Index: controllers/versions_controller.rb =================================================================== --- controllers/versions_controller.rb (revision 16640) +++ controllers/versions_controller.rb (working copy) @@ -47,7 +47,7 @@ @issues_by_version = {} if @selected_tracker_ids.any? && @versions.any? issues = Issue.visible. - includes(:project, :tracker). + eager_load(:project, :tracker). preload(:status, :priority, :fixed_version). where(:tracker_id => @selected_tracker_ids, :project_id => project_ids, :fixed_version_id => @versions.map(&:id)). order("#{Project.table_name}.lft, #{Tracker.table_name}.position, #{Issue.table_name}.id") Index: models/board.rb =================================================================== --- models/board.rb (revision 16640) +++ models/board.rb (working copy) @@ -31,8 +31,11 @@ attr_protected :id scope :visible, lambda {|*args| - joins(:project). - where(Project.allowed_to_condition(args.shift || User.current, :view_messages, *args)) + user = args.shift || User.current + options = args.shift || {} + options[:skip_pre_condition] = true + permission = :view_messages + Project.enabled_modules_scope(all, permission).where(Project.allowed_to_condition(user, permission, options)) } safe_attributes 'name', 'description', 'parent_id', 'position' Index: models/changeset.rb =================================================================== --- models/changeset.rb (revision 16640) +++ models/changeset.rb (working copy) @@ -49,8 +49,16 @@ attr_protected :id scope :visible, lambda {|*args| - joins(:repository => :project). - where(Project.allowed_to_condition(args.shift || User.current, :view_changesets, *args)) + user = args.shift || User.current + options = args.shift || {} + options[:skip_pre_condition] = true + scope = if project_module = Redmine::AccessControl.permission(:view_changesets).try(:project_module) + joins(:repository => {:project => :enabled_modules}).where(:enabled_modules => {:name => project_module}) + else + joins(:repository => :project) + end + + scope.where(Project.allowed_to_condition(user, :view_changesets, options)) } after_create :scan_for_issues Index: models/document.rb =================================================================== --- models/document.rb (revision 16640) +++ models/document.rb (working copy) @@ -36,8 +36,11 @@ after_create :send_notification scope :visible, lambda {|*args| - joins(:project). - where(Project.allowed_to_condition(args.shift || User.current, :view_documents, *args)) + user = args.shift || User.current + options = args.shift || {} + options[:skip_pre_condition] = true + permission = :view_documents + Project.enabled_modules_scope(all, permission).where(Project.allowed_to_condition(user, permission, options)) } safe_attributes 'category_id', 'title', 'description', 'custom_fields', 'custom_field_values' Index: models/issue.rb =================================================================== --- models/issue.rb (revision 16640) +++ models/issue.rb (working copy) @@ -72,8 +72,10 @@ attr_protected :id scope :visible, lambda {|*args| - joins(:project). - where(Issue.visible_condition(args.shift || User.current, *args)) + user = args.shift || User.current + options = args.shift || {} + options[:skip_pre_condition] = true + Project.enabled_modules_scope(all, :view_issues).where(Issue.visible_condition(user, options)) } scope :open, lambda {|*args| @@ -1527,11 +1529,17 @@ # Returns a scope of projects that user can assign issues to # If current_project is given, it will be included in the scope def self.allowed_target_projects(user=User.current, current_project=nil) - condition = Project.allowed_to_condition(user, :add_issues) + condition = Project.allowed_to_condition(user, :add_issues, :skip_pre_condition => true) if current_project condition = ["(#{condition}) OR #{Project.table_name}.id = ?", current_project.id] end - Project.where(condition).having_trackers + + scope = Project + if project_module = Redmine::AccessControl.permission(:add_issues).try(:project_module) + scope = scope.joins(:enabled_modules).where(:enabled_modules => {:name => project_module}) + end + + scope.where(condition).having_trackers end # Returns a scope of trackers that user can assign the issue to Index: models/journal.rb =================================================================== --- models/journal.rb (revision 16640) +++ models/journal.rb (working copy) @@ -49,7 +49,14 @@ user = args.shift || User.current options = args.shift || {} - joins(:issue => :project). + options[:skip_pre_condition] = true + scope = if project_module = Redmine::AccessControl.permission(:view_issues).try(:project_module) + joins(:issue => {:project => :enabled_modules}).where(:enabled_modules => {:name => project_module}) + else + joins(:issue => :project) + end + + scope. where(Issue.visible_condition(user, options)). where(Journal.visible_notes_condition(user, :skip_pre_condition => true)) } Index: models/message.rb =================================================================== --- models/message.rb (revision 16640) +++ models/message.rb (working copy) @@ -49,8 +49,16 @@ after_create :send_notification scope :visible, lambda {|*args| - joins(:board => :project). - where(Project.allowed_to_condition(args.shift || User.current, :view_messages, *args)) + user = args.shift || User.current + options = args.shift || {} + options[:skip_pre_condition] = true + scope = if project_module = Redmine::AccessControl.permission(:view_messages).try(:project_module) + joins(:board => {:project => :enabled_modules}).where(:enabled_modules => {:name => project_module}) + else + joins(:board => :project) + end + + scope.where(Project.allowed_to_condition(user, :view_messages, options)) } safe_attributes 'subject', 'content' Index: models/news.rb =================================================================== --- models/news.rb (revision 16640) +++ models/news.rb (working copy) @@ -39,8 +39,11 @@ after_create :send_notification scope :visible, lambda {|*args| - joins(:project). - where(Project.allowed_to_condition(args.shift || User.current, :view_news, *args)) + user = args.shift || User.current + options = args.shift || {} + options[:skip_pre_condition] = true + permission = :view_news + Project.enabled_modules_scope(all, permission).where(Project.allowed_to_condition(user, permission, options)) } safe_attributes 'title', 'summary', 'description' Index: models/project.rb =================================================================== --- models/project.rb (revision 16640) +++ models/project.rb (working copy) @@ -91,7 +91,17 @@ scope :active, lambda { where(:status => STATUS_ACTIVE) } scope :status, lambda {|arg| where(arg.blank? ? nil : {:status => arg.to_i}) } scope :all_public, lambda { where(:is_public => true) } - scope :visible, lambda {|*args| where(Project.visible_condition(args.shift || User.current, *args)) } + scope :visible, lambda { |*args| + user = args.shift || User.current + options = args.shift || {} + options[:skip_pre_condition] = true + scope = all + if project_module = Redmine::AccessControl.permission(:view_project).try(:project_module) + scope = scope.joins(:enabled_modules).where(:enabled_modules => {:name => project_module}) + end + + scope.where(Project.visible_condition(user, options)) + } scope :allowed_to, lambda {|*args| user = User.current permission = nil @@ -169,6 +179,14 @@ allowed_to_condition(user, :view_project, options) end + def self.enabled_modules_scope(scope, permission) + if project_module = Redmine::AccessControl.permission(permission).try(:project_module) + scope.joins(:project => :enabled_modules).where(:enabled_modules => {:name => project_module}) + else + scope.joins(:project) + end + end + # Returns a SQL conditions string used to find all projects for which +user+ has the given +permission+ # # Valid options: Index: models/time_entry.rb =================================================================== --- models/time_entry.rb (revision 16640) +++ models/time_entry.rb (working copy) @@ -51,8 +51,11 @@ validate :validate_time_entry scope :visible, lambda {|*args| - joins(:project). - where(TimeEntry.visible_condition(args.shift || User.current, *args)) + user = args.shift || User.current + options = args.shift || {} + options[:skip_pre_condition] = true + permission = :view_time_entries + Project.enabled_modules_scope(all, permission).where(TimeEntry.visible_condition(user, options)) } scope :left_join_issue, lambda { joins("LEFT OUTER JOIN #{Issue.table_name} ON #{Issue.table_name}.id = #{TimeEntry.table_name}.issue_id") Index: models/tracker.rb =================================================================== --- models/tracker.rb (revision 16640) +++ models/tracker.rb (working copy) @@ -57,9 +57,13 @@ # => returns the trackers that are visible by the user in at least on project scope :visible, lambda {|*args| user = args.shift || User.current - condition = Project.allowed_to_condition(user, :view_issues) do |role, user| - unless role.permissions_all_trackers?(:view_issues) - tracker_ids = role.permissions_tracker_ids(:view_issues) + options = args.shift || {} + options[:skip_pre_condition] = true + permission = :view_issues + + condition = Project.allowed_to_condition(user, permission, options) do |role, user| + unless role.permissions_all_trackers?(permission) + tracker_ids = role.permissions_tracker_ids(permission) if tracker_ids.any? "#{Tracker.table_name}.id IN (#{tracker_ids.join(',')})" else @@ -67,7 +71,14 @@ end end end - joins(:projects).where(condition).distinct + + scope = if project_module = Redmine::AccessControl.permission(permission).try(:project_module) + joins(:projects => :enabled_modules).where(:enabled_modules => {:name => project_module}) + else + joins(:projects) + end + + scope.where(condition).distinct } safe_attributes 'name', Index: models/version.rb =================================================================== --- models/version.rb (revision 16640) +++ models/version.rb (working copy) @@ -55,8 +55,11 @@ end } scope :visible, lambda {|*args| - joins(:project). - where(Project.allowed_to_condition(args.first || User.current, :view_issues)) + user = args.shift || User.current + options = args.shift || {} + options[:skip_pre_condition] = true + permission = :view_issues + Project.enabled_modules_scope(all, permission).where(Project.allowed_to_condition(user, permission, options)) } safe_attributes 'name',