Index: app/controllers/reports_controller.rb =================================================================== --- app/controllers/reports_controller.rb (revision 14045) +++ app/controllers/reports_controller.rb (working copy) @@ -24,8 +24,12 @@ @versions = @project.shared_versions.sort @priorities = IssuePriority.all.reverse @categories = @project.issue_categories - @assignees = (Setting.issue_group_assignment? ? @project.principals : @project.users).sort - @authors = @project.users.sort + ## begin patch private role + #@assignees = (Setting.issue_group_assignment? ? @project.principals : @project.users).sort + @assignees = (Setting.issue_group_assignment? ? @project.principals : @project.users.visible).sort + #@authors = @project.users.sort + @authors = @project.users.visible.sort + ## end patch private role @subprojects = @project.descendants.visible @issues_by_tracker = Issue.by_tracker(@project) @@ -40,7 +44,22 @@ end def issue_report_details + ## begin patch private role case params[:detail] + when "assigned_to", "author" + unless User.current.admin? + all_users = @project.users.active + visible_users = all_users.visible + if all_users.count != visible_users.count + ## report/assigned_to and report/author contains all users + render_404 + return + end + end + end + ## end patch private role + + case params[:detail] when "tracker" @field = "tracker_id" @rows = @project.trackers Index: app/controllers/users_controller.rb =================================================================== --- app/controllers/users_controller.rb (revision 14045) +++ app/controllers/users_controller.rb (working copy) @@ -60,14 +60,25 @@ end def show - unless @user.visible? - render_404 - return - end + ## begin patch private role (revert revision 13584 - if user with private role (or non-member?) acts on issue, user should be visible) + #unless @user.visible? + # render_404 + # return + #end + ## end patch private role # show projects based on current user visibility @memberships = @user.memberships.where(Project.visible_condition(User.current)).to_a + ## begin patch private role (revert revision 13584) + unless User.current.admin? + if !@user.active? || (@user != User.current && @memberships.empty? && events.empty?) + render_404 + return + end + end + ## end patch private role + respond_to do |format| format.html { events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10) Index: app/models/principal.rb =================================================================== --- app/models/principal.rb (revision 14045) +++ app/models/principal.rb (working copy) @@ -55,7 +55,14 @@ active else # self and members of visible projects - active.where("#{table_name}.id = ? OR #{table_name}.id IN (SELECT user_id FROM #{Member.table_name} WHERE project_id IN (?))", + ## begin patch private role + #active.where("#{table_name}.id = ? OR #{table_name}.id IN (SELECT user_id FROM #{Member.table_name} WHERE project_id IN (?))", + active.where("#{table_name}.id = ? OR #{table_name}.id IN (" + + "SELECT m.user_id FROM #{Member.table_name} m" + + " INNER JOIN #{MemberRole.table_name} mr ON m.id = mr.member_id" + + " INNER JOIN #{Role.table_name} r ON mr.role_id = r.id" + + " WHERE m.project_id IN (?) AND r.name NOT LIKE 'private.%')", + ## end patch private role user.id, user.visible_project_ids ) end Index: app/models/project.rb =================================================================== --- app/models/project.rb (revision 14045) +++ app/models/project.rb (working copy) @@ -31,7 +31,10 @@ has_many :time_entry_activities has_many :members, lambda { joins(:principal, :roles). - where("#{Principal.table_name}.type='User' AND #{Principal.table_name}.status=#{Principal::STATUS_ACTIVE}") } + ## begin patch private role + #where("#{Principal.table_name}.type='User' AND #{Principal.table_name}.status=#{Principal::STATUS_ACTIVE}")} + where("#{Principal.table_name}.type='User' AND #{Principal.table_name}.status=#{Principal::STATUS_ACTIVE} AND #{Role.table_name}.name NOT LIKE 'private.%'")} + ## end patch private role has_many :memberships, :class_name => 'Member' has_many :member_principals, lambda { joins(:principal). @@ -492,6 +495,9 @@ @assignable_users ||= Principal. active. + ## begin patch private role + visible. + ## end patch private role joins(:members => :roles). where(:type => types, :members => {:project_id => id}, :roles => {:assignable => true}). uniq. Index: app/models/role.rb =================================================================== --- app/models/role.rb (revision 14045) +++ app/models/role.rb (working copy) @@ -45,7 +45,18 @@ ] scope :sorted, lambda { order(:builtin, :position) } - scope :givable, lambda { order(:position).where(:builtin => 0) } + ## begin patch private role + #scope :givable, lambda { order(:position).where(:builtin => 0) } + scope :givable, lambda { + if User.current.admin? + order(:position).where(:builtin => 0) + else + order(:position). + where("#{table_name}.name NOT LIKE 'private.%'"). + where(:builtin => 0) + end + } + ## end patch private role scope :builtin, lambda { |*args| compare = (args.first == true ? 'not' : '') where("#{compare} builtin = 0")