| 22 |
22 |
before_filter :find_project, :except => [ :index, :list, :new, :create, :copy ]
|
| 23 |
23 |
before_filter :authorize, :except => [ :index, :list, :new, :create, :copy, :archive, :unarchive, :destroy]
|
| 24 |
24 |
before_filter :authorize_global, :only => [:new, :create]
|
| 25 |
|
before_filter :require_admin, :only => [ :copy, :archive, :unarchive, :destroy ]
|
|
25 |
before_filter :require_admin, :only => [:archive, :unarchive, :destroy ]
|
|
26 |
before_filter :require_edit_permission_to_copy, :only => [:copy]
|
| 26 |
27 |
accept_rss_auth :index
|
| 27 |
28 |
accept_api_auth :index, :show, :create, :update, :destroy
|
| 28 |
29 |
require_sudo_mode :destroy
|
| ... | ... | |
| 39 |
40 |
helper :repositories
|
| 40 |
41 |
helper :members
|
| 41 |
42 |
|
|
43 |
def require_edit_permission_to_copy
|
|
44 |
current_project = Project.find(params[:id])
|
|
45 |
allowed = User.current.allowed_to?({:controller => 'projects', :action => 'edit'}, current_project, :global => false)
|
|
46 |
if allowed
|
|
47 |
true
|
|
48 |
else
|
|
49 |
if @project && @project.archived?
|
|
50 |
render_403 :message => :notice_not_authorized_archived_project
|
|
51 |
else
|
|
52 |
deny_access
|
|
53 |
end
|
|
54 |
end
|
|
55 |
rescue ActiveRecord::RecordNotFound
|
|
56 |
render_404
|
|
57 |
end
|
|
58 |
|
| 42 |
59 |
# Lists visible projects
|
| 43 |
60 |
def index
|
| 44 |
61 |
scope = Project.visible.sorted
|
