commit
53f56d4087
43 changed files with 141 additions and 108 deletions
2
.gitignore
vendored
2
.gitignore
vendored
|
@ -39,3 +39,5 @@ Gemfile.lock
|
|||
# Ignore local changes to schema.rb (e. g. through extentions)
|
||||
db/schema.rb
|
||||
|
||||
# Ignore Rubymine config
|
||||
/.idea
|
2
CREDITS
2
CREDITS
|
@ -36,7 +36,7 @@ D: Development
|
|||
W: https://github.com/martini
|
||||
--
|
||||
N: Roy Kaldung
|
||||
D: Operations & QA Hero
|
||||
D: DevOps & QA Hero
|
||||
W: https://github.com/rkaldung
|
||||
--
|
||||
N: Felix Niklas
|
||||
|
|
|
@ -82,7 +82,7 @@ class ApplicationController < ActionController::Base
|
|||
#session[:ping] = Time.now.utc.iso8601
|
||||
session[:ping] = DateTime.now.iso8601
|
||||
|
||||
# check if remote ip need to be updated
|
||||
# check if remote ip need to be updated @TODO Move this into model
|
||||
if !session[:remote_id] || session[:remote_id] != request.remote_ip
|
||||
session[:remote_id] = request.remote_ip
|
||||
session[:geo] = GeoIp.location( request.remote_ip )
|
||||
|
|
|
@ -94,7 +94,7 @@ curl http://localhost/api/v1/channels.json -v -u #{login}:#{password}
|
|||
=end
|
||||
|
||||
def index
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_index_render(Channel, params)
|
||||
end
|
||||
|
||||
|
@ -117,7 +117,7 @@ curl http://localhost/api/v1/channels/#{id}.json -v -u #{login}:#{password}
|
|||
=end
|
||||
|
||||
def show
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_show_render(Channel, params)
|
||||
end
|
||||
|
||||
|
@ -153,7 +153,7 @@ curl http://localhost/api/v1/channels.json -v -u #{login}:#{password} -H "Conten
|
|||
=end
|
||||
|
||||
def create
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_create_render(Channel, params)
|
||||
end
|
||||
|
||||
|
@ -190,7 +190,7 @@ curl http://localhost/api/v1/channels.json -v -u #{login}:#{password} -H "Conten
|
|||
=end
|
||||
|
||||
def update
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_update_render(Channel, params)
|
||||
end
|
||||
|
||||
|
@ -208,7 +208,7 @@ curl http://localhost/api/v1/channels.json -v -u #{login}:#{password} -H "Conten
|
|||
=end
|
||||
|
||||
def destroy
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_destory_render(Channel, params)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -97,7 +97,7 @@ curl http://localhost/api/v1/email_addresses.json -v -u #{login}:#{password} -H
|
|||
=end
|
||||
|
||||
def create
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_create_render(EmailAddress, params)
|
||||
end
|
||||
|
||||
|
@ -128,7 +128,7 @@ curl http://localhost/api/v1/email_addresses.json -v -u #{login}:#{password} -H
|
|||
=end
|
||||
|
||||
def update
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_update_render(EmailAddress, params)
|
||||
end
|
||||
|
||||
|
@ -143,7 +143,7 @@ Test:
|
|||
=end
|
||||
|
||||
def destroy
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_destory_render(EmailAddress, params)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -51,7 +51,7 @@ curl http://localhost/api/v1/getting_started -v -u #{login}:#{password}
|
|||
def base
|
||||
|
||||
# check admin permissions
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
|
||||
# validate url
|
||||
messages = {}
|
||||
|
@ -132,7 +132,7 @@ curl http://localhost/api/v1/getting_started -v -u #{login}:#{password}
|
|||
def email_probe
|
||||
|
||||
# check admin permissions
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
|
||||
# validation
|
||||
user = nil
|
||||
|
@ -546,7 +546,7 @@ curl http://localhost/api/v1/getting_started -v -u #{login}:#{password}
|
|||
def email_outbound
|
||||
|
||||
# check admin permissions
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
|
||||
# validate params
|
||||
if !params[:adapter]
|
||||
|
@ -565,7 +565,7 @@ curl http://localhost/api/v1/getting_started -v -u #{login}:#{password}
|
|||
def email_inbound
|
||||
|
||||
# check admin permissions
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
|
||||
# validate params
|
||||
if !params[:adapter]
|
||||
|
@ -585,7 +585,7 @@ curl http://localhost/api/v1/getting_started -v -u #{login}:#{password}
