Author: tchemit Date: 2009-09-15 17:59:19 +0200 (Tue, 15 Sep 2009) New Revision: 115 Modified: maven-redmine-plugin/trunk/src/main/redmine/redmine_rest/app/controllers/rest_controller.rb Log: finish push action (add_version, update_version, add_news, add_attachment) Modified: maven-redmine-plugin/trunk/src/main/redmine/redmine_rest/app/controllers/rest_controller.rb =================================================================== --- maven-redmine-plugin/trunk/src/main/redmine/redmine_rest/app/controllers/rest_controller.rb 2009-09-15 15:19:37 UTC (rev 114) +++ maven-redmine-plugin/trunk/src/main/redmine/redmine_rest/app/controllers/rest_controller.rb 2009-09-15 15:59:19 UTC (rev 115) @@ -1,16 +1,16 @@ class RestController < ActionController::Base -# find user (after login) -before_filter :find_user, :except => [:ping, :login] + # find user (after login) + before_filter :find_user, :except => [:ping, :login] -# find project and check permission -before_filter :find_project, :except => [:ping, :login, :logout, :get_projects, :get_issue_statuses, :get_issue_priorities] + # find project and check permission + before_filter :find_project, :except => [:ping, :login, :logout, :get_projects, :get_issue_statuses, :get_issue_priorities] -# get project's version -before_filter :find_version, :only => [:get_version, :get_version_issues, :get_version_files] + # find project's version + before_filter :find_version, :only => [:get_version, :get_version_issues, :get_version_attachments, :add_version_attachment] -# get project's version -#before_filter :check_edit, :only => [:add_version, :add_file, :add_news] + # check can edit project before push requests + #before_filter :check_edit, :only => [:add_version, :update_version, :add_file, :add_news, :add_attachment, :add_version_attachment] # ping service (just to test if service is reachable) def ping @@ -30,14 +30,14 @@ # Invalid credentials render_status 401, "Invalid credentials" elsif user.new_record? - # Onthefly creation failed, - render_status 401, "User not activated" + # Onthefly creation failed, + render_status 401, "User not activated" else # Valid user self.logged_user = user - # always generate a key and set autologin cookie + # always generate a key and set autologin cookie token = Token.create(:user => user, :action => 'autologin') - cookies[:autologin] = { :value => token.value, :expires => 1.year.from_now } + cookies[:autologin] = { :value => token.value, :expires => 1.year.from_now } render_status 200, "User logged in" end end @@ -93,6 +93,12 @@ render_array_result @r, "users" end + # recuperation de toutes les annonces d'un projet + def get_project_news + @news = @project.news.find(:all) + render_array_result @news, "news" + end + # recuperation des trakers d'un projet def get_project_trackers @trackers = @project.trackers.find(:all) @@ -109,7 +115,6 @@ def get_version render_result @version end - # recuperation des issues d'un projet pour une version donnee def get_version_issues @@ -117,66 +122,131 @@ render_array_result @issues, "issues" end - # recuperation des fichiers d'un projet pour une version donnee - def get_version_files - @files = @version.attachments.find(:all) + # recuperation des pieces jointes d'un projet pour une version donnee + def get_version_attachments + @files = @version.attachments.find(:all) render_array_result @files, "attachments" end - - def add_version(version=params[:version], description = params[:description], date = params[:date]) + + def show_permissions + allowed_permissions + render_result @allowed_permissions + end + + def show_actions + allowed_actions + render_result @allowed_actions + end + + # add a new version for a given project + def add_version(version=params[:version], description = params[:description], date = params[:date]) + if !request.post? + render_status 405, "POST method required for action add_version" + return false + end @version = @project.versions.find_by_name(version) if !@version allowed = User.current.allowed_to?({:controller => 'projects', :action => "add_version"}, @project) if !allowed render_status 401, "No permission to add a version" - return false + else + @version = Version.create(:project => @project, :name => version) + if description + @version['description'] = description + end + if date + @version['effective_date'] = date + end + if @version.save + render_status 200, "The version " + version + " was added" + else + render_status 505, "Could not add the version..." + end end - @version = Version.create(:project => @project, :name => version) else + render_status 200, "The version " + version + " already exists, skip the operation" + end + end + + # update a existing version for a given project + def update_version(version=params[:version], description = params[:description], date = params[:date]) + if !request.post? + render_status 405, "POST method required for action update_version" + return false + end + @version = @project.versions.find_by_name(version) + if !