"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "app/controllers/timelog_controller.rb" between
redmine-4.1.0.tar.gz and redmine-4.1.1.tar.gz

About: Redmine is a flexible project management and bug-tracking web application (using the Ruby on Rails framework). It supports also project wikis and forums, documents management, and multiple version control systems.

timelog_controller.rb  (redmine-4.1.0):timelog_controller.rb  (redmine-4.1.1)
skipping to change at line 31 skipping to change at line 31
menu_item :time_entries menu_item :time_entries
before_action :find_time_entry, :only => [:show, :edit, :update] before_action :find_time_entry, :only => [:show, :edit, :update]
before_action :check_editability, :only => [:edit, :update] before_action :check_editability, :only => [:edit, :update]
before_action :find_time_entries, :only => [:bulk_edit, :bulk_update, :destroy ] before_action :find_time_entries, :only => [:bulk_edit, :bulk_update, :destroy ]
before_action :authorize, :only => [:show, :edit, :update, :bulk_edit, :bulk_u pdate, :destroy] before_action :authorize, :only => [:show, :edit, :update, :bulk_edit, :bulk_u pdate, :destroy]
before_action :find_optional_issue, :only => [:new, :create] before_action :find_optional_issue, :only => [:new, :create]
before_action :find_optional_project, :only => [:index, :report] before_action :find_optional_project, :only => [:index, :report]
before_action :authorize_logging_time_for_other_users, :only => [:create, :upd
ate]
accept_rss_auth :index accept_rss_auth :index
accept_api_auth :index, :show, :create, :update, :destroy accept_api_auth :index, :show, :create, :update, :destroy
rescue_from Query::StatementInvalid, :with => :query_statement_invalid rescue_from Query::StatementInvalid, :with => :query_statement_invalid
helper :issues helper :issues
include TimelogHelper include TimelogHelper
helper :custom_fields helper :custom_fields
include CustomFieldsHelper include CustomFieldsHelper
helper :queries helper :queries
skipping to change at line 261 skipping to change at line 259
render_404 render_404
end end
def check_editability def check_editability
unless @time_entry.editable_by?(User.current) unless @time_entry.editable_by?(User.current)
render_403 render_403
return false return false
end end
end end
def authorize_logging_time_for_other_users
if !User.current.allowed_to?(:log_time_for_other_users, @project) && params[
'time_entry'].present? && params['time_entry']['user_id'].present? && params['ti
me_entry']['user_id'].to_i != User.current.id
render_error :message => l(:error_not_allowed_to_log_time_for_other_users)
, :status => 403
return false
end
end
def find_time_entries def find_time_entries
@time_entries = TimeEntry.where(:id => params[:id] || params[:ids]). @time_entries = TimeEntry.where(:id => params[:id] || params[:ids]).
preload(:project => :time_entry_activities). preload(:project => :time_entry_activities).
preload(:user).to_a preload(:user).to_a
raise ActiveRecord::RecordNotFound if @time_entries.empty? raise ActiveRecord::RecordNotFound if @time_entries.empty?
raise Unauthorized unless @time_entries.all? {|t| t.editable_by?(User.curren t)} raise Unauthorized unless @time_entries.all? {|t| t.editable_by?(User.curren t)}
@projects = @time_entries.collect(&:project).compact.uniq @projects = @time_entries.collect(&:project).compact.uniq
@project = @projects.first if @projects.size == 1 @project = @projects.first if @projects.size == 1
rescue ActiveRecord::RecordNotFound rescue ActiveRecord::RecordNotFound
 End of changes. 2 change blocks. 
13 lines changed or deleted 0 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)