59 lines
1.4 KiB
Ruby
59 lines
1.4 KiB
Ruby
|
# Copyright (C) 2012-2022 Zammad Foundation, https://zammad-foundation.org/
|
||
|
|
||
|
class KnowledgeBase
|
||
|
class EffectivePermission
|
||
|
def initialize(user, object)
|
||
|
@user = user
|
||
|
@object = object
|
||
|
end
|
||
|
|
||
|
def access_effective
|
||
|
return 'none' if !@user
|
||
|
|
||
|
@user.roles.reduce('none') do |memo, role|
|
||
|
access = access_role_effective(role)
|
||
|
|
||
|
return access if access == 'editor'
|
||
|
|
||
|
memo == 'reader' ? memo : access
|
||
|
end
|
||
|
end
|
||
|
|
||
|
private
|
||
|
|
||
|
def permissions
|
||
|
@permissions ||= @object.permissions_effective
|
||
|
end
|
||
|
|
||
|
def access_role_effective(role)
|
||
|
permission = permissions.find { |elem| elem.role == role }
|
||
|
|
||
|
return default_role_access(role) if !permission
|
||
|
|
||
|
calculate_role(role, permission)
|
||
|
end
|
||
|
|
||
|
def calculate_role(role, permission)
|
||
|
if permission.access == 'editor' && role.with_permission?('knowledge_base.editor')
|
||
|
'editor'
|
||
|
elsif %w[editor reader].include?(permission.access) && role.with_permission?(%w[knowledge_base.editor knowledge_base.reader])
|
||
|
'reader'
|
||
|
elsif @object.public_content?
|
||
|
'public_reader'
|
||
|
else
|
||
|
'none'
|
||
|
end
|
||
|
end
|
||
|
|
||
|
def default_role_access(role)
|
||
|
if role.with_permission?('knowledge_base.editor')
|
||
|
'editor'
|
||
|
elsif role.with_permission?('knowledge_base.reader')
|
||
|
'reader'
|
||
|
else
|
||
|
'none'
|
||
|
end
|
||
|
end
|
||
|
end
|
||
|
end
|