|
|||
def email_verify
|
||||
|
||||
# check admin permissions
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
|
||||
# send verify email to inbox
|
||||
if !params[:subject]
|
||||
|
|
|
@ -101,7 +101,7 @@ curl http://localhost/api/v1/groups.json -v -u #{login}:#{password} -H "Content-
|
|||
=end
|
||||
|
||||
def create
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_create_render(Group, params)
|
||||
end
|
||||
|
||||
|
@ -133,7 +133,7 @@ curl http://localhost/api/v1/groups.json -v -u #{login}:#{password} -H "Content-
|
|||
=end
|
||||
|
||||
def update
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_update_render(Group, params)
|
||||
end
|
||||
|
||||
|
@ -148,7 +148,7 @@ Test:
|
|||
=end
|
||||
|
||||
def destroy
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_destory_render(Group, params)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -4,27 +4,27 @@ class JobsController < ApplicationController
|
|||
before_filter :authentication_check
|
||||
|
||||
def index
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_index_render(Job, params)
|
||||
end
|
||||
|
||||
def show
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_show_render(Job, params)
|
||||
end
|
||||
|
||||
def create
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_create_render(Job, params)
|
||||
end
|
||||
|
||||
def update
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_update_render(Job, params)
|
||||
end
|
||||
|
||||
def destroy
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_destory_render(Job, params)
|
||||
end
|
||||
end
|
|
@ -6,7 +6,7 @@ class ObjectManagerAttributesController < ApplicationController
|
|||
|
||||
# GET /object_manager_attributes_list
|
||||
def list
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
render :json => {
|
||||
:objects => ObjectManager.listFrontendObjects,
|
||||
}
|
||||
|
@ -15,32 +15,32 @@ class ObjectManagerAttributesController < ApplicationController
|
|||
|
||||
# GET /object_manager_attributes
|
||||
def index
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
render :json => ObjectManager::Attribute.list_full
|
||||
#model_index_render(ObjectManager::Attribute, params)
|
||||
end
|
||||
|
||||
# GET /object_manager_attributes/1
|
||||
def show
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_show_render(ObjectManager::Attribute, params)
|
||||
end
|
||||
|
||||
# POST /object_manager_attributes
|
||||
def create
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_create_render(ObjectManager::Attribute, params)
|
||||
end
|
||||
|
||||
# PUT /object_manager_attributes/1
|
||||
def update
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_update_render(ObjectManager::Attribute, params)
|
||||
end
|
||||
|
||||
# DELETE /object_manager_attributes/1
|
||||
def destroy
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_destory_render(ObjectManager::Attribute, params)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -50,7 +50,7 @@ curl http://localhost/api/v1/organizations.json -v -u #{login}:#{password}
|
|||
|
||||
# only allow customer to fetch his own organization
|
||||
organizations = []
|
||||
if is_role('Customer') && !is_role('Admin') && !is_role('Agent')
|
||||
if is_role(Z_ROLENAME_CUSTOMER) && !is_role(Z_ROLENAME_ADMIN) && !is_role(Z_ROLENAME_AGENT)
|
||||
if current_user.organization_id
|
||||
organizations = Organization.where( :id => current_user.organization_id )
|
||||
end
|
||||
|
@ -80,7 +80,7 @@ curl http://localhost/api/v1/organizations/#{id}.json -v -u #{login}:#{password}
|
|||
def show
|
||||
|
||||
# only allow customer to fetch his own organization
|
||||
if is_role('Customer') && !is_role('Admin') && !is_role('Agent')
|
||||
if is_role(Z_ROLENAME_CUSTOMER) && !is_role(Z_ROLENAME_ADMIN) && !is_role(Z_ROLENAME_AGENT)
|
||||
if !current_user.organization_id
|
||||
render :json => {}
|
||||
return
|
||||
|
@ -124,7 +124,7 @@ curl http://localhost/api/v1/organizations.json -v -u #{login}:#{password} -H "C
|
|||
=end
|
||||
|
||||
def create
|
||||
return if deny_if_not_role('Agent')
