Sutty/trabajo-afectivo
5
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

- Corrected with rubocop cop 'Style/PredicateName'.

Browse source 
- Removed application_module method 'is_not_role', was never used.
- Renamed Sessions::Backend::Collections methods is_role_set to roles_add.
- Renamed Sessions::Backend::Collections methods is_not_role_set to not_roles_add.
This commit is contained in:
Thorsten Eckel 2015-05-08 10:15:45 +02:00
parent 06b5a8df9e
commit 7f67e6f00a
22 changed files with 65 additions and 68 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.rubocop.yml
View file

@ -200,8 +200,6 @@ Rails/TimeZone:
Enabled: false
Lint/RescueException:
Enabled: false
Style/PredicateName:
Enabled: false
Style/ClassVars:
Enabled: false
Lint/UselessAssignment:

13
app/controllers/application_controller.rb
View file

@ -7,7 +7,7 @@ class ApplicationController < ActionController::Base
:authentication_check,
:authentication_check_action_token,
:config_frontend,
:is_role,
:role?,
:model_create_render,
:model_update_render,
:model_restory_render,
@ -215,10 +215,9 @@ class ApplicationController < ActionController::Base
true
end
def is_role( role_name )
def role?( role_name )
return false if !current_user
return true if current_user.is_role( role_name )
false
current_user.role?( role_name )
end
def ticket_permission(ticket)
@ -227,12 +226,8 @@ class ApplicationController < ActionController::Base
false
end
def is_not_role( role_name )
deny_if_not_role( role_name )
end
def deny_if_not_role( role_name )
return false if is_role( role_name )
return false if role?( role_name )
response_access_deny
true
end

6
app/controllers/organizations_controller.rb
View file

@ -50,7 +50,7 @@ curl http://localhost/api/v1/organizations.json -v -u #{login}:#{password}
# only allow customer to fetch his own organization
organizations = []
if is_role(Z_ROLENAME_CUSTOMER) && !is_role(Z_ROLENAME_ADMIN) && !is_role(Z_ROLENAME_AGENT)
if role?(Z_ROLENAME_CUSTOMER) && !role?(Z_ROLENAME_ADMIN) && !role?(Z_ROLENAME_AGENT)
if current_user.organization_id
organizations = Organization.where( id: current_user.organization_id )
end
@ -80,7 +80,7 @@ curl http://localhost/api/v1/organizations/#{id}.json -v -u #{login}:#{password}
def show
# only allow customer to fetch his own organization
if is_role(Z_ROLENAME_CUSTOMER) && !is_role(Z_ROLENAME_ADMIN) && !is_role(Z_ROLENAME_AGENT)
if role?(Z_ROLENAME_CUSTOMER) && !role?(Z_ROLENAME_ADMIN) && !role?(Z_ROLENAME_AGENT)
if !current_user.organization_id
render json: {}
return
@ -178,7 +178,7 @@ Test:
def history
# permissin check
if !is_role(Z_ROLENAME_ADMIN) && !is_role(Z_ROLENAME_AGENT)
if !role?(Z_ROLENAME_ADMIN) && !role?(Z_ROLENAME_AGENT)
response_access_deny
return
end

2
app/controllers/search_controller.rb
View file

@ -7,7 +7,7 @@ class SearchController < ApplicationController
def search_user_org
# enable search only for agents and admins
if !current_user.is_role(Z_ROLENAME_AGENT) && !current_user.is_role(Z_ROLENAME_ADMIN)
if !current_user.role?(Z_ROLENAME_AGENT) && !current_user.role?(Z_ROLENAME_ADMIN)
response_access_deny
return true
end

2
app/controllers/sessions/collection_base.rb
View file

@ -26,7 +26,7 @@ module ExtraCollection
Group.all.each {|item|
assets = item.assets(assets)
}
if !user.is_role(Z_ROLENAME_CUSTOMER)
if !user.role?(Z_ROLENAME_CUSTOMER)
collections[ Organization.to_app_model ] = []
Organization.all.each {|item|
assets = item.assets(assets)

2
app/controllers/sessions/collection_ticket.rb
View file

@ -24,7 +24,7 @@ module ExtraCollection
Ticket::Article::Sender.all.each {|item|
assets = item.assets(assets)
}
if !user.is_role(Z_ROLENAME_CUSTOMER)
if !user.role?(Z_ROLENAME_CUSTOMER)
# all signatures
collections[ Signature.to_app_model ] = []

2
app/controllers/tickets_controller.rb
View file

@ -239,7 +239,7 @@ class TicketsController < ApplicationController
articles.each {|article|
# ignore internal article if customer is requesting
next if article.internal == true && is_role(Z_ROLENAME_CUSTOMER)
next if article.internal == true && role?(Z_ROLENAME_CUSTOMER)
# load article ids
article_ids.push article.id

