Problem with custom Plugin authorization

Added by Christoph Heger about 12 years ago

Hi,

I am writing my first Redmine plugin, and i have some problems to understand how redmine checks the permissions.

I want to store passwords with usages which belong to projects.

I have the following Code in my init.rb:

project_module :passwords do
    permission :view_passwords, :passwords => :index
    permission :view_passwords, :passwords => :show
    permission :add_passwords, :passwords => :new
  end

and this is in my PasswordsController:

before_filter :authorize, :only => :index
  before_filter :authorize, :only => :show
  before_filter :authorize, :only => :new

I think i am doing it wrong ;) Can someone please tell me where I fail?

thanks for answers,

Donngal

Replies (1)

RE: Problem with custom Plugin authorization - Added by Christoph Heger almost 12 years ago

I solved it, added own filter functions, and of course the code above does not work because i used multiple :only's for the same function... oO

thats better:

  before_filter :find_project_index, :only => [:index, :new]
  before_filter :find_project_show, :only => :show
  before_filter :authorize, :except => :create

  project_module :passwords do
    permission :view_passwords, {:passwords => [:index, :show]}, :require => :member
    permission :add_passwords, :passwords => :new
  end

(1-1/1)

Project

General

Profile

Redmine