diff --git a/.rubocop.yml b/.rubocop.yml index f220c0422..ec87de0af 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -200,8 +200,6 @@ Rails/TimeZone: Enabled: false Lint/RescueException: Enabled: false -Style/PredicateName: - Enabled: false Style/ClassVars: Enabled: false Lint/UselessAssignment: diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 08676a53e..949fe1bd4 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -7,7 +7,7 @@ class ApplicationController < ActionController::Base :authentication_check, :authentication_check_action_token, :config_frontend, - :is_role, + :role?, :model_create_render, :model_update_render, :model_restory_render, @@ -215,10 +215,9 @@ class ApplicationController < ActionController::Base true end - def is_role( role_name ) + def role?( role_name ) return false if !current_user - return true if current_user.is_role( role_name ) - false + current_user.role?( role_name ) end def ticket_permission(ticket) @@ -227,12 +226,8 @@ class ApplicationController < ActionController::Base false end - def is_not_role( role_name ) - deny_if_not_role( role_name ) - end - def deny_if_not_role( role_name ) - return false if is_role( role_name ) + return false if role?( role_name ) response_access_deny true end diff --git a/app/controllers/organizations_controller.rb b/app/controllers/organizations_controller.rb index b51389feb..653812c4c 100644 --- a/app/controllers/organizations_controller.rb +++ b/app/controllers/organizations_controller.rb @@ -50,7 +50,7 @@ curl http://localhost/api/v1/organizations.json -v -u #{login}:#{password} # only allow customer to fetch his own organization organizations = [] - if is_role(Z_ROLENAME_CUSTOMER) && !is_role(Z_ROLENAME_ADMIN) && !is_role(Z_ROLENAME_AGENT) + if role?(Z_ROLENAME_CUSTOMER) && !role?(Z_ROLENAME_ADMIN) && !role?(Z_ROLENAME_AGENT) if current_user.organization_id organizations = Organization.where( id: current_user.organization_id ) end @@ -80,7 +80,7 @@ curl http://localhost/api/v1/organizations/#{id}.json -v -u #{login}:#{password} def show # only allow customer to fetch his own organization - if is_role(Z_ROLENAME_CUSTOMER) && !is_role(Z_ROLENAME_ADMIN) && !is_role(Z_ROLENAME_AGENT) + if role?(Z_ROLENAME_CUSTOMER) && !role?(Z_ROLENAME_ADMIN) && !role?(Z_ROLENAME_AGENT) if !current_user.organization_id render json: {} return @@ -178,7 +178,7 @@ Test: def history # permissin check - if !is_role(Z_ROLENAME_ADMIN) && !is_role(Z_ROLENAME_AGENT) + if !role?(Z_ROLENAME_ADMIN) && !role?(Z_ROLENAME_AGENT) response_access_deny return end diff --git a/app/controllers/search_controller.rb b/app/controllers/search_controller.rb index fe134da09..0bdd2e340 100644 --- a/app/controllers/search_controller.rb +++ b/app/controllers/search_controller.rb @@ -7,7 +7,7 @@ class SearchController < ApplicationController def search_user_org # enable search only for agents and admins - if !current_user.is_role(Z_ROLENAME_AGENT) && !current_user.is_role(Z_ROLENAME_ADMIN) + if !current_user.role?(Z_ROLENAME_AGENT) && !current_user.role?(Z_ROLENAME_ADMIN) response_access_deny return true end diff --git a/app/controllers/sessions/collection_base.rb b/app/controllers/sessions/collection_base.rb index f21a37c6e..f4772bcf7 100644 --- a/app/controllers/sessions/collection_base.rb +++ b/app/controllers/sessions/collection_base.rb @@ -26,7 +26,7 @@ module ExtraCollection Group.all.each {|item| assets = item.assets(assets) } - if !user.is_role(Z_ROLENAME_CUSTOMER) + if !user.role?(Z_ROLENAME_CUSTOMER) collections[ Organization.to_app_model ] = [] Organization.all.each {|item| assets = item.assets(assets) diff --git a/app/controllers/sessions/collection_ticket.rb b/app/controllers/sessions/collection_ticket.rb index 8135895fe..63a5ea455 100644 --- a/app/controllers/sessions/collection_ticket.rb +++ b/app/controllers/sessions/collection_ticket.rb @@ -24,7 +24,7 @@ module ExtraCollection Ticket::Article::Sender.all.each {|item| assets = item.assets(assets) } - if !user.is_role(Z_ROLENAME_CUSTOMER) + if !user.role?