22
app/controllers/users_controller.rb
View file

@ -15,7 +15,7 @@ class UsersController < ApplicationController
def index
# only allow customer to fetch him self
if is_role(Z_ROLENAME_CUSTOMER) && !is_role(Z_ROLENAME_ADMIN) && !is_role('Agent')
if role?(Z_ROLENAME_CUSTOMER) && !role?(Z_ROLENAME_ADMIN) && !role?('Agent')
users = User.where( id: current_user.id )
else
users = User.all
@ -203,17 +203,17 @@ class UsersController < ApplicationController
user.update_attributes( User.param_cleanup(params) )
# only allow Admin's and Agent's
if is_role(Z_ROLENAME_ADMIN) && is_role('Agent') && params[:role_ids]
if role?(Z_ROLENAME_ADMIN) && role?('Agent') && params[:role_ids]
user.role_ids = params[:role_ids]
end
# only allow Admin's
if is_role(Z_ROLENAME_ADMIN) && params[:group_ids]
if role?(Z_ROLENAME_ADMIN) && params[:group_ids]
user.group_ids = params[:group_ids]
end
# only allow Admin's and Agent's
if is_role(Z_ROLENAME_ADMIN) && is_role('Agent') && params[:organization_ids]
if role?(Z_ROLENAME_ADMIN) && role?('Agent') && params[:organization_ids]
user.organization_ids = params[:organization_ids]
end
@ -260,7 +260,7 @@ class UsersController < ApplicationController
# @response_message 401 Invalid session.
def search
if is_role(Z_ROLENAME_CUSTOMER) && !is_role(Z_ROLENAME_ADMIN) && !is_role('Agent')
if role?(Z_ROLENAME_CUSTOMER) && !role?(Z_ROLENAME_ADMIN) && !role?('Agent')
response_access_deny
return
end
@ -324,7 +324,7 @@ class UsersController < ApplicationController
def history
# permissin check
if !is_role(Z_ROLENAME_ADMIN) && !is_role('Agent')
if !role?(Z_ROLENAME_ADMIN) && !role?('Agent')
response_access_deny
return
end
@ -715,19 +715,19 @@ curl http://localhost/api/v1/users/avatar -v -u #{login}:#{password} -H "Content
end
def permission_check_by_role
return true if is_role(Z_ROLENAME_ADMIN)
return true if is_role('Agent')
return true if role?(Z_ROLENAME_ADMIN)
return true if role?('Agent')
response_access_deny
false
end
def permission_check
return true if is_role(Z_ROLENAME_ADMIN)
return true if is_role('Agent')
return true if role?(Z_ROLENAME_ADMIN)
return true if role?('Agent')
# allow to update customer by him self
return true if is_role(Z_ROLENAME_CUSTOMER) && params[:id].to_i == current_user.id
return true if role?(Z_ROLENAME_CUSTOMER) && params[:id].to_i == current_user.id
response_access_deny
false

2
app/models/object_manager.rb
View file

@ -191,7 +191,7 @@ returns:
roles_options.each {|role, options|
if role == '-all-'
data[:screen][screen] = options
elsif user && user.is_role(role)
elsif user && user.role?(role)
data[:screen][screen] = options
end
}

6
app/models/organization/permission.rb
View file

@ -19,7 +19,7 @@ returns
def permission (data)
# check customer
if data[:current_user].is_role('Customer')
if data[:current_user].role?('Customer')
# access ok if its own organization
return false if data[:type] != 'ro'
@ -31,8 +31,8 @@ returns
end
# check agent
return true if data[:current_user].is_role(Z_ROLENAME_ADMIN)
return true if data[:current_user].is_role('Agent')
return true if data[:current_user].role?(Z_ROLENAME_ADMIN)
return true if data[:current_user].role?('Agent')
false
end
end

2
app/models/organization/search.rb
View file

@ -27,7 +27,7 @@ returns
current_user = params[:current_user]
# enable search only for agents and admins
return [] if !current_user.is_role('Agent') && !current_user.is_role(Z_ROLENAME_ADMIN)
return [] if !current_user.role?('Agent') && !current_user.role?(Z_ROLENAME_ADMIN)
# try search index backend
if SearchIndexBackend.enabled?

2
app/models/ticket.rb
View file

@ -93,7 +93,7 @@ returns
def self.access_condition(user)
access_condition = []
if user.is_role(Z_ROLENAME_AGENT)
if user.role?(Z_ROLENAME_AGENT)
group_ids = Group.select( 'groups.id' ).joins(:users)
.where( 'groups_users.user_id = ?', user.id )
.where( 'groups.active = ?', true )