|
||||
return if deny_if_not_role(Z_ROLENAME_AGENT)
|
||||
model_create_render(Organization, params)
|
||||
end
|
||||
|
||||
|
@ -155,7 +155,7 @@ curl http://localhost/api/v1/organizations.json -v -u #{login}:#{password} -H "C
|
|||
=end
|
||||
|
||||
def update
|
||||
return if deny_if_not_role('Agent')
|
||||
return if deny_if_not_role(Z_ROLENAME_AGENT)
|
||||
model_update_render(Organization, params)
|
||||
end
|
||||
|
||||
|
@ -178,7 +178,7 @@ Test:
|
|||
def history
|
||||
|
||||
# permissin check
|
||||
if !is_role('Admin') && !is_role('Agent')
|
||||
if !is_role(Z_ROLENAME_ADMIN) && !is_role(Z_ROLENAME_AGENT)
|
||||
response_access_deny
|
||||
return
|
||||
end
|
||||
|
|
|
@ -52,7 +52,7 @@ curl http://localhost/api/v1/overviews.json -v -u #{login}:#{password}
|
|||
=end
|
||||
|
||||
def index
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_index_render(Overview, params)
|
||||
end
|
||||
|
||||
|
@ -74,7 +74,7 @@ curl http://localhost/api/v1/overviews/#{id}.json -v -u #{login}:#{password}
|
|||
=end
|
||||
|
||||
def show
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_show_render(Overview, params)
|
||||
end
|
||||
|
||||
|
@ -108,7 +108,7 @@ curl http://localhost/api/v1/overviews.json -v -u #{login}:#{password} -H "Conte
|
|||
=end
|
||||
|
||||
def create
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_create_render(Overview, params)
|
||||
end
|
||||
|
||||
|
@ -142,7 +142,7 @@ curl http://localhost/api/v1/overviews.json -v -u #{login}:#{password} -H "Conte
|
|||
=end
|
||||
|
||||
def update
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_update_render(Overview, params)
|
||||
end
|
||||
|
||||
|
@ -160,7 +160,7 @@ curl http://localhost/api/v1/overviews.json -v -u #{login}:#{password} -H "Conte
|
|||
=end
|
||||
|
||||
def destroy
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_destory_render(Overview, params)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -5,7 +5,7 @@ class PackagesController < ApplicationController
|
|||
|
||||
# GET /api/v1/packages
|
||||
def index
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
packages = Package.all().order('name')
|
||||
render :json => {
|
||||
:packages => packages
|
||||
|
@ -14,7 +14,7 @@ class PackagesController < ApplicationController
|
|||
|
||||
# POST /api/v1/packages
|
||||
def install
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
|
||||
Package.install( :string => params[:file_upload].read )
|
||||
|
||||
|
@ -23,7 +23,7 @@ class PackagesController < ApplicationController
|
|||
|
||||
# DELETE /api/v1/packages
|
||||
def uninstall
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
|
||||
package = Package.find( params[:id] )
|
||||
|
||||
|
|
|
@ -54,7 +54,7 @@ curl http://localhost/api/v1/postmaster_filters.json -v -u #{login}:#{password}
|
|||
=end
|
||||
|
||||
def index
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_index_render(PostmasterFilter, params)
|
||||
end
|
||||
|
||||
|
@ -76,7 +76,7 @@ curl http://localhost/api/v1/postmaster_filters/#{id}.json -v -u #{login}:#{pass
|
|||
=end
|
||||
|
||||
def show
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_show_render(PostmasterFilter, params)
|
||||
end
|
||||
|
||||
|
@ -121,7 +121,7 @@ curl http://localhost/api/v1/postmaster_filters.json -v -u #{login}:#{password}
|
|||
=end
|
||||
|
||||
def create
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_create_render(PostmasterFilter, params)
|
||||
end
|
||||
|
||||
|
@ -164,7 +164,7 @@ curl http://localhost/api/v1/postmaster_filters.json -v -u #{login}:#{password}
|
|||
=end
|
||||
|
||||
def update
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_update_render(PostmasterFilter, params)
|
||||
end
|
||||
|
||||
|
@ -179,7 +179,7 @@ Test:
|
|||
=end
|
||||
|
||||
def destroy
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_destory_render(PostmasterFilter, params)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -95,7 +95,7 @@ curl http://localhost/api/v1/roles.json -v -u #{login}:#{password} -H "Content-T
|
|||
=end
|
||||
|
||||
def create