(Z_ROLENAME_CUSTOMER) # all signatures collections[ Signature.to_app_model ] = [] diff --git a/app/controllers/tickets_controller.rb b/app/controllers/tickets_controller.rb index 5d99d19a0..922ea3277 100644 --- a/app/controllers/tickets_controller.rb +++ b/app/controllers/tickets_controller.rb @@ -239,7 +239,7 @@ class TicketsController < ApplicationController articles.each {|article| # ignore internal article if customer is requesting - next if article.internal == true && is_role(Z_ROLENAME_CUSTOMER) + next if article.internal == true && role?(Z_ROLENAME_CUSTOMER) # load article ids article_ids.push article.id diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index eaf6e269a..ba7601971 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -15,7 +15,7 @@ class UsersController < ApplicationController def index # only allow customer to fetch him self - if is_role(Z_ROLENAME_CUSTOMER) && !is_role(Z_ROLENAME_ADMIN) && !is_role('Agent') + if role?(Z_ROLENAME_CUSTOMER) && !role?(Z_ROLENAME_ADMIN) && !role?('Agent') users = User.where( id: current_user.id ) else users = User.all @@ -203,17 +203,17 @@ class UsersController < ApplicationController user.update_attributes( User.param_cleanup(params) ) # only allow Admin's and Agent's - if is_role(Z_ROLENAME_ADMIN) && is_role('Agent') && params[:role_ids] + if role?(Z_ROLENAME_ADMIN) && role?('Agent') && params[:role_ids] user.role_ids = params[:role_ids] end # only allow Admin's - if is_role(Z_ROLENAME_ADMIN) && params[:group_ids] + if role?(Z_ROLENAME_ADMIN) && params[:group_ids] user.group_ids = params[:group_ids] end # only allow Admin's and Agent's - if is_role(Z_ROLENAME_ADMIN) && is_role('Agent') && params[:organization_ids] + if role?(Z_ROLENAME_ADMIN) && role?('Agent') && params[:organization_ids] user.organization_ids = params[:organization_ids] end @@ -260,7 +260,7 @@ class UsersController < ApplicationController # @response_message 401 Invalid session. def search - if is_role(Z_ROLENAME_CUSTOMER) && !is_role(Z_ROLENAME_ADMIN) && !is_role('Agent') + if role?(Z_ROLENAME_CUSTOMER) && !role?(Z_ROLENAME_ADMIN) && !role?('Agent') response_access_deny return end @@ -324,7 +324,7 @@ class UsersController < ApplicationController def history # permissin check - if !is_role(Z_ROLENAME_ADMIN) && !is_role('Agent') + if !role?(Z_ROLENAME_ADMIN) && !role?('Agent') response_access_deny return end @@ -715,19 +715,19 @@ curl http://localhost/api/v1/users/avatar -v -u #{login}:#{password} -H "Content end def permission_check_by_role - return true if is_role(Z_ROLENAME_ADMIN) - return true if is_role('Agent') + return true if role?(Z_ROLENAME_ADMIN) + return true if role?('Agent') response_access_deny false end def permission_check - return true if is_role(Z_ROLENAME_ADMIN) - return true if is_role('Agent') + return true if role?(Z_ROLENAME_ADMIN) + return true if role?('Agent') # allow to update customer by him self - return true if is_role(Z_ROLENAME_CUSTOMER) && params[:id].to_i == current_user.id + return true if role?(Z_ROLENAME_CUSTOMER) && params[:id].to_i == current_user.id response_access_deny false diff --git a/app/models/object_manager.rb b/app/models/object_manager.rb index 5dcbf21dc..44ca47f94 100644 --- a/app/models/object_manager.rb +++ b/app/models/object_manager.rb @@ -191,7 +191,7 @@ returns: roles_options.each {|role, options| if role == '-all-' data[:screen][screen] = options - elsif user && user.is_role(role) + elsif user && user.role?(role) data[:screen][screen] = options end } diff --git a/app/models/organization/permission.rb b/app/models/organization/permission.rb index d16f30f62..91d34ccf6 100644 --- a/app/models/organization/permission.rb +++ b/app/models/organization/permission.rb @@ -19,7 +19,7 @@ returns def permission (data) # check customer - if data[:current_user].is_role('Customer') + if data[:current_user].role?