Added preferences permission check.

2016-02-16 20:34:37 +01:00 · 2016-02-16 20:34:37 +01:00 · 2d88c25b36
commit 2d88c25b36
parent a20c6e438a
2 changed files with 83 additions and 10 deletions
--- a/app/assets/javascripts/app/controllers/_application_controller_generic.coffee
+++ b/app/assets/javascripts/app/controllers/_application_controller_generic.coffee
@ -353,25 +353,44 @@ class App.ControllerNavSidbar extends App.ControllerContent

    @params = params

-    # get groups
+    # get accessable groups
+    roles = App.Session.get('roles')
    groups = App.Config.get(@configKey)
    groupsUnsorted = []
-    for key, value of groups
-      if !value.controller
-        groupsUnsorted.push value
+    for key, item of groups
+      if !item.controller
+        if !item.role
+          groupsUnsorted.push item
+        else
+          match = _.include(item.role, 'Anybody')
+          if !match
+            for role in roles
+              if !match
+                match = _.include(item.role, role.name)
+          if match
+            groupsUnsorted.push item

-    @groupsSorted = _.sortBy( groupsUnsorted, (item) -> return item.prio )
+    @groupsSorted = _.sortBy(groupsUnsorted, (item) -> return item.prio)

    # get items of group
    for group in @groupsSorted
      items = App.Config.get(@configKey)
      itemsUnsorted = []
-      for key, value of items
-        if value.controller
-          if value.parent is group.target
-            itemsUnsorted.push value
+      for key, item of items
+        if item.parent is group.target
+          if item.controller
+            if !item.role
+              itemsUnsorted.push item
+            else
+              match = _.include(item.role, 'Anybody')
+              if !match
+                for role in roles
+                  if !match
+                    match = _.include(item.role, role.name)
+              if match
+                itemsUnsorted.push item

-      group.items = _.sortBy( itemsUnsorted, (item) -> return item.prio )
+      group.items = _.sortBy(itemsUnsorted, (item) -> return item.prio)

    # check last selected item
    selectedItem = undefined
--- a/test/browser/prefereces_test.rb
+++ b/test/browser/prefereces_test.rb
@ -2,6 +2,60 @@
 require 'browser_test_helper'

 class PreferencesTest < TestCase
+  def test_permission_agent
+    @browser = browser_instance
+    login(
+      username: 'master@example.com',
+      password: 'test',
+      url: browser_url,
+    )
+    click( css: 'a[href="#current_user"]' )
+    click( css: 'a[href="#profile"]' )
+    match(
+      css: '.content .NavBarProfile',
+      value: 'Password',
+    )
+    match(
+      css: '.content .NavBarProfile',
+      value: 'Language',
+    )
+    match(
+      css: '.content .NavBarProfile',
+      value: 'Notifications',
+    )
+    match(
+      css: '.content .NavBarProfile',
+      value: 'Calendar',
+    )
+  end
+
+  def test_permission_customer
+    @browser = browser_instance
+    login(
+      username: 'nicole.braun@zammad.org',
+      password: 'test',
+      url: browser_url,
+    )
+    click( css: 'a[href="#current_user"]' )
+    click( css: 'a[href="#profile"]' )
+    match(
+      css: '.content .NavBarProfile',
+      value: 'Password',
+    )
+    match(
+      css: '.content .NavBarProfile',
+      value: 'Language',
+    )
+    match_not(
+      css: '.content .NavBarProfile',
+      value: 'Notifications',
+    )
+    match_not(
+      css: '.content .NavBarProfile',
+      value: 'Calendar',
+    )
+  end
+
  def test_preferences
    @browser = browser_instance
    login(