10
app/models/ticket/overviews.rb
View file

@ -19,8 +19,8 @@ returns
def self.all (data)
# get customer overviews
if data[:current_user].is_role('Customer')
role = data[:current_user].is_role( 'Customer' )
if data[:current_user].role?('Customer')
role = Role.find_by( name: 'Customer' )
if data[:current_user].organization_id && data[:current_user].organization.shared
overviews = Overview.where( role_id: role.id, active: true )
else
@ -30,8 +30,8 @@ returns
end
# get agent overviews
role = data[:current_user].is_role( 'Agent' )
return if !role
return if !data[:current_user].role?( 'Agent' )
role = Role.find_by( name: 'Agent' )
Overview.where( role_id: role.id, active: true )
end
@ -112,7 +112,7 @@ returns
# @tickets = Ticket.where(:group_id => groups, attributes[:myopenassigned] ).limit(params[:limit])
# get only tickets with permissions
if data[:current_user].is_role('Customer')
if data[:current_user].role?('Customer')
group_ids = Group.select( 'groups.id' )
.where( 'groups.active = ?', true )
.map( &:id )

2
app/models/ticket/permission.rb
View file

@ -18,7 +18,7 @@ returns
def permission (data)
# check customer
if data[:current_user].is_role('Customer')
if data[:current_user].role?('Customer')
# access ok if its own ticket
return true if customer_id == data[:current_user].id

2
app/models/ticket/search.rb
View file

@ -62,7 +62,7 @@ returns
query_extention['bool'] = {}
query_extention['bool']['must'] = []
if current_user.is_role('Agent')
if current_user.role?('Agent')
groups = Group.joins(:users)
.where( 'groups_users.user_id = ?', current_user.id )
.where( 'groups.active = ?', true )

12
app/models/user.rb
View file

@ -107,7 +107,7 @@ returns
check if user is in role
user = User.find(123)
result = user.is_role('Customer')
result = user.role?('Customer')
returns
@ -115,11 +115,15 @@ returns
=end
def is_role( role_name )
def role?( role_name )
result = false
roles.each { |role|
return role if role.name == role_name
next if role.name != role_name
result = true
break
}
false
result
end
=begin

6
app/models/user/permission.rb
View file

@ -19,7 +19,7 @@ returns
def permission (data)
# check customer
if data[:current_user].is_role(Z_ROLENAME_CUSTOMER)
if data[:current_user].role?(Z_ROLENAME_CUSTOMER)
# access ok if its own user
return true if id == data[:current_user].id
@ -29,8 +29,8 @@ returns
end
# check agent
return true if data[:current_user].is_role(Z_ROLENAME_ADMIN)
return true if data[:current_user].is_role('Agent')
return true if data[:current_user].role?(Z_ROLENAME_ADMIN)
return true if data[:current_user].role?('Agent')
false
end
end

2
app/models/user/search.rb
View file

@ -27,7 +27,7 @@ returns
current_user = params[:current_user]
# enable search only for agents and admins
return [] if !current_user.is_role('Agent') && !current_user.is_role(Z_ROLENAME_ADMIN)
return [] if !current_user.role?('Agent') && !current_user.role?(Z_ROLENAME_ADMIN)
# try search index backend
if SearchIndexBackend.enabled?

30
lib/sessions/backend/collections/base.rb
View file

@ -1,5 +1,5 @@
class Sessions::Backend::Collections::Base
class << self; attr_accessor :model, :is_role, :is_not_role end
class << self; attr_accessor :model, :roles, :not_roles end
def initialize( user, client = nil, client_id = nil, ttl )
@user = user
@ -22,19 +22,19 @@ class Sessions::Backend::Collections::Base
def push
# check role based access
if self.class.is_role
if self.class.roles
access = false
self.class.is_role.each {|role|
next if !@user.is_role(role)
self.class.roles.each {|role|
next if !@user.role?(role)
access = true
break
}
return if !access
end
if self.class.is_not_role
if self.class.not_roles
access = false
self.class.is_not_role.each {|role|
next if @user.is_role(role)
self.class.not_roles.each {|role|
next if @user.role?(role)
access = true
break
}
@ -96,18 +96,18 @@ class Sessions::Backend::Collections::Base
@model = model
end
def self.is_role_set(role)
if !@is_role
@is_role = []
def self.roles_add(role)
if !@roles
@roles = []
end
@is_role.push role
@roles.push role
end
def self.is_not_role_set(role)
if !@is_not_role
@is_not_role = []
def self.not_roles_add(role)
if !@not_roles
@not_roles = []
end
@is_not_role.push role
@not_roles.push role
end
end

2
lib/sessions/backend/collections/email_address.rb
View file

@ -1,4 +1,4 @@
class Sessions::Backend::Collections::EmailAddress < Sessions::Backend::Collections::Base
model_set 'EmailAddress'
is_not_role_set 'Customer'
not_roles_add 'Customer'
end

2
lib/sessions/backend/collections/organization.rb
View file

@ -5,7 +5,7 @@ class Sessions::Backend::Collections::Organization < Sessions::Backend::Collecti
# get whole collection
all = []
if !@user.is_role('Customer')
if !@user.role?('Customer')
all = Organization.all
else
if @user.organization_id

2
lib/sessions/backend/collections/signature.rb
View file

@ -1,4 +1,4 @@
class Sessions::Backend::Collections::Signature < Sessions::Backend::Collections::Base
model_set 'Signature'
is_not_role_set 'Customer'
not_roles_add 'Customer'
end