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_create_render(Role, params)
|
||||
end
|
||||
|
||||
|
@ -124,7 +124,7 @@ curl http://localhost/api/v1/roles.json -v -u #{login}:#{password} -H "Content-T
|
|||
=end
|
||||
|
||||
def update
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_update_render(Role, params)
|
||||
end
|
||||
|
||||
|
@ -139,7 +139,7 @@ Test:
|
|||
=end
|
||||
|
||||
def destroy
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_destory_render(Role, params)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -7,7 +7,7 @@ class SearchController < ApplicationController
|
|||
def search_user_org
|
||||
|
||||
# enable search only for agents and admins
|
||||
if !current_user.is_role('Agent') && !current_user.is_role('Admin')
|
||||
if !current_user.is_role(Z_ROLENAME_AGENT) && !current_user.is_role(Z_ROLENAME_ADMIN)
|
||||
response_access_deny
|
||||
return true
|
||||
end
|
||||
|
|
|
@ -24,7 +24,7 @@ module ExtraCollection
|
|||
Group.all.each {|item|
|
||||
assets = item.assets(assets)
|
||||
}
|
||||
if !user.is_role('Customer')
|
||||
if !user.is_role(Z_ROLENAME_CUSTOMER)
|
||||
collections[ Organization.to_app_model ] = []
|
||||
Organization.all.each {|item|
|
||||
assets = item.assets(assets)
|
||||
|
|
|
@ -24,7 +24,7 @@ module ExtraCollection
|
|||
Ticket::Article::Sender.all.each {|item|
|
||||
assets = item.assets(assets)
|
||||
}
|
||||
if !user.is_role('Customer')
|
||||
if !user.is_role(Z_ROLENAME_CUSTOMER)
|
||||
|
||||
# all signatures
|
||||
collections[ Signature.to_app_model ] = []
|
||||
|
|
|
@ -190,7 +190,7 @@ class SessionsController < ApplicationController
|
|||
|
||||
# "switch" to user
|
||||
def switch_to_user
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
|
||||
# check user
|
||||
if !params[:id]
|
||||
|
@ -256,7 +256,7 @@ class SessionsController < ApplicationController
|
|||
end
|
||||
|
||||
def list
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
assets = {}
|
||||
sessions_clean = []
|
||||
SessionHelper.list.each {|session|
|
||||
|
@ -274,7 +274,7 @@ class SessionsController < ApplicationController
|
|||
end
|
||||
|
||||
def delete
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
SessionHelper::destroy( params[:id] )
|
||||
render :json => {}
|
||||
end
|
||||
|
|
|
@ -5,31 +5,31 @@ class SettingsController < ApplicationController
|
|||
|
||||
# GET /settings
|
||||
def index
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_index_render(Setting, params)
|
||||
end
|
||||
|
||||
# GET /settings/1
|
||||
def show
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_show_render(Setting, params)
|
||||
end
|
||||
|
||||
# POST /settings
|
||||
def create
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_create_render(Setting, params)
|
||||
end
|
||||
|
||||
# PUT /settings/1
|
||||
def update
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_update_render(Setting, params)
|
||||
end
|
||||
|
||||
# DELETE /settings/1
|
||||
def destroy
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_destory_render(Setting, params)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -96,7 +96,7 @@ curl http://localhost/api/v1/signatures.json -v -u #{login}:#{password} -H "Cont
|
|||
=end
|
||||
|
||||
def create
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_create_render(Signature, params)
|
||||
end
|
||||
|
||||
|
@ -125,7 +125,7 @@ curl http://localhost/api/v1/signatures.json -v -u #{login}:#{password} -H "Cont
|
|||
=end
|
||||
|
||||
def update
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_update_render(Signature, params)
|
||||
end
|
||||
|
||||
|
@ -140,7 +140,7 @@ Test:
|
|||
=end
|
||||
|
||||
def destroy
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_destory_render(Signature, params)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -47,7 +47,7 @@ curl http://localhost/api/v1/slas.json -v -u #{login}:#{password}
|
|||
=end
|
||||
|
||||
def index
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_index_render(Sla, params)
|
||||
end
|
||||
|
||||
|
@ -69,7 +69,7 @@ curl http://localhost/api/v1/slas/#{id}.json -v -u #{login}:#{password}
