From 2d88c25b36ad092c596c8bc61870a2fd053c89c9 Mon Sep 17 00:00:00 2001 From: Martin Edenhofer Date: Tue, 16 Feb 2016 20:34:37 +0100 Subject: [PATCH] Added preferences permission check. --- .../_application_controller_generic.coffee | 39 ++++++++++---- test/browser/prefereces_test.rb | 54 +++++++++++++++++++ 2 files changed, 83 insertions(+), 10 deletions(-) diff --git a/app/assets/javascripts/app/controllers/_application_controller_generic.coffee b/app/assets/javascripts/app/controllers/_application_controller_generic.coffee index 63df1d627..b6c4b06e7 100644 --- a/app/assets/javascripts/app/controllers/_application_controller_generic.coffee +++ b/app/assets/javascripts/app/controllers/_application_controller_generic.coffee @@ -353,25 +353,44 @@ class App.ControllerNavSidbar extends App.ControllerContent @params = params - # get groups + # get accessable groups + roles = App.Session.get('roles') groups = App.Config.get(@configKey) groupsUnsorted = [] - for key, value of groups - if !value.controller - groupsUnsorted.push value + for key, item of groups + if !item.controller + if !item.role + groupsUnsorted.push item + else + match = _.include(item.role, 'Anybody') + if !match + for role in roles + if !match + match = _.include(item.role, role.name) + if match + groupsUnsorted.push item - @groupsSorted = _.sortBy( groupsUnsorted, (item) -> return item.prio ) + @groupsSorted = _.sortBy(groupsUnsorted, (item) -> return item.prio) # get items of group for group in @groupsSorted items = App.Config.get(@configKey) itemsUnsorted = [] - for key, value of items - if value.controller - if value.parent is group.target - itemsUnsorted.push value + for key, item of items + if item.parent is group.target + if item.controller + if !item.role + itemsUnsorted.push item + else + match = _.include(item.role, 'Anybody') + if !match + for role in roles + if !match + match = _.include(item.role, role.name) + if match + itemsUnsorted.push item - group.items = _.sortBy( itemsUnsorted, (item) -> return item.prio ) + group.items = _.sortBy(itemsUnsorted, (item) -> return item.prio) # check last selected item selectedItem = undefined diff --git a/test/browser/prefereces_test.rb b/test/browser/prefereces_test.rb index 8ea3d87ad..1a3f53b4f 100644 --- a/test/browser/prefereces_test.rb +++ b/test/browser/prefereces_test.rb @@ -2,6 +2,60 @@ require 'browser_test_helper' class PreferencesTest < TestCase + def test_permission_agent + @browser = browser_instance + login( + username: 'master@example.com', + password: 'test', + url: browser_url, + ) + click( css: 'a[href="#current_user"]' ) + click( css: 'a[href="#profile"]' ) + match( + css: '.content .NavBarProfile', + value: 'Password', + ) + match( + css: '.content .NavBarProfile', + value: 'Language', + ) + match( + css: '.content .NavBarProfile', + value: 'Notifications', + ) + match( + css: '.content .NavBarProfile', + value: 'Calendar', + ) + end + + def test_permission_customer + @browser = browser_instance + login( + username: 'nicole.braun@zammad.org', + password: 'test', + url: browser_url, + ) + click( css: 'a[href="#current_user"]' ) + click( css: 'a[href="#profile"]' ) + match( + css: '.content .NavBarProfile', + value: 'Password', + ) + match( + css: '.content .NavBarProfile', + value: 'Language', + ) + match_not( + css: '.content .NavBarProfile', + value: 'Notifications', + ) + match_not( + css: '.content .NavBarProfile', + value: 'Calendar', + ) + end + def test_preferences @browser = browser_instance login(