Fixed issue 167, timeline feed URL should only include auth token for private projects.
This commit is contained in:
Loic d'Anterroches
parent
b6c5e803cb
commit
e5934e0a3a
@ -32,6 +32,14 @@ class IDF_Project extends Pluf_Model
|
||||
public $_model = __CLASS__;
|
||||
public $_extra_cache = array();
|
||||
protected $_pconf = null;
|
||||
/**
|
||||
* Check if the project as one restricted tab.
|
||||
*
|
||||
* This is the cached information.
|
||||
*
|
||||
* @see self::isRestricted
|
||||
*/
|
||||
protected $_isRestricted = null;
|
||||
|
||||
function init()
|
||||
{
|
||||
@ -617,4 +625,37 @@ class IDF_Project extends Pluf_Model
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if the project has one restricted tab.
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
public function isRestricted()
|
||||
{
|
||||
if ($this->_isRestricted !== null) {
|
||||
return $this->_isRestricted;
|
||||
}
|
||||
if ($this->private) {
|
||||
$this->_isRestricted = true;
|
||||
return true;
|
||||
}
|
||||
$tabs = array(
|
||||
'source_access_rights',
|
||||
'issues_access_rights',
|
||||
'downloads_access_rights',
|
||||
'wiki_access_rights',
|
||||
'review_access_rights'
|
||||
);
|
||||
$conf = $this->getConf();
|
||||
foreach ($tabs as $tab) {
|
||||
if (!in_array($conf->getVal($tab, 'all'),
|
||||
array('all', 'none'))) {
|
||||
$this->_isRestricted = true;
|
||||
return true;
|
||||
}
|
||||
}
|
||||
$this->_isRestricted = false;
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
@ -120,7 +120,7 @@ class IDF_Views_Project
|
||||
$tags = IDF_Views_Wiki::getWikiTags($prj);
|
||||
$pages = $tags[0]->get_idf_wikipage_list();
|
||||
}
|
||||
if (!$request->user->isAnonymous()) {
|
||||
if (!$request->user->isAnonymous() and $prj->isRestricted()) {
|
||||
$feedurl = Pluf_HTTP_URL_urlForView('idf_project_timeline_feed_auth',
|
||||
array($prj->shortname,
|
||||
IDF_Precondition::genFeedToken($prj, $request->user)));
|
||||
|
||||
Loading…
Reference in New Issue
Block a user