
params[:enumerations].each do |id, activity|
@project.update_or_create_time_entry_activity(id, activity)
end
end
if saved
flash[:notice] = l(:notice_successful_update)
end
end
redirect_to settings_project_path(@project, :tab => 'activities')
end
def destroy
@project.time_entry_activities.each do |time_entry_activity|
time_entry_activity.destroy(time_entry_activity.parent)
end
flash[:notice] = l(:notice_successful_update)
redirect_to settings_project_path(@project, :tab => 'activities')
end
end

250
app/controllers/projects_controller.rb Normal file
View file

@ -0,0 +1,250 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class ProjectsController < ApplicationController
menu_item :overview
menu_item :settings, :only => :settings
menu_item :projects, :only => [:index, :new, :copy, :create]
before_action :find_project, :except => [ :index, :autocomplete, :list, :new, :create, :copy ]
before_action :authorize, :except => [ :index, :autocomplete, :list, :new, :create, :copy, :archive, :unarchive, :destroy]
before_action :authorize_global, :only => [:new, :create]
before_action :require_admin, :only => [ :copy, :archive, :unarchive, :destroy ]
accept_rss_auth :index
accept_api_auth :index, :show, :create, :update, :destroy
require_sudo_mode :destroy
helper :custom_fields
helper :issues
helper :queries
helper :repositories
helper :members
# Lists visible projects
def index
# try to redirect to the requested menu item
if params[:jump] && redirect_to_menu_item(params[:jump])
return
end
scope = Project.visible.sorted
respond_to do |format|
format.html {
unless params[:closed]
scope = scope.active
end
@projects = scope.to_a
}
format.api {
@offset, @limit = api_offset_and_limit
@project_count = scope.count
@projects = scope.offset(@offset).limit(@limit).to_a
}
format.atom {
projects = scope.reorder(:created_on => :desc).limit(Setting.feeds_limit.to_i).to_a
render_feed(projects, :title => "#{Setting.app_title}: #{l(:label_project_latest)}")
}
end
end
def autocomplete
respond_to do |format|
format.js {
if params[:q].present?
@projects = Project.visible.like(params[:q]).to_a
else
@projects = User.current.projects.to_a
end
}
end
end
def new
@issue_custom_fields = IssueCustomField.sorted.to_a
@trackers = Tracker.sorted.to_a
@project = Project.new
@project.safe_attributes = params[:project]
end
def create
@issue_custom_fields = IssueCustomField.sorted.to_a
@trackers = Tracker.sorted.to_a
@project = Project.new
@project.safe_attributes = params[:project]
if @project.save
unless User.current.admin?
@project.add_default_member(User.current)
end
respond_to do |format|
format.html {
flash[:notice] = l(:notice_successful_create)
if params[:continue]
attrs = {:parent_id => @project.parent_id}.reject {|k,v| v.nil?}
redirect_to new_project_path(attrs)
else
redirect_to settings_project_path(@project)
end
}
format.api { render :action => 'show', :status => :created, :location => url_for(:controller => 'projects', :action => 'show', :id => @project.id) }
end
else
respond_to do |format|
format.html { render :action => 'new' }
format.api { render_validation_errors(@project) }
end
end
end
def copy
@issue_custom_fields = IssueCustomField.sorted.to_a
@trackers = Tracker.sorted.to_a
@source_project = Project.find(params[:id])
if request.get?
@project = Project.copy_from(@source_project)
@project.identifier = Project.next_identifier if Setting.sequential_project_identifiers?
else
Mailer.with_deliveries(params[:notifications] == '1') do
@project = Project.new
@project.safe_attributes = params[:project]
if @project.copy(@source_project, :only => params[:only])
flash[:notice] = l(:notice_successful_create)
redirect_to settings_project_path(@project)
elsif !@project.new_record?
# Project was created
# But some objects were not copied due to validation failures
# (eg. issues from disabled trackers)
# TODO: inform about that
redirect_to settings_project_path(@project)
end
end
end
rescue ActiveRecord::RecordNotFound
# source_project not found
render_404
end
# Show @project
def show
# try to redirect to the requested menu item
if params[:jump] && redirect_to_project_menu_item(@project, params[:jump])
return
end
@users_by_role = @project.users_by_role
@subprojects = @project.children.visible.to_a
@news = @project.news.limit(5).includes(:author, :project).reorder("#{News.table_name}.created_on DESC").to_a
@trackers = @project.rolled_up_trackers.visible
cond = @project.project_condition(Setting.display_subprojects_issues?)
@open_issues_by_tracker = Issue.visible.open.where(cond).group(:tracker).count
@total_issues_by_tracker = Issue.visible.where(cond).group(:tracker).count
if User.current.allowed_to_view_all_time_entries?(@project)
@total_hours = TimeEntry.visible.where(cond).sum(:hours).to_f
end
@key = User.current.rss_key
respond_to do |format|
format.html
format.api
end
end
def settings
@issue_custom_fields = IssueCustomField.sorted.to_a
@issue_category ||= IssueCategory.new
@member ||= @project.members.new
@trackers = Tracker.sorted.to_a
@version_status = params[:version_status] || 'open'
@version_name = params[:version_name]
@versions = @project.shared_versions.status(@version_status).like(@version_name)
@wiki ||= @project.wiki || Wiki.new(:project => @project)
end
def edit
end
def update
@project.safe_attributes = params[:project]
if @project.save
respond_to do |format|
format.html {
flash[:notice] = l(:notice_successful_update)
redirect_to settings_project_path(@project)
}
format.api { render_api_ok }
end
else
respond_to do |format|
format.html {
settings
render :action => 'settings'
}
format.api { render_validation_errors(@project) }
end
end
end
def modules
@project.enabled_module_names = params[:enabled_module_names]
flash[:notice] = l(:notice_successful_update)
redirect_to settings_project_path(@project, :tab => 'modules')
end
def archive
unless @project.archive
flash[:error] = l(:error_can_not_archive_project)
end
redirect_to_referer_or admin_projects_path(:status => params[:status])
end
def unarchive
unless @project.active?
@project.unarchive
end
redirect_to_referer_or admin_projects_path(:status => params[:status])
end
def close
@project.close
redirect_to project_path(@project)
end
def reopen
@project.reopen
redirect_to project_path(@project)
end
# Delete @project
def destroy
@project_to_destroy = @project
if api_request? || params[:confirm]
@project_to_destroy.destroy
respond_to do |format|
format.html { redirect_to admin_projects_path }
format.api { render_api_ok }
end
end
# hide project in layout
@project = nil
end
end

165
app/controllers/queries_controller.rb Normal file
View file

@ -0,0 +1,165 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class QueriesController < ApplicationController
menu_item :issues
before_action :find_query, :only => [:edit, :update, :destroy]
before_action :find_optional_project, :only => [:new, :create]
accept_api_auth :index
include QueriesHelper
def index
case params[:format]
when 'xml', 'json'
@offset, @limit = api_offset_and_limit
else
@limit = per_page_option
end
scope = query_class.visible
@query_count = scope.count
@query_pages = Paginator.new @query_count, @limit, params['page']
@queries = scope.
order("#{Query.table_name}.name").
limit(@limit).
offset(@offset).
to_a
respond_to do |format|
format.html {render_error :status => 406}
format.api
end
end
def new
@query = query_class.new
@query.user = User.current
@query.project = @project
@query.build_from_params(params)
end
def create
@query = query_class.new
@query.user = User.current
@query.project = @project
update_query_from_params
if @query.save
flash[:notice] = l(:notice_successful_create)
redirect_to_items(:query_id => @query)
else
render :action => 'new', :layout => !request.xhr?
end
end
def edit
end
def update
update_query_from_params
if @query.save
flash[:notice] = l(:notice_successful_update)
redirect_to_items(:query_id => @query)
else
render :action => 'edit'
end
end
def destroy
@query.destroy
redirect_to_items(:set_filter => 1)
end
# Returns the values for a query filter
def filter
q = query_class.new
if params[:project_id].present?
q.project = Project.find(params[:project_id])
end
unless User.current.allowed_to?(q.class.view_permission, q.project, :global => true)
raise Unauthorized
end
filter = q.available_filters[params[:name].to_s]
values = filter ? filter.values : []
render :json => values
rescue ActiveRecord::RecordNotFound
render_404
end
private
def find_query
@query = Query.find(params[:id])
@project = @query.project
render_403 unless @query.editable_by?(User.current)
rescue ActiveRecord::RecordNotFound
render_404
end
def find_optional_project
@project = Project.find(params[:project_id]) if params[:project_id]
render_403 unless User.current.allowed_to?(:save_queries, @project, :global => true)
rescue ActiveRecord::RecordNotFound
render_404
end
def update_query_from_params
@query.project = params[:query_is_for_all] ? nil : @project
@query.build_from_params(params)
@query.column_names = nil if params[:default_columns]
@query.sort_criteria = params[:query] && params[:query][:sort_criteria]
@query.name = params[:query] && params[:query][:name]
if User.current.allowed_to?(:manage_public_queries, @query.project) || User.current.admin?
@query.visibility = (params[:query] && params[:query][:visibility]) || Query::VISIBILITY_PRIVATE
@query.role_ids = params[:query] && params[:query][:role_ids]
else
@query.visibility = Query::VISIBILITY_PRIVATE
end
@query
end
def redirect_to_items(options)
method = "redirect_to_#{@query.class.name.underscore}"
send method, options
end
def redirect_to_issue_query(options)
if params[:gantt]
if @project
redirect_to project_gantt_path(@project, options)
else
redirect_to issues_gantt_path(options)
end
else
redirect_to _project_issues_path(@project, options)
end
end
def redirect_to_time_entry_query(options)
redirect_to _time_entries_path(@project, nil, options)
end
# Returns the Query subclass, IssueQuery by default
# for compatibility with previous behaviour
def query_class
Query.get_subclass(params[:type] || 'IssueQuery')
end
end

89
app/controllers/reports_controller.rb Normal file
View file

@ -0,0 +1,89 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class ReportsController < ApplicationController
menu_item :issues
before_action :find_project, :authorize, :find_issue_statuses
def issue_report
@trackers = @project.rolled_up_trackers(false).visible
@versions = @project.shared_versions.sort
@priorities = IssuePriority.all.reverse
@categories = @project.issue_categories
@assignees = (Setting.issue_group_assignment? ? @project.principals : @project.users).sort
@authors = @project.users.sort
@subprojects = @project.descendants.visible
@issues_by_tracker = Issue.by_tracker(@project)
@issues_by_version = Issue.by_version(@project)
@issues_by_priority = Issue.by_priority(@project)
@issues_by_category = Issue.by_category(@project)
@issues_by_assigned_to = Issue.by_assigned_to(@project)
@issues_by_author = Issue.by_author(@project)
@issues_by_subproject = Issue.by_subproject(@project) || []
render :template => "reports/issue_report"
end
def issue_report_details
case params[:detail]
when "tracker"
@field = "tracker_id"
@rows = @project.rolled_up_trackers(false).visible
@data = Issue.by_tracker(@project)
@report_title = l(:field_tracker)
when "version"
@field = "fixed_version_id"
@rows = @project.shared_versions.sort
@data = Issue.by_version(@project)
@report_title = l(:field_version)
when "priority"
@field = "priority_id"
@rows = IssuePriority.all.reverse
@data = Issue.by_priority(@project)
@report_title = l(:field_priority)
when "category"
@field = "category_id"
@rows = @project.issue_categories
@data = Issue.by_category(@project)
@report_title = l(:field_category)
when "assigned_to"
@field = "assigned_to_id"
@rows = (Setting.issue_group_assignment? ? @project.principals : @project.users).sort
@data = Issue.by_assigned_to(@project)
@report_title = l(:field_assigned_to)
when "author"
@field = "author_id"
@rows = @project.users.sort
@data = Issue.by_author(@project)
@report_title = l(:field_author)
when "subproject"
@field = "project_id"
@rows = @project.descendants.visible
@data = Issue.by_subproject(@project) || []
@report_title = l(:field_subproject)
else
render_404
end
end
private
def find_issue_statuses
@statuses = IssueStatus.sorted.to_a
end
end

439
app/controllers/repositories_controller.rb Normal file
View file

@ -0,0 +1,439 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
require 'SVG/Graph/Bar'
require 'SVG/Graph/BarHorizontal'
require 'digest/sha1'
require 'redmine/scm/adapters'
class ChangesetNotFound < Exception; end
class InvalidRevisionParam < Exception; end
class RepositoriesController < ApplicationController
menu_item :repository
menu_item :settings, :only => [:new, :create, :edit, :update, :destroy, :committers]
default_search_scope :changesets
before_action :find_project_by_project_id, :only => [:new, :create]
before_action :build_new_repository_from_params, :only => [:new, :create]
before_action :find_repository, :only => [:edit, :update, :destroy, :committers]
before_action :find_project_repository, :except => [:new, :create, :edit, :update, :destroy, :committers]
before_action :find_changeset, :only => [:revision, :add_related_issue, :remove_related_issue]
before_action :authorize
accept_rss_auth :revisions
rescue_from Redmine::Scm::Adapters::CommandFailed, :with => :show_error_command_failed
def new
@repository.is_default = @project.repository.nil?
end
def create
if @repository.save
redirect_to settings_project_path(@project, :tab => 'repositories')
else
render :action => 'new'
end
end
def edit
end
def update
@repository.safe_attributes = params[:repository]
if @repository.save
redirect_to settings_project_path(@project, :tab => 'repositories')
else
render :action => 'edit'
end
end
def committers
@committers = @repository.committers
@users = @project.users.to_a
additional_user_ids = @committers.collect(&:last).collect(&:to_i) - @users.collect(&:id)
@users += User.where(:id => additional_user_ids).to_a unless additional_user_ids.empty?
@users.compact!
@users.sort!
if request.post? && params[:committers].present?
# Build a hash with repository usernames as keys and corresponding user ids as values
@repository.committer_ids = params[:committers].values.inject({}) {|h, c| h[c.first] = c.last; h}
flash[:notice] = l(:notice_successful_update)
redirect_to settings_project_path(@project, :tab => 'repositories')
end
end
def destroy
@repository.destroy if request.delete?
redirect_to settings_project_path(@project, :tab => 'repositories')
end
def show
@repository.fetch_changesets if @project.active? && Setting.autofetch_changesets? && @path.empty?
@entries = @repository.entries(@path, @rev)
@changeset = @repository.find_changeset_by_name(@rev)
if request.xhr?
@entries ? render(:partial => 'dir_list_content') : head(200)
else
(show_error_not_found; return) unless @entries
@changesets = @repository.latest_changesets(@path, @rev)
@properties = @repository.properties(@path, @rev)
@repositories = @project.repositories
render :action => 'show'
end
end
alias_method :browse, :show
def changes
@entry = @repository.entry(@path, @rev)
(show_error_not_found; return) unless @entry
@changesets = @repository.latest_changesets(@path, @rev, Setting.repository_log_display_limit.to_i)
@properties = @repository.properties(@path, @rev)
@changeset = @repository.find_changeset_by_name(@rev)
end
def revisions
@changeset_count = @repository.changesets.count
@changeset_pages = Paginator.new @changeset_count,
per_page_option,
params['page']
@changesets = @repository.changesets.
limit(@changeset_pages.per_page).
offset(@changeset_pages.offset).
includes(:user, :repository, :parents).
to_a
respond_to do |format|
format.html { render :layout => false if request.xhr? }
format.atom { render_feed(@changesets, :title => "#{@project.name}: #{l(:label_revision_plural)}") }
end
end
def raw
entry_and_raw(true)
end
def entry
entry_and_raw(false)
end
def entry_and_raw(is_raw)
@entry = @repository.entry(@path, @rev)
(show_error_not_found; return) unless @entry
# If the entry is a dir, show the browser
(show; return) if @entry.is_dir?
if is_raw
# Force the download
send_opt = { :filename => filename_for_content_disposition(@path.split('/').last) }
send_type = Redmine::MimeType.of(@path)
send_opt[:type] = send_type.to_s if send_type
send_opt[:disposition] = disposition(@path)
send_data @repository.cat(@path, @rev), send_opt
else
if !@entry.size || @entry.size <= Setting.file_max_size_displayed.to_i.kilobyte
content = @repository.cat(@path, @rev)
(show_error_not_found; return) unless content
if content.size <= Setting.file_max_size_displayed.to_i.kilobyte &&
is_entry_text_data?(content, @path)
# TODO: UTF-16
# Prevent empty lines when displaying a file with Windows style eol
# Is this needed? AttachmentsController simply reads file.
@content = content.gsub("\r\n", "\n")
end
end
@changeset = @repository.find_changeset_by_name(@rev)
end
end
private :entry_and_raw
def is_entry_text_data?(ent, path)
# UTF-16 contains "\x00".
# It is very strict that file contains less than 30% of ascii symbols
# in non Western Europe.
return true if Redmine::MimeType.is_type?('text', path)
# Ruby 1.8.6 has a bug of integer divisions.
# http://apidock.com/ruby/v1_8_6_287/String/is_binary_data%3F
return false if Redmine::Scm::Adapters::ScmData.binary?(ent)
true
end
private :is_entry_text_data?
def annotate
@entry = @repository.entry(@path, @rev)
(show_error_not_found; return) unless @entry
@annotate = @repository.scm.annotate(@path, @rev)
if @annotate.nil? || @annotate.empty?
@annotate = nil
@error_message = l(:error_scm_annotate)
else
ann_buf_size = 0
@annotate.lines.each do |buf|
ann_buf_size += buf.size
end
if ann_buf_size > Setting.file_max_size_displayed.to_i.kilobyte
@annotate = nil
@error_message = l(:error_scm_annotate_big_text_file)
end
end
@changeset = @repository.find_changeset_by_name(@rev)
end
def revision
respond_to do |format|
format.html
format.js {render :layout => false}
end
end
# Adds a related issue to a changeset
# POST /projects/:project_id/repository/(:repository_id/)revisions/:rev/issues
def add_related_issue
issue_id = params[:issue_id].to_s.sub(/^#/,'')
@issue = @changeset.find_referenced_issue_by_id(issue_id)
if @issue && (!@issue.visible? || @changeset.issues.include?(@issue))
@issue = nil
end
if @issue
@changeset.issues << @issue
end
end
# Removes a related issue from a changeset
# DELETE /projects/:project_id/repository/(:repository_id/)revisions/:rev/issues/:issue_id
def remove_related_issue
@issue = Issue.visible.find_by_id(params[:issue_id])
if @issue
@changeset.issues.delete(@issue)
end
end
def diff
if params[:format] == 'diff'
@diff = @repository.diff(@path, @rev, @rev_to)
(show_error_not_found; return) unless @diff
filename = "changeset_r#{@rev}"
filename << "_r#{@rev_to}" if @rev_to
send_data @diff.join, :filename => "#{filename}.diff",
:type => 'text/x-patch',
:disposition => 'attachment'
else
@diff_type = params[:type] || User.current.pref[:diff_type] || 'inline'
@diff_type = 'inline' unless %w(inline sbs).include?(@diff_type)
# Save diff type as user preference
if User.current.logged? && @diff_type != User.current.pref[:diff_type]
User.current.pref[:diff_type] = @diff_type
User.current.preference.save
end
@cache_key = "repositories/diff/#{@repository.id}/" +
Digest::MD5.hexdigest("#{@path}-#{@rev}-#{@rev_to}-#{@diff_type}-#{current_language}")
unless read_fragment(@cache_key)
@diff = @repository.diff(@path, @rev, @rev_to)
show_error_not_found unless @diff
end
@changeset = @repository.find_changeset_by_name(@rev)
@changeset_to = @rev_to ? @repository.find_changeset_by_name(@rev_to) : nil
@diff_format_revisions = @repository.diff_format_revisions(@changeset, @changeset_to)
end
end
def stats
end
def graph
data = nil
case params[:graph]
when "commits_per_month"
data = graph_commits_per_month(@repository)
when "commits_per_author"
data = graph_commits_per_author(@repository)
end
if data
headers["Content-Type"] = "image/svg+xml"
send_data(data, :type => "image/svg+xml", :disposition => "inline")
else
render_404
end
end
private
def build_new_repository_from_params
scm = params[:repository_scm] || (Redmine::Scm::Base.all & Setting.enabled_scm).first
unless @repository = Repository.factory(scm)
render_404
return
end
@repository.project = @project
@repository.safe_attributes = params[:repository]
@repository
end
def find_repository
@repository = Repository.find(params[:id])
@project = @repository.project
rescue ActiveRecord::RecordNotFound
render_404
end
REV_PARAM_RE = %r{\A[a-f0-9]*\Z}i
def find_project_repository
@project = Project.find(params[:id])
if params[:repository_id].present?
@repository = @project.repositories.find_by_identifier_param(params[:repository_id])
else
@repository = @project.repository
end
(render_404; return false) unless @repository
@path = params[:path].is_a?(Array) ? params[:path].join('/') : params[:path].to_s
@rev = params[:rev].blank? ? @repository.default_branch : params[:rev].to_s.strip
@rev_to = params[:rev_to]
unless @rev.to_s.match(REV_PARAM_RE) && @rev_to.to_s.match(REV_PARAM_RE)
if @repository.branches.blank?
raise InvalidRevisionParam
end
end
rescue ActiveRecord::RecordNotFound
render_404
rescue InvalidRevisionParam
show_error_not_found
end
def find_changeset
if @rev.present?
@changeset = @repository.find_changeset_by_name(@rev)
end
show_error_not_found unless @changeset
end
def show_error_not_found
render_error :message => l(:error_scm_not_found), :status => 404
end
# Handler for Redmine::Scm::Adapters::CommandFailed exception
def show_error_command_failed(exception)
render_error l(:error_scm_command_failed, exception.message)
end
def graph_commits_per_month(repository)
@date_to = User.current.today
@date_from = @date_to << 11
@date_from = Date.civil(@date_from.year, @date_from.month, 1)
commits_by_day = Changeset.
where("repository_id = ? AND commit_date BETWEEN ? AND ?", repository.id, @date_from, @date_to).
group(:commit_date).
count
commits_by_month = [0] * 12
commits_by_day.each {|c| commits_by_month[(@date_to.month - c.first.to_date.month) % 12] += c.last }
changes_by_day = Change.
joins(:changeset).
where("#{Changeset.table_name}.repository_id = ? AND #{Changeset.table_name}.commit_date BETWEEN ? AND ?", repository.id, @date_from, @date_to).
group(:commit_date).
count
changes_by_month = [0] * 12
changes_by_day.each {|c| changes_by_month[(@date_to.month - c.first.to_date.month) % 12] += c.last }
fields = []
today = User.current.today
12.times {|m| fields << month_name(((today.month - 1 - m) % 12) + 1)}
graph = SVG::Graph::Bar.new(
:height => 300,
:width => 800,
:fields => fields.reverse,
:stack => :side,
:scale_integers => true,
:step_x_labels => 2,
:show_data_values => false,
:graph_title => l(:label_commits_per_month),
:show_graph_title => true
)
graph.add_data(
:data => commits_by_month[0..11].reverse,
:title => l(:label_revision_plural)
)
graph.add_data(
:data => changes_by_month[0..11].reverse,
:title => l(:label_change_plural)
)
graph.burn
end
def graph_commits_per_author(repository)
#data
stats = repository.stats_by_author
fields, commits_data, changes_data = [], [], []
stats.each do |name, hsh|
fields << name
commits_data << hsh[:commits_count]
changes_data << hsh[:changes_count]
end
#expand to 10 values if needed
fields = fields + [""]*(10 - fields.length) if fields.length<10
commits_data = commits_data + [0]*(10 - commits_data.length) if commits_data.length<10
changes_data = changes_data + [0]*(10 - changes_data.length) if changes_data.length<10
# Remove email address in usernames
fields = fields.collect {|c| c.gsub(%r{<.+@.+>}, '') }
#prepare graph
graph = SVG::Graph::BarHorizontal.new(
:height => 30 * commits_data.length,
:width => 800,
:fields => fields,
:stack => :side,
:scale_integers => true,
:show_data_values => false,
:rotate_y_labels => false,
:graph_title => l(:label_commits_per_author),
:show_graph_title => true
)
graph.add_data(
:data => commits_data,
:title => l(:label_revision_plural)
)
graph.add_data(
:data => changes_data,
:title => l(:label_change_plural)
)
graph.burn
end
def disposition(path)
if Redmine::MimeType.of(@path) == "application/pdf"
'inline'
else
'attachment'
end
end
end