|
|||
=end
|
||||
|
||||
def show
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_show_render(Sla, params)
|
||||
end
|
||||
|
||||
|
@ -98,7 +98,7 @@ curl http://localhost/api/v1/slas.json -v -u #{login}:#{password} -H "Content-Ty
|
|||
=end
|
||||
|
||||
def create
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_create_render(Sla, params)
|
||||
end
|
||||
|
||||
|
@ -127,7 +127,7 @@ curl http://localhost/api/v1/slas.json -v -u #{login}:#{password} -H "Content-Ty
|
|||
=end
|
||||
|
||||
def update
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_update_render(Sla, params)
|
||||
end
|
||||
|
||||
|
@ -145,7 +145,7 @@ curl http://localhost/api/v1/slas.json -v -u #{login}:#{password} -H "Content-Ty
|
|||
=end
|
||||
|
||||
def destroy
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_destory_render(Sla, params)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -15,19 +15,19 @@ class TicketPrioritiesController < ApplicationController
|
|||
|
||||
# POST /ticket_priorities
|
||||
def create
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_create_render(Ticket::Priority, params)
|
||||
end
|
||||
|
||||
# PUT /ticket_priorities/1
|
||||
def update
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_update_render(Ticket::Priority, params)
|
||||
end
|
||||
|
||||
# DELETE /ticket_priorities/1
|
||||
def destroy
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_destory_render(Ticket::Priority, params)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -80,7 +80,7 @@ class TicketsController < ApplicationController
|
|||
def destroy
|
||||
ticket = Ticket.find( params[:id] )
|
||||
|
||||
# permissin check
|
||||
# permission check
|
||||
return if !ticket_permission(ticket)
|
||||
|
||||
ticket.destroy
|
||||
|
@ -241,7 +241,7 @@ class TicketsController < ApplicationController
|
|||
articles.each {|article|
|
||||
|
||||
# ignore internal article if customer is requesting
|
||||
next if article.internal == true && is_role('Customer')
|
||||
next if article.internal == true && is_role(Z_ROLENAME_CUSTOMER)
|
||||
|
||||
# load article ids
|
||||
article_ids.push article.id
|
||||
|
|
|
@ -15,7 +15,7 @@ class UsersController < ApplicationController
|
|||
def index
|
||||
|
||||
# only allow customer to fetch him self
|
||||
if is_role('Customer') && !is_role('Admin') && !is_role('Agent')
|
||||
if is_role(Z_ROLENAME_CUSTOMER) && !is_role(Z_ROLENAME_ADMIN) && !is_role('Agent')
|
||||
users = User.where( :id => current_user.id )
|
||||
else
|
||||
users = User.all
|
||||
|
@ -85,7 +85,7 @@ class UsersController < ApplicationController
|
|||
group_ids = []
|
||||
role_ids = []
|
||||
if count <= 2
|
||||
Role.where( :name => [ 'Admin', 'Agent'] ).each { |role|
|
||||
Role.where( :name => [ Z_ROLENAME_ADMIN, 'Agent'] ).each { |role|
|
||||
role_ids.push role.id
|
||||
}
|
||||
Group.all().each { |group|
|
||||
|
@ -94,7 +94,7 @@ class UsersController < ApplicationController
|
|||
|
||||
# everybody else will go as customer per default
|
||||
else
|
||||
role_ids.push Role.where( :name => 'Customer' ).first.id
|
||||
role_ids.push Role.where( :name => Z_ROLENAME_CUSTOMER ).first.id
|
||||
end
|
||||
user.role_ids = role_ids
|
||||
user.group_ids = group_ids
|
||||
|
@ -203,17 +203,17 @@ class UsersController < ApplicationController
|
|||
user.update_attributes( User.param_cleanup(params) )
|
||||
|
||||
# only allow Admin's and Agent's
|
||||
if is_role('Admin') && is_role('Agent') && params[:role_ids]
|
||||
if is_role(Z_ROLENAME_ADMIN) && is_role('Agent') && params[:role_ids]
|
||||
user.role_ids = params[:role_ids]
|
||||
end
|
||||
|
||||
# only allow Admin's
|
||||
if is_role('Admin') && params[:group_ids]
|
||||
if is_role(Z_ROLENAME_ADMIN) && params[:group_ids]
|
||||
user.group_ids = params[:group_ids]
|
||||
end
|
||||
|
||||
# only allow Admin's and Agent's
|
||||
if is_role('Admin') && is_role('Agent') && params[:organization_ids]
|
||||
if is_role(Z_ROLENAME_ADMIN) && is_role('Agent') && params[:organization_ids]
|
||||
user.organization_ids = params[:organization_ids]
