Ensure that a user has always (at least) signup rules and not none roles.
This commit is contained in:
parent
eedfacbfa2
commit
9f6a4a99f5
3 changed files with 89 additions and 12 deletions
|
@ -252,17 +252,17 @@ class UsersController < ApplicationController
|
||||||
|
|
||||||
# only allow Admin's
|
# only allow Admin's
|
||||||
if current_user.permissions?('admin.user') && (params[:role_ids] || params[:roles])
|
if current_user.permissions?('admin.user') && (params[:role_ids] || params[:roles])
|
||||||
user.associations_from_param({ role_ids: params[:role_ids], roles: params[:roles] })
|
user.associations_from_param(role_ids: params[:role_ids], roles: params[:roles])
|
||||||
end
|
end
|
||||||
|
|
||||||
# only allow Admin's
|
# only allow Admin's
|
||||||
if current_user.permissions?('admin.user') && (params[:group_ids] || params[:groups])
|
if current_user.permissions?('admin.user') && (params[:group_ids] || params[:groups])
|
||||||
user.associations_from_param({ group_ids: params[:group_ids], groups: params[:groups] })
|
user.associations_from_param(group_ids: params[:group_ids], groups: params[:groups])
|
||||||
end
|
end
|
||||||
|
|
||||||
# only allow Admin's and Agent's
|
# only allow Admin's and Agent's
|
||||||
if current_user.permissions?(['admin.user', 'ticket.agent']) && (params[:organization_ids] || params[:organizations])
|
if current_user.permissions?(['admin.user', 'ticket.agent']) && (params[:organization_ids] || params[:organizations])
|
||||||
user.associations_from_param({ organization_ids: params[:organization_ids], organizations: params[:organizations] })
|
user.associations_from_param(organization_ids: params[:organization_ids], organizations: params[:organizations])
|
||||||
end
|
end
|
||||||
|
|
||||||
if params[:expand]
|
if params[:expand]
|
||||||
|
|
|
@ -38,7 +38,7 @@ class User < ApplicationModel
|
||||||
load 'user/search_index.rb'
|
load 'user/search_index.rb'
|
||||||
include User::SearchIndex
|
include User::SearchIndex
|
||||||
|
|
||||||
before_validation :check_name, :check_email, :check_login, :ensure_password
|
before_validation :check_name, :check_email, :check_login, :ensure_password, :ensure_roles
|
||||||
before_create :check_preferences_default, :validate_roles, :domain_based_assignment, :set_locale
|
before_create :check_preferences_default, :validate_roles, :domain_based_assignment, :set_locale
|
||||||
before_update :check_preferences_default, :validate_roles, :reset_login_failed
|
before_update :check_preferences_default, :validate_roles, :reset_login_failed
|
||||||
after_create :avatar_for_email_check
|
after_create :avatar_for_email_check
|
||||||
|
@ -886,6 +886,11 @@ returns
|
||||||
true
|
true
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def ensure_roles
|
||||||
|
return true if role_ids.present?
|
||||||
|
self.role_ids = Role.signup_role_ids
|
||||||
|
end
|
||||||
|
|
||||||
def validate_roles
|
def validate_roles
|
||||||
return true if !role_ids
|
return true if !role_ids
|
||||||
role_ids.each { |role_id|
|
role_ids.each { |role_id|
|
||||||
|
|
|
@ -245,9 +245,9 @@ class UserTest < ActiveSupport::TestCase
|
||||||
tests.each { |test|
|
tests.each { |test|
|
||||||
|
|
||||||
# check if user exists
|
# check if user exists
|
||||||
user = User.where( login: test[:create][:login] ).first
|
user = User.where(login: test[:create][:login]).first
|
||||||
if user
|
if user
|
||||||
user.destroy
|
user.destroy!
|
||||||
end
|
end
|
||||||
|
|
||||||
user = User.create( test[:create] )
|
user = User.create( test[:create] )
|
||||||
|
@ -266,8 +266,8 @@ class UserTest < ActiveSupport::TestCase
|
||||||
end
|
end
|
||||||
}
|
}
|
||||||
if test[:create_verify][:image_md5]
|
if test[:create_verify][:image_md5]
|
||||||
file = Avatar.get_by_hash( user.image )
|
file = Avatar.get_by_hash(user.image)
|
||||||
file_md5 = Digest::MD5.hexdigest( file.content )
|
file_md5 = Digest::MD5.hexdigest(file.content)
|
||||||
assert_equal(test[:create_verify][:image_md5], file_md5, "create avatar md5 check in (#{test[:name]})")
|
assert_equal(test[:create_verify][:image_md5], file_md5, "create avatar md5 check in (#{test[:name]})")
|
||||||
end
|
end
|
||||||
if test[:update]
|
if test[:update]
|
||||||
|
@ -275,7 +275,7 @@ class UserTest < ActiveSupport::TestCase
|
||||||
|
|
||||||
test[:update_verify].each { |key, value|
|
test[:update_verify].each { |key, value|
|
||||||
next if key == :image_md5
|
next if key == :image_md5
|
||||||
if user.respond_to?( key )
|
if user.respond_to?(key)
|
||||||
assert_equal(value, user.send(key), "update check #{key} in (#{test[:name]})")
|
assert_equal(value, user.send(key), "update check #{key} in (#{test[:name]})")
|
||||||
else
|
else
|
||||||
assert_equal(value, user[key], "update check #{key} in (#{test[:name]})")
|
assert_equal(value, user[key], "update check #{key} in (#{test[:name]})")
|
||||||
|
@ -289,10 +289,83 @@ class UserTest < ActiveSupport::TestCase
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
user.destroy
|
user.destroy!
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
|
||||||
|
test 'ensure roles' do
|
||||||
|
name = rand(999_999_999)
|
||||||
|
|
||||||
|
admin = User.create_or_update(
|
||||||
|
login: "admin-role#{name}@example.com",
|
||||||
|
firstname: 'Role',
|
||||||
|
lastname: "Admin#{name}",
|
||||||
|
email: "admin-role#{name}@example.com",
|
||||||
|
password: 'adminpw',
|
||||||
|
active: true,
|
||||||
|
roles: Role.where(name: %w(Admin Agent)),
|
||||||
|
updated_by_id: 1,
|
||||||
|
created_by_id: 1,
|
||||||
|
)
|
||||||
|
|
||||||
|
customer1 = User.create_or_update(
|
||||||
|
login: "user-ensure-role1-#{name}@example.com",
|
||||||
|
firstname: 'Role',
|
||||||
|
lastname: "Customer#{name}",
|
||||||
|
email: "user-ensure-role1-#{name}@example.com",
|
||||||
|
password: 'customerpw',
|
||||||
|
active: true,
|
||||||
|
updated_by_id: 1,
|
||||||
|
created_by_id: 1,
|
||||||
|
)
|
||||||
|
assert_equal(customer1.role_ids.sort, Role.signup_role_ids)
|
||||||
|
|
||||||
|
roles = Role.where(name: 'Agent')
|
||||||
|
customer1.roles = roles
|
||||||
|
customer1.save!
|
||||||
|
|
||||||
|
assert_equal(customer1.role_ids.count, 1)
|
||||||
|
assert_equal(customer1.role_ids.first, roles.first.id)
|
||||||
|
assert_equal(customer1.roles.first.id, roles.first.id)
|
||||||
|
|
||||||
|
customer1.roles = []
|
||||||
|
customer1.save!
|
||||||
|
|
||||||
|
assert_equal(customer1.role_ids.sort, Role.signup_role_ids)
|
||||||
|
customer1.destroy!
|
||||||
|
|
||||||
|
customer2 = User.create_or_update(
|
||||||
|
login: "user-ensure-role2-#{name}@example.com",
|
||||||
|
firstname: 'Role',
|
||||||
|
lastname: "Customer#{name}",
|
||||||
|
email: "user-ensure-role2-#{name}@example.com",
|
||||||
|
password: 'customerpw',
|
||||||
|
roles: roles,
|
||||||
|
active: true,
|
||||||
|
updated_by_id: 1,
|
||||||
|
created_by_id: 1,
|
||||||
|
)
|
||||||
|
assert_equal(customer2.role_ids.count, 1)
|
||||||
|
assert_equal(customer2.role_ids.first, roles.first.id)
|
||||||
|
assert_equal(customer2.roles.first.id, roles.first.id)
|
||||||
|
|
||||||
|
roles = Role.where(name: 'Admin')
|
||||||
|
customer2.role_ids = [roles.first.id]
|
||||||
|
customer2.save!
|
||||||
|
|
||||||
|
assert_equal(customer2.role_ids.count, 1)
|
||||||
|
assert_equal(customer2.role_ids.first, roles.first.id)
|
||||||
|
assert_equal(customer2.roles.first.id, roles.first.id)
|
||||||
|
|
||||||
|
customer2.roles = []
|
||||||
|
customer2.save!
|
||||||
|
|
||||||
|
assert_equal(customer2.role_ids.sort, Role.signup_role_ids)
|
||||||
|
customer2.destroy!
|
||||||
|
|
||||||
|
admin.destroy!
|
||||||
|
end
|
||||||
|
|
||||||
test 'user default preferences' do
|
test 'user default preferences' do
|
||||||
name = rand(999_999_999)
|
name = rand(999_999_999)
|
||||||
groups = Group.where(name: 'Users')
|
groups = Group.where(name: 'Users')
|
||||||
|
@ -352,7 +425,6 @@ class UserTest < ActiveSupport::TestCase
|
||||||
assert(customer1.preferences['notification_config'])
|
assert(customer1.preferences['notification_config'])
|
||||||
assert(customer1.preferences['notification_config']['matrix']['create'])
|
assert(customer1.preferences['notification_config']['matrix']['create'])
|
||||||
assert(customer1.preferences['notification_config']['matrix']['update'])
|
assert(customer1.preferences['notification_config']['matrix']['update'])
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
test 'permission' do
|
test 'permission' do
|
||||||
|
@ -557,7 +629,7 @@ class UserTest < ActiveSupport::TestCase
|
||||||
# So we need to merge them with the User Nr 1 and destroy them afterwards
|
# So we need to merge them with the User Nr 1 and destroy them afterwards
|
||||||
User.with_permissions('admin').each do |user|
|
User.with_permissions('admin').each do |user|
|
||||||
Models.merge('User', 1, user.id)
|
Models.merge('User', 1, user.id)
|
||||||
user.destroy
|
user.destroy!
|
||||||
end
|
end
|
||||||
|
|
||||||
# store current admin count
|
# store current admin count
|
||||||
|
|
Loading…
Reference in a new issue