diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index cf9a849..5444c18 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -39,6 +39,7 @@ class ApplicationController < ActionController::Base end before_filter :user_setup, :check_if_login_required, :set_localization + before_filter :check_for_search_archived filter_parameter_logging :password protect_from_forgery @@ -60,6 +61,15 @@ class ApplicationController < ActionController::Base User.current = find_current_user end + def check_for_search_archived + if params[:search_archived] + flash.now[:error] = "Search Archived: suspending access checks for admin user." + $search_archived = params[:search_archived].present? + else + $search_archived = nil + end + end + # Returns the current user or nil if no user is logged in # and starts a session if needed def find_current_user diff --git a/app/models/project.rb b/app/models/project.rb index c3b5530..b428065 100644 --- a/app/models/project.rb +++ b/app/models/project.rb @@ -146,6 +146,14 @@ class Project < ActiveRecord::Base # * :member => limit the condition to the user projects def self.allowed_to_condition(user, permission, options={}) base_statement = "#{Project.table_name}.status=#{Project::STATUS_ACTIVE}" + + if $search_archived + #allow admins access to search_access checkbox + if user.admin? + base_statement = "#{Project.table_name}.status IN (#{Project::STATUS_ARCHIVED},#{Project::STATUS_ACTIVE})" + end + end + if perm = Redmine::AccessControl.permission(permission) unless perm.project_module.nil? # If the permission belongs to a project module, make sure the module is enabled diff --git a/app/models/user.rb b/app/models/user.rb index c06a907..61658c0 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -398,6 +398,12 @@ class User < Principal # * nil with options[:global] set : check if user has at least one role allowed for this action, # or falls back to Non Member / Anonymous permissions depending if the user is logged def allowed_to?(action, context, options={}, &block) + + # allow admins full access in case of search_archived + if($search_archived) + return true if admin? + end + if context && context.is_a?(Project) # No action allowed on archived projects return false unless context.active? diff --git a/app/views/search/index.rhtml b/app/views/search/index.rhtml index 0cedc4b..3b1993e 100644 --- a/app/views/search/index.rhtml +++ b/app/views/search/index.rhtml @@ -9,6 +9,10 @@ <%= hidden_field_tag 'titles_only', '', :id => nil %> +<% # Injects search_archived checkbox, for admins only %> +<% if User.current.admin? %> + +<% end %>

<% @object_types.each do |t| %> @@ -28,7 +32,9 @@

<%= l(:label_result_plural) %> (<%= @results_by_type.values.sum %>)

<% @results.each do |e| %> -
<%= content_tag('span', h(e.project), :class => 'project') unless @project == e.project %> <%= link_to highlight_tokens(truncate(e.event_title, :length => 255), @tokens), e.event_url %>
+ <% # appends ?search_archived=1 query arg to link url if appropriate %> + <% search_archived_item_url = !$search_archived ? e.event_url : e.event_url.merge( {"search_archived" => "1" }) %> +
<%= content_tag('span', h(e.project), :class => 'project') unless @project == e.project %> <%= link_to highlight_tokens(truncate(e.event_title, :length => 255), @tokens), search_archived_item_url %>
<%= highlight_tokens(e.event_description, @tokens) %> <%= format_time(e.event_datetime) %>
<% end %>