123
app/controllers/roles_controller.rb Normal file
View file

@ -0,0 +1,123 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class RolesController < ApplicationController
layout 'admin'
self.main_menu = false
before_action :require_admin, :except => [:index, :show]
before_action :require_admin_or_api_request, :only => [:index, :show]
before_action :find_role, :only => [:show, :edit, :update, :destroy]
accept_api_auth :index, :show
require_sudo_mode :create, :update, :destroy
def index
respond_to do |format|
format.html {
@roles = Role.sorted.to_a
render :layout => false if request.xhr?
}
format.api {
@roles = Role.givable.to_a
}
end
end
def show
respond_to do |format|
format.api
end
end
def new
# Prefills the form with 'Non member' role permissions by default
@role = Role.new
@role.safe_attributes = params[:role] || {:permissions => Role.non_member.permissions}
if params[:copy].present? && @copy_from = Role.find_by_id(params[:copy])
@role.copy_from(@copy_from)
end
@roles = Role.sorted.to_a
end
def create
@role = Role.new
@role.safe_attributes = params[:role]
if request.post? && @role.save
# workflow copy
if !params[:copy_workflow_from].blank? && (copy_from = Role.find_by_id(params[:copy_workflow_from]))
@role.copy_workflow_rules(copy_from)
end
flash[:notice] = l(:notice_successful_create)
redirect_to roles_path
else
@roles = Role.sorted.to_a
render :action => 'new'
end
end
def edit
end
def update
@role.safe_attributes = params[:role]
if @role.save
respond_to do |format|
format.html {
flash[:notice] = l(:notice_successful_update)
redirect_to roles_path(:page => params[:page])
}
format.js { head 200 }
end
else
respond_to do |format|
format.html { render :action => 'edit' }
format.js { head 422 }
end
end
end
def destroy
begin
@role.destroy
rescue
flash[:error] = l(:error_can_not_remove_role)
end
redirect_to roles_path
end
def permissions
@roles = Role.sorted.to_a
@permissions = Redmine::AccessControl.permissions.select { |p| !p.public? }
if request.post?
@roles.each do |role|
role.permissions = params[:permissions][role.id.to_s]
role.save
end
flash[:notice] = l(:notice_successful_update)
redirect_to roles_path
end
end
private
def find_role
@role = Role.find(params[:id])
rescue ActiveRecord::RecordNotFound
render_404
end
end

99
app/controllers/search_controller.rb Normal file
View file

@ -0,0 +1,99 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class SearchController < ApplicationController
before_action :find_optional_project
accept_api_auth :index
def index
@question = params[:q] || ""
@question.strip!
@all_words = params[:all_words] ? params[:all_words].present? : true
@titles_only = params[:titles_only] ? params[:titles_only].present? : false
@search_attachments = params[:attachments].presence || '0'
@open_issues = params[:open_issues] ? params[:open_issues].present? : false
case params[:format]
when 'xml', 'json'
@offset, @limit = api_offset_and_limit
else
@offset = nil
@limit = Setting.search_results_per_page.to_i
@limit = 10 if @limit == 0
end
# quick jump to an issue
if (m = @question.match(/^#?(\d+)$/)) && (issue = Issue.visible.find_by_id(m[1].to_i))
redirect_to issue_path(issue)
return
end
projects_to_search =
case params[:scope]
when 'all'
nil
when 'my_projects'
User.current.projects
when 'subprojects'
@project ? (@project.self_and_descendants.active.to_a) : nil
else
@project
end
@object_types = Redmine::Search.available_search_types.dup
if projects_to_search.is_a? Project
# don't search projects
@object_types.delete('projects')
# only show what the user is allowed to view
@object_types = @object_types.select {|o| User.current.allowed_to?("view_#{o}".to_sym, projects_to_search)}
end
@scope = @object_types.select {|t| params[t]}
@scope = @object_types if @scope.empty?
fetcher = Redmine::Search::Fetcher.new(
@question, User.current, @scope, projects_to_search,
:all_words => @all_words, :titles_only => @titles_only, :attachments => @search_attachments, :open_issues => @open_issues,
:cache => params[:page].present?, :params => params
)
if fetcher.tokens.present?
@result_count = fetcher.result_count
@result_count_by_type = fetcher.result_count_by_type
@tokens = fetcher.tokens
@result_pages = Paginator.new @result_count, @limit, params['page']
@offset ||= @result_pages.offset
@results = fetcher.results(@offset, @result_pages.per_page)
else
@question = ""
end
respond_to do |format|
format.html { render :layout => false if request.xhr? }
format.api { @results ||= []; render :layout => false }
end
end
private
def find_optional_project
return true unless params[:id]
@project = Project.find(params[:id])
check_project_privacy
rescue ActiveRecord::RecordNotFound
render_404
end
end

81
app/controllers/settings_controller.rb Normal file
View file

@ -0,0 +1,81 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class SettingsController < ApplicationController
layout 'admin'
self.main_menu = false
menu_item :plugins, :only => :plugin
helper :queries
before_action :require_admin
require_sudo_mode :index, :edit, :plugin
def index
edit
render :action => 'edit'
end
def edit
@notifiables = Redmine::Notifiable.all
if request.post?
errors = Setting.set_all_from_params(params[:settings])
if errors.blank?
flash[:notice] = l(:notice_successful_update)
redirect_to settings_path(:tab => params[:tab])
return
else
@setting_errors = errors
# render the edit form with error messages
end
end
@options = {}
user_format = User::USER_FORMATS.collect{|key, value| [key, value[:setting_order]]}.sort{|a, b| a[1] <=> b[1]}
@options[:user_format] = user_format.collect{|f| [User.current.name(f[0]), f[0].to_s]}
@deliveries = ActionMailer::Base.perform_deliveries
@guessed_host_and_path = request.host_with_port.dup
@guessed_host_and_path << ('/'+ Redmine::Utils.relative_url_root.gsub(%r{^\/}, '')) unless Redmine::Utils.relative_url_root.blank?
@commit_update_keywords = Setting.commit_update_keywords.dup
@commit_update_keywords = [{}] unless @commit_update_keywords.is_a?(Array) && @commit_update_keywords.any?
Redmine::Themes.rescan
end
def plugin
@plugin = Redmine::Plugin.find(params[:id])
unless @plugin.configurable?
render_404
return
end
if request.post?
setting = params[:settings] ? params[:settings].permit!.to_h : {}
Setting.send "plugin_#{@plugin.id}=", setting
flash[:notice] = l(:notice_successful_update)
redirect_to plugin_settings_path(@plugin)
else
@partial = @plugin.settings[:partial]
@settings = Setting.send "plugin_#{@plugin.id}"
end
rescue Redmine::PluginNotFound
render_404
end
end

82
app/controllers/sys_controller.rb Normal file
View file

@ -0,0 +1,82 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class SysController < ActionController::Base
before_action :check_enabled
def projects
p = Project.active.has_module(:repository).
order("#{Project.table_name}.identifier").preload(:repository).to_a
# extra_info attribute from repository breaks activeresource client
render :json => p.to_json(
:only => [:id, :identifier, :name, :is_public, :status],
:include => {:repository => {:only => [:id, :url]}}
)
end
def create_project_repository
project = Project.find(params[:id])
if project.repository
head 409
else
logger.info "Repository for #{project.name} was reported to be created by #{request.remote_ip}."
repository = Repository.factory(params[:vendor])
repository.safe_attributes = params[:repository]
repository.project = project
if repository.save
render :json => {repository.class.name.underscore.gsub('/', '-') => {:id => repository.id, :url => repository.url}}, :status => 201
else
head 422
end
end
end
def fetch_changesets
projects = []
scope = Project.active.has_module(:repository)
if params[:id]
project = nil
if params[:id].to_s =~ /^\d*$/
project = scope.find(params[:id])
else
project = scope.find_by_identifier(params[:id])
end
raise ActiveRecord::RecordNotFound unless project
projects << project
else
projects = scope.to_a
end
projects.each do |project|
project.repositories.each do |repository|
repository.fetch_changesets
end
end
head 200
rescue ActiveRecord::RecordNotFound
head 404
end
protected
def check_enabled
User.current = nil
unless Setting.sys_api_enabled? && params[:key].to_s == Setting.sys_api_key
render :plain => 'Access denied. Repository management WS is disabled or key is invalid.', :status => 403
return false
end
end
end

285
app/controllers/timelog_controller.rb Normal file
View file

@ -0,0 +1,285 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class TimelogController < ApplicationController
menu_item :time_entries
before_action :find_time_entry, :only => [:show, :edit, :update]
before_action :check_editability, :only => [:edit, :update]
before_action :find_time_entries, :only => [:bulk_edit, :bulk_update, :destroy]
before_action :authorize, :only => [:show, :edit, :update, :bulk_edit, :bulk_update, :destroy]
before_action :find_optional_issue, :only => [:new, :create]
before_action :find_optional_project, :only => [:index, :report]
before_action :authorize_global, :only => [:new, :create, :index, :report]
accept_rss_auth :index
accept_api_auth :index, :show, :create, :update, :destroy
rescue_from Query::StatementInvalid, :with => :query_statement_invalid
helper :issues
include TimelogHelper
helper :custom_fields
include CustomFieldsHelper
helper :queries
include QueriesHelper
def index
retrieve_time_entry_query
scope = time_entry_scope.
preload(:issue => [:project, :tracker, :status, :assigned_to, :priority]).
preload(:project, :user)
respond_to do |format|
format.html {
@entry_count = scope.count
@entry_pages = Paginator.new @entry_count, per_page_option, params['page']
@entries = scope.offset(@entry_pages.offset).limit(@entry_pages.per_page).to_a
render :layout => !request.xhr?
}
format.api {
@entry_count = scope.count
@offset, @limit = api_offset_and_limit
@entries = scope.offset(@offset).limit(@limit).preload(:custom_values => :custom_field).to_a
}
format.atom {
entries = scope.limit(Setting.feeds_limit.to_i).reorder("#{TimeEntry.table_name}.created_on DESC").to_a
render_feed(entries, :title => l(:label_spent_time))
}
format.csv {
# Export all entries
@entries = scope.to_a
send_data(query_to_csv(@entries, @query, params), :type => 'text/csv; header=present', :filename => 'timelog.csv')
}
end
end
def report
retrieve_time_entry_query
scope = time_entry_scope
@report = Redmine::Helpers::TimeReport.new(@project, @issue, params[:criteria], params[:columns], scope)
respond_to do |format|
format.html { render :layout => !request.xhr? }
format.csv { send_data(report_to_csv(@report), :type => 'text/csv; header=present', :filename => 'timelog.csv') }
end
end
def show
respond_to do |format|
# TODO: Implement html response
format.html { head 406 }
format.api
end
end
def new
@time_entry ||= TimeEntry.new(:project => @project, :issue => @issue, :user => User.current, :spent_on => User.current.today)
@time_entry.safe_attributes = params[:time_entry]
end
def create
@time_entry ||= TimeEntry.new(:project => @project, :issue => @issue, :user => User.current, :spent_on => User.current.today)
@time_entry.safe_attributes = params[:time_entry]
if @time_entry.project && !User.current.allowed_to?(:log_time, @time_entry.project)
render_403
return
end
call_hook(:controller_timelog_edit_before_save, { :params => params, :time_entry => @time_entry })
if @time_entry.save
respond_to do |format|
format.html {
flash[:notice] = l(:notice_successful_create)
if params[:continue]
options = {
:time_entry => {
:project_id => params[:time_entry][:project_id],
:issue_id => @time_entry.issue_id,
:activity_id => @time_entry.activity_id
},
:back_url => params[:back_url]
}
if params[:project_id] && @time_entry.project
redirect_to new_project_time_entry_path(@time_entry.project, options)
elsif params[:issue_id] && @time_entry.issue
redirect_to new_issue_time_entry_path(@time_entry.issue, options)
else
redirect_to new_time_entry_path(options)
end
else
redirect_back_or_default project_time_entries_path(@time_entry.project)
end
}
format.api { render :action => 'show', :status => :created, :location => time_entry_url(@time_entry) }
end
else
respond_to do |format|
format.html { render :action => 'new' }
format.api { render_validation_errors(@time_entry) }
end
end
end
def edit
@time_entry.safe_attributes = params[:time_entry]
end
def update
@time_entry.safe_attributes = params[:time_entry]
call_hook(:controller_timelog_edit_before_save, { :params => params, :time_entry => @time_entry })
if @time_entry.save
respond_to do |format|
format.html {
flash[:notice] = l(:notice_successful_update)
redirect_back_or_default project_time_entries_path(@time_entry.project)
}
format.api { render_api_ok }
end
else
respond_to do |format|
format.html { render :action => 'edit' }
format.api { render_validation_errors(@time_entry) }
end
end
end
def bulk_edit
@available_activities = @projects.map(&:activities).reduce(:&)
@custom_fields = TimeEntry.first.available_custom_fields.select {|field| field.format.bulk_edit_supported}
end
def bulk_update
attributes = parse_params_for_bulk_update(params[:time_entry])
unsaved_time_entries = []
saved_time_entries = []
@time_entries.each do |time_entry|
time_entry.reload
time_entry.safe_attributes = attributes
call_hook(:controller_time_entries_bulk_edit_before_save, { :params => params, :time_entry => time_entry })
if time_entry.save
saved_time_entries << time_entry
else
unsaved_time_entries << time_entry
end
end
if unsaved_time_entries.empty?
flash[:notice] = l(:notice_successful_update) unless saved_time_entries.empty?
redirect_back_or_default project_time_entries_path(@projects.first)
else
@saved_time_entries = @time_entries
@unsaved_time_entries = unsaved_time_entries
@time_entries = TimeEntry.where(:id => unsaved_time_entries.map(&:id)).
preload(:project => :time_entry_activities).
preload(:user).to_a
bulk_edit
render :action => 'bulk_edit'
end
end
def destroy
destroyed = TimeEntry.transaction do
@time_entries.each do |t|
unless t.destroy && t.destroyed?
raise ActiveRecord::Rollback
end
end
end
respond_to do |format|
format.html {
if destroyed
flash[:notice] = l(:notice_successful_delete)
else
flash[:error] = l(:notice_unable_delete_time_entry)
end
redirect_back_or_default project_time_entries_path(@projects.first), :referer => true
}
format.api {
if destroyed
render_api_ok
else
render_validation_errors(@time_entries)
end
}
end
end
private
def find_time_entry
@time_entry = TimeEntry.find(params[:id])
@project = @time_entry.project
rescue ActiveRecord::RecordNotFound
render_404
end
def check_editability
unless @time_entry.editable_by?(User.current)
render_403
return false
end
end
def find_time_entries
@time_entries = TimeEntry.where(:id => params[:id] || params[:ids]).
preload(:project => :time_entry_activities).
preload(:user).to_a
raise ActiveRecord::RecordNotFound if @time_entries.empty?
raise Unauthorized unless @time_entries.all? {|t| t.editable_by?(User.current)}
@projects = @time_entries.collect(&:project).compact.uniq
@project = @projects.first if @projects.size == 1
rescue ActiveRecord::RecordNotFound
render_404
end
def find_optional_issue
if params[:issue_id].present?
@issue = Issue.find(params[:issue_id])
@project = @issue.project
else
find_optional_project
end
end
def find_optional_project
if params[:project_id].present?
@project = Project.find(params[:project_id])
end
rescue ActiveRecord::RecordNotFound
render_404
end
# Returns the TimeEntry scope for index and report actions
def time_entry_scope(options={})
@query.results_scope(options)
end
def retrieve_time_entry_query
retrieve_query(TimeEntryQuery, false)
end
end

111
app/controllers/trackers_controller.rb Normal file
View file

@ -0,0 +1,111 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class TrackersController < ApplicationController
layout 'admin'
self.main_menu = false
before_action :require_admin, :except => :index
before_action :require_admin_or_api_request, :only => :index
accept_api_auth :index
def index
@trackers = Tracker.sorted.to_a
respond_to do |format|
format.html { render :layout => false if request.xhr? }
format.api
end
end
def new
@tracker ||= Tracker.new
@tracker.safe_attributes = params[:tracker]
@trackers = Tracker.sorted.to_a
@projects = Project.all
end
def create
@tracker = Tracker.new
@tracker.safe_attributes = params[:tracker]
if @tracker.save
# workflow copy
if !params[:copy_workflow_from].blank? && (copy_from = Tracker.find_by_id(params[:copy_workflow_from]))
@tracker.copy_workflow_rules(copy_from)
end
flash[:notice] = l(:notice_successful_create)
redirect_to trackers_path
return
end
new
render :action => 'new'
end
def edit
@tracker ||= Tracker.find(params[:id])
@projects = Project.all
end
def update
@tracker = Tracker.find(params[:id])
@tracker.safe_attributes = params[:tracker]
if @tracker.save
respond_to do |format|
format.html {
flash[:notice] = l(:notice_successful_update)
redirect_to trackers_path(:page => params[:page])
}
format.js { head 200 }
end
else
respond_to do |format|
format.html {
edit
render :action => 'edit'
}
format.js { head 422 }
end
end
end
def destroy
@tracker = Tracker.find(params[:id])
unless @tracker.issues.empty?
flash[:error] = l(:error_can_not_delete_tracker)
else
@tracker.destroy
end
redirect_to trackers_path
end
def fields
if request.post? && params[:trackers]
params[:trackers].each do |tracker_id, tracker_params|
tracker = Tracker.find_by_id(tracker_id)
if tracker
tracker.core_fields = tracker_params[:core_fields]
tracker.custom_field_ids = tracker_params[:custom_field_ids]
tracker.save
end
end
flash[:notice] = l(:notice_successful_update)
redirect_to fields_trackers_path
return
end
@trackers = Tracker.sorted.to_a
@custom_fields = IssueCustomField.all.sort
end
end

190
app/controllers/users_controller.rb Normal file
View file

@ -0,0 +1,190 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class UsersController < ApplicationController
layout 'admin'
self.main_menu = false
before_action :require_admin, :except => :show
before_action ->{ find_user(false) }, :only => :show
before_action :find_user, :only => [:edit, :update, :destroy]
accept_api_auth :index, :show, :create, :update, :destroy
helper :sort
include SortHelper
helper :custom_fields
include CustomFieldsHelper
helper :principal_memberships
require_sudo_mode :create, :update, :destroy
def index
sort_init 'login', 'asc'
sort_update %w(login firstname lastname admin created_on last_login_on)
case params[:format]
when 'xml', 'json'
@offset, @limit = api_offset_and_limit
else
@limit = per_page_option
end
@status = params[:status] || 1
scope = User.logged.status(@status).preload(:email_address)
scope = scope.like(params[:name]) if params[:name].present?
scope = scope.in_group(params[:group_id]) if params[:group_id].present?
@user_count = scope.count
@user_pages = Paginator.new @user_count, @limit, params['page']
@offset ||= @user_pages.offset
@users = scope.order(sort_clause).limit(@limit).offset(@offset).to_a
respond_to do |format|
format.html {
@groups = Group.givable.sort
render :layout => !request.xhr?
}
format.api
end
end
def show
unless @user.visible?
render_404
return
end
# show projects based on current user visibility
@memberships = @user.memberships.preload(:roles, :project).where(Project.visible_condition(User.current)).to_a
respond_to do |format|
format.html {
events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10)
@events_by_day = events.group_by {|event| User.current.time_to_date(event.event_datetime)}
render :layout => 'base'
}
format.api
end
end
def new
@user = User.new(:language => Setting.default_language, :mail_notification => Setting.default_notification_option)
@user.safe_attributes = params[:user]
@auth_sources = AuthSource.all
end
def create
@user = User.new(:language => Setting.default_language, :mail_notification => Setting.default_notification_option, :admin => false)
@user.safe_attributes = params[:user]
@user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation] unless @user.auth_source_id
@user.pref.safe_attributes = params[:pref]
if @user.save
Mailer.account_information(@user, @user.password).deliver if params[:send_information]
respond_to do |format|
format.html {
flash[:notice] = l(:notice_user_successful_create, :id => view_context.link_to(@user.login, user_path(@user)))
if params[:continue]
attrs = params[:user].slice(:generate_password)
redirect_to new_user_path(:user => attrs)
else
redirect_to edit_user_path(@user)
end
}
format.api { render :action => 'show', :status => :created, :location => user_url(@user) }
end
else
@auth_sources = AuthSource.all
# Clear password input
@user.password = @user.password_confirmation = nil
respond_to do |format|
format.html { render :action => 'new' }
format.api { render_validation_errors(@user) }
end
end
end
def edit
@auth_sources = AuthSource.all
@membership ||= Member.new
end
def update
if params[:user][:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?)
@user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation]
end
@user.safe_attributes = params[:user]
# Was the account actived ? (do it before User#save clears the change)
was_activated = (@user.status_change == [User::STATUS_REGISTERED, User::STATUS_ACTIVE])
# TODO: Similar to My#account
@user.pref.safe_attributes = params[:pref]
if @user.save
@user.pref.save
if was_activated
Mailer.account_activated(@user).deliver
elsif @user.active? && params[:send_information] && @user != User.current
Mailer.account_information(@user, @user.password).deliver
end
respond_to do |format|
format.html {
flash[:notice] = l(:notice_successful_update)
redirect_to_referer_or edit_user_path(@user)
}
format.api { render_api_ok }
end
else
@auth_sources = AuthSource.all
@membership ||= Member.new
# Clear password input
@user.password = @user.password_confirmation = nil
respond_to do |format|
format.html { render :action => :edit }
format.api { render_validation_errors(@user) }
end
end
end
def destroy
@user.destroy
respond_to do |format|
format.html { redirect_back_or_default(users_path) }
format.api { render_api_ok }
end
end
private
def find_user(logged = true)
if params[:id] == 'current'
require_login || return
@user = User.current
elsif logged
@user = User.logged.find(params[:id])
else
@user = User.find(params[:id])
end
rescue ActiveRecord::RecordNotFound
render_404
end
end