|
||||
end
|
||||
|
||||
|
@ -235,7 +235,7 @@ class UsersController < ApplicationController
|
|||
# @response_message 200 User successfully deleted.
|
||||
# @response_message 401 Invalid session.
|
||||
def destroy
|
||||
return if deny_if_not_role('Admin')
|
||||
return if deny_if_not_role(Z_ROLENAME_ADMIN)
|
||||
model_destory_render(User, params)
|
||||
end
|
||||
|
||||
|
@ -260,7 +260,7 @@ class UsersController < ApplicationController
|
|||
# @response_message 401 Invalid session.
|
||||
def search
|
||||
|
||||
if is_role('Customer') && !is_role('Admin') && !is_role('Agent')
|
||||
if is_role(Z_ROLENAME_CUSTOMER) && !is_role(Z_ROLENAME_ADMIN) && !is_role('Agent')
|
||||
response_access_deny
|
||||
return
|
||||
end
|
||||
|
@ -324,7 +324,7 @@ class UsersController < ApplicationController
|
|||
def history
|
||||
|
||||
# permissin check
|
||||
if !is_role('Admin') && !is_role('Agent')
|
||||
if !is_role(Z_ROLENAME_ADMIN) && !is_role('Agent')
|
||||
response_access_deny
|
||||
return
|
||||
end
|
||||
|
@ -715,7 +715,7 @@ curl http://localhost/api/v1/users/avatar -v -u #{login}:#{password} -H "Content
|
|||
end
|
||||
|
||||
def permission_check_by_role
|
||||
return true if is_role('Admin')
|
||||
return true if is_role(Z_ROLENAME_ADMIN)
|
||||
return true if is_role('Agent')
|
||||
|
||||
response_access_deny
|
||||
|
@ -723,11 +723,11 @@ curl http://localhost/api/v1/users/avatar -v -u #{login}:#{password} -H "Content
|
|||
end
|
||||
|
||||
def permission_check
|
||||
return true if is_role('Admin')
|
||||
return true if is_role(Z_ROLENAME_ADMIN)
|
||||
return true if is_role('Agent')
|
||||
|
||||
# allow to update customer by him self
|
||||
return true if is_role('Customer') && params[:id].to_i == current_user.id
|
||||
return true if is_role(Z_ROLENAME_CUSTOMER) && params[:id].to_i == current_user.id
|
||||
|
||||
response_access_deny
|
||||
return false
|
||||
|
|
|
@ -5,7 +5,7 @@ class Avatar < ApplicationModel
|
|||
|
||||
=begin
|
||||
|
||||
add a avatar based on auto detection (email address)
|
||||
add an avatar based on auto detection (email address)
|
||||
|
||||
Avatar.auto_detection(
|
||||
:object => 'User',
|
||||
|
@ -72,7 +72,7 @@ add a avatar
|
|||
object_id = ObjectLookup.by_name( data[:object] )
|
||||
end
|
||||
|
||||
# add inital avatar
|
||||
# add initial avatar
|
||||
add_init_avatar(object_id, data[:o_id])
|
||||
|
||||
record = {
|
||||
|
@ -80,7 +80,8 @@ add a avatar
|
|||
:object_lookup_id => object_id,
|
||||
:default => true,
|
||||
:deletable => data[:deletable],
|
||||
:inital => false,
|
||||
# @TODO Check how to fix typos in database fields inital -> initial
|
||||
:initial => false,
|
||||
:source => data[:source],
|
||||
:source_url => data[:url],
|
||||
:updated_by_id => data[:updated_by_id],
|
||||
|
@ -120,6 +121,7 @@ add a avatar
|
|||
if !response.success?