('Customer') # access ok if its own organization return false if data[:type] != 'ro' @@ -31,8 +31,8 @@ returns end # check agent - return true if data[:current_user].is_role(Z_ROLENAME_ADMIN) - return true if data[:current_user].is_role('Agent') + return true if data[:current_user].role?(Z_ROLENAME_ADMIN) + return true if data[:current_user].role?('Agent') false end end diff --git a/app/models/organization/search.rb b/app/models/organization/search.rb index c8537e8fb..a9ab57261 100644 --- a/app/models/organization/search.rb +++ b/app/models/organization/search.rb @@ -27,7 +27,7 @@ returns current_user = params[:current_user] # enable search only for agents and admins - return [] if !current_user.is_role('Agent') && !current_user.is_role(Z_ROLENAME_ADMIN) + return [] if !current_user.role?('Agent') && !current_user.role?(Z_ROLENAME_ADMIN) # try search index backend if SearchIndexBackend.enabled? diff --git a/app/models/ticket.rb b/app/models/ticket.rb index 7096aa143..471b234ec 100644 --- a/app/models/ticket.rb +++ b/app/models/ticket.rb @@ -93,7 +93,7 @@ returns def self.access_condition(user) access_condition = [] - if user.is_role(Z_ROLENAME_AGENT) + if user.role?(Z_ROLENAME_AGENT) group_ids = Group.select( 'groups.id' ).joins(:users) .where( 'groups_users.user_id = ?', user.id ) .where( 'groups.active = ?', true ) diff --git a/app/models/ticket/overviews.rb b/app/models/ticket/overviews.rb index 0e81ef5ba..a4bfae42f 100644 --- a/app/models/ticket/overviews.rb +++ b/app/models/ticket/overviews.rb @@ -19,8 +19,8 @@ returns def self.all (data) # get customer overviews - if data[:current_user].is_role('Customer') - role = data[:current_user].is_role( 'Customer' ) + if data[:current_user].role?('Customer') + role = Role.find_by( name: 'Customer' ) if data[:current_user].organization_id && data[:current_user].organization.shared overviews = Overview.where( role_id: role.id, active: true ) else @@ -30,8 +30,8 @@ returns end # get agent overviews - role = data[:current_user].is_role( 'Agent' ) - return if !role + return if !data[:current_user].role?( 'Agent' ) + role = Role.find_by( name: 'Agent' ) Overview.where( role_id: role.id, active: true ) end @@ -112,7 +112,7 @@ returns # @tickets = Ticket.where(:group_id => groups, attributes[:myopenassigned] ).limit(params[:limit]) # get only tickets with permissions - if data[:current_user].is_role('Customer') + if data[:current_user].role?('Customer') group_ids = Group.select( 'groups.id' ) .where( 'groups.active = ?', true ) .map( &:id ) diff --git a/app/models/ticket/permission.rb b/app/models/ticket/permission.rb index 1948c81da..1e27ea837 100644 --- a/app/models/ticket/permission.rb +++ b/app/models/ticket/permission.rb @@ -18,7 +18,7 @@ returns def permission (data) # check customer - if data[:current_user].is_role('Customer') + if data[:current_user].role?('Customer') # access ok if its own ticket return true if customer_id == data[:current_user].id diff --git a/app/models/ticket/search.rb b/app/models/ticket/search.rb index bbce0eb0e..766baafa3 100644 --- a/app/models/ticket/search.rb +++ b/app/models/ticket/search.rb @@ -62,7 +62,7 @@ returns query_extention['bool'] = {} query_extention['bool']['must'] = [] - if current_user.is_role('Agent') + if current_user.role?('Agent') groups = Group.joins(:users) .where( 'groups_users.user_id = ?', current_user.id ) .where( 'groups.active = ?', true ) diff --git a/app/models/user.rb b/app/models/user.rb index 9f0e91b58..5a5e9ef86 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -107,7 +107,7 @@ returns check if user is in role user = User.find(123) - result = user.is_role('Customer') + result = user.role?('Customer') returns @@ -115,11 +115,15 @@ returns =end - def is_role( role_name ) + def role?( role_name ) + + result = false roles.each { |role| - return role if role.name == role_name + next if role.name != role_name + result = true + break } - false + result end =begin diff --git a/app/models/user/permission.rb b/app/models/user/permission.rb index ac8151900..55e1226b2 100644 --- a/app/models/user/permission.rb +++ b/app/models/user/permission.rb @@ -19,7 +19,7 @@ returns def permission (data) # check customer - if data[:current_user].is_role(Z_ROLENAME_CUSTOMER) + if data[:current_user].role?