183
app/controllers/versions_controller.rb Normal file
View file

@ -0,0 +1,183 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class VersionsController < ApplicationController
menu_item :roadmap
model_object Version
before_action :find_model_object, :except => [:index, :new, :create, :close_completed]
before_action :find_project_from_association, :except => [:index, :new, :create, :close_completed]
before_action :find_project_by_project_id, :only => [:index, :new, :create, :close_completed]
before_action :authorize
accept_api_auth :index, :show, :create, :update, :destroy
helper :custom_fields
helper :projects
def index
respond_to do |format|
format.html {
@trackers = @project.trackers.sorted.to_a
retrieve_selected_tracker_ids(@trackers, @trackers.select {|t| t.is_in_roadmap?})
@with_subprojects = params[:with_subprojects].nil? ? Setting.display_subprojects_issues? : (params[:with_subprojects] == '1')
project_ids = @with_subprojects ? @project.self_and_descendants.collect(&:id) : [@project.id]
@versions = @project.shared_versions.preload(:custom_values)
@versions += @project.rolled_up_versions.visible.preload(:custom_values) if @with_subprojects
@versions = @versions.to_a.uniq.sort
unless params[:completed]
@completed_versions = @versions.select(&:completed?).reverse
@versions -= @completed_versions
end
@issues_by_version = {}
if @selected_tracker_ids.any? && @versions.any?
issues = Issue.visible.
includes(:project, :tracker).
preload(:status, :priority, :fixed_version).
where(:tracker_id => @selected_tracker_ids, :project_id => project_ids, :fixed_version_id => @versions.map(&:id)).
order("#{Project.table_name}.lft, #{Tracker.table_name}.position, #{Issue.table_name}.id")
@issues_by_version = issues.group_by(&:fixed_version)
end
@versions.reject! {|version| !project_ids.include?(version.project_id) && @issues_by_version[version].blank?}
}
format.api {
@versions = @project.shared_versions.to_a
}
end
end
def show
respond_to do |format|
format.html {
@issues = @version.fixed_issues.visible.
includes(:status, :tracker, :priority).
preload(:project).
reorder("#{Tracker.table_name}.position, #{Issue.table_name}.id").
to_a
}
format.api
end
end
def new
@version = @project.versions.build
@version.safe_attributes = params[:version]
respond_to do |format|
format.html
format.js
end
end
def create
@version = @project.versions.build
if params[:version]
attributes = params[:version].dup
attributes.delete('sharing') unless attributes.nil? || @version.allowed_sharings.include?(attributes['sharing'])
@version.safe_attributes = attributes
end
if request.post?
if @version.save
respond_to do |format|
format.html do
flash[:notice] = l(:notice_successful_create)
redirect_back_or_default settings_project_path(@project, :tab => 'versions')
end
format.js
format.api do
render :action => 'show', :status => :created, :location => version_url(@version)
end
end
else
respond_to do |format|
format.html { render :action => 'new' }
format.js { render :action => 'new' }
format.api { render_validation_errors(@version) }
end
end
end
end
def edit
end
def update
if params[:version]
attributes = params[:version].dup
attributes.delete('sharing') unless @version.allowed_sharings.include?(attributes['sharing'])
@version.safe_attributes = attributes
if @version.save
respond_to do |format|
format.html {
flash[:notice] = l(:notice_successful_update)
redirect_back_or_default settings_project_path(@project, :tab => 'versions')
}
format.api { render_api_ok }
end
else
respond_to do |format|
format.html { render :action => 'edit' }
format.api { render_validation_errors(@version) }
end
end
end
end
def close_completed
if request.put?
@project.close_completed_versions
end
redirect_to settings_project_path(@project, :tab => 'versions')
end
def destroy
if @version.deletable?
@version.destroy
respond_to do |format|
format.html { redirect_back_or_default settings_project_path(@project, :tab => 'versions') }
format.api { render_api_ok }
end
else
respond_to do |format|
format.html {
flash[:error] = l(:notice_unable_delete_version)
redirect_to settings_project_path(@project, :tab => 'versions')
}
format.api { head :unprocessable_entity }
end
end
end
def status_by
respond_to do |format|
format.html { render :action => 'show' }
format.js
end
end
private
def retrieve_selected_tracker_ids(selectable_trackers, default_trackers=nil)
if ids = params[:tracker_ids]
@selected_tracker_ids = (ids.is_a? Array) ? ids.collect { |id| id.to_i.to_s } : ids.split('/').collect { |id| id.to_i.to_s }
else
@selected_tracker_ids = (default_trackers || selectable_trackers).collect {|t| t.id.to_s }
end
end
end

152
app/controllers/watchers_controller.rb Normal file
View file

@ -0,0 +1,152 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class WatchersController < ApplicationController
before_action :require_login, :find_watchables, :only => [:watch, :unwatch]
def watch
set_watcher(@watchables, User.current, true)
end
def unwatch
set_watcher(@watchables, User.current, false)
end
before_action :find_project, :authorize, :only => [:new, :create, :append, :destroy, :autocomplete_for_user]
accept_api_auth :create, :destroy
def new
@users = users_for_new_watcher
end
def create
user_ids = []
if params[:watcher]
user_ids << (params[:watcher][:user_ids] || params[:watcher][:user_id])
else
user_ids << params[:user_id]
end
users = User.active.visible.where(:id => user_ids.flatten.compact.uniq)
users.each do |user|
@watchables.each do |watchable|
Watcher.create(:watchable => watchable, :user => user)
end
end
respond_to do |format|
format.html { redirect_to_referer_or {render :html => 'Watcher added.', :status => 200, :layout => true}}
format.js { @users = users_for_new_watcher }
format.api { render_api_ok }
end
end
def append
if params[:watcher]
user_ids = params[:watcher][:user_ids] || [params[:watcher][:user_id]]
@users = User.active.visible.where(:id => user_ids).to_a
end
if @users.blank?
head 200
end
end
def destroy
user = User.find(params[:user_id])
@watchables.each do |watchable|
watchable.set_watcher(user, false)
end
respond_to do |format|
format.html { redirect_to_referer_or {render :html => 'Watcher removed.', :status => 200, :layout => true} }
format.js
format.api { render_api_ok }
end
rescue ActiveRecord::RecordNotFound
render_404
end
def autocomplete_for_user
@users = users_for_new_watcher
render :layout => false
end
private
def find_project
if params[:object_type] && params[:object_id]
@watchables = find_objets_from_params
@projects = @watchables.map(&:project).uniq
if @projects.size == 1
@project = @projects.first
end
elsif params[:project_id]
@project = Project.visible.find_by_param(params[:project_id])
end
end
def find_watchables
@watchables = find_objets_from_params
unless @watchables.present?
render_404
end
end
def set_watcher(watchables, user, watching)
watchables.each do |watchable|
watchable.set_watcher(user, watching)
end
respond_to do |format|
format.html {
text = watching ? 'Watcher added.' : 'Watcher removed.'
redirect_to_referer_or {render :html => text, :status => 200, :layout => true}
}
format.js { render :partial => 'set_watcher', :locals => {:user => user, :watched => watchables} }
end
end
def users_for_new_watcher
scope = nil
if params[:q].blank? && @project.present?
scope = @project.users
else
scope = User.all.limit(100)
end
users = scope.active.visible.sorted.like(params[:q]).to_a
if @watchables && @watchables.size == 1
users -= @watchables.first.watcher_users
end
users
end
def find_objets_from_params
klass = Object.const_get(params[:object_type].camelcase) rescue nil
return unless klass && klass.respond_to?('watched_by')
scope = klass.where(:id => Array.wrap(params[:object_id]))
if klass.reflect_on_association(:project)
scope = scope.preload(:project => :enabled_modules)
end
objects = scope.to_a
raise Unauthorized if objects.any? do |w|
if w.respond_to?(:visible?)
!w.visible?
elsif w.respond_to?(:project) && w.project
!w.project.visible?
end
end
objects
end
end

29
app/controllers/welcome_controller.rb Normal file
View file

@ -0,0 +1,29 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class WelcomeController < ApplicationController
self.main_menu = false
def index
@news = News.latest User.current
end
def robots
@projects = Project.all_public.active
render :layout => false, :content_type => 'text/plain'
end
end

392
app/controllers/wiki_controller.rb Normal file
View file

@ -0,0 +1,392 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
# The WikiController follows the Rails REST controller pattern but with
# a few differences
#
# * index - shows a list of WikiPages grouped by page or date
# * new - not used
# * create - not used
# * show - will also show the form for creating a new wiki page
# * edit - used to edit an existing or new page
# * update - used to save a wiki page update to the database, including new pages
# * destroy - normal
#
# Other member and collection methods are also used
#
# TODO: still being worked on
class WikiController < ApplicationController
default_search_scope :wiki_pages
before_action :find_wiki, :authorize
before_action :find_existing_or_new_page, :only => [:show, :edit, :update]
before_action :find_existing_page, :only => [:rename, :protect, :history, :diff, :annotate, :add_attachment, :destroy, :destroy_version]
before_action :find_attachments, :only => [:preview]
accept_api_auth :index, :show, :update, :destroy
helper :attachments
include AttachmentsHelper
helper :watchers
include Redmine::Export::PDF
# List of pages, sorted alphabetically and by parent (hierarchy)
def index
load_pages_for_index
respond_to do |format|
format.html {
@pages_by_parent_id = @pages.group_by(&:parent_id)
}
format.api
end
end
# List of page, by last update
def date_index
load_pages_for_index
@pages_by_date = @pages.group_by {|p| p.updated_on.to_date}
end
def new
@page = WikiPage.new(:wiki => @wiki, :title => params[:title])
unless User.current.allowed_to?(:edit_wiki_pages, @project)
render_403
return
end
if request.post?
@page.title = '' unless editable?
@page.validate
if @page.errors[:title].blank?
path = project_wiki_page_path(@project, @page.title)
respond_to do |format|
format.html { redirect_to path }
format.js { render :js => "window.location = #{path.to_json}" }
end
end
end
end
# display a page (in editing mode if it doesn't exist)
def show
if params[:version] && !User.current.allowed_to?(:view_wiki_edits, @project)
deny_access
return
end
@content = @page.content_for_version(params[:version])
if @content.nil?
if User.current.allowed_to?(:edit_wiki_pages, @project) && editable? && !api_request?
edit
render :action => 'edit'
else
render_404
end
return
end
call_hook :controller_wiki_show_before_render, content: @content, format: params[:format]
if User.current.allowed_to?(:export_wiki_pages, @project)
if params[:format] == 'pdf'
send_file_headers! :type => 'application/pdf', :filename => filename_for_content_disposition("#{@page.title}.pdf")
return
elsif params[:format] == 'html'
export = render_to_string :action => 'export', :layout => false
send_data(export, :type => 'text/html', :filename => filename_for_content_disposition("#{@page.title}.html"))
return
elsif params[:format] == 'txt'
send_data(@content.text, :type => 'text/plain', :filename => filename_for_content_disposition("#{@page.title}.txt"))
return
end
end
@editable = editable?
@sections_editable = @editable && User.current.allowed_to?(:edit_wiki_pages, @page.project) &&
@content.current_version? &&
Redmine::WikiFormatting.supports_section_edit?
respond_to do |format|
format.html
format.api
end
end
# edit an existing page or a new one
def edit
return render_403 unless editable?
if @page.new_record?
if params[:parent].present?
@page.parent = @page.wiki.find_page(params[:parent].to_s)
end
end
@content = @page.content_for_version(params[:version])
@content ||= WikiContent.new(:page => @page)
@content.text = initial_page_content(@page) if @content.text.blank?
# don't keep previous comment
@content.comments = nil
# To prevent StaleObjectError exception when reverting to a previous version
@content.version = @page.content.version if @page.content
@text = @content.text
if params[:section].present? && Redmine::WikiFormatting.supports_section_edit?
@section = params[:section].to_i
@text, @section_hash = Redmine::WikiFormatting.formatter.new(@text).get_section(@section)
render_404 if @text.blank?
end
end
# Creates a new page or updates an existing one
def update
return render_403 unless editable?
was_new_page = @page.new_record?
@page.safe_attributes = params[:wiki_page]
@content = @page.content || WikiContent.new(:page => @page)
content_params = params[:content]
if content_params.nil? && params[:wiki_page].present?
content_params = params[:wiki_page].slice(:text, :comments, :version)
end
content_params ||= {}
@content.comments = content_params[:comments]
@text = content_params[:text]
if params[:section].present? && Redmine::WikiFormatting.supports_section_edit?
@section = params[:section].to_i
@section_hash = params[:section_hash]
@content.text = Redmine::WikiFormatting.formatter.new(@content.text).update_section(@section, @text, @section_hash)
else
@content.version = content_params[:version] if content_params[:version]
@content.text = @text
end
@content.author = User.current
if @page.save_with_content(@content)
attachments = Attachment.attach_files(@page, params[:attachments] || (params[:wiki_page] && params[:wiki_page][:uploads]))
render_attachment_warning_if_needed(@page)
call_hook(:controller_wiki_edit_after_save, { :params => params, :page => @page})
respond_to do |format|
format.html {
anchor = @section ? "section-#{@section}" : nil
redirect_to project_wiki_page_path(@project, @page.title, :anchor => anchor)
}
format.api {
if was_new_page
render :action => 'show', :status => :created, :location => project_wiki_page_path(@project, @page.title)
else
render_api_ok
end
}
end
else
respond_to do |format|
format.html { render :action => 'edit' }
format.api { render_validation_errors(@content) }
end
end
rescue ActiveRecord::StaleObjectError, Redmine::WikiFormatting::StaleSectionError
# Optimistic locking exception
respond_to do |format|
format.html {
flash.now[:error] = l(:notice_locking_conflict)
render :action => 'edit'
}
format.api { render_api_head :conflict }
end
end
# rename a page
def rename
return render_403 unless editable?
@page.redirect_existing_links = true
# used to display the *original* title if some AR validation errors occur
@original_title = @page.pretty_title
@page.safe_attributes = params[:wiki_page]
if request.post? && @page.save
flash[:notice] = l(:notice_successful_update)
redirect_to project_wiki_page_path(@page.project, @page.title)
end
end
def protect
@page.update_attribute :protected, params[:protected]
redirect_to project_wiki_page_path(@project, @page.title)
end
# show page history
def history
@version_count = @page.content.versions.count
@version_pages = Paginator.new @version_count, per_page_option, params['page']
# don't load text
@versions = @page.content.versions.
select("id, author_id, comments, updated_on, version").
reorder('version DESC').
limit(@version_pages.per_page + 1).
offset(@version_pages.offset).
to_a
render :layout => false if request.xhr?
end
def diff
@diff = @page.diff(params[:version], params[:version_from])
render_404 unless @diff
end
def annotate
@annotate = @page.annotate(params[:version])
render_404 unless @annotate
end
# Removes a wiki page and its history
# Children can be either set as root pages, removed or reassigned to another parent page
def destroy
return render_403 unless editable?
@descendants_count = @page.descendants.size
if @descendants_count > 0
case params[:todo]
when 'nullify'
# Nothing to do
when 'destroy'
# Removes all its descendants
@page.descendants.each(&:destroy)
when 'reassign'
# Reassign children to another parent page
reassign_to = @wiki.pages.find_by_id(params[:reassign_to_id].to_i)
return unless reassign_to
@page.children.each do |child|
child.update_attribute(:parent, reassign_to)
end
else
@reassignable_to = @wiki.pages - @page.self_and_descendants
# display the destroy form if it's a user request
return unless api_request?
end
end
@page.destroy
respond_to do |format|
format.html { redirect_to project_wiki_index_path(@project) }
format.api { render_api_ok }
end
end
def destroy_version
return render_403 unless editable?
if content = @page.content.versions.find_by_version(params[:version])
content.destroy
redirect_to_referer_or history_project_wiki_page_path(@project, @page.title)
else
render_404
end
end
# Export wiki to a single pdf or html file
def export
@pages = @wiki.pages.
order('title').
includes([:content, {:attachments => :author}]).
to_a
respond_to do |format|
format.html {
export = render_to_string :action => 'export_multiple', :layout => false
send_data(export, :type => 'text/html', :filename => "wiki.html")
}
format.pdf {
send_file_headers! :type => 'application/pdf', :filename => "#{@project.identifier}.pdf"
}
end
end
def preview
page = @wiki.find_page(params[:id])
# page is nil when previewing a new page
return render_403 unless page.nil? || editable?(page)
if page
@attachments += page.attachments
@previewed = page.content
end
@text = params[:content][:text]
render :partial => 'common/preview'
end
def add_attachment
return render_403 unless editable?
attachments = Attachment.attach_files(@page, params[:attachments])
render_attachment_warning_if_needed(@page)
redirect_to :action => 'show', :id => @page.title, :project_id => @project
end
private
def find_wiki
@project = Project.find(params[:project_id])
@wiki = @project.wiki
render_404 unless @wiki
rescue ActiveRecord::RecordNotFound
render_404
end
# Finds the requested page or a new page if it doesn't exist
def find_existing_or_new_page
@page = @wiki.find_or_new_page(params[:id])
if @wiki.page_found_with_redirect?
redirect_to_page @page
end
end
# Finds the requested page and returns a 404 error if it doesn't exist
def find_existing_page
@page = @wiki.find_page(params[:id])
if @page.nil?
render_404
return
end
if @wiki.page_found_with_redirect?
redirect_to_page @page
end
end
def redirect_to_page(page)
if page.project && page.project.visible?
redirect_to :action => action_name, :project_id => page.project, :id => page.title
else
render_404
end
end
# Returns true if the current user is allowed to edit the page, otherwise false
def editable?(page = @page)
page.editable_by?(User.current)
end
# Returns the default content of a new wiki page
def initial_page_content(page)
helper = Redmine::WikiFormatting.helper_for(Setting.text_formatting)
extend helper unless self.instance_of?(helper)
helper.instance_method(:initial_page_content).bind(self).call(page)
end
def load_pages_for_index
@pages = @wiki.pages.with_updated_on.
reorder("#{WikiPage.table_name}.title").
includes(:wiki => :project).
includes(:parent).
to_a
end
end

36
app/controllers/wikis_controller.rb Normal file
View file

@ -0,0 +1,36 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class WikisController < ApplicationController
menu_item :settings
before_action :find_project, :authorize
# Create or update a project's wiki
def edit
@wiki = @project.wiki || Wiki.new(:project => @project)
@wiki.safe_attributes = params[:wiki]
@wiki.save if request.post?
end
# Delete a project's wiki
def destroy
if request.post? && params[:confirm] && @project.wiki
@project.wiki.destroy
redirect_to settings_project_path(@project, :tab => 'wiki')
end
end
end

149
app/controllers/workflows_controller.rb Normal file
View file

@ -0,0 +1,149 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class WorkflowsController < ApplicationController
layout 'admin'
self.main_menu = false
before_action :require_admin
def index
@roles = Role.sorted.select(&:consider_workflow?)
@trackers = Tracker.sorted
@workflow_counts = WorkflowTransition.group(:tracker_id, :role_id).count
end
def edit
find_trackers_roles_and_statuses_for_edit
if request.post? && @roles && @trackers && params[:transitions]
transitions = params[:transitions].deep_dup
transitions.each do |old_status_id, transitions_by_new_status|
transitions_by_new_status.each do |new_status_id, transition_by_rule|
transition_by_rule.reject! {|rule, transition| transition == 'no_change'}
end
end
WorkflowTransition.replace_transitions(@trackers, @roles, transitions)
flash[:notice] = l(:notice_successful_update)
redirect_to_referer_or workflows_edit_path
return
end
if @trackers && @roles && @statuses.any?
workflows = WorkflowTransition.
where(:role_id => @roles.map(&:id), :tracker_id => @trackers.map(&:id)).
preload(:old_status, :new_status)
@workflows = {}
@workflows['always'] = workflows.select {|w| !w.author && !w.assignee}
@workflows['author'] = workflows.select {|w| w.author}
@workflows['assignee'] = workflows.select {|w| w.assignee}
end
end
def permissions
find_trackers_roles_and_statuses_for_edit
if request.post? && @roles && @trackers && params[:permissions]
permissions = params[:permissions].deep_dup
permissions.each { |field, rule_by_status_id|
rule_by_status_id.reject! {|status_id, rule| rule == 'no_change'}
}
WorkflowPermission.replace_permissions(@trackers, @roles, permissions)
flash[:notice] = l(:notice_successful_update)
redirect_to_referer_or workflows_permissions_path
return
end
if @roles && @trackers
@fields = (Tracker::CORE_FIELDS_ALL - @trackers.map(&:disabled_core_fields).reduce(:&)).map {|field| [field, l("field_"+field.sub(/_id$/, ''))]}
@custom_fields = @trackers.map(&:custom_fields).flatten.uniq.sort
@permissions = WorkflowPermission.rules_by_status_id(@trackers, @roles)
@statuses.each {|status| @permissions[status.id] ||= {}}
end
end
def copy
@roles = Role.sorted.select(&:consider_workflow?)
@trackers = Tracker.sorted
if params[:source_tracker_id].blank? || params[:source_tracker_id] == 'any'
@source_tracker = nil
else
@source_tracker = Tracker.find_by_id(params[:source_tracker_id].to_i)
end
if params[:source_role_id].blank? || params[:source_role_id] == 'any'
@source_role = nil
else
@source_role = Role.find_by_id(params[:source_role_id].to_i)
end
@target_trackers = params[:target_tracker_ids].blank? ?
nil : Tracker.where(:id => params[:target_tracker_ids]).to_a
@target_roles = params[:target_role_ids].blank? ?
nil : Role.where(:id => params[:target_role_ids]).to_a
if request.post?
if params[:source_tracker_id].blank? || params[:source_role_id].blank? || (@source_tracker.nil? && @source_role.nil?)
flash.now[:error] = l(:error_workflow_copy_source)
elsif @target_trackers.blank? || @target_roles.blank?
flash.now[:error] = l(:error_workflow_copy_target)
else
WorkflowRule.copy(@source_tracker, @source_role, @target_trackers, @target_roles)
flash[:notice] = l(:notice_successful_update)
redirect_to workflows_copy_path(:source_tracker_id => @source_tracker, :source_role_id => @source_role)
end
end
end
private
def find_trackers_roles_and_statuses_for_edit
find_roles
find_trackers
find_statuses
end
def find_roles
ids = Array.wrap(params[:role_id])
if ids == ['all']
@roles = Role.sorted.to_a
elsif ids.present?
@roles = Role.where(:id => ids).to_a
end
@roles = nil if @roles.blank?
end
def find_trackers
ids = Array.wrap(params[:tracker_id])
if ids == ['all']
@trackers = Tracker.sorted.to_a
elsif ids.present?
@trackers = Tracker.where(:id => ids).to_a
end
@trackers = nil if @trackers.blank?
end
def find_statuses
@used_statuses_only = (params[:used_statuses_only] == '0' ? false : true)
if @trackers && @used_statuses_only
role_ids = Role.all.select(&:consider_workflow?).map(&:id)
status_ids = WorkflowTransition.where(
:tracker_id => @trackers.map(&:id), :role_id => role_ids
).distinct.pluck(:old_status_id, :new_status_id).flatten.uniq
@statuses = IssueStatus.where(:id => status_ids).sorted.to_a.presence
end
@statuses ||= IssueStatus.sorted.to_a
end
end

