replaced literal w/ constant
This commit is contained in:
parent
8ccb441395
commit
4954557ccd
6 changed files with 10 additions and 10 deletions
|
@ -50,7 +50,7 @@ curl http://localhost/api/v1/organizations.json -v -u #{login}:#{password}
|
||||||
|
|
||||||
# only allow customer to fetch his own organization
|
# only allow customer to fetch his own organization
|
||||||
organizations = []
|
organizations = []
|
||||||
if is_role('Customer') && !is_role('Admin') && !is_role('Agent')
|
if is_role(Z_ROLENAME_CUSTOMER) && !is_role('Admin') && !is_role('Agent')
|
||||||
if current_user.organization_id
|
if current_user.organization_id
|
||||||
organizations = Organization.where( :id => current_user.organization_id )
|
organizations = Organization.where( :id => current_user.organization_id )
|
||||||
end
|
end
|
||||||
|
@ -80,7 +80,7 @@ curl http://localhost/api/v1/organizations/#{id}.json -v -u #{login}:#{password}
|
||||||
def show
|
def show
|
||||||
|
|
||||||
# only allow customer to fetch his own organization
|
# only allow customer to fetch his own organization
|
||||||
if is_role('Customer') && !is_role('Admin') && !is_role('Agent')
|
if is_role(Z_ROLENAME_CUSTOMER) && !is_role('Admin') && !is_role('Agent')
|
||||||
if !current_user.organization_id
|
if !current_user.organization_id
|
||||||
render :json => {}
|
render :json => {}
|
||||||
return
|
return
|
||||||
|
|
|
@ -24,7 +24,7 @@ module ExtraCollection
|
||||||
Group.all.each {|item|
|
Group.all.each {|item|
|
||||||
assets = item.assets(assets)
|
assets = item.assets(assets)
|
||||||
}
|
}
|
||||||
if !user.is_role('Customer')
|
if !user.is_role(Z_ROLENAME_CUSTOMER)
|
||||||
collections[ Organization.to_app_model ] = []
|
collections[ Organization.to_app_model ] = []
|
||||||
Organization.all.each {|item|
|
Organization.all.each {|item|
|
||||||
assets = item.assets(assets)
|
assets = item.assets(assets)
|
||||||
|
|
|
@ -24,7 +24,7 @@ module ExtraCollection
|
||||||
Ticket::Article::Sender.all.each {|item|
|
Ticket::Article::Sender.all.each {|item|
|
||||||
assets = item.assets(assets)
|
assets = item.assets(assets)
|
||||||
}
|
}
|
||||||
if !user.is_role('Customer')
|
if !user.is_role(Z_ROLENAME_CUSTOMER)
|
||||||
|
|
||||||
# all signatures
|
# all signatures
|
||||||
collections[ Signature.to_app_model ] = []
|
collections[ Signature.to_app_model ] = []
|
||||||
|
|
|
@ -241,7 +241,7 @@ class TicketsController < ApplicationController
|
||||||
articles.each {|article|
|
articles.each {|article|
|
||||||
|
|
||||||
# ignore internal article if customer is requesting
|
# ignore internal article if customer is requesting
|
||||||
next if article.internal == true && is_role('Customer')
|
next if article.internal == true && is_role(Z_ROLENAME_CUSTOMER)
|
||||||
|
|
||||||
# load article ids
|
# load article ids
|
||||||
article_ids.push article.id
|
article_ids.push article.id
|
||||||
|
|
|
@ -15,7 +15,7 @@ class UsersController < ApplicationController
|
||||||
def index
|
def index
|
||||||
|
|
||||||
# only allow customer to fetch him self
|
# only allow customer to fetch him self
|
||||||
if is_role('Customer') && !is_role('Admin') && !is_role('Agent')
|
if is_role(Z_ROLENAME_CUSTOMER) && !is_role('Admin') && !is_role('Agent')
|
||||||
users = User.where( :id => current_user.id )
|
users = User.where( :id => current_user.id )
|
||||||
else
|
else
|
||||||
users = User.all
|
users = User.all
|
||||||
|
@ -94,7 +94,7 @@ class UsersController < ApplicationController
|
||||||
|
|
||||||
# everybody else will go as customer per default
|
# everybody else will go as customer per default
|
||||||
else
|
else
|
||||||
role_ids.push Role.where( :name => 'Customer' ).first.id
|
role_ids.push Role.where( :name => Z_ROLENAME_CUSTOMER ).first.id
|
||||||
end
|
end
|
||||||
user.role_ids = role_ids
|
user.role_ids = role_ids
|
||||||
user.group_ids = group_ids
|
user.group_ids = group_ids
|
||||||
|
@ -260,7 +260,7 @@ class UsersController < ApplicationController
|
||||||
# @response_message 401 Invalid session.
|
# @response_message 401 Invalid session.
|
||||||
def search
|
def search
|
||||||
|
|
||||||
if is_role('Customer') && !is_role('Admin') && !is_role('Agent')
|
if is_role(Z_ROLENAME_CUSTOMER) && !is_role('Admin') && !is_role('Agent')
|
||||||
response_access_deny
|
response_access_deny
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
|
@ -727,7 +727,7 @@ curl http://localhost/api/v1/users/avatar -v -u #{login}:#{password} -H "Content
|
||||||
return true if is_role('Agent')
|
return true if is_role('Agent')
|
||||||
|
|
||||||
# allow to update customer by him self
|
# allow to update customer by him self
|
||||||
return true if is_role('Customer') && params[:id].to_i == current_user.id
|
return true if is_role(Z_ROLENAME_CUSTOMER) && params[:id].to_i == current_user.id
|
||||||
|
|
||||||
response_access_deny
|
response_access_deny
|
||||||
return false
|
return false
|
||||||
|
|
|
@ -18,7 +18,7 @@ returns
|
||||||
def permission (data)
|
def permission (data)
|
||||||
|
|
||||||
# check customer
|
# check customer
|
||||||
if data[:current_user].is_role('Customer')
|
if data[:current_user].is_role(Z_ROLENAME_CUSTOMER)
|
||||||
|
|
||||||
# access ok if its own user
|
# access ok if its own user
|
||||||
return true if self.id == data[:current_user].id
|
return true if self.id == data[:current_user].id
|
||||||
|
|
Loading…
Reference in a new issue