|
||||
#puts "WARNING: Can't fetch '#{self.image_source}' (maybe no avatar available), http code: #{response.code.to_s}"
|
||||
#raise "Can't fetch '#{self.image_source}', http code: #{response.code.to_s}"
|
||||
# @TODO remove comment and log instead
|
||||
return
|
||||
end
|
||||
#puts "NOTICE: Fetch '#{self.image_source}', http code: #{response.code.to_s}"
|
||||
|
@ -273,9 +275,9 @@ return all avatars of an user
|
|||
avatars = Avatar.where(
|
||||
:object_lookup_id => object_id,
|
||||
:o_id => o_id,
|
||||
).order( 'inital DESC, deletable ASC, created_at ASC, id DESC' )
|
||||
).order( 'initial DESC, deletable ASC, created_at ASC, id DESC' )
|
||||
|
||||
# add inital avatar
|
||||
# add initial avatar
|
||||
add_init_avatar(object_id, o_id)
|
||||
|
||||
avatar_list = []
|
||||
|
@ -358,7 +360,7 @@ returns:
|
|||
:object_lookup_id => object_id,
|
||||
:default => true,
|
||||
:source => 'init',
|
||||
:inital => true,
|
||||
:initial => true,
|
||||
:deletable => false,
|
||||
:updated_by_id => 1,
|
||||
:created_by_id => 1,
|
||||
|
|
|
@ -6,6 +6,6 @@ class Group < ApplicationModel
|
|||
belongs_to :signature
|
||||
validates :name, :presence => true
|
||||
|
||||
activity_stream_support :role => 'Admin'
|
||||
activity_stream_support :role => Z_ROLENAME_ADMIN
|
||||
history_support
|
||||
end
|
||||
|
|
|
@ -11,7 +11,7 @@ class Organization < ApplicationModel
|
|||
has_many :members, :class_name => 'User'
|
||||
validates :name, :presence => true
|
||||
|
||||
activity_stream_support :role => 'Admin'
|
||||
activity_stream_support :role => Z_ROLENAME_ADMIN
|
||||
history_support
|
||||
search_index_support
|
||||
notify_clients_support
|
||||
|
|
|
@ -30,7 +30,7 @@ returns
|
|||
end
|
||||
|
||||
# check agent
|
||||
return true if data[:current_user].is_role('Admin')
|
||||
return true if data[:current_user].is_role(Z_ROLENAME_ADMIN)
|
||||
return true if data[:current_user].is_role('Agent')
|
||||
return false
|
||||
end
|
||||
|
|
|
@ -26,7 +26,7 @@ returns
|
|||
current_user = params[:current_user]
|
||||
|
||||
# enable search only for agents and admins
|
||||
return [] if !current_user.is_role('Agent') && !current_user.is_role('Admin')
|
||||
return [] if !current_user.is_role('Agent') && !current_user.is_role(Z_ROLENAME_ADMIN)
|
||||
|
||||
# try search index backend
|
||||
if SearchIndexBackend.enabled?
|
||||
|
|
|
@ -4,5 +4,5 @@ class Role < ApplicationModel
|
|||
|
||||
has_and_belongs_to_many :users, :after_add => :cache_update, :after_remove => :cache_update
|
||||
validates :name, :presence => true
|
||||
activity_stream_support :role => 'Admin'
|
||||
activity_stream_support :role => Z_ROLENAME_ADMIN
|
||||
end
|
||||
|
|
|
@ -74,14 +74,14 @@ returns
|
|||
=end
|
||||
|
||||
def agent_of_group
|
||||
Group.find( self.group_id ).users.where( :active => true ).joins(:roles).where( 'roles.name' => 'Agent', 'roles.active' => true ).uniq()
|
||||
Group.find( self.group_id ).users.where( :active => true ).joins(:roles).where( 'roles.name' => Z_ROLENAME_AGENT, 'roles.active' => true ).uniq()
|
||||
end
|
||||
|
||||
=begin
|
||||
|
||||
get user access conditions
|
||||
|
||||
connditions = Ticket.access_condition( User.find(1) )
|
||||
conditions = Ticket.access_condition( User.find(1) )
|
||||
|
||||
returns
|
||||
|
||||
|
@ -91,7 +91,7 @@ returns
|
|||
|
||||
def self.access_condition(user)
|
||||
access_condition = []
|
||||
if user.is_role('Agent')
|
||||
if user.is_role(Z_ROLENAME_AGENT)
|
||||
group_ids = Group.select( 'groups.id' ).joins(:users).
|
||||
where( 'groups_users.user_id = ?', user.id ).
|
||||
where( 'groups.active = ?', true ).