21
app/helpers/account_helper.rb Normal file
View file

@ -0,0 +1,21 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module AccountHelper
end

33
app/helpers/activities_helper.rb Normal file
View file

@ -0,0 +1,33 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module ActivitiesHelper
def sort_activity_events(events)
events_by_group = events.group_by(&:event_group)
sorted_events = []
events.sort {|x, y| y.event_datetime <=> x.event_datetime}.each do |event|
if group_events = events_by_group.delete(event.event_group)
group_events.sort {|x, y| y.event_datetime <=> x.event_datetime}.each_with_index do |e, i|
sorted_events << [e, i > 0]
end
end
end
sorted_events
end
end

35
app/helpers/admin_helper.rb Normal file
View file

@ -0,0 +1,35 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module AdminHelper
def project_status_options_for_select(selected)
options_for_select([[l(:label_all), ''],
[l(:project_status_active), '1'],
[l(:project_status_closed), '5'],
[l(:project_status_archived), '9']], selected.to_s)
end
def plugin_data_for_updates(plugins)
data = {"v" => Redmine::VERSION.to_s, "p" => {}}
plugins.each do |plugin|
data["p"].merge! plugin.id => {"v" => plugin.version, "n" => plugin.name, "a" => plugin.author}
end
data
end
end

1519
app/helpers/application_helper.rb Normal file
View file

File diff suppressed because it is too large Load diff

81
app/helpers/attachments_helper.rb Normal file
View file

@ -0,0 +1,81 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module AttachmentsHelper
def container_attachments_edit_path(container)
object_attachments_edit_path container.class.name.underscore.pluralize, container.id
end
def container_attachments_path(container)
object_attachments_path container.class.name.underscore.pluralize, container.id
end
# Displays view/delete links to the attachments of the given object
# Options:
# :author -- author names are not displayed if set to false
# :thumbails -- display thumbnails if enabled in settings
def link_to_attachments(container, options = {})
options.assert_valid_keys(:author, :thumbnails)
attachments = if container.attachments.loaded?
container.attachments
else
container.attachments.preload(:author).to_a
end
if attachments.any?
options = {
:editable => container.attachments_editable?,
:deletable => container.attachments_deletable?,
:author => true
}.merge(options)
render :partial => 'attachments/links',
:locals => {
:container => container,
:attachments => attachments,
:options => options,
:thumbnails => (options[:thumbnails] && Setting.thumbnails_enabled?)
}
end
end
def render_api_attachment(attachment, api, options={})
api.attachment do
render_api_attachment_attributes(attachment, api)
options.each { |key, value| eval("api.#{key} value") }
end
end
def render_api_attachment_attributes(attachment, api)
api.id attachment.id
api.filename attachment.filename
api.filesize attachment.filesize
api.content_type attachment.content_type
api.description attachment.description
api.content_url download_named_attachment_url(attachment, attachment.filename)
if attachment.thumbnailable?
api.thumbnail_url thumbnail_url(attachment)
end
if attachment.author
api.author(:id => attachment.author.id, :name => attachment.author.name)
end
api.created_on attachment.created_on
end
end

24
app/helpers/auth_sources_helper.rb Normal file
View file

@ -0,0 +1,24 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module AuthSourcesHelper
def auth_source_partial_name(auth_source)
"form_#{auth_source.class.name.underscore}"
end
end

41
app/helpers/boards_helper.rb Normal file
View file

@ -0,0 +1,41 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module BoardsHelper
def board_breadcrumb(item)
board = item.is_a?(Message) ? item.board : item
links = [link_to(l(:label_board_plural), project_boards_path(item.project))]
boards = board.ancestors.reverse
if item.is_a?(Message)
boards << board
end
links += boards.map {|ancestor| link_to(h(ancestor.name), project_board_path(ancestor.project, ancestor))}
breadcrumb links
end
def boards_options_for_select(boards)
options = []
Board.board_tree(boards) do |board, level|
label = (level > 0 ? '&nbsp;' * 2 * level + '&#187; ' : '').html_safe
label << board.name
options << [label, board.id]
end
options
end
end

58
app/helpers/calendars_helper.rb Normal file
View file

@ -0,0 +1,58 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module CalendarsHelper
def link_to_previous_month(year, month, options={})
target_year, target_month = if month == 1
[year - 1, 12]
else
[year, month - 1]
end
name = if target_month == 12
"#{month_name(target_month)} #{target_year}"
else
"#{month_name(target_month)}"
end
# \xc2\xab(utf-8) = &#171;
link_to_month(("\xc2\xab " + name), target_year, target_month, options)
end
def link_to_next_month(year, month, options={})
target_year, target_month = if month == 12
[year + 1, 1]
else
[year, month + 1]
end
name = if target_month == 1
"#{month_name(target_month)} #{target_year}"
else
"#{month_name(target_month)}"
end
# \xc2\xbb(utf-8) = &#187;
link_to_month((name + " \xc2\xbb"), target_year, target_month, options)
end
def link_to_month(link_name, year, month, options={})
link_to(link_name, {:params => request.query_parameters.merge(:year => year, :month => month)}, options)
end
end

50
app/helpers/context_menus_helper.rb Normal file
View file

@ -0,0 +1,50 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module ContextMenusHelper
def context_menu_link(name, url, options={})
options[:class] ||= ''
if options.delete(:selected)
options[:class] << ' icon-checked disabled'
options[:disabled] = true
end
if options.delete(:disabled)
options.delete(:method)
options.delete(:data)
options[:onclick] = 'return false;'
options[:class] << ' disabled'
url = '#'
end
link_to h(name), url, options
end
def bulk_update_custom_field_context_menu_link(field, text, value)
context_menu_link h(text),
bulk_update_issues_path(:ids => @issue_ids, :issue => {'custom_field_values' => {field.id => value}}, :back_url => @back),
:method => :post,
:selected => (@issue && @issue.custom_field_value(field) == value)
end
def bulk_update_time_entry_custom_field_context_menu_link(field, text, value)
context_menu_link h(text),
bulk_update_time_entries_path(:ids => @time_entries.map(&:id).sort, :time_entry => {'custom_field_values' => {field.id => value}}, :back_url => @back),
:method => :post,
:selected => (@time_entry && @time_entry.custom_field_value(field) == value)
end
end

183
app/helpers/custom_fields_helper.rb Normal file
View file

@ -0,0 +1,183 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module CustomFieldsHelper
CUSTOM_FIELDS_TABS = [
{:name => 'IssueCustomField', :partial => 'custom_fields/index',
:label => :label_issue_plural},
{:name => 'TimeEntryCustomField', :partial => 'custom_fields/index',
:label => :label_spent_time},
{:name => 'ProjectCustomField', :partial => 'custom_fields/index',
:label => :label_project_plural},
{:name => 'VersionCustomField', :partial => 'custom_fields/index',
:label => :label_version_plural},
{:name => 'DocumentCustomField', :partial => 'custom_fields/index',
:label => :label_document_plural},
{:name => 'UserCustomField', :partial => 'custom_fields/index',
:label => :label_user_plural},
{:name => 'GroupCustomField', :partial => 'custom_fields/index',
:label => :label_group_plural},
{:name => 'TimeEntryActivityCustomField', :partial => 'custom_fields/index',
:label => TimeEntryActivity::OptionName},
{:name => 'IssuePriorityCustomField', :partial => 'custom_fields/index',
:label => IssuePriority::OptionName},
{:name => 'DocumentCategoryCustomField', :partial => 'custom_fields/index',
:label => DocumentCategory::OptionName}
]
def render_custom_fields_tabs(types)
tabs = CUSTOM_FIELDS_TABS.select {|h| types.include?(h[:name]) }
render_tabs tabs
end
def custom_field_type_options
CUSTOM_FIELDS_TABS.map {|h| [l(h[:label]), h[:name]]}
end
def custom_field_title(custom_field)
items = []
items << [l(:label_custom_field_plural), custom_fields_path]
items << [l(custom_field.type_name), custom_fields_path(:tab => custom_field.class.name)] if custom_field
items << (custom_field.nil? || custom_field.new_record? ? l(:label_custom_field_new) : custom_field.name)
title(*items)
end
def render_custom_field_format_partial(form, custom_field)
partial = custom_field.format.form_partial
if partial
render :partial => custom_field.format.form_partial, :locals => {:f => form, :custom_field => custom_field}
end
end
def custom_field_tag_name(prefix, custom_field)
name = "#{prefix}[custom_field_values][#{custom_field.id}]"
name << "[]" if custom_field.multiple?
name
end
def custom_field_tag_id(prefix, custom_field)
"#{prefix}_custom_field_values_#{custom_field.id}"
end
# Return custom field html tag corresponding to its format
def custom_field_tag(prefix, custom_value)
custom_value.custom_field.format.edit_tag self,
custom_field_tag_id(prefix, custom_value.custom_field),
custom_field_tag_name(prefix, custom_value.custom_field),
custom_value,
:class => "#{custom_value.custom_field.field_format}_cf"
end
# Return custom field name tag
def custom_field_name_tag(custom_field)
title = custom_field.description.presence
css = title ? "field-description" : nil
content_tag 'span', custom_field.name, :title => title, :class => css
end
# Return custom field label tag
def custom_field_label_tag(name, custom_value, options={})
required = options[:required] || custom_value.custom_field.is_required?
for_tag_id = options.fetch(:for_tag_id, "#{name}_custom_field_values_#{custom_value.custom_field.id}")
content = custom_field_name_tag custom_value.custom_field
content_tag "label", content +
(required ? " <span class=\"required\">*</span>".html_safe : ""),
:for => for_tag_id
end
# Return custom field tag with its label tag
def custom_field_tag_with_label(name, custom_value, options={})
tag = custom_field_tag(name, custom_value)
tag_id = nil
ids = tag.scan(/ id="(.+?)"/)
if ids.size == 1
tag_id = ids.first.first
end
custom_field_label_tag(name, custom_value, options.merge(:for_tag_id => tag_id)) + tag
end
# Returns the custom field tag for when bulk editing objects
def custom_field_tag_for_bulk_edit(prefix, custom_field, objects=nil, value='')
custom_field.format.bulk_edit_tag self,
custom_field_tag_id(prefix, custom_field),
custom_field_tag_name(prefix, custom_field),
custom_field,
objects,
value,
:class => "#{custom_field.field_format}_cf"
end
# Return a string used to display a custom value
def show_value(custom_value, html=true)
format_object(custom_value, html)
end
# Return a string used to display a custom value
def format_value(value, custom_field)
format_object(custom_field.format.formatted_value(self, custom_field, value, false), false)
end
# Return an array of custom field formats which can be used in select_tag
def custom_field_formats_for_select(custom_field)
Redmine::FieldFormat.as_select(custom_field.class.customized_class.name)
end
# Yields the given block for each custom field value of object that should be
# displayed, with the custom field and the formatted value as arguments
def render_custom_field_values(object, &block)
object.visible_custom_field_values.each do |custom_value|
formatted = show_value(custom_value)
if formatted.present?
yield custom_value.custom_field, formatted
end
end
end
# Renders the custom_values in api views
def render_api_custom_values(custom_values, api)
api.array :custom_fields do
custom_values.each do |custom_value|
attrs = {:id => custom_value.custom_field_id, :name => custom_value.custom_field.name}
attrs.merge!(:multiple => true) if custom_value.custom_field.multiple?
api.custom_field attrs do
if custom_value.value.is_a?(Array)
api.array :value do
custom_value.value.each do |value|
api.value value unless value.blank?
end
end
else
api.value custom_value.value
end
end
end
end unless custom_values.empty?
end
def edit_tag_style_tag(form, options={})
select_options = [[l(:label_drop_down_list), ''], [l(:label_checkboxes), 'check_box']]
if options[:include_radio]
select_options << [l(:label_radio_buttons), 'radio']
end
form.select :edit_tag_style, select_options, :label => :label_display
end
end

21
app/helpers/documents_helper.rb Normal file
View file

@ -0,0 +1,21 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module DocumentsHelper
end

38
app/helpers/email_addresses_helper.rb Normal file
View file

@ -0,0 +1,38 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module EmailAddressesHelper
# Returns a link to enable or disable notifications for the address
def toggle_email_address_notify_link(address)
if address.notify?
link_to l(:label_disable_notifications),
user_email_address_path(address.user, address, :notify => '0'),
:method => :put, :remote => true,
:title => l(:label_disable_notifications),
:class => 'icon-only icon-email'
else
link_to l(:label_enable_notifications),
user_email_address_path(address.user, address, :notify => '1'),
:method => :put, :remote => true,
:title => l(:label_enable_notifications),
:class => 'icon-only icon-email-disabled'
end
end
end

21
app/helpers/enumerations_helper.rb Normal file
View file

@ -0,0 +1,21 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module EnumerationsHelper
end

43
app/helpers/gantt_helper.rb Normal file
View file

@ -0,0 +1,43 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module GanttHelper
def gantt_zoom_link(gantt, in_or_out)
case in_or_out
when :in
if gantt.zoom < 4
link_to l(:text_zoom_in),
{:params => request.query_parameters.merge(gantt.params.merge(:zoom => (gantt.zoom + 1)))},
:class => 'icon icon-zoom-in'
else
content_tag(:span, l(:text_zoom_in), :class => 'icon icon-zoom-in').html_safe
end
when :out
if gantt.zoom > 1
link_to l(:text_zoom_out),
{:params => request.query_parameters.merge(gantt.params.merge(:zoom => (gantt.zoom - 1)))},
:class => 'icon icon-zoom-out'
else
content_tag(:span, l(:text_zoom_out), :class => 'icon icon-zoom-out').html_safe
end
end
end
end

46
app/helpers/groups_helper.rb Normal file
View file

@ -0,0 +1,46 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module GroupsHelper
def group_settings_tabs(group)
tabs = []
tabs << {:name => 'general', :partial => 'groups/general', :label => :label_general}
tabs << {:name => 'users', :partial => 'groups/users', :label => :label_user_plural} if group.givable?
tabs << {:name => 'memberships', :partial => 'groups/memberships', :label => :label_project_plural}
tabs
end
def render_principals_for_new_group_users(group, limit=100)
scope = User.active.sorted.not_in_group(group).like(params[:q])
principal_count = scope.count
principal_pages = Redmine::Pagination::Paginator.new principal_count, limit, params['page']
principals = scope.offset(principal_pages.offset).limit(principal_pages.per_page).to_a
s = content_tag('div',
content_tag('div', principals_check_box_tags('user_ids[]', principals), :id => 'principals'),
:class => 'objects-selection'
)
links = pagination_links_full(principal_pages, principal_count, :per_page_links => false) {|text, parameters, options|
link_to text, autocomplete_for_user_group_path(group, parameters.merge(:q => params[:q], :format => 'js')), :remote => true
}
s + content_tag('span', links, :class => 'pagination')
end
end

47
app/helpers/imports_helper.rb Normal file
View file

@ -0,0 +1,47 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module ImportsHelper
def options_for_mapping_select(import, field, options={})
tags = "".html_safe
blank_text = options[:required] ? "-- #{l(:actionview_instancetag_blank_option)} --" : "&nbsp;".html_safe
tags << content_tag('option', blank_text, :value => '')
tags << options_for_select(import.columns_options, import.mapping[field])
if values = options[:values]
tags << content_tag('option', '--', :disabled => true)
tags << options_for_select(values.map {|text, value| [text, "value:#{value}"]}, import.mapping[field])
end
tags
end
def mapping_select_tag(import, field, options={})
name = "import_settings[mapping][#{field}]"
select_tag name, options_for_mapping_select(import, field, options), :id => "import_mapping_#{field}"
end
# Returns the options for the date_format setting
def date_format_options
Import::DATE_FORMATS.map do |f|
format = f.gsub('%', '').gsub(/[dmY]/) do
{'d' => 'DD', 'm' => 'MM', 'Y' => 'YYYY'}[$&]
end
[format, f]
end
end
end

21
app/helpers/issue_categories_helper.rb Normal file
View file

@ -0,0 +1,21 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module IssueCategoriesHelper
end

25
app/helpers/issue_relations_helper.rb Normal file
View file

@ -0,0 +1,25 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module IssueRelationsHelper
def collection_for_relation_type_select
values = IssueRelation::TYPES
values.keys.sort{|x,y| values[x][:order] <=> values[y][:order]}.collect{|k| [l(values[k][:name]), k]}
end
end

21
app/helpers/issue_statuses_helper.rb Normal file
View file

@ -0,0 +1,21 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module IssueStatusesHelper
end