(Z_ROLENAME_CUSTOMER) # access ok if its own user return true if id == data[:current_user].id @@ -29,8 +29,8 @@ returns end # check agent - return true if data[:current_user].is_role(Z_ROLENAME_ADMIN) - return true if data[:current_user].is_role('Agent') + return true if data[:current_user].role?(Z_ROLENAME_ADMIN) + return true if data[:current_user].role?('Agent') false end end diff --git a/app/models/user/search.rb b/app/models/user/search.rb index 3e6c8efee..1c470b4b5 100644 --- a/app/models/user/search.rb +++ b/app/models/user/search.rb @@ -27,7 +27,7 @@ returns current_user = params[:current_user] # enable search only for agents and admins - return [] if !current_user.is_role('Agent') && !current_user.is_role(Z_ROLENAME_ADMIN) + return [] if !current_user.role?('Agent') && !current_user.role?(Z_ROLENAME_ADMIN) # try search index backend if SearchIndexBackend.enabled? diff --git a/lib/sessions/backend/collections/base.rb b/lib/sessions/backend/collections/base.rb index 89202efd8..3dee887e2 100644 --- a/lib/sessions/backend/collections/base.rb +++ b/lib/sessions/backend/collections/base.rb @@ -1,5 +1,5 @@ class Sessions::Backend::Collections::Base - class << self; attr_accessor :model, :is_role, :is_not_role end + class << self; attr_accessor :model, :roles, :not_roles end def initialize( user, client = nil, client_id = nil, ttl ) @user = user @@ -22,19 +22,19 @@ class Sessions::Backend::Collections::Base def push # check role based access - if self.class.is_role + if self.class.roles access = false - self.class.is_role.each {|role| - next if !@user.is_role(role) + self.class.roles.each {|role| + next if !@user.role?(role) access = true break } return if !access end - if self.class.is_not_role + if self.class.not_roles access = false - self.class.is_not_role.each {|role| - next if @user.is_role(role) + self.class.not_roles.each {|role| + next if @user.role?(role) access = true break } @@ -96,18 +96,18 @@ class Sessions::Backend::Collections::Base @model = model end - def self.is_role_set(role) - if !@is_role - @is_role = [] + def self.roles_add(role) + if !@roles + @roles = [] end - @is_role.push role + @roles.push role end - def self.is_not_role_set(role) - if !@is_not_role - @is_not_role = [] + def self.not_roles_add(role) + if !@not_roles + @not_roles = [] end - @is_not_role.push role + @not_roles.push role end end diff --git a/lib/sessions/backend/collections/email_address.rb b/lib/sessions/backend/collections/email_address.rb index c1b921dbc..ddb6ec00e 100644 --- a/lib/sessions/backend/collections/email_address.rb +++ b/lib/sessions/backend/collections/email_address.rb @@ -1,4 +1,4 @@ class Sessions::Backend::Collections::EmailAddress < Sessions::Backend::Collections::Base model_set 'EmailAddress' - is_not_role_set 'Customer' + not_roles_add 'Customer' end diff --git a/lib/sessions/backend/collections/organization.rb b/lib/sessions/backend/collections/organization.rb index 377f129bd..6ead8a5b3 100644 --- a/lib/sessions/backend/collections/organization.rb +++ b/lib/sessions/backend/collections/organization.rb @@ -5,7 +5,7 @@ class Sessions::Backend::Collections::Organization < Sessions::Backend::Collecti # get whole collection all = [] - if !@user.is_role('Customer') + if !@user.role?('Customer') all = Organization.all else if @user.organization_id diff --git a/lib/sessions/backend/collections/signature.rb b/lib/sessions/backend/collections/signature.rb index 6b00e1556..ef000d200 100644 --- a/lib/sessions/backend/collections/signature.rb +++ b/lib/sessions/backend/collections/signature.rb @@ -1,4 +1,4 @@ class Sessions::Backend::Collections::Signature < Sessions::Backend::Collections::Base model_set 'Signature' - is_not_role_set 'Customer' + not_roles_add 'Customer' end