Don't reveal issue subjects if user is only allowed to view spent time (#3187).

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3043 e93f8b46-1217-0410-a6f0-8f06a7374b81

Don't reveal issue subjects if user is only allowed to view spent time (#3187).
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3043 e93f8b46-1217-0410-a6f0-8f06a7374b81
1a65eb8b · Jean-Philippe Lang · ed15b2aa · 1a65eb8b · 1a65eb8b
Commit 1a65eb8b authored Nov 14, 2009 by Jean-Philippe Lang
Hide whitespace changes
Inline Side-by-side

Showing with 20 additions and 3 deletions

timelog_helper.rb app/helpers/timelog_helper.rb +19 -2

_list.rhtml app/views/timelog/_list.rhtml +1 -1

No files found.
--- a/app/helpers/timelog_helper.rb
+++ b/app/helpers/timelog_helper.rb
@@ -22,7 +22,13 @@ module TimelogHelper
    links = []
    links << link_to(l(:label_project_all), {:project_id => nil, :issue_id => nil})
    links << link_to(h(@project), {:project_id => @project, :issue_id => nil}) if @project
-    links << link_to_issue(@issue, :subject => false) if @issue
+    if @issue
+      if @issue.visible?
+        links << link_to_issue(@issue, :subject => false)
+      else
+        links << "##{@issue.id}"
+      end
+    end
    breadcrumb links
  end
@@ -118,7 +124,18 @@ module TimelogHelper
  end
  def format_criteria_value(criteria, value)
-    value.blank? ? l(:label_none) : ((k = @available_criterias[criteria][:klass]) ? k.find_by_id(value.to_i) : format_value(value, @available_criterias[criteria][:format]))
+    if value.blank?
+      l(:label_none)
+    elsif k = @available_criterias[criteria][:klass]
+      obj = k.find_by_id(value.to_i)
+      if obj.is_a?(Issue)
+        obj.visible? ? "#{obj.tracker} ##{obj.id}: #{obj.subject}" : "##{obj.id}"
+      else
+        obj
+      end
+    else
+      format_value(value, @available_criterias[criteria][:format])
+    end
  end
  def report_to_csv(criterias, periods, hours)

--- a/app/views/timelog/_list.rhtml
+++ b/app/views/timelog/_list.rhtml
@@ -20,7 +20,7 @@
 <td class="project"><%=h entry.project %></td>
 <td class="subject">
 <% if entry.issue -%>
-<%= link_to_issue entry.issue, :truncate => 50 -%>
+<%= entry.issue.visible? ? link_to_issue(entry.issue, :truncate => 50) : "##{entry.issue.id}" -%>
 <% end -%>
 </td>
 <td class="comments"><%=h entry.comments %></td>