542
app/helpers/issues_helper.rb Normal file
View file

@ -0,0 +1,542 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module IssuesHelper
include ApplicationHelper
include Redmine::Export::PDF::IssuesPdfHelper
def issue_list(issues, &block)
ancestors = []
issues.each do |issue|
while (ancestors.any? && !issue.is_descendant_of?(ancestors.last))
ancestors.pop
end
yield issue, ancestors.size
ancestors << issue unless issue.leaf?
end
end
def grouped_issue_list(issues, query, &block)
ancestors = []
grouped_query_results(issues, query) do |issue, group_name, group_count, group_totals|
while (ancestors.any? && !issue.is_descendant_of?(ancestors.last))
ancestors.pop
end
yield issue, ancestors.size, group_name, group_count, group_totals
ancestors << issue unless issue.leaf?
end
end
# Renders a HTML/CSS tooltip
#
# To use, a trigger div is needed. This is a div with the class of "tooltip"
# that contains this method wrapped in a span with the class of "tip"
#
# <div class="tooltip"><%= link_to_issue(issue) %>
# <span class="tip"><%= render_issue_tooltip(issue) %></span>
# </div>
#
def render_issue_tooltip(issue)
@cached_label_status ||= l(:field_status)
@cached_label_start_date ||= l(:field_start_date)
@cached_label_due_date ||= l(:field_due_date)
@cached_label_assigned_to ||= l(:field_assigned_to)
@cached_label_priority ||= l(:field_priority)
@cached_label_project ||= l(:field_project)
link_to_issue(issue) + "<br /><br />".html_safe +
"<strong>#{@cached_label_project}</strong>: #{link_to_project(issue.project)}<br />".html_safe +
"<strong>#{@cached_label_status}</strong>: #{h(issue.status.name)}<br />".html_safe +
"<strong>#{@cached_label_start_date}</strong>: #{format_date(issue.start_date)}<br />".html_safe +
"<strong>#{@cached_label_due_date}</strong>: #{format_date(issue.due_date)}<br />".html_safe +
"<strong>#{@cached_label_assigned_to}</strong>: #{h(issue.assigned_to)}<br />".html_safe +
"<strong>#{@cached_label_priority}</strong>: #{h(issue.priority.name)}".html_safe
end
def issue_heading(issue)
h("#{issue.tracker} ##{issue.id}")
end
def render_issue_subject_with_tree(issue)
s = ''
ancestors = issue.root? ? [] : issue.ancestors.visible.to_a
ancestors.each do |ancestor|
s << '<div>' + content_tag('p', link_to_issue(ancestor, :project => (issue.project_id != ancestor.project_id)))
end
s << '<div>'
subject = h(issue.subject)
if issue.is_private?
subject = content_tag('span', l(:field_is_private), :class => 'private') + ' ' + subject
end
s << content_tag('h3', subject)
s << '</div>' * (ancestors.size + 1)
s.html_safe
end
def render_descendants_tree(issue)
s = '<table class="list issues odd-even">'
issue_list(issue.descendants.visible.preload(:status, :priority, :tracker, :assigned_to).sort_by(&:lft)) do |child, level|
css = "issue issue-#{child.id} hascontextmenu #{child.css_classes}"
css << " idnt idnt-#{level}" if level > 0
s << content_tag('tr',
content_tag('td', check_box_tag("ids[]", child.id, false, :id => nil), :class => 'checkbox') +
content_tag('td', link_to_issue(child, :project => (issue.project_id != child.project_id)), :class => 'subject', :style => 'width: 50%') +
content_tag('td', h(child.status), :class => 'status') +
content_tag('td', link_to_user(child.assigned_to), :class => 'assigned_to') +
content_tag('td', child.disabled_core_fields.include?('done_ratio') ? '' : progress_bar(child.done_ratio), :class=> 'done_ratio'),
:class => css)
end
s << '</table>'
s.html_safe
end
# Renders the list of related issues on the issue details view
def render_issue_relations(issue, relations)
manage_relations = User.current.allowed_to?(:manage_issue_relations, issue.project)
s = ''.html_safe
relations.each do |relation|
other_issue = relation.other_issue(issue)
css = "issue hascontextmenu #{other_issue.css_classes}"
link = manage_relations ? link_to(l(:label_relation_delete),
relation_path(relation),
:remote => true,
:method => :delete,
:data => {:confirm => l(:text_are_you_sure)},
:title => l(:label_relation_delete),
:class => 'icon-only icon-link-break'
) : nil
s << content_tag('tr',
content_tag('td', check_box_tag("ids[]", other_issue.id, false, :id => nil), :class => 'checkbox') +
content_tag('td', relation.to_s(@issue) {|other| link_to_issue(other, :project => Setting.cross_project_issue_relations?)}.html_safe, :class => 'subject', :style => 'width: 50%') +
content_tag('td', other_issue.status, :class => 'status') +
content_tag('td', other_issue.start_date, :class => 'start_date') +
content_tag('td', other_issue.due_date, :class => 'due_date') +
content_tag('td', other_issue.disabled_core_fields.include?('done_ratio') ? '' : progress_bar(other_issue.done_ratio), :class=> 'done_ratio') +
content_tag('td', link, :class => 'buttons'),
:id => "relation-#{relation.id}",
:class => css)
end
content_tag('table', s, :class => 'list issues odd-even')
end
def issue_estimated_hours_details(issue)
if issue.total_estimated_hours.present?
if issue.total_estimated_hours == issue.estimated_hours
l_hours_short(issue.estimated_hours)
else
s = issue.estimated_hours.present? ? l_hours_short(issue.estimated_hours) : ""
s << " (#{l(:label_total)}: #{l_hours_short(issue.total_estimated_hours)})"
s.html_safe
end
end
end
def issue_spent_hours_details(issue)
if issue.total_spent_hours > 0
path = project_time_entries_path(issue.project, :issue_id => "~#{issue.id}")
if issue.total_spent_hours == issue.spent_hours
link_to(l_hours_short(issue.spent_hours), path)
else
s = issue.spent_hours > 0 ? l_hours_short(issue.spent_hours) : ""
s << " (#{l(:label_total)}: #{link_to l_hours_short(issue.total_spent_hours), path})"
s.html_safe
end
end
end
# Returns an array of error messages for bulk edited issues
def bulk_edit_error_messages(issues)
messages = {}
issues.each do |issue|
issue.errors.full_messages.each do |message|
messages[message] ||= []
messages[message] << issue
end
end
messages.map { |message, issues|
"#{message}: " + issues.map {|i| "##{i.id}"}.join(', ')
}
end
# Returns a link for adding a new subtask to the given issue
def link_to_new_subtask(issue)
attrs = {
:parent_issue_id => issue
}
attrs[:tracker_id] = issue.tracker unless issue.tracker.disabled_core_fields.include?('parent_issue_id')
link_to(l(:button_add), new_project_issue_path(issue.project, :issue => attrs, :back_url => issue_path(issue)))
end
def trackers_options_for_select(issue)
trackers = issue.allowed_target_trackers
if issue.new_record? && issue.parent_issue_id.present?
trackers = trackers.reject do |tracker|
issue.tracker_id != tracker.id && tracker.disabled_core_fields.include?('parent_issue_id')
end
end
trackers.collect {|t| [t.name, t.id]}
end
class IssueFieldsRows
include ActionView::Helpers::TagHelper
def initialize
@left = []
@right = []
end
def left(*args)
args.any? ? @left << cells(*args) : @left
end
def right(*args)
args.any? ? @right << cells(*args) : @right
end
def size
@left.size > @right.size ? @left.size : @right.size
end
def to_html
content =
content_tag('div', @left.reduce(&:+), :class => 'splitcontentleft') +
content_tag('div', @right.reduce(&:+), :class => 'splitcontentleft')
content_tag('div', content, :class => 'splitcontent')
end
def cells(label, text, options={})
options[:class] = [options[:class] || "", 'attribute'].join(' ')
content_tag 'div',
content_tag('div', label + ":", :class => 'label') + content_tag('div', text, :class => 'value'),
options
end
end
def issue_fields_rows
r = IssueFieldsRows.new
yield r
r.to_html
end
def render_half_width_custom_fields_rows(issue)
values = issue.visible_custom_field_values.reject {|value| value.custom_field.full_width_layout?}
return if values.empty?
half = (values.size / 2.0).ceil
issue_fields_rows do |rows|
values.each_with_index do |value, i|
css = "cf_#{value.custom_field.id}"
m = (i < half ? :left : :right)
rows.send m, custom_field_name_tag(value.custom_field), show_value(value), :class => css
end
end
end
def render_full_width_custom_fields_rows(issue)
values = issue.visible_custom_field_values.select {|value| value.custom_field.full_width_layout?}
return if values.empty?
s = ''.html_safe
values.each_with_index do |value, i|
attr_value = show_value(value)
next if attr_value.blank?
if value.custom_field.text_formatting == 'full'
attr_value = content_tag('div', attr_value, class: 'wiki')
end
content =
content_tag('hr') +
content_tag('p', content_tag('strong', custom_field_name_tag(value.custom_field) )) +
content_tag('div', attr_value, class: 'value')
s << content_tag('div', content, class: "cf_#{value.custom_field.id} attribute")
end
s
end
# Returns the path for updating the issue form
# with project as the current project
def update_issue_form_path(project, issue)
options = {:format => 'js'}
if issue.new_record?
if project
new_project_issue_path(project, options)
else
new_issue_path(options)
end
else
edit_issue_path(issue, options)
end
end
# Returns the number of descendants for an array of issues
def issues_descendant_count(issues)
ids = issues.reject(&:leaf?).map {|issue| issue.descendants.ids}.flatten.uniq
ids -= issues.map(&:id)
ids.size
end
def issues_destroy_confirmation_message(issues)
issues = [issues] unless issues.is_a?(Array)
message = l(:text_issues_destroy_confirmation)
descendant_count = issues_descendant_count(issues)
if descendant_count > 0
message << "\n" + l(:text_issues_destroy_descendants_confirmation, :count => descendant_count)
end
message
end
# Returns an array of users that are proposed as watchers
# on the new issue form
def users_for_new_issue_watchers(issue)
users = issue.watcher_users
if issue.project.users.count <= 20
users = (users + issue.project.users.sort).uniq
end
users
end
def email_issue_attributes(issue, user, html)
items = []
%w(author status priority assigned_to category fixed_version).each do |attribute|
unless issue.disabled_core_fields.include?(attribute+"_id")
if html
items << content_tag('strong', "#{l("field_#{attribute}")}: ") + (issue.send attribute)
else
items << "#{l("field_#{attribute}")}: #{issue.send attribute}"
end
end
end
issue.visible_custom_field_values(user).each do |value|
if html
items << content_tag('strong', "#{value.custom_field.name}: ") + show_value(value, false)
else
items << "#{value.custom_field.name}: #{show_value(value, false)}"
end
end
items
end
def render_email_issue_attributes(issue, user, html=false)
items = email_issue_attributes(issue, user, html)
if html
content_tag('ul', items.map{|s| content_tag('li', s)}.join("\n").html_safe, :class => "details")
else
items.map{|s| "* #{s}"}.join("\n")
end
end
# Returns the textual representation of a journal details
# as an array of strings
def details_to_strings(details, no_html=false, options={})
options[:only_path] = (options[:only_path] == false ? false : true)
strings = []
values_by_field = {}
details.each do |detail|
if detail.property == 'cf'
field = detail.custom_field
if field && field.multiple?
values_by_field[field] ||= {:added => [], :deleted => []}
if detail.old_value
values_by_field[field][:deleted] << detail.old_value
end
if detail.value
values_by_field[field][:added] << detail.value
end
next
end
end
strings << show_detail(detail, no_html, options)
end
if values_by_field.present?
multiple_values_detail = Struct.new(:property, :prop_key, :custom_field, :old_value, :value)
values_by_field.each do |field, changes|
if changes[:added].any?
detail = multiple_values_detail.new('cf', field.id.to_s, field)
detail.value = changes[:added]
strings << show_detail(detail, no_html, options)
end
if changes[:deleted].any?
detail = multiple_values_detail.new('cf', field.id.to_s, field)
detail.old_value = changes[:deleted]
strings << show_detail(detail, no_html, options)
end
end
end
strings
end
# Returns the textual representation of a single journal detail
def show_detail(detail, no_html=false, options={})
multiple = false
show_diff = false
no_details = false
case detail.property
when 'attr'
field = detail.prop_key.to_s.gsub(/\_id$/, "")
label = l(("field_" + field).to_sym)
case detail.prop_key
when 'due_date', 'start_date'
value = format_date(detail.value.to_date) if detail.value
old_value = format_date(detail.old_value.to_date) if detail.old_value
when 'project_id', 'status_id', 'tracker_id', 'assigned_to_id',
'priority_id', 'category_id', 'fixed_version_id'
value = find_name_by_reflection(field, detail.value)
old_value = find_name_by_reflection(field, detail.old_value)
when 'estimated_hours'
value = l_hours_short(detail.value.to_f) unless detail.value.blank?
old_value = l_hours_short(detail.old_value.to_f) unless detail.old_value.blank?
when 'parent_id'
label = l(:field_parent_issue)
value = "##{detail.value}" unless detail.value.blank?
old_value = "##{detail.old_value}" unless detail.old_value.blank?
when 'is_private'
value = l(detail.value == "0" ? :general_text_No : :general_text_Yes) unless detail.value.blank?
old_value = l(detail.old_value == "0" ? :general_text_No : :general_text_Yes) unless detail.old_value.blank?
when 'description'
show_diff = true
end
when 'cf'
custom_field = detail.custom_field
if custom_field
label = custom_field.name
if custom_field.format.class.change_no_details
no_details = true
elsif custom_field.format.class.change_as_diff
show_diff = true
else
multiple = custom_field.multiple?
value = format_value(detail.value, custom_field) if detail.value
old_value = format_value(detail.old_value, custom_field) if detail.old_value
end
end
when 'attachment'
label = l(:label_attachment)
when 'relation'
if detail.value && !detail.old_value
rel_issue = Issue.visible.find_by_id(detail.value)
value = rel_issue.nil? ? "#{l(:label_issue)} ##{detail.value}" :
(no_html ? rel_issue : link_to_issue(rel_issue, :only_path => options[:only_path]))
elsif detail.old_value && !detail.value
rel_issue = Issue.visible.find_by_id(detail.old_value)
old_value = rel_issue.nil? ? "#{l(:label_issue)} ##{detail.old_value}" :
(no_html ? rel_issue : link_to_issue(rel_issue, :only_path => options[:only_path]))
end
relation_type = IssueRelation::TYPES[detail.prop_key]
label = l(relation_type[:name]) if relation_type
end
call_hook(:helper_issues_show_detail_after_setting,
{:detail => detail, :label => label, :value => value, :old_value => old_value })
label ||= detail.prop_key
value ||= detail.value
old_value ||= detail.old_value
unless no_html
label = content_tag('strong', label)
old_value = content_tag("i", h(old_value)) if detail.old_value
if detail.old_value && detail.value.blank? && detail.property != 'relation'
old_value = content_tag("del", old_value)
end
if detail.property == 'attachment' && value.present? &&
atta = detail.journal.journalized.attachments.detect {|a| a.id == detail.prop_key.to_i}
# Link to the attachment if it has not been removed
value = link_to_attachment(atta, only_path: options[:only_path])
if options[:only_path] != false
value += ' '
value += link_to_attachment atta, class: 'icon-only icon-download', title: l(:button_download), download: true
end
else
value = content_tag("i", h(value)) if value
end
end
if no_details
s = l(:text_journal_changed_no_detail, :label => label).html_safe
elsif show_diff
s = l(:text_journal_changed_no_detail, :label => label)
unless no_html
diff_link = link_to 'diff',
diff_journal_url(detail.journal_id, :detail_id => detail.id, :only_path => options[:only_path]),
:title => l(:label_view_diff)
s << " (#{ diff_link })"
end
s.html_safe
elsif detail.value.present?
case detail.property
when 'attr', 'cf'
if detail.old_value.present?
l(:text_journal_changed, :label => label, :old => old_value, :new => value).html_safe
elsif multiple
l(:text_journal_added, :label => label, :value => value).html_safe
else
l(:text_journal_set_to, :label => label, :value => value).html_safe
end
when 'attachment', 'relation'
l(:text_journal_added, :label => label, :value => value).html_safe
end
else
l(:text_journal_deleted, :label => label, :old => old_value).html_safe
end
end
# Find the name of an associated record stored in the field attribute
def find_name_by_reflection(field, id)
unless id.present?
return nil
end
@detail_value_name_by_reflection ||= Hash.new do |hash, key|
association = Issue.reflect_on_association(key.first.to_sym)
name = nil
if association
record = association.klass.find_by_id(key.last)
if record
name = record.name.force_encoding('UTF-8')
end
end
hash[key] = name
end
@detail_value_name_by_reflection[[field, id]]
end
# Renders issue children recursively
def render_api_issue_children(issue, api)
return if issue.leaf?
api.array :children do
issue.children.each do |child|
api.issue(:id => child.id) do
api.tracker(:id => child.tracker_id, :name => child.tracker.name) unless child.tracker.nil?
api.subject child.subject
render_api_issue_children(child, api)
end
end
end
end
end

69
app/helpers/journals_helper.rb Normal file
View file

@ -0,0 +1,69 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module JournalsHelper
# Returns the attachments of a journal that are displayed as thumbnails
def journal_thumbnail_attachments(journal)
ids = journal.details.select {|d| d.property == 'attachment' && d.value.present?}.map(&:prop_key)
ids.any? ? Attachment.where(:id => ids).select(&:thumbnailable?) : []
end
def render_notes(issue, journal, options={})
content = ''
css_classes = "wiki"
links = []
if journal.notes.present?
links << link_to(l(:button_quote),
quoted_issue_path(issue, :journal_id => journal),
:remote => true,
:method => 'post',
:title => l(:button_quote),
:class => 'icon-only icon-comment'
) if options[:reply_links]
if journal.editable_by?(User.current)
links << link_to(l(:button_edit),
edit_journal_path(journal),
:remote => true,
:method => 'get',
:title => l(:button_edit),
:class => 'icon-only icon-edit'
)
links << link_to(l(:button_delete),
journal_path(journal, :journal => {:notes => ""}),
:remote => true,
:method => 'put', :data => {:confirm => l(:text_are_you_sure)},
:title => l(:button_delete),
:class => 'icon-only icon-del'
)
css_classes << " editable"
end
end
content << content_tag('div', links.join(' ').html_safe, :class => 'contextual') unless links.empty?
content << textilizable(journal, :notes)
content_tag('div', content.html_safe, :id => "journal-#{journal.id}-notes", :class => css_classes)
end
def render_private_notes_indicator(journal)
content = journal.private_notes? ? l(:field_is_private) : ''
css_classes = journal.private_notes? ? 'private' : ''
content_tag('span', content.html_safe, :id => "journal-#{journal.id}-private_notes", :class => css_classes)
end
end

21
app/helpers/mail_handler_helper.rb Normal file
View file

@ -0,0 +1,21 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module MailHandlerHelper
end

38
app/helpers/members_helper.rb Normal file
View file

@ -0,0 +1,38 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module MembersHelper
def render_principals_for_new_members(project, limit=100)
scope = Principal.active.visible.sorted.not_member_of(project).like(params[:q])
principal_count = scope.count
principal_pages = Redmine::Pagination::Paginator.new principal_count, limit, params['page']
principals = scope.offset(principal_pages.offset).limit(principal_pages.per_page).to_a
s = content_tag('div',
content_tag('div', principals_check_box_tags('membership[user_ids][]', principals), :id => 'principals'),
:class => 'objects-selection'
)
links = pagination_links_full(principal_pages, principal_count, :per_page_links => false) {|text, parameters, options|
link_to text, autocomplete_project_memberships_path(project, parameters.merge(:q => params[:q], :format => 'js')), :remote => true
}
s + content_tag('span', links, :class => 'pagination')
end
end

21
app/helpers/messages_helper.rb Normal file
View file

@ -0,0 +1,21 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module MessagesHelper
end

167
app/helpers/my_helper.rb Normal file
View file

@ -0,0 +1,167 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module MyHelper
# Renders the blocks
def render_blocks(blocks, user, options={})
s = ''.html_safe
if blocks.present?
blocks.each do |block|
s << render_block(block, user).to_s
end
end
s
end
# Renders a single block
def render_block(block, user)
content = render_block_content(block, user)
if content.present?
handle = content_tag('span', '', :class => 'sort-handle', :title => l(:button_move))
close = link_to(l(:button_delete),
{:action => "remove_block", :block => block},
:remote => true, :method => 'post',
:class => "icon-only icon-close", :title => l(:button_delete))
content = content_tag('div', handle + close, :class => 'contextual') + content
content_tag('div', content, :class => "mypage-box", :id => "block-#{block}")
end
end
# Renders a single block content
def render_block_content(block, user)
unless block_definition = Redmine::MyPage.find_block(block)
Rails.logger.warn("Unknown block \"#{block}\" found in #{user.login} (id=#{user.id}) preferences")
return
end
settings = user.pref.my_page_settings(block)
if partial = block_definition[:partial]
begin
render(:partial => partial, :locals => {:user => user, :settings => settings, :block => block})
rescue ActionView::MissingTemplate
Rails.logger.warn("Partial \"#{partial}\" missing for block \"#{block}\" found in #{user.login} (id=#{user.id}) preferences")
return nil
end
else
send "render_#{block_definition[:name]}_block", block, settings
end
end
# Returns the select tag used to add a block to My page
def block_select_tag(user)
blocks_in_use = user.pref.my_page_layout.values.flatten
options = content_tag('option')
Redmine::MyPage.block_options(blocks_in_use).each do |label, block|
options << content_tag('option', label, :value => block, :disabled => block.blank?)
end
select_tag('block', options, :id => "block-select", :onchange => "$('#block-form').submit();")
end
def render_calendar_block(block, settings)
calendar = Redmine::Helpers::Calendar.new(User.current.today, current_language, :week)
calendar.events = Issue.visible.
where(:project_id => User.current.projects.map(&:id)).
where("(start_date>=? and start_date<=?) or (due_date>=? and due_date<=?)", calendar.startdt, calendar.enddt, calendar.startdt, calendar.enddt).
includes(:project, :tracker, :priority, :assigned_to).
references(:project, :tracker, :priority, :assigned_to).
to_a
render :partial => 'my/blocks/calendar', :locals => {:calendar => calendar, :block => block}
end
def render_documents_block(block, settings)
documents = Document.visible.order("#{Document.table_name}.created_on DESC").limit(10).to_a
render :partial => 'my/blocks/documents', :locals => {:block => block, :documents => documents}
end
def render_issuesassignedtome_block(block, settings)
query = IssueQuery.new(:name => l(:label_assigned_to_me_issues), :user => User.current)
query.add_filter 'assigned_to_id', '=', ['me']
query.column_names = settings[:columns].presence || ['project', 'tracker', 'status', 'subject']
query.sort_criteria = settings[:sort].presence || [['priority', 'desc'], ['updated_on', 'desc']]
issues = query.issues(:limit => 10)
render :partial => 'my/blocks/issues', :locals => {:query => query, :issues => issues, :block => block}
end
def render_issuesreportedbyme_block(block, settings)
query = IssueQuery.new(:name => l(:label_reported_issues), :user => User.current)
query.add_filter 'author_id', '=', ['me']
query.column_names = settings[:columns].presence || ['project', 'tracker', 'status', 'subject']
query.sort_criteria = settings[:sort].presence || [['updated_on', 'desc']]
issues = query.issues(:limit => 10)
render :partial => 'my/blocks/issues', :locals => {:query => query, :issues => issues, :block => block}
end
def render_issueswatched_block(block, settings)
query = IssueQuery.new(:name => l(:label_watched_issues), :user => User.current)
query.add_filter 'watcher_id', '=', ['me']
query.column_names = settings[:columns].presence || ['project', 'tracker', 'status', 'subject']
query.sort_criteria = settings[:sort].presence || [['updated_on', 'desc']]
issues = query.issues(:limit => 10)
render :partial => 'my/blocks/issues', :locals => {:query => query, :issues => issues, :block => block}
end
def render_issuequery_block(block, settings)
query = IssueQuery.visible.find_by_id(settings[:query_id])
if query
query.column_names = settings[:columns] if settings[:columns].present?
query.sort_criteria = settings[:sort] if settings[:sort].present?
issues = query.issues(:limit => 10)
render :partial => 'my/blocks/issues', :locals => {:query => query, :issues => issues, :block => block, :settings => settings}
else
queries = IssueQuery.visible.sorted
render :partial => 'my/blocks/issue_query_selection', :locals => {:queries => queries, :block => block, :settings => settings}
end
end
def render_news_block(block, settings)
news = News.visible.
where(:project_id => User.current.projects.map(&:id)).
limit(10).
includes(:project, :author).
references(:project, :author).
order("#{News.table_name}.created_on DESC").
to_a
render :partial => 'my/blocks/news', :locals => {:block => block, :news => news}
end
def render_timelog_block(block, settings)
days = settings[:days].to_i
days = 7 if days < 1 || days > 365
entries = TimeEntry.
where("#{TimeEntry.table_name}.user_id = ? AND #{TimeEntry.table_name}.spent_on BETWEEN ? AND ?", User.current.id, User.current.today - (days - 1), User.current.today).
joins(:activity, :project).
references(:issue => [:tracker, :status]).
includes(:issue => [:tracker, :status]).
order("#{TimeEntry.table_name}.spent_on DESC, #{Project.table_name}.name ASC, #{Tracker.table_name}.position ASC, #{Issue.table_name}.id ASC").
to_a
entries_by_day = entries.group_by(&:spent_on)
render :partial => 'my/blocks/timelog', :locals => {:block => block, :entries => entries, :entries_by_day => entries_by_day, :days => days}
end
end

21
app/helpers/news_helper.rb Normal file
View file

@ -0,0 +1,21 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module NewsHelper
end

64
app/helpers/principal_memberships_helper.rb Normal file
View file

@ -0,0 +1,64 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module PrincipalMembershipsHelper
def render_principal_memberships(principal)
render :partial => 'principal_memberships/index', :locals => {:principal => principal}
end
def call_table_header_hook(principal)
if principal.is_a?(Group)
call_hook :view_groups_memberships_table_header, :group => principal
else
call_hook :view_users_memberships_table_header, :user => principal
end
end
def call_table_row_hook(principal, membership)
if principal.is_a?(Group)
call_hook :view_groups_memberships_table_row, :group => principal, :membership => membership
else
call_hook :view_users_memberships_table_row, :user => principal, :membership => membership
end
end
def new_principal_membership_path(principal, *args)
if principal.is_a?(Group)
new_group_membership_path(principal, *args)
else
new_user_membership_path(principal, *args)
end
end
def edit_principal_membership_path(principal, *args)
if principal.is_a?(Group)
edit_group_membership_path(principal, *args)
else
edit_user_membership_path(principal, *args)
end
end
def principal_membership_path(principal, membership, *args)
if principal.is_a?(Group)
group_membership_path(principal, membership, *args)
else
user_membership_path(principal, membership, *args)
end
end
end

140
app/helpers/projects_helper.rb Normal file
View file

@ -0,0 +1,140 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module ProjectsHelper
def project_settings_tabs
tabs = [{:name => 'info', :action => :edit_project, :partial => 'projects/edit', :label => :label_information_plural},
{:name => 'modules', :action => :select_project_modules, :partial => 'projects/settings/modules', :label => :label_module_plural},
{:name => 'members', :action => :manage_members, :partial => 'projects/settings/members', :label => :label_member_plural},
{:name => 'versions', :action => :manage_versions, :partial => 'projects/settings/versions', :label => :label_version_plural,
:url => {:tab => 'versions', :version_status => params[:version_status], :version_name => params[:version_name]}},
{:name => 'categories', :action => :manage_categories, :partial => 'projects/settings/issue_categories', :label => :label_issue_category_plural},
{:name => 'wiki', :action => :manage_wiki, :partial => 'projects/settings/wiki', :label => :label_wiki},
{:name => 'repositories', :action => :manage_repository, :partial => 'projects/settings/repositories', :label => :label_repository_plural},
{:name => 'boards', :action => :manage_boards, :partial => 'projects/settings/boards', :label => :label_board_plural},
{:name => 'activities', :action => :manage_project_activities, :partial => 'projects/settings/activities', :label => :enumeration_activities}
]
tabs.select {|tab| User.current.allowed_to?(tab[:action], @project)}
end
def parent_project_select_tag(project)
selected = project.parent
# retrieve the requested parent project
parent_id = (params[:project] && params[:project][:parent_id]) || params[:parent_id]
if parent_id
selected = (parent_id.blank? ? nil : Project.find(parent_id))
end
options = ''
options << "<option value=''>&nbsp;</option>" if project.allowed_parents.include?(nil)
options << project_tree_options_for_select(project.allowed_parents.compact, :selected => selected)
content_tag('select', options.html_safe, :name => 'project[parent_id]', :id => 'project_parent_id')
end
def render_project_action_links
links = "".html_safe
if User.current.allowed_to?(:add_project, nil, :global => true)
links << link_to(l(:label_project_new), new_project_path, :class => 'icon icon-add')
end
links
end
# Renders the projects index
def render_project_hierarchy(projects)
render_project_nested_lists(projects) do |project|
s = link_to_project(project, {}, :class => "#{project.css_classes} #{User.current.member_of?(project) ? 'icon icon-fav my-project' : nil}")
if project.description.present?
s << content_tag('div', textilizable(project.short_description, :project => project), :class => 'wiki description')
end
s
end
end
# Returns a set of options for a select field, grouped by project.
def version_options_for_select(versions, selected=nil)
grouped = Hash.new {|h,k| h[k] = []}
versions.each do |version|
grouped[version.project.name] << [version.name, version.id]
end
selected = selected.is_a?(Version) ? selected.id : selected
if grouped.keys.size > 1
grouped_options_for_select(grouped, selected)
else
options_for_select((grouped.values.first || []), selected)
end
end
def project_default_version_options(project)
versions = project.shared_versions.open.to_a
if project.default_version && !versions.include?(project.default_version)
versions << project.default_version
end
version_options_for_select(versions, project.default_version)
end
def project_default_assigned_to_options(project)
assignable_users = (project.assignable_users.to_a + [project.default_assigned_to]).uniq.compact
principals_options_for_select(assignable_users, project.default_assigned_to)
end
def format_version_sharing(sharing)
sharing = 'none' unless Version::VERSION_SHARINGS.include?(sharing)
l("label_version_sharing_#{sharing}")
end
def render_boards_tree(boards, parent=nil, level=0, &block)
selection = boards.select {|b| b.parent == parent}
return '' if selection.empty?
s = ''.html_safe
selection.each do |board|
node = capture(board, level, &block)
node << render_boards_tree(boards, board, level+1, &block)
s << content_tag('div', node)
end
content_tag('div', s, :class => 'sort-level')
end
def render_api_includes(project, api)
api.array :trackers do
project.trackers.each do |tracker|
api.tracker(:id => tracker.id, :name => tracker.name)
end
end if include_in_api_response?('trackers')
api.array :issue_categories do
project.issue_categories.each do |category|
api.issue_category(:id => category.id, :name => category.name)
end
end if include_in_api_response?('issue_categories')
api.array :time_entry_activities do
project.activities.each do |activity|
api.time_entry_activity(:id => activity.id, :name => activity.name)
end
end if include_in_api_response?('time_entry_activities')
api.array :enabled_modules do
project.enabled_modules.each do |enabled_module|
api.enabled_module(:id => enabled_module.id, :name => enabled_module.name)
end
end if include_in_api_response?('enabled_modules')
end
end

406
app/helpers/queries_helper.rb Normal file
View file

@ -0,0 +1,406 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module QueriesHelper
include ApplicationHelper
def filters_options_for_select(query)
ungrouped = []
grouped = {}
query.available_filters.map do |field, field_options|
if field_options[:type] == :relation
group = :label_relations
elsif field_options[:type] == :tree
group = query.is_a?(IssueQuery) ? :label_relations : nil
elsif field =~ /^cf_\d+\./
group = (field_options[:through] || field_options[:field]).try(:name)
elsif field =~ /^(.+)\./
# association filters
group = "field_#{$1}".to_sym
elsif %w(member_of_group assigned_to_role).include?(field)
group = :field_assigned_to
elsif field_options[:type] == :date_past || field_options[:type] == :date
group = :label_date
end
if group
(grouped[group] ||= []) << [field_options[:name], field]
else
ungrouped << [field_options[:name], field]
end
end
# Don't group dates if there's only one (eg. time entries filters)
if grouped[:label_date].try(:size) == 1
ungrouped << grouped.delete(:label_date).first
end
s = options_for_select([[]] + ungrouped)
if grouped.present?
localized_grouped = grouped.map {|k,v| [k.is_a?(Symbol) ? l(k) : k.to_s, v]}
s << grouped_options_for_select(localized_grouped)
end
s
end
def query_filters_hidden_tags(query)
tags = ''.html_safe
query.filters.each do |field, options|
tags << hidden_field_tag("f[]", field, :id => nil)
tags << hidden_field_tag("op[#{field}]", options[:operator], :id => nil)
options[:values].each do |value|
tags << hidden_field_tag("v[#{field}][]", value, :id => nil)
end
end
tags
end
def query_columns_hidden_tags(query)
tags = ''.html_safe
query.columns.each do |column|
tags << hidden_field_tag("c[]", column.name, :id => nil)
end
tags
end
def query_hidden_tags(query)
query_filters_hidden_tags(query) + query_columns_hidden_tags(query)
end
def group_by_column_select_tag(query)
options = [[]] + query.groupable_columns.collect {|c| [c.caption, c.name.to_s]}
select_tag('group_by', options_for_select(options, @query.group_by))
end
def available_block_columns_tags(query)
tags = ''.html_safe
query.available_block_columns.each do |column|
tags << content_tag('label', check_box_tag('c[]', column.name.to_s, query.has_column?(column), :id => nil) + " #{column.caption}", :class => 'inline')
end
tags
end
def available_totalable_columns_tags(query)
tags = ''.html_safe
query.available_totalable_columns.each do |column|
tags << content_tag('label', check_box_tag('t[]', column.name.to_s, query.totalable_columns.include?(column), :id => nil) + " #{column.caption}", :class => 'inline')
end
tags << hidden_field_tag('t[]', '')
tags
end
def query_available_inline_columns_options(query)
(query.available_inline_columns - query.columns).reject(&:frozen?).collect {|column| [column.caption, column.name]}
end
def query_selected_inline_columns_options(query)
(query.inline_columns & query.available_inline_columns).reject(&:frozen?).collect {|column| [column.caption, column.name]}
end
def render_query_columns_selection(query, options={})
tag_name = (options[:name] || 'c') + '[]'
render :partial => 'queries/columns', :locals => {:query => query, :tag_name => tag_name}
end
def grouped_query_results(items, query, &block)
result_count_by_group = query.result_count_by_group
previous_group, first = false, true
totals_by_group = query.totalable_columns.inject({}) do |h, column|
h[column] = query.total_by_group_for(column)
h
end
items.each do |item|
group_name = group_count = nil
if query.grouped?
group = query.group_by_column.value(item)
if first || group != previous_group
if group.blank? && group != false
group_name = "(#{l(:label_blank_value)})"
else
group_name = format_object(group)
end
group_name ||= ""
group_count = result_count_by_group ? result_count_by_group[group] : nil
group_totals = totals_by_group.map {|column, t| total_tag(column, t[group] || 0)}.join(" ").html_safe
end
end
yield item, group_name, group_count, group_totals
previous_group, first = group, false
end
end
def render_query_totals(query)
return unless query.totalable_columns.present?
totals = query.totalable_columns.map do |column|
total_tag(column, query.total_for(column))
end
content_tag('p', totals.join(" ").html_safe, :class => "query-totals")
end
def total_tag(column, value)
label = content_tag('span', "#{column.caption}:")
value = if [:hours, :spent_hours, :total_spent_hours, :estimated_hours].include? column.name
format_hours(value)
else
format_object(value)
end
value = content_tag('span', value, :class => 'value')
content_tag('span', label + " " + value, :class => "total-for-#{column.name.to_s.dasherize}")
end
def column_header(query, column, options={})
if column.sortable?
css, order = nil, column.default_order
if column.name.to_s == query.sort_criteria.first_key
if query.sort_criteria.first_asc?
css = 'sort asc'
order = 'desc'
else
css = 'sort desc'
order = 'asc'
end
end
param_key = options[:sort_param] || :sort
sort_param = { param_key => query.sort_criteria.add(column.name, order).to_param }
while sort_param.keys.first.to_s =~ /^(.+)\[(.+)\]$/
sort_param = {$1 => {$2 => sort_param.values.first}}
end
link_options = {
:title => l(:label_sort_by, "\"#{column.caption}\""),
:class => css
}
if options[:sort_link_options]
link_options.merge! options[:sort_link_options]
end
content = link_to(column.caption,
{:params => request.query_parameters.deep_merge(sort_param)},
link_options
)
else
content = column.caption
end
content_tag('th', content)
end
def column_content(column, item)
value = column.value_object(item)
if value.is_a?(Array)
values = value.collect {|v| column_value(column, item, v)}.compact
safe_join(values, ', ')
else
column_value(column, item, value)
end
end
def column_value(column, item, value)
case column.name
when :id
link_to value, issue_path(item)
when :subject
link_to value, issue_path(item)
when :parent
value ? (value.visible? ? link_to_issue(value, :subject => false) : "##{value.id}") : ''
when :description
item.description? ? content_tag('div', textilizable(item, :description), :class => "wiki") : ''
when :last_notes
item.last_notes.present? ? content_tag('div', textilizable(item, :last_notes), :class => "wiki") : ''
when :done_ratio
progress_bar(value)
when :relations
content_tag('span',
value.to_s(item) {|other| link_to_issue(other, :subject => false, :tracker => false)}.html_safe,
:class => value.css_classes_for(item))
when :hours, :estimated_hours
format_hours(value)
when :spent_hours
link_to_if(value > 0, format_hours(value), project_time_entries_path(item.project, :issue_id => "#{item.id}"))
when :total_spent_hours
link_to_if(value > 0, format_hours(value), project_time_entries_path(item.project, :issue_id => "~#{item.id}"))
when :attachments
value.to_a.map {|a| format_object(a)}.join(" ").html_safe
else
format_object(value)
end
end
def csv_content(column, item)
value = column.value_object(item)
if value.is_a?(Array)
value.collect {|v| csv_value(column, item, v)}.compact.join(', ')
else
csv_value(column, item, value)
end
end
def csv_value(column, object, value)
case column.name
when :attachments
value.to_a.map {|a| a.filename}.join("\n")
else
format_object(value, false) do |value|
case value.class.name
when 'Float'
sprintf("%.2f", value).gsub('.', l(:general_csv_decimal_separator))
when 'IssueRelation'
value.to_s(object)
when 'Issue'
if object.is_a?(TimeEntry)
"#{value.tracker} ##{value.id}: #{value.subject}"
else
value.id
end
else
value
end
end
end
end
def query_to_csv(items, query, options={})
columns = query.columns
Redmine::Export::CSV.generate do |csv|
# csv header fields
csv << columns.map {|c| c.caption.to_s}
# csv lines
items.each do |item|
csv << columns.map {|c| csv_content(c, item)}
end
end
end
# Retrieve query from session or build a new query
def retrieve_query(klass=IssueQuery, use_session=true)
session_key = klass.name.underscore.to_sym
if params[:query_id].present?
cond = "project_id IS NULL"
cond << " OR project_id = #{@project.id}" if @project
@query = klass.where(cond).find(params[:query_id])
raise ::Unauthorized unless @query.visible?
@query.project = @project
session[session_key] = {:id => @query.id, :project_id => @query.project_id} if use_session
elsif api_request? || params[:set_filter] || !use_session || session[session_key].nil? || session[session_key][:project_id] != (@project ? @project.id : nil)
# Give it a name, required to be valid
@query = klass.new(:name => "_", :project => @project)
@query.build_from_params(params)
session[session_key] = {:project_id => @query.project_id, :filters => @query.filters, :group_by => @query.group_by, :column_names => @query.column_names, :totalable_names => @query.totalable_names, :sort => @query.sort_criteria.to_a} if use_session
else
# retrieve from session
@query = nil
@query = klass.find_by_id(session[session_key][:id]) if session[session_key][:id]
@query ||= klass.new(:name => "_", :filters => session[session_key][:filters], :group_by => session[session_key][:group_by], :column_names => session[session_key][:column_names], :totalable_names => session[session_key][:totalable_names], :sort_criteria => session[session_key][:sort])
@query.project = @project
end
if params[:sort].present?
@query.sort_criteria = params[:sort]
if use_session
session[session_key] ||= {}
session[session_key][:sort] = @query.sort_criteria.to_a
end
end
@query
end
def retrieve_query_from_session(klass=IssueQuery)
session_key = klass.name.underscore.to_sym
session_data = session[session_key]
if session_data
if session_data[:id]
@query = IssueQuery.find_by_id(session_data[:id])
return unless @query
else
@query = IssueQuery.new(:name => "_", :filters => session_data[:filters], :group_by => session_data[:group_by], :column_names => session_data[:column_names], :totalable_names => session_data[:totalable_names], :sort_criteria => session[session_key][:sort])
end
if session_data.has_key?(:project_id)
@query.project_id = session_data[:project_id]
else
@query.project = @project
end
@query
end
end
# Returns the query definition as hidden field tags
def query_as_hidden_field_tags(query)
tags = hidden_field_tag("set_filter", "1", :id => nil)
if query.filters.present?
query.filters.each do |field, filter|
tags << hidden_field_tag("f[]", field, :id => nil)
tags << hidden_field_tag("op[#{field}]", filter[:operator], :id => nil)
filter[:values].each do |value|
tags << hidden_field_tag("v[#{field}][]", value, :id => nil)
end
end
else
tags << hidden_field_tag("f[]", "", :id => nil)
end
query.columns.each do |column|
tags << hidden_field_tag("c[]", column.name, :id => nil)
end
if query.totalable_names.present?
query.totalable_names.each do |name|
tags << hidden_field_tag("t[]", name, :id => nil)
end
end
if query.group_by.present?
tags << hidden_field_tag("group_by", query.group_by, :id => nil)
end
if query.sort_criteria.present?
tags << hidden_field_tag("sort", query.sort_criteria.to_param, :id => nil)
end
tags
end
def query_hidden_sort_tag(query)
hidden_field_tag("sort", query.sort_criteria.to_param, :id => nil)
end
# Returns the queries that are rendered in the sidebar
def sidebar_queries(klass, project)
klass.visible.global_or_on_project(@project).sorted.to_a
end
# Renders a group of queries
def query_links(title, queries)
return '' if queries.empty?
# links to #index on issues/show
url_params = controller_name == 'issues' ? {:controller => 'issues', :action => 'index', :project_id => @project} : {}
content_tag('h3', title) + "\n" +
content_tag('ul',
queries.collect {|query|
css = 'query'
css << ' selected' if query == @query
content_tag('li', link_to(query.name, url_params.merge(:query_id => query), :class => css))
}.join("\n").html_safe,
:class => 'queries'
) + "\n"
end
# Renders the list of queries for the sidebar
def render_sidebar_queries(klass, project)
queries = sidebar_queries(klass, project)
out = ''.html_safe
out << query_links(l(:label_my_queries), queries.select(&:is_private?))
out << query_links(l(:label_query_plural), queries.reject(&:is_private?))
out
end
end

43
app/helpers/reports_helper.rb Normal file
View file

@ -0,0 +1,43 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module ReportsHelper
def aggregate(data, criteria)
a = 0
data.each { |row|
match = 1
criteria.each { |k, v|
match = 0 unless (row[k].to_s == v.to_s) || (k == 'closed' && (v == 0 ? ['f', false] : ['t', true]).include?(row[k]))
} unless criteria.nil?
a = a + row["total"].to_i if match == 1
} unless data.nil?
a
end
def aggregate_link(data, criteria, *args)
a = aggregate data, criteria
a > 0 ? link_to(h(a), *args) : '-'
end
def aggregate_path(project, field, row, options={})
parameters = {:set_filter => 1, :subproject_id => '!*', field => row.id}.merge(options)
project_issues_path(row.is_a?(Project) ? row : project, parameters)
end
end

310
app/helpers/repositories_helper.rb Normal file
View file

@ -0,0 +1,310 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module RepositoriesHelper
def format_revision(revision)
if revision.respond_to? :format_identifier
revision.format_identifier
else
revision.to_s
end
end
def truncate_at_line_break(text, length = 255)
if text
text.gsub(%r{^(.{#{length}}[^\n]*)\n.+$}m, '\\1...')
end
end
def render_properties(properties)
unless properties.nil? || properties.empty?
content = ''
properties.keys.sort.each do |property|
content << content_tag('li', "<b>#{h property}</b>: <span>#{h properties[property]}</span>".html_safe)
end
content_tag('ul', content.html_safe, :class => 'properties')
end
end
def render_changeset_changes
changes = @changeset.filechanges.limit(1000).reorder('path').collect do |change|
case change.action
when 'A'
# Detects moved/copied files
if !change.from_path.blank?
change.action =
@changeset.filechanges.detect {|c| c.action == 'D' && c.path == change.from_path} ? 'R' : 'C'
end
change
when 'D'
@changeset.filechanges.detect {|c| c.from_path == change.path} ? nil : change
else
change
end
end.compact
tree = { }
changes.each do |change|
p = tree
dirs = change.path.to_s.split('/').select {|d| !d.blank?}
path = ''
dirs.each do |dir|
path += '/' + dir
p[:s] ||= {}
p = p[:s]
p[path] ||= {}
p = p[path]
end
p[:c] = change
end
render_changes_tree(tree[:s])
end
def render_changes_tree(tree)
return '' if tree.nil?
output = ''
output << '<ul>'
tree.keys.sort.each do |file|
style = 'change'
text = File.basename(h(file))
if s = tree[file][:s]
style << ' folder'
path_param = to_path_param(@repository.relative_path(file))
text = link_to(h(text), :controller => 'repositories',
:action => 'show',
:id => @project,
:repository_id => @repository.identifier_param,
:path => path_param,
:rev => @changeset.identifier)
output << "<li class='#{style}'>#{text}"
output << render_changes_tree(s)
output << "</li>"
elsif c = tree[file][:c]
style << " change-#{c.action}"
path_param = to_path_param(@repository.relative_path(c.path))
text = link_to(h(text), :controller => 'repositories',
:action => 'entry',
:id => @project,
:repository_id => @repository.identifier_param,
:path => path_param,
:rev => @changeset.identifier) unless c.action == 'D'
text << " - #{h(c.revision)}" unless c.revision.blank?
text << ' ('.html_safe + link_to(l(:label_diff), :controller => 'repositories',
:action => 'diff',
:id => @project,
:repository_id => @repository.identifier_param,
:path => path_param,
:rev => @changeset.identifier) + ') '.html_safe if c.action == 'M'
text << ' '.html_safe + content_tag('span', h(c.from_path), :class => 'copied-from') unless c.from_path.blank?
output << "<li class='#{style}'>#{text}</li>"
end
end
output << '</ul>'
output.html_safe
end
def repository_field_tags(form, repository)
method = repository.class.name.demodulize.underscore + "_field_tags"
if repository.is_a?(Repository) &&
respond_to?(method) && method != 'repository_field_tags'
send(method, form, repository)
end
end
def scm_select_tag(repository)
scm_options = [["--- #{l(:actionview_instancetag_blank_option)} ---", '']]
Redmine::Scm::Base.all.each do |scm|
if Setting.enabled_scm.include?(scm) ||
(repository && repository.class.name.demodulize == scm)
scm_options << ["Repository::#{scm}".constantize.scm_name, scm]
end
end
select_tag('repository_scm',
options_for_select(scm_options, repository.class.name.demodulize),
:disabled => (repository && !repository.new_record?),
:data => {:remote => true, :method => 'get', :url => new_project_repository_path(repository.project)})
end
def with_leading_slash(path)
path.to_s.starts_with?('/') ? path : "/#{path}"
end
def subversion_field_tags(form, repository)
content_tag('p', form.text_field(:url, :size => 60, :required => true,
:disabled => !repository.safe_attribute?('url')) +
scm_path_info_tag(repository)) +
content_tag('p', form.text_field(:login, :size => 30)) +
content_tag('p', form.password_field(
:password, :size => 30, :name => 'ignore',
:value => ((repository.new_record? || repository.password.blank?) ? '' : ('x'*15)),
:onfocus => "this.value=''; this.name='repository[password]';",
:onchange => "this.name='repository[password]';"))
end
def darcs_field_tags(form, repository)
content_tag('p', form.text_field(
:url, :label => l(:field_path_to_repository),
:size => 60, :required => true,
:disabled => !repository.safe_attribute?('url')) +
scm_path_info_tag(repository)) +
scm_log_encoding_tag(form, repository)
end
def mercurial_field_tags(form, repository)
content_tag('p', form.text_field(
:url, :label => l(:field_path_to_repository),
:size => 60, :required => true,
:disabled => !repository.safe_attribute?('url')
) +
scm_path_info_tag(repository)) +
scm_path_encoding_tag(form, repository)
end
def git_field_tags(form, repository)
content_tag('p', form.text_field(
:url, :label => l(:field_path_to_repository),
:size => 60, :required => true,
:disabled => !repository.safe_attribute?('url')
) +
scm_path_info_tag(repository)) +
scm_path_encoding_tag(form, repository) +
content_tag('p', form.check_box(
:report_last_commit,
:label => l(:label_git_report_last_commit)
))
end
def cvs_field_tags(form, repository)
content_tag('p', form.text_field(
:root_url,
:label => l(:field_cvsroot),
:size => 60, :required => true,
:disabled => !repository.safe_attribute?('root_url')) +
scm_path_info_tag(repository)) +
content_tag('p', form.text_field(
:url,
:label => l(:field_cvs_module),
:size => 30, :required => true,
:disabled => !repository.safe_attribute?('url'))) +
scm_log_encoding_tag(form, repository) +
scm_path_encoding_tag(form, repository)
end
def bazaar_field_tags(form, repository)
content_tag('p', form.text_field(
:url, :label => l(:field_path_to_repository),
:size => 60, :required => true,
:disabled => !repository.safe_attribute?('url')) +
scm_path_info_tag(repository)) +
scm_log_encoding_tag(form, repository)
end
def filesystem_field_tags(form, repository)
content_tag('p', form.text_field(
:url, :label => l(:field_root_directory),
:size => 60, :required => true,
:disabled => !repository.safe_attribute?('url')) +
scm_path_info_tag(repository)) +
scm_path_encoding_tag(form, repository)
end
def scm_path_info_tag(repository)
text = scm_path_info(repository)
if text.present?
content_tag('em', text, :class => 'info')
else
''
end
end
def scm_path_info(repository)
scm_name = repository.scm_name.to_s.downcase
info_from_config = Redmine::Configuration["scm_#{scm_name}_path_info"].presence
return info_from_config.html_safe if info_from_config
l("text_#{scm_name}_repository_note", :default => '')
end
def scm_log_encoding_tag(form, repository)
select = form.select(
:log_encoding,
[nil] + Setting::ENCODINGS,
:label => l(:field_commit_logs_encoding),
:required => true
)
content_tag('p', select)
end
def scm_path_encoding_tag(form, repository)
select = form.select(
:path_encoding,
[nil] + Setting::ENCODINGS,
:label => l(:field_scm_path_encoding)
)
content_tag('p', select + content_tag('em', l(:text_scm_path_encoding_note), :class => 'info'))
end
def index_commits(commits, heads)
return nil if commits.nil? or commits.first.parents.nil?
refs_map = {}
heads.each do |head|
refs_map[head.scmid] ||= []
refs_map[head.scmid] << head
end
commits_by_scmid = {}
commits.reverse.each_with_index do |commit, commit_index|
commits_by_scmid[commit.scmid] = {
:parent_scmids => commit.parents.collect { |parent| parent.scmid },
:rdmid => commit_index,
:refs => refs_map.include?(commit.scmid) ? refs_map[commit.scmid].join(" ") : nil,
:scmid => commit.scmid,
:href => block_given? ? yield(commit.scmid) : commit.scmid
}
end
heads.sort! { |head1, head2| head1.to_s <=> head2.to_s }
space = nil
heads.each do |head|
if commits_by_scmid.include? head.scmid
space = index_head((space || -1) + 1, head, commits_by_scmid)
end
end
# when no head matched anything use first commit
space ||= index_head(0, commits.first, commits_by_scmid)
return commits_by_scmid, space
end
def index_head(space, commit, commits_by_scmid)
stack = [[space, commits_by_scmid[commit.scmid]]]
max_space = space
until stack.empty?
space, commit = stack.pop
commit[:space] = space if commit[:space].nil?
space -= 1
commit[:parent_scmids].each_with_index do |parent_scmid, parent_index|
parent_commit = commits_by_scmid[parent_scmid]
if parent_commit and parent_commit[:space].nil?
stack.unshift [space += 1, parent_commit]
end
end
max_space = space if max_space < space
end
max_space
end
end

21
app/helpers/roles_helper.rb Normal file
View file

@ -0,0 +1,21 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module RolesHelper
end

85
app/helpers/routes_helper.rb Normal file
View file

@ -0,0 +1,85 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module RoutesHelper
# Returns the path to project issues or to the cross-project
# issue list if project is nil
def _project_issues_path(project, *args)
if project
project_issues_path(project, *args)
else
issues_path(*args)
end
end
def _project_news_path(project, *args)
if project
project_news_index_path(project, *args)
else
news_index_path(*args)
end
end
def _new_project_issue_path(project, *args)
if project
new_project_issue_path(project, *args)
else
new_issue_path(*args)
end
end
def _project_calendar_path(project, *args)
project ? project_calendar_path(project, *args) : issues_calendar_path(*args)
end
def _project_gantt_path(project, *args)
project ? project_gantt_path(project, *args) : issues_gantt_path(*args)
end
def _time_entries_path(project, issue, *args)
if project
project_time_entries_path(project, *args)
else
time_entries_path(*args)
end
end
def _report_time_entries_path(project, issue, *args)
if project
report_project_time_entries_path(project, *args)
else
report_time_entries_path(*args)
end
end
def _new_time_entry_path(project, issue, *args)
if issue
new_issue_time_entry_path(issue, *args)
elsif project
new_project_time_entry_path(project, *args)
else
new_time_entry_path(*args)
end
end
def board_path(board, *args)
project_board_path(board.project, board, *args)
end
end

69
app/helpers/search_helper.rb Normal file
View file

@ -0,0 +1,69 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module SearchHelper
def highlight_tokens(text, tokens)
return text unless text && tokens && !tokens.empty?
re_tokens = tokens.collect {|t| Regexp.escape(t)}
regexp = Regexp.new "(#{re_tokens.join('|')})", Regexp::IGNORECASE
result = ''
text.split(regexp).each_with_index do |words, i|
if result.length > 1200
# maximum length of the preview reached
result << '...'
break
end
if i.even?
result << h(words.length > 100 ? "#{words.slice(0..44)} ... #{words.slice(-45..-1)}" : words)
else
t = (tokens.index(words.downcase) || 0) % 4
result << content_tag('span', h(words), :class => "highlight token-#{t}")
end
end
result.html_safe
end
def type_label(t)
l("label_#{t.singularize}_plural", :default => t.to_s.humanize)
end
def project_select_tag
options = [[l(:label_project_all), 'all']]
options << [l(:label_my_projects), 'my_projects'] unless User.current.memberships.empty?
options << [l(:label_and_its_subprojects, @project.name), 'subprojects'] unless @project.nil? || @project.descendants.active.empty?
options << [@project.name, ''] unless @project.nil?
label_tag("scope", l(:description_project_scope), :class => "hidden-for-sighted") +
select_tag('scope', options_for_select(options, params[:scope].to_s)) if options.size > 1
end
def render_results_by_type(results_by_type)
links = []
# Sorts types by results count
results_by_type.keys.sort {|a, b| results_by_type[b] <=> results_by_type[a]}.each do |t|
c = results_by_type[t]
next if c == 0
text = "#{type_label(t)} (#{c})"
links << link_to(h(text), :q => params[:q], :titles_only => params[:titles_only],
:all_words => params[:all_words], :scope => params[:scope], t => 1)
end
('<ul>'.html_safe +
links.map {|link| content_tag('li', link)}.join(' ').html_safe +
'</ul>'.html_safe) unless links.empty?
end
end

210
app/helpers/settings_helper.rb Normal file
View file

@ -0,0 +1,210 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module SettingsHelper
def administration_settings_tabs
tabs = [{:name => 'general', :partial => 'settings/general', :label => :label_general},
{:name => 'display', :partial => 'settings/display', :label => :label_display},
{:name => 'authentication', :partial => 'settings/authentication', :label => :label_authentication},
{:name => 'api', :partial => 'settings/api', :label => :label_api},
{:name => 'projects', :partial => 'settings/projects', :label => :label_project_plural},
{:name => 'issues', :partial => 'settings/issues', :label => :label_issue_tracking},
{:name => 'timelog', :partial => 'settings/timelog', :label => :label_time_tracking},
{:name => 'attachments', :partial => 'settings/attachments', :label => :label_attachment_plural},
{:name => 'notifications', :partial => 'settings/notifications', :label => :field_mail_notification},
{:name => 'mail_handler', :partial => 'settings/mail_handler', :label => :label_incoming_emails},
{:name => 'repositories', :partial => 'settings/repositories', :label => :label_repository_plural}
]
end
def render_settings_error(errors)
return if errors.blank?
s = ''.html_safe
errors.each do |name, message|
s << content_tag('li', content_tag('b', l("setting_#{name}")) + " " + message)
end
content_tag('div', content_tag('ul', s), :id => 'errorExplanation')
end
def setting_value(setting)
value = nil
if params[:settings]
value = params[:settings][setting]
end
value || Setting.send(setting)
end
def setting_select(setting, choices, options={})
if blank_text = options.delete(:blank)
choices = [[blank_text.is_a?(Symbol) ? l(blank_text) : blank_text, '']] + choices
end
setting_label(setting, options).html_safe +
select_tag("settings[#{setting}]",
options_for_select(choices, setting_value(setting).to_s),
options).html_safe
end
def setting_multiselect(setting, choices, options={})
setting_values = setting_value(setting)
setting_values = [] unless setting_values.is_a?(Array)
content_tag("label", l(options[:label] || "setting_#{setting}")) +
hidden_field_tag("settings[#{setting}][]", '').html_safe +
choices.collect do |choice|
text, value = (choice.is_a?(Array) ? choice : [choice, choice])
content_tag(
'label',
check_box_tag(
"settings[#{setting}][]",
value,
setting_values.include?(value),
:id => nil
) + text.to_s,
:class => (options[:inline] ? 'inline' : 'block')
)
end.join.html_safe
end
def setting_text_field(setting, options={})
setting_label(setting, options).html_safe +
text_field_tag("settings[#{setting}]", setting_value(setting), options).html_safe
end
def setting_text_area(setting, options={})
setting_label(setting, options).html_safe +
text_area_tag("settings[#{setting}]", setting_value(setting), options).html_safe
end
def setting_check_box(setting, options={})
setting_label(setting, options).html_safe +
hidden_field_tag("settings[#{setting}]", 0, :id => nil).html_safe +
check_box_tag("settings[#{setting}]", 1, setting_value(setting).to_s != '0', options).html_safe
end
def setting_label(setting, options={})
label = options.delete(:label)
if label == false
''
else
text = label.is_a?(String) ? label : l(label || "setting_#{setting}")
label_tag("settings_#{setting}", text, options[:label_options])
end
end
# Renders a notification field for a Redmine::Notifiable option
def notification_field(notifiable)
tag_data = notifiable.parent.present? ?
{:parent_notifiable => notifiable.parent} :
{:disables => "input[data-parent-notifiable=#{notifiable.name}]"}
tag = check_box_tag('settings[notified_events][]',
notifiable.name,
setting_value('notified_events').include?(notifiable.name),
:id => nil,
:data => tag_data)
text = l_or_humanize(notifiable.name, :prefix => 'label_')
options = {}
if notifiable.parent.present?
options[:class] = "parent"
end
content_tag(:label, tag + text, options)
end
def session_lifetime_options
options = [[l(:label_disabled), 0]]
options += [4, 8, 12].map {|hours|
[l('datetime.distance_in_words.x_hours', :count => hours), (hours * 60).to_s]
}
options += [1, 7, 30, 60, 365].map {|days|
[l('datetime.distance_in_words.x_days', :count => days), (days * 24 * 60).to_s]
}
options
end
def session_timeout_options
options = [[l(:label_disabled), 0]]
options += [1, 2, 4, 8, 12, 24, 48].map {|hours|
[l('datetime.distance_in_words.x_hours', :count => hours), (hours * 60).to_s]
}
options
end
def link_copied_issue_options
options = [
[:general_text_Yes, 'yes'],
[:general_text_No, 'no'],
[:label_ask, 'ask']
]
options.map {|label, value| [l(label), value.to_s]}
end
def cross_project_subtasks_options
options = [
[:label_disabled, ''],
[:label_cross_project_system, 'system'],
[:label_cross_project_tree, 'tree'],
[:label_cross_project_hierarchy, 'hierarchy'],
[:label_cross_project_descendants, 'descendants']
]
options.map {|label, value| [l(label), value.to_s]}
end
def parent_issue_dates_options
options = [
[:label_parent_task_attributes_derived, 'derived'],
[:label_parent_task_attributes_independent, 'independent']
]
options.map {|label, value| [l(label), value.to_s]}
end
def parent_issue_priority_options
options = [
[:label_parent_task_attributes_derived, 'derived'],
[:label_parent_task_attributes_independent, 'independent']
]
options.map {|label, value| [l(label), value.to_s]}
end
def parent_issue_done_ratio_options
options = [
[:label_parent_task_attributes_derived, 'derived'],
[:label_parent_task_attributes_independent, 'independent']
]
options.map {|label, value| [l(label), value.to_s]}
end
# Returns the options for the date_format setting
def date_format_setting_options(locale)
Setting::DATE_FORMATS.map do |f|
today = ::I18n.l(User.current.today, :locale => locale, :format => f)
format = f.gsub('%', '').gsub(/[dmY]/) do
{'d' => 'dd', 'm' => 'mm', 'Y' => 'yyyy'}[$&]
end
["#{today} (#{format})", f]
end
end
end

163
app/helpers/sort_helper.rb Normal file
View file

@ -0,0 +1,163 @@
# encoding: utf-8
#
# Helpers to sort tables using clickable column headers.
#
# Author: Stuart Rackham <srackham@methods.co.nz>, March 2005.
# Jean-Philippe Lang, 2009
# License: This source code is released under the MIT license.
#
# - Consecutive clicks toggle the column's sort order.
# - Sort state is maintained by a session hash entry.
# - CSS classes identify sort column and state.
# - Typically used in conjunction with the Pagination module.
#
# Example code snippets:
#
# Controller:
#
# helper :sort
# include SortHelper
#
# def list
# sort_init 'last_name'
# sort_update %w(first_name last_name)
# @items = Contact.find_all nil, sort_clause
# end
#
# Controller (using Pagination module):
#
# helper :sort
# include SortHelper
#
# def list
# sort_init 'last_name'
# sort_update %w(first_name last_name)
# @contact_pages, @items = paginate :contacts,
# :order_by => sort_clause,
# :per_page => 10
# end
#
# View (table header in list.rhtml):
#
# <thead>
# <tr>
# <%= sort_header_tag('id', :title => 'Sort by contact ID') %>
# <%= sort_header_tag('last_name', :caption => 'Name') %>
# <%= sort_header_tag('phone') %>
# <%= sort_header_tag('address', :width => 200) %>
# </tr>
# </thead>
#
# - Introduces instance variables: @sort_default, @sort_criteria
# - Introduces param :sort
#
module SortHelper
def sort_name
controller_name + '_' + action_name + '_sort'
end
# Initializes the default sort.
# Examples:
#
# sort_init 'name'
# sort_init 'id', 'desc'
# sort_init ['name', ['id', 'desc']]
# sort_init [['name', 'desc'], ['id', 'desc']]
#
def sort_init(*args)
case args.size
when 1
@sort_default = args.first.is_a?(Array) ? args.first : [[args.first]]
when 2
@sort_default = [[args.first, args.last]]
else
raise ArgumentError
end
end
# Updates the sort state. Call this in the controller prior to calling
# sort_clause.
# - criteria can be either an array or a hash of allowed keys
#
def sort_update(criteria, sort_name=nil)
sort_name ||= self.sort_name
@sort_criteria = Redmine::SortCriteria.new(params[:sort] || session[sort_name] || @sort_default)
@sortable_columns = criteria
session[sort_name] = @sort_criteria.to_param
end
# Clears the sort criteria session data
#
def sort_clear
session[sort_name] = nil
end
# Returns an SQL sort clause corresponding to the current sort state.
# Use this to sort the controller's table items collection.
#
def sort_clause()
@sort_criteria.sort_clause(@sortable_columns)
end
def sort_criteria
@sort_criteria
end
# Returns a link which sorts by the named column.
#
# - column is the name of an attribute in the sorted record collection.
# - the optional caption explicitly specifies the displayed link text.
# - 2 CSS classes reflect the state of the link: sort and asc or desc
#
def sort_link(column, caption, default_order)
css, order = nil, default_order
if column.to_s == @sort_criteria.first_key
if @sort_criteria.first_asc?
css = 'sort asc'
order = 'desc'
else
css = 'sort desc'
order = 'asc'
end
end
caption = column.to_s.humanize unless caption
sort_options = { :sort => @sort_criteria.add(column.to_s, order).to_param }
link_to(caption, {:params => request.query_parameters.merge(sort_options)}, :class => css)
end
# Returns a table header <th> tag with a sort link for the named column
# attribute.
#
# Options:
# :caption The displayed link name (defaults to titleized column name).
# :title The tag's 'title' attribute (defaults to 'Sort by :caption').
#
# Other options hash entries generate additional table header tag attributes.
#
# Example:
#
# <%= sort_header_tag('id', :title => 'Sort by contact ID', :width => 40) %>
#
def sort_header_tag(column, options = {})
caption = options.delete(:caption) || column.to_s.humanize
default_order = options.delete(:default_order) || 'asc'
options[:title] = l(:label_sort_by, "\"#{caption}\"") unless options[:title]
content_tag('th', sort_link(column, caption, default_order), options)
end
# Returns the css classes for the current sort order
#
# Example:
#
# sort_css_classes
# # => "sort-by-created-on sort-desc"
def sort_css_classes
if @sort_criteria.first_key
"sort-by-#{@sort_criteria.first_key.to_s.dasherize} sort-#{@sort_criteria.first_asc? ? 'asc' : 'desc'}"
end
end
end

121
app/helpers/timelog_helper.rb Normal file
View file

@ -0,0 +1,121 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module TimelogHelper
include ApplicationHelper
# Returns a collection of activities for a select field. time_entry
# is optional and will be used to check if the selected TimeEntryActivity
# is active.
def activity_collection_for_select_options(time_entry=nil, project=nil)
project ||= time_entry.try(:project)
project ||= @project
if project.nil?
activities = TimeEntryActivity.shared.active
else
activities = project.activities
end
collection = []
if time_entry && time_entry.activity && !time_entry.activity.active?
collection << [ "--- #{l(:actionview_instancetag_blank_option)} ---", '' ]
else
collection << [ "--- #{l(:actionview_instancetag_blank_option)} ---", '' ] unless activities.detect(&:is_default)
end
activities.each { |a| collection << [a.name, a.id] }
collection
end
def select_hours(data, criteria, value)
if value.to_s.empty?
data.select {|row| row[criteria].blank? }
else
data.select {|row| row[criteria].to_s == value.to_s}
end
end
def sum_hours(data)
sum = 0
data.each do |row|
sum += row['hours'].to_f
end
sum
end
def format_criteria_value(criteria_options, value)
if value.blank?
"[#{l(:label_none)}]"
elsif k = criteria_options[:klass]
obj = k.find_by_id(value.to_i)
if obj.is_a?(Issue)
obj.visible? ? "#{obj.tracker} ##{obj.id}: #{obj.subject}" : "##{obj.id}"
else
obj
end
elsif cf = criteria_options[:custom_field]
format_value(value, cf)
else
value.to_s
end
end
def report_to_csv(report)
Redmine::Export::CSV.generate do |csv|
# Column headers
headers = report.criteria.collect {|criteria| l(report.available_criteria[criteria][:label]) }
headers += report.periods
headers << l(:label_total_time)
csv << headers
# Content
report_criteria_to_csv(csv, report.available_criteria, report.columns, report.criteria, report.periods, report.hours)
# Total row
str_total = l(:label_total_time)
row = [ str_total ] + [''] * (report.criteria.size - 1)
total = 0
report.periods.each do |period|
sum = sum_hours(select_hours(report.hours, report.columns, period.to_s))
total += sum
row << (sum > 0 ? sum : '')
end
row << total
csv << row
end
end
def report_criteria_to_csv(csv, available_criteria, columns, criteria, periods, hours, level=0)
hours.collect {|h| h[criteria[level]].to_s}.uniq.each do |value|
hours_for_value = select_hours(hours, criteria[level], value)
next if hours_for_value.empty?
row = [''] * level
row << format_criteria_value(available_criteria[criteria[level]], value).to_s
row += [''] * (criteria.length - level - 1)
total = 0
periods.each do |period|
sum = sum_hours(select_hours(hours_for_value, columns, period.to_s))
total += sum
row << (sum > 0 ? sum : '')
end
row << total
csv << row
if criteria.length > level + 1
report_criteria_to_csv(csv, available_criteria, columns, criteria, periods, hours_for_value, level + 1)
end
end
end
end

21
app/helpers/trackers_helper.rb Normal file
View file

@ -0,0 +1,21 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module TrackersHelper
end

64
app/helpers/users_helper.rb Normal file
View file

@ -0,0 +1,64 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module UsersHelper
def users_status_options_for_select(selected)
user_count_by_status = User.group('status').count.to_hash
options_for_select([[l(:label_all), ''],
["#{l(:status_active)} (#{user_count_by_status[1].to_i})", '1'],
["#{l(:status_registered)} (#{user_count_by_status[2].to_i})", '2'],
["#{l(:status_locked)} (#{user_count_by_status[3].to_i})", '3']], selected.to_s)
end
def user_mail_notification_options(user)
user.valid_notification_options.collect {|o| [l(o.last), o.first]}
end
def textarea_font_options
[[l(:label_font_default), '']] + UserPreference::TEXTAREA_FONT_OPTIONS.map {|o| [l("label_font_#{o}"), o]}
end
def change_status_link(user)
url = {:controller => 'users', :action => 'update', :id => user, :page => params[:page], :status => params[:status], :tab => nil}
if user.locked?
link_to l(:button_unlock), url.merge(:user => {:status => User::STATUS_ACTIVE}), :method => :put, :class => 'icon icon-unlock'
elsif user.registered?
link_to l(:button_activate), url.merge(:user => {:status => User::STATUS_ACTIVE}), :method => :put, :class => 'icon icon-unlock'
elsif user != User.current
link_to l(:button_lock), url.merge(:user => {:status => User::STATUS_LOCKED}), :method => :put, :class => 'icon icon-lock'
end
end
def additional_emails_link(user)
if user.email_addresses.count > 1 || Setting.max_additional_emails.to_i > 0
link_to l(:label_email_address_plural), user_email_addresses_path(@user), :class => 'icon icon-email-add', :remote => true
end
end
def user_settings_tabs
tabs = [{:name => 'general', :partial => 'users/general', :label => :label_general},
{:name => 'memberships', :partial => 'users/memberships', :label => :label_project_plural}
]
if Group.givable.any?
tabs.insert 1, {:name => 'groups', :partial => 'users/groups', :label => :label_group_plural}
end
tabs
end
end

76
app/helpers/versions_helper.rb Normal file
View file

@ -0,0 +1,76 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module VersionsHelper
def version_anchor(version)
if @project == version.project
anchor version.name
else
anchor "#{version.project.try(:identifier)}-#{version.name}"
end
end
def version_filtered_issues_path(version, options = {})
options = {:fixed_version_id => version, :set_filter => 1}.merge(options)
project = case version.sharing
when 'hierarchy', 'tree'
if version.project && version.project.root.visible?
version.project.root
else
version.project
end
when 'system'
nil
else
version.project
end
if project
project_issues_path(project, options)
else
issues_path(options)
end
end
STATUS_BY_CRITERIAS = %w(tracker status priority author assigned_to category)
def render_issue_status_by(version, criteria)
criteria = 'tracker' unless STATUS_BY_CRITERIAS.include?(criteria)
h = Hash.new {|k,v| k[v] = [0, 0]}
begin
# Total issue count
version.fixed_issues.group(criteria).count.each {|c,s| h[c][0] = s}
# Open issues count
version.fixed_issues.open.group(criteria).count.each {|c,s| h[c][1] = s}
rescue ActiveRecord::RecordNotFound
# When grouping by an association, Rails throws this exception if there's no result (bug)
end
# Sort with nil keys in last position
counts = h.keys.sort {|a,b| a.nil? ? 1 : (b.nil? ? -1 : a <=> b)}.collect {|k| {:group => k, :total => h[k][0], :open => h[k][1], :closed => (h[k][0] - h[k][1])}}
max = counts.collect {|c| c[:total]}.max
render :partial => 'issue_counts', :locals => {:version => version, :criteria => criteria, :counts => counts, :max => max}
end
def status_by_options_for_select(value)
options_for_select(STATUS_BY_CRITERIAS.collect {|criteria| [l("field_#{criteria}".to_sym), criteria]}, value)
end
end

80
app/helpers/watchers_helper.rb Normal file
View file

@ -0,0 +1,80 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module WatchersHelper
def watcher_link(objects, user)
return '' unless user && user.logged?
objects = Array.wrap(objects)
return '' unless objects.any?
watched = Watcher.any_watched?(objects, user)
css = [watcher_css(objects), watched ? 'icon icon-fav' : 'icon icon-fav-off'].join(' ')
text = watched ? l(:button_unwatch) : l(:button_watch)
url = watch_path(
:object_type => objects.first.class.to_s.underscore,
:object_id => (objects.size == 1 ? objects.first.id : objects.map(&:id).sort)
)
method = watched ? 'delete' : 'post'
link_to text, url, :remote => true, :method => method, :class => css
end
# Returns the css class used to identify watch links for a given +object+
def watcher_css(objects)
objects = Array.wrap(objects)
id = (objects.size == 1 ? objects.first.id : 'bulk')
"#{objects.first.class.to_s.underscore}-#{id}-watcher"
end
# Returns a comma separated list of users watching the given object
def watchers_list(object)
remove_allowed = User.current.allowed_to?("delete_#{object.class.name.underscore}_watchers".to_sym, object.project)
content = ''.html_safe
lis = object.watcher_users.preload(:email_address).collect do |user|
s = ''.html_safe
s << avatar(user, :size => "16").to_s
s << link_to_user(user, :class => 'user')
if remove_allowed
url = {:controller => 'watchers',
:action => 'destroy',
:object_type => object.class.to_s.underscore,
:object_id => object.id,
:user_id => user}
s << ' '
s << link_to(l(:button_delete), url,
:remote => true, :method => 'delete',
:class => "delete icon-only icon-del",
:title => l(:button_delete))
end
content << content_tag('li', s, :class => "user-#{user.id}")
end
content.present? ? content_tag('ul', content, :class => 'watchers') : content
end
def watchers_checkboxes(object, users, checked=nil)
users.map do |user|
c = checked.nil? ? object.watched_by?(user) : checked
tag = check_box_tag 'issue[watcher_user_ids][]', user.id, c, :id => nil
content_tag 'label', "#{tag} #{h(user)}".html_safe,
:id => "issue_watcher_user_ids_#{user.id}",
:class => "floating"
end.join.html_safe
end
end

21
app/helpers/welcome_helper.rb Normal file
View file

@ -0,0 +1,21 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module WelcomeHelper
end

67
app/helpers/wiki_helper.rb Normal file
View file

@ -0,0 +1,67 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module WikiHelper
include Redmine::Export::PDF::WikiPdfHelper
def wiki_page_options_for_select(pages, selected = nil, parent = nil, level = 0)
pages = pages.group_by(&:parent) unless pages.is_a?(Hash)
s = ''.html_safe
if pages.has_key?(parent)
pages[parent].each do |page|
attrs = "value='#{page.id}'"
attrs << " selected='selected'" if selected == page
indent = (level > 0) ? ('&nbsp;' * level * 2 + '&#187; ') : ''
s << content_tag('option', (indent + h(page.pretty_title)).html_safe, :value => page.id.to_s, :selected => selected == page) +
wiki_page_options_for_select(pages, selected, page, level + 1)
end
end
s
end
def wiki_page_wiki_options_for_select(page)
projects = Project.allowed_to(:rename_wiki_pages).joins(:wiki).preload(:wiki).to_a
projects << page.project unless projects.include?(page.project)
project_tree_options_for_select(projects, :selected => page.project) do |project|
wiki_id = project.wiki.try(:id)
{:value => wiki_id, :selected => wiki_id == page.wiki_id}
end
end
def wiki_page_breadcrumb(page)
breadcrumb(page.ancestors.reverse.collect {|parent|
link_to(h(parent.pretty_title), {:controller => 'wiki', :action => 'show', :id => parent.title, :project_id => parent.project, :version => nil})
})
end
# Returns the path for the Cancel link when editing a wiki page
def wiki_page_edit_cancel_path(page)
if page.new_record?
if parent = page.parent
project_wiki_page_path(parent.project, parent.title)
else
project_wiki_index_path(page.project)
end
else
project_wiki_page_path(page.project, page.title)
end
end
end

95
app/helpers/workflows_helper.rb Normal file
View file

@ -0,0 +1,95 @@
# encoding: utf-8
#
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
module WorkflowsHelper
def options_for_workflow_select(name, objects, selected, options={})
option_tags = ''.html_safe
multiple = false
if selected
if selected.size == objects.size
selected = 'all'
else
selected = selected.map(&:id)
if selected.size > 1
multiple = true
end
end
else
selected = objects.first.try(:id)
end
all_tag_options = {:value => 'all', :selected => (selected == 'all')}
if multiple
all_tag_options.merge!(:style => "display:none;")
end
option_tags << content_tag('option', l(:label_all), all_tag_options)
option_tags << options_from_collection_for_select(objects, "id", "name", selected)
select_tag name, option_tags, {:multiple => multiple}.merge(options)
end
def field_required?(field)
field.is_a?(CustomField) ? field.is_required? : %w(project_id tracker_id subject priority_id is_private).include?(field)
end
def field_permission_tag(permissions, status, field, roles)
name = field.is_a?(CustomField) ? field.id.to_s : field
options = [["", ""], [l(:label_readonly), "readonly"]]
options << [l(:label_required), "required"] unless field_required?(field)
html_options = {}
if perm = permissions[status.id][name]
if perm.uniq.size > 1 || perm.size < @roles.size * @trackers.size
options << [l(:label_no_change_option), "no_change"]
selected = 'no_change'
else
selected = perm.first
end
end
hidden = field.is_a?(CustomField) &&
!field.visible? &&
!roles.detect {|role| role.custom_fields.to_a.include?(field)}
if hidden
options[0][0] = l(:label_hidden)
selected = ''
html_options[:disabled] = true
end
select_tag("permissions[#{status.id}][#{name}]", options_for_select(options, selected), html_options)
end
def transition_tag(workflows, old_status, new_status, name)
w = workflows.select {|w| w.old_status == old_status && w.new_status == new_status}.size
tag_name = "transitions[#{ old_status.try(:id) || 0 }][#{new_status.id}][#{name}]"
if w == 0 || w == @roles.size * @trackers.size
hidden_field_tag(tag_name, "0", :id => nil) +
check_box_tag(tag_name, "1", w != 0,
:class => "old-status-#{old_status.try(:id) || 0} new-status-#{new_status.id}")
else
select_tag tag_name,
options_for_select([
[l(:general_text_Yes), "1"],
[l(:general_text_No), "0"],
[l(:label_no_change_option), "no_change"]
], "no_change")
end
end
end

492
app/models/attachment.rb Normal file
View file

@ -0,0 +1,492 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
require "digest"
require "fileutils"
class Attachment < ActiveRecord::Base
include Redmine::SafeAttributes
belongs_to :container, :polymorphic => true
belongs_to :author, :class_name => "User"
validates_presence_of :filename, :author
validates_length_of :filename, :maximum => 255
validates_length_of :disk_filename, :maximum => 255
validates_length_of :description, :maximum => 255
validate :validate_max_file_size, :validate_file_extension
attr_protected :id
acts_as_event :title => :filename,
:url => Proc.new {|o| {:controller => 'attachments', :action => 'show', :id => o.id, :filename => o.filename}}
acts_as_activity_provider :type => 'files',
:permission => :view_files,
:author_key => :author_id,
:scope => select("#{Attachment.table_name}.*").
joins("LEFT JOIN #{Version.table_name} ON #{Attachment.table_name}.container_type='Version' AND #{Version.table_name}.id = #{Attachment.table_name}.container_id " +
"LEFT JOIN #{Project.table_name} ON #{Version.table_name}.project_id = #{Project.table_name}.id OR ( #{Attachment.table_name}.container_type='Project' AND #{Attachment.table_name}.container_id = #{Project.table_name}.id )")
acts_as_activity_provider :type => 'documents',
:permission => :view_documents,
:author_key => :author_id,
:scope => select("#{Attachment.table_name}.*").
joins("LEFT JOIN #{Document.table_name} ON #{Attachment.table_name}.container_type='Document' AND #{Document.table_name}.id = #{Attachment.table_name}.container_id " +
"LEFT JOIN #{Project.table_name} ON #{Document.table_name}.project_id = #{Project.table_name}.id")
cattr_accessor :storage_path
@@storage_path = Redmine::Configuration['attachments_storage_path'] || File.join(Rails.root, "files")
cattr_accessor :thumbnails_storage_path
@@thumbnails_storage_path = File.join(Rails.root, "tmp", "thumbnails")
before_create :files_to_final_location
after_rollback :delete_from_disk, :on => :create
after_commit :delete_from_disk, :on => :destroy
after_commit :reuse_existing_file_if_possible, :on => :create
safe_attributes 'filename', 'content_type', 'description'
# Returns an unsaved copy of the attachment
def copy(attributes=nil)
copy = self.class.new
copy.attributes = self.attributes.dup.except("id", "downloads")
copy.attributes = attributes if attributes
copy
end
def validate_max_file_size
if @temp_file && self.filesize > Setting.attachment_max_size.to_i.kilobytes
errors.add(:base, l(:error_attachment_too_big, :max_size => Setting.attachment_max_size.to_i.kilobytes))
end
end
def validate_file_extension
if @temp_file
extension = File.extname(filename)
unless self.class.valid_extension?(extension)
errors.add(:base, l(:error_attachment_extension_not_allowed, :extension => extension))
end
end
end
def file=(incoming_file)
unless incoming_file.nil?
@temp_file = incoming_file
if @temp_file.respond_to?(:original_filename)
self.filename = @temp_file.original_filename
self.filename.force_encoding("UTF-8")
end
if @temp_file.respond_to?(:content_type)
self.content_type = @temp_file.content_type.to_s.chomp
end
self.filesize = @temp_file.size
end
end
def file
nil
end
def filename=(arg)
write_attribute :filename, sanitize_filename(arg.to_s)
filename
end
# Copies the temporary file to its final location
# and computes its MD5 hash
def files_to_final_location
if @temp_file
self.disk_directory = target_directory
self.disk_filename = Attachment.disk_filename(filename, disk_directory)
logger.info("Saving attachment '#{self.diskfile}' (#{@temp_file.size} bytes)") if logger
path = File.dirname(diskfile)
unless File.directory?(path)
FileUtils.mkdir_p(path)
end
sha = Digest::SHA256.new
File.open(diskfile, "wb") do |f|
if @temp_file.respond_to?(:read)
buffer = ""
while (buffer = @temp_file.read(8192))
f.write(buffer)
sha.update(buffer)
end
else
f.write(@temp_file)
sha.update(@temp_file)
end
end
self.digest = sha.hexdigest
end
@temp_file = nil
if content_type.blank? && filename.present?
self.content_type = Redmine::MimeType.of(filename)
end
# Don't save the content type if it's longer than the authorized length
if self.content_type && self.content_type.length > 255
self.content_type = nil
end
end
# Deletes the file from the file system if it's not referenced by other attachments
def delete_from_disk
if Attachment.where("disk_filename = ? AND id <> ?", disk_filename, id).empty?
delete_from_disk!
end
end
# Returns file's location on disk
def diskfile
File.join(self.class.storage_path, disk_directory.to_s, disk_filename.to_s)
end
def title
title = filename.to_s
if description.present?
title << " (#{description})"
end
title
end
def increment_download
increment!(:downloads)
end
def project
container.try(:project)
end
def visible?(user=User.current)
if container_id
container && container.attachments_visible?(user)
else
author == user
end
end
def editable?(user=User.current)
if container_id
container && container.attachments_editable?(user)
else
author == user
end
end
def deletable?(user=User.current)
if container_id
container && container.attachments_deletable?(user)
else
author == user
end
end
def image?
!!(self.filename =~ /\.(bmp|gif|jpg|jpe|jpeg|png)$/i)
end
def thumbnailable?
image?
end
# Returns the full path the attachment thumbnail, or nil
# if the thumbnail cannot be generated.
def thumbnail(options={})
if thumbnailable? && readable?
size = options[:size].to_i
if size > 0
# Limit the number of thumbnails per image
size = (size / 50) * 50
# Maximum thumbnail size
size = 800 if size > 800
else
size = Setting.thumbnails_size.to_i
end
size = 100 unless size > 0
target = File.join(self.class.thumbnails_storage_path, "#{id}_#{digest}_#{size}.thumb")
begin
Redmine::Thumbnail.generate(self.diskfile, target, size)
rescue => e
logger.error "An error occured while generating thumbnail for #{disk_filename} to #{target}\nException was: #{e.message}" if logger
return nil
end
end
end
# Deletes all thumbnails
def self.clear_thumbnails
Dir.glob(File.join(thumbnails_storage_path, "*.thumb")).each do |file|
File.delete file
end
end
def is_text?
Redmine::MimeType.is_type?('text', filename)
end
def is_image?
Redmine::MimeType.is_type?('image', filename)
end
def is_diff?
self.filename =~ /\.(patch|diff)$/i
end
def is_pdf?
Redmine::MimeType.of(filename) == "application/pdf"
end
def previewable?
is_text? || is_image?
end
# Returns true if the file is readable
def readable?
disk_filename.present? && File.readable?(diskfile)
end
# Returns the attachment token
def token
"#{id}.#{digest}"
end
# Finds an attachment that matches the given token and that has no container
def self.find_by_token(token)
if token.to_s =~ /^(\d+)\.([0-9a-f]+)$/
attachment_id, attachment_digest = $1, $2
attachment = Attachment.where(:id => attachment_id, :digest => attachment_digest).first
if attachment && attachment.container.nil?
attachment
end
end
end
# Bulk attaches a set of files to an object
#
# Returns a Hash of the results:
# :files => array of the attached files
# :unsaved => array of the files that could not be attached
def self.attach_files(obj, attachments)
result = obj.save_attachments(attachments, User.current)
obj.attach_saved_attachments
result
end
# Updates the filename and description of a set of attachments
# with the given hash of attributes. Returns true if all
# attachments were updated.
#
# Example:
# Attachment.update_attachments(attachments, {
# 4 => {:filename => 'foo'},
# 7 => {:filename => 'bar', :description => 'file description'}
# })
#
def self.update_attachments(attachments, params)
params = params.transform_keys {|key| key.to_i}
saved = true
transaction do
attachments.each do |attachment|
if p = params[attachment.id]
attachment.filename = p[:filename] if p.key?(:filename)
attachment.description = p[:description] if p.key?(:description)
saved &&= attachment.save
end
end
unless saved
raise ActiveRecord::Rollback
end
end
saved
end
def self.latest_attach(attachments, filename)
attachments.sort_by(&:created_on).reverse.detect do |att|
filename.casecmp(att.filename) == 0
end
end
def self.prune(age=1.day)
Attachment.where("created_on < ? AND (container_type IS NULL OR container_type = '')", Time.now - age).destroy_all
end
# Moves an existing attachment to its target directory
def move_to_target_directory!
return unless !new_record? & readable?
src = diskfile
self.disk_directory = target_directory
dest = diskfile
return if src == dest
if !FileUtils.mkdir_p(File.dirname(dest))
logger.error "Could not create directory #{File.dirname(dest)}" if logger
return
end
if !FileUtils.mv(src, dest)
logger.error "Could not move attachment from #{src} to #{dest}" if logger
return
end
update_column :disk_directory, disk_directory
end
# Moves existing attachments that are stored at the root of the files
# directory (ie. created before Redmine 2.3) to their target subdirectories
def self.move_from_root_to_target_directory
Attachment.where("disk_directory IS NULL OR disk_directory = ''").find_each do |attachment|
attachment.move_to_target_directory!
end
end
# Updates digests to SHA256 for all attachments that have a MD5 digest
# (ie. created before Redmine 3.4)
def self.update_digests_to_sha256
Attachment.where("length(digest) < 64").find_each do |attachment|
attachment.update_digest_to_sha256!
end
end
# Updates attachment digest to SHA256
def update_digest_to_sha256!
if readable?
sha = Digest::SHA256.new
File.open(diskfile, 'rb') do |f|
while buffer = f.read(8192)
sha.update(buffer)
end
end
update_column :digest, sha.hexdigest
end
end
# Returns true if the extension is allowed regarding allowed/denied
# extensions defined in application settings, otherwise false
def self.valid_extension?(extension)
denied, allowed = [:attachment_extensions_denied, :attachment_extensions_allowed].map do |setting|
Setting.send(setting)
end
if denied.present? && extension_in?(extension, denied)
return false
end
if allowed.present? && !extension_in?(extension, allowed)
return false
end
true
end
# Returns true if extension belongs to extensions list.
def self.extension_in?(extension, extensions)
extension = extension.downcase.sub(/\A\.+/, '')
unless extensions.is_a?(Array)
extensions = extensions.to_s.split(",").map(&:strip)
end
extensions = extensions.map {|s| s.downcase.sub(/\A\.+/, '')}.reject(&:blank?)
extensions.include?(extension)
end
# Returns true if attachment's extension belongs to extensions list.
def extension_in?(extensions)
self.class.extension_in?(File.extname(filename), extensions)
end
# returns either MD5 or SHA256 depending on the way self.digest was computed
def digest_type
digest.size < 64 ? "MD5" : "SHA256" if digest.present?
end
private
def reuse_existing_file_if_possible
original_diskfile = nil
reused = with_lock do
if existing = Attachment
.where(digest: self.digest, filesize: self.filesize)
.where('id <> ? and disk_filename <> ?',
self.id, self.disk_filename)
.first
existing.with_lock do
original_diskfile = self.diskfile
existing_diskfile = existing.diskfile
if File.readable?(original_diskfile) &&
File.readable?(existing_diskfile) &&
FileUtils.identical?(original_diskfile, existing_diskfile)
self.update_columns disk_directory: existing.disk_directory,
disk_filename: existing.disk_filename
end
end
end
end
if reused
File.delete(original_diskfile)
end
rescue ActiveRecord::StatementInvalid, ActiveRecord::RecordNotFound
# Catch and ignore lock errors. It is not critical if deduplication does
# not happen, therefore we do not retry.
# with_lock throws ActiveRecord::RecordNotFound if the record isnt there
# anymore, thats why this is caught and ignored as well.
end
# Physically deletes the file from the file system
def delete_from_disk!
if disk_filename.present? && File.exist?(diskfile)
File.delete(diskfile)
end
end
def sanitize_filename(value)
# get only the filename, not the whole path
just_filename = value.gsub(/\A.*(\\|\/)/m, '')
# Finally, replace invalid characters with underscore
just_filename.gsub(/[\/\?\%\*\:\|\"\'<>\n\r]+/, '_')
end
# Returns the subdirectory in which the attachment will be saved
def target_directory
time = created_on || DateTime.now
time.strftime("%Y/%m")
end
# Returns an ASCII or hashed filename that do not
# exists yet in the given subdirectory
def self.disk_filename(filename, directory=nil)
timestamp = DateTime.now.strftime("%y%m%d%H%M%S")
ascii = ''
if filename =~ %r{^[a-zA-Z0-9_\.\-]*$} && filename.length <= 50
ascii = filename
else
ascii = Digest::MD5.hexdigest(filename)
# keep the extension if any
ascii << $1 if filename =~ %r{(\.[a-zA-Z0-9]+)$}
end
while File.exist?(File.join(storage_path, directory.to_s, "#{timestamp}_#{ascii}"))
timestamp.succ!
end
"#{timestamp}_#{ascii}"
end
end

109
app/models/auth_source.rb Normal file
View file

@ -0,0 +1,109 @@
# Redmine - project management software
# Copyright (C) 2006-2017 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
# Generic exception for when the AuthSource can not be reached
# (eg. can not connect to the LDAP)
class AuthSourceException < Exception; end
class AuthSourceTimeoutException < AuthSourceException; end
class AuthSource < ActiveRecord::Base
include Redmine::SafeAttributes
include Redmine::SubclassFactory
include Redmine::Ciphering
has_many :users
validates_presence_of :name
validates_uniqueness_of :name
validates_length_of :name, :maximum => 60
attr_protected :id
safe_attributes 'name',
'host',
'port',
'account',
'account_password',
'base_dn',
'attr_login',
'attr_firstname',
'attr_lastname',
'attr_mail',
'onthefly_register',
'tls',
'filter',
'timeout'
def authenticate(login, password)
end
def test_connection
end
def auth_method_name
"Abstract"
end
def account_password
read_ciphered_attribute(:account_password)
end
def account_password=(arg)
write_ciphered_attribute(:account_password, arg)
end
def searchable?
false
end
def self.search(q)
results = []
AuthSource.all.each do |source|
begin
if source.searchable?
results += source.search(q)
end
rescue AuthSourceException => e
logger.error "Error while searching users in #{source.name}: #{e.message}"
end
end
results
end
def allow_password_changes?
self.class.allow_password_changes?
end
# Does this auth source backend allow password changes?
def self.allow_password_changes?
false
end
# Try to authenticate a user not yet registered against available sources
def self.authenticate(login, password)
AuthSource.where(:onthefly_register => true).each do |source|
begin
logger.debug "Authenticating '#{login}' against '#{source.name}'" if logger && logger.debug?
attrs = source.authenticate(login, password)
rescue => e
logger.error "Error during authentication: #{e.message}"
attrs = nil
end
return attrs if attrs
end
return nil
end
end

Some files were not shown because too many files have changed in this diff Show more