|
||||
|
@ -136,7 +136,7 @@ returns
|
|||
Ticket::Article.create(
|
||||
:ticket_id => self.id,
|
||||
:type_id => Ticket::Article::Type.lookup( :name => 'note' ).id,
|
||||
:sender_id => Ticket::Article::Sender.lookup( :name => 'Agent' ).id,
|
||||
:sender_id => Ticket::Article::Sender.lookup( :name => Z_ROLENAME_AGENT ).id,
|
||||
:body => 'merged',
|
||||
:internal => false
|
||||
)
|
||||
|
|
|
@ -47,7 +47,7 @@ class User < ApplicationModel
|
|||
store :preferences
|
||||
|
||||
activity_stream_support(
|
||||
:role => 'Admin',
|
||||
:role => Z_ROLENAME_ADMIN,
|
||||
:ignore_attributes => {
|
||||
:last_login => true,
|
||||
:image => true,
|
||||
|
|
|
@ -18,7 +18,7 @@ returns
|
|||
def permission (data)
|
||||
|
||||
# check customer
|
||||
if data[:current_user].is_role('Customer')
|
||||
if data[:current_user].is_role(Z_ROLENAME_CUSTOMER)
|
||||
|
||||
# access ok if its own user
|
||||
return true if self.id == data[:current_user].id
|
||||
|
@ -28,7 +28,7 @@ returns
|
|||
end
|
||||
|
||||
# check agent
|
||||
return true if data[:current_user].is_role('Admin')
|
||||
return true if data[:current_user].is_role(Z_ROLENAME_ADMIN)
|
||||
return true if data[:current_user].is_role('Agent')
|
||||
return false
|
||||
end
|
||||
|
|
|
@ -26,7 +26,7 @@ returns
|
|||
current_user = params[:current_user]
|
||||
|
||||
# enable search only for agents and admins
|
||||
return [] if !current_user.is_role('Agent') && !current_user.is_role('Admin')
|
||||
return [] if !current_user.is_role('Agent') && !current_user.is_role(Z_ROLENAME_ADMIN)
|
||||
|
||||
# try search index backend
|
||||
if SearchIndexBackend.enabled?
|
||||
|
|
8
db/migrate/20150215082745_rename_avatar_typo.rb
Normal file
8
db/migrate/20150215082745_rename_avatar_typo.rb
Normal file
|
@ -0,0 +1,8 @@
|
|||
class RenameAvatarTypo < ActiveRecord::Migration
|
||||
def up
|
||||
rename_column :avatars, :inital, :initial
|
||||
end
|
||||
def down
|
||||
rename_column :avatars, :initial, :inital
|
||||
end
|
||||
end
|
|
@ -4,10 +4,10 @@
|
|||
|
||||
* case
|
||||
|
||||
All request are named case. In other systems this is also called issues, ticket, etc.
|
||||
All request are named case. In other systems this is also called issue, ticket, etc.
|
||||
|
||||
* channel
|
||||
Channels are the incoming and outgoing ways where articles flow. There are assigned to groups. Channels can be e-mail, chat, twitter, etc. New channels can be added via the plugin mechanism.
|
||||
Channels are the incoming and outgoing ways where articles flow. They are assigned to groups. Channels can be e-mail, chat, twitter, etc. New channels can be added via the plugin mechanism.
|
||||
|
||||
* group
|
||||
|
||||
|
|
20
doc/PERMISSIONS.md
Normal file
20
doc/PERMISSIONS.md
Normal file
|
@ -0,0 +1,20 @@
|
|||
##List of available permissions in Zammad
|
||||
|
||||
###Channel administrator
|
||||
Add, modify and delete channels.
|
||||
###Channel manager
|
||||
Modify channels.
|
||||
###Group administrator
|
||||
Add, modify and delete groups.
|
||||
###Group manager
|
||||
Modify groups.
|
||||
###System administrator
|
||||
Overall permission.
|
||||
###User administrator
|
||||
Manage users w/ type agent and user.
|
||||
###Customer administrator
|
||||
Is allowed to add, modify and delete customer.
|
||||
###Customer manager
|
||||
Has the permission to add and modify.
|
||||
###Organization administrator
|
||||
###Organization manager
|
|
@ -48,6 +48,7 @@ returns
|
|||
|
||||
if uri.scheme =~ /https/i
|
||||
http.use_ssl = true
|
||||
# @TODO verify_mode should be configurable
|
||||
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
|
||||
end
|
||||
|
||||
|
@ -133,7 +134,7 @@ returns
|
|||
)
|
||||
end
|
||||
|
||||
raise "Unable to proccess http call '#{response.inspect}'"
|
||||
raise "Unable to process http call '#{response.inspect}'"
|
||||
end
|
||||
|
||||
def self.ftp(uri,options)
|
||||
|
|
0
test/fixtures/.gitkeep
vendored
0
test/fixtures/.gitkeep
vendored
Loading…
Reference in a new issue