more refactoring
This commit is contained in:
parent
7cb0818b99
commit
db1ee4b54d
2 changed files with 6 additions and 6 deletions
|
@ -50,7 +50,7 @@ curl http://localhost/api/v1/organizations.json -v -u #{login}:#{password}
|
||||||
|
|
||||||
# only allow customer to fetch his own organization
|
# only allow customer to fetch his own organization
|
||||||
organizations = []
|
organizations = []
|
||||||
if is_role(Z_ROLENAME_CUSTOMER) && !is_role(Z_ROLENAME_ADMIN) && !is_role('Agent')
|
if is_role(Z_ROLENAME_CUSTOMER) && !is_role(Z_ROLENAME_ADMIN) && !is_role(Z_ROLENAME_AGENT)
|
||||||
if current_user.organization_id
|
if current_user.organization_id
|
||||||
organizations = Organization.where( :id => current_user.organization_id )
|
organizations = Organization.where( :id => current_user.organization_id )
|
||||||
end
|
end
|
||||||
|
@ -80,7 +80,7 @@ curl http://localhost/api/v1/organizations/#{id}.json -v -u #{login}:#{password}
|
||||||
def show
|
def show
|
||||||
|
|
||||||
# only allow customer to fetch his own organization
|
# only allow customer to fetch his own organization
|
||||||
if is_role(Z_ROLENAME_CUSTOMER) && !is_role(Z_ROLENAME_ADMIN) && !is_role('Agent')
|
if is_role(Z_ROLENAME_CUSTOMER) && !is_role(Z_ROLENAME_ADMIN) && !is_role(Z_ROLENAME_AGENT)
|
||||||
if !current_user.organization_id
|
if !current_user.organization_id
|
||||||
render :json => {}
|
render :json => {}
|
||||||
return
|
return
|
||||||
|
@ -124,7 +124,7 @@ curl http://localhost/api/v1/organizations.json -v -u #{login}:#{password} -H "C
|
||||||
=end
|
=end
|
||||||
|
|
||||||
def create
|
def create
|
||||||
return if deny_if_not_role('Agent')
|
return if deny_if_not_role(Z_ROLENAME_AGENT)
|
||||||
model_create_render(Organization, params)
|
model_create_render(Organization, params)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -155,7 +155,7 @@ curl http://localhost/api/v1/organizations.json -v -u #{login}:#{password} -H "C
|
||||||
=end
|
=end
|
||||||
|
|
||||||
def update
|
def update
|
||||||
return if deny_if_not_role('Agent')
|
return if deny_if_not_role(Z_ROLENAME_AGENT)
|
||||||
model_update_render(Organization, params)
|
model_update_render(Organization, params)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -178,7 +178,7 @@ Test:
|
||||||
def history
|
def history
|
||||||
|
|
||||||
# permissin check
|
# permissin check
|
||||||
if !is_role(Z_ROLENAME_ADMIN) && !is_role('Agent')
|
if !is_role(Z_ROLENAME_ADMIN) && !is_role(Z_ROLENAME_AGENT)
|
||||||
response_access_deny
|
response_access_deny
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
|
|
|
@ -7,7 +7,7 @@ class SearchController < ApplicationController
|
||||||
def search_user_org
|
def search_user_org
|
||||||
|
|
||||||
# enable search only for agents and admins
|
# enable search only for agents and admins
|
||||||
if !current_user.is_role('Agent') && !current_user.is_role(Z_ROLENAME_ADMIN)
|
if !current_user.is_role(Z_ROLENAME_AGENT) && !current_user.is_role(Z_ROLENAME_ADMIN)
|
||||||
response_access_deny
|
response_access_deny
|
||||||
return true
|
return true
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue