more refactoring

This commit is contained in:
rkaldung 2015-02-15 11:01:12 +01:00
parent 7cb0818b99
commit db1ee4b54d
2 changed files with 6 additions and 6 deletions

View file

@ -50,7 +50,7 @@ curl http://localhost/api/v1/organizations.json -v -u #{login}:#{password}
# only allow customer to fetch his own organization # only allow customer to fetch his own organization
organizations = [] organizations = []
if is_role(Z_ROLENAME_CUSTOMER) && !is_role(Z_ROLENAME_ADMIN) && !is_role('Agent') if is_role(Z_ROLENAME_CUSTOMER) && !is_role(Z_ROLENAME_ADMIN) && !is_role(Z_ROLENAME_AGENT)
if current_user.organization_id if current_user.organization_id
organizations = Organization.where( :id => current_user.organization_id ) organizations = Organization.where( :id => current_user.organization_id )
end end
@ -80,7 +80,7 @@ curl http://localhost/api/v1/organizations/#{id}.json -v -u #{login}:#{password}
def show def show
# only allow customer to fetch his own organization # only allow customer to fetch his own organization
if is_role(Z_ROLENAME_CUSTOMER) && !is_role(Z_ROLENAME_ADMIN) && !is_role('Agent') if is_role(Z_ROLENAME_CUSTOMER) && !is_role(Z_ROLENAME_ADMIN) && !is_role(Z_ROLENAME_AGENT)
if !current_user.organization_id if !current_user.organization_id
render :json => {} render :json => {}
return return
@ -124,7 +124,7 @@ curl http://localhost/api/v1/organizations.json -v -u #{login}:#{password} -H "C
=end =end
def create def create
return if deny_if_not_role('Agent') return if deny_if_not_role(Z_ROLENAME_AGENT)
model_create_render(Organization, params) model_create_render(Organization, params)
end end
@ -155,7 +155,7 @@ curl http://localhost/api/v1/organizations.json -v -u #{login}:#{password} -H "C
=end =end
def update def update
return if deny_if_not_role('Agent') return if deny_if_not_role(Z_ROLENAME_AGENT)
model_update_render(Organization, params) model_update_render(Organization, params)
end end
@ -178,7 +178,7 @@ Test:
def history def history
# permissin check # permissin check
if !is_role(Z_ROLENAME_ADMIN) && !is_role('Agent') if !is_role(Z_ROLENAME_ADMIN) && !is_role(Z_ROLENAME_AGENT)
response_access_deny response_access_deny
return return
end end

View file

@ -7,7 +7,7 @@ class SearchController < ApplicationController
def search_user_org def search_user_org
# enable search only for agents and admins # enable search only for agents and admins
if !current_user.is_role('Agent') && !current_user.is_role(Z_ROLENAME_ADMIN) if !current_user.is_role(Z_ROLENAME_AGENT) && !current_user.is_role(Z_ROLENAME_ADMIN)
response_access_deny response_access_deny
return true return true
end end