@version + render_status 404, "The version " + version + " does not exist, can not update it..." + else allowed = User.current.allowed_to?({:controller => 'versions', :action => "edit"}, @project) if !allowed render_status 401, "No permission to edit a version" - return false + else + if description + @version['description'] = description + end + if date + @version['effective_date'] = date + end + if @version.save + render_result @version + else + render_status 505, "Could not update the version..." + end end end - if description - @version['description'] = description - end - if date - @version['effective_date'] = date - end - @version.save - render_result @version end - def add_version2(version=params[:version], description = params[:description], date = params[:date]) - allowed = User.current.allowed_to?({:controller => 'projects', :action => "manage_versions"}, @project) - if !allowed - render_status 401, "No permission to manage versions" + # add a new news for a given project + def add_news(author_id = params[:authorId]) + if !request.post? + render_status 405, "POST method required for action add_news" return false end - @version = @project.versions.find_by_name(version) - if !@version - @version = Version.create(:project => @project, :name => version) + allowed = User.current.allowed_to?({:controller => 'news', :action => "new"}, @project) + if !allowed + msg = "No permission to add a news on project "+ @project.name + render_status 401, msg + else + news_user = User.find(author_id) + @news = News.new(:project => @project, :author => news_user) + @news.attributes = params[:news] + if @news.save + Mailer.deliver_news_added(@news) if Setting.notified_events.include?('news_added') + render_status 200, "The news " + @news.title + " was added" + else + render_status 505, "Could not add the news..." + end end - if description - @version['description'] = description - end - if date - @version['effective_date'] = date - end - @version.save - render_result @version end - def add_news + def add_version_attachment + add_attachment end - - def add_file + def add_attachment(attachment = params["attachment"]) + if !request.post? + render_status 405, "POST method required for action add_attachment" + return false + end + container = !@version ? @project : @version + if attachment + file = attachment['file'] + next unless file && file.size > 0 + a = Attachment.create(:container => container, + :file => file, + :description => attachment['description'].to_s.strip, + :author => User.current) + # a.new_record? ? (unsaved << a) : (attached << a) + # end + end + #if !attached.empty? && Setting.notified_events.include?('file_added') + # Mailer.deliver_attachments_added(attached) + #end + render_status 200, a.id end - -private + + private def find_user # Check the settings cache for each request @@ -199,16 +269,16 @@ end end - def find_project(ctrl = params[:controller]) + def find_project() begin - @project = Project.find(params[:project_id]) - allowed = User.current.allowed_to?({:controller => 'rest', :action => "allow_rest"}, @project) + @project = Project.find(params[:project_id]) + allowed = User.current.allowed_to?({:controller => 'rest', :action => "allow_rest"}, @project) if !allowed render_status 401, "No permission to access project nor rest service" end - rescue ActiveRecord::RecordNotFound - render_status 404, "#{params[:project_id]} is not a project" - return false + rescue ActiveRecord::RecordNotFound + render_status 404, "#{params[:project_id]} is not a project" + return false end end @@ -220,19 +290,19 @@ def check_edit # check if user can edit the project - allowed = User.current.allowed_to?({:controller => 'projects', :action => "edit"}, @project) + allowed = User.current.allowed_to?({:controller => 'projects', :action => "edit"}, @project) if !allowed render_status 401, "No permission to edit the project" end end def find_version(version = params[:version_name]) - @version = @project.versions.find_by_name(version) - if !@version - render_status 404, "#{version} is not a version for project #{@project.name}" - end + @version = @project.versions.find_by_name(version) + if !@version + render_status 404, "#{version} is not a version for project #{@project.name}" + end end - + def render_status(code,message) render :text => message, :status => code end @@ -250,6 +320,7 @@ end end end + def render_result(result) respond_to do |format| format.json { render :text => result.to_json } @@ -273,8 +344,9 @@ Redmine::AccessControl.modules_permissions(module_names).collect {|p| p.name} end end + def allowed_actions - @actions_allowed ||= allowed_permissions.inject([]) { |actions, permission| actions += Redmine::AccessControl.allowed_actions(permission) }.flatten + @allowed_actions ||= allowed_permissions.inject([]) { |actions, permission| actions += Redmine::AccessControl.allowed_actions(permission) }.flatten end end