Project

General

Profile

Defect #11872 » private-issues-fix.patch

Anonymous, 2012-09-19 02:34

View differences:

app/models/issue.rb
105 105
      when 'all'
106 106
        true
107 107
      when 'default'
108
        !self.is_private? || self.author == user || user.is_or_belongs_to?(assigned_to)
108
        !self.is_private? || (self.author == user && user != User.anonymous) || user.is_or_belongs_to?(assigned_to)
109 109
      when 'own'
110 110
        self.author == user || user.is_or_belongs_to?(assigned_to)
111 111
      else
app/models/user.rb
464 464

  
465 465
      roles = roles_for_project(context)
466 466
      return false unless roles
467
      roles.detect {|role|
467
      roles.any? {|role|
468 468
        (context.is_public? || role.member?) &&
469 469
        role.allowed_to?(action) &&
470 470
        (block_given? ? yield(role, self) : true)
......
483 483
      # authorize if user has at least one role that has this permission
484 484
      roles = memberships.collect {|m| m.roles}.flatten.uniq
485 485
      roles << (self.logged? ? Role.non_member : Role.anonymous)
486
      roles.detect {|role|
486
      roles.any? {|role|
487 487
        role.allowed_to?(action) &&
488 488
        (block_given? ? yield(role, self) : true)
489 489
      }
(1-1/3)