more refactoring
This commit is contained in:
parent
7cb0818b99
commit
db1ee4b54d
2 changed files with 6 additions and 6 deletions
|
@ -50,7 +50,7 @@ curl http://localhost/api/v1/organizations.json -v -u #{login}:#{password}
|
|||
|
||||
# only allow customer to fetch his own organization
|
||||
organizations = []
|
||||
if is_role(Z_ROLENAME_CUSTOMER) && !is_role(Z_ROLENAME_ADMIN) && !is_role('Agent')
|
||||
if is_role(Z_ROLENAME_CUSTOMER) && !is_role(Z_ROLENAME_ADMIN) && !is_role(Z_ROLENAME_AGENT)
|
||||
if current_user.organization_id
|
||||
organizations = Organization.where( :id => current_user.organization_id )
|
||||
end
|
||||
|
@ -80,7 +80,7 @@ curl http://localhost/api/v1/organizations/#{id}.json -v -u #{login}:#{password}
|
|||
def show
|
||||
|
||||
# only allow customer to fetch his own organization
|
||||
if is_role(Z_ROLENAME_CUSTOMER) && !is_role(Z_ROLENAME_ADMIN) && !is_role('Agent')
|
||||
if is_role(Z_ROLENAME_CUSTOMER) && !is_role(Z_ROLENAME_ADMIN) && !is_role(Z_ROLENAME_AGENT)
|
||||
if !current_user.organization_id
|
||||
render :json => {}
|
||||
return
|
||||
|
@ -124,7 +124,7 @@ curl http://localhost/api/v1/organizations.json -v -u #{login}:#{password} -H "C
|
|||
=end
|
||||
|
||||
def create
|
||||
return if deny_if_not_role('Agent')
|
||||
return if deny_if_not_role(Z_ROLENAME_AGENT)
|
||||
model_create_render(Organization, params)
|
||||
end
|
||||
|
||||
|
@ -155,7 +155,7 @@ curl http://localhost/api/v1/organizations.json -v -u #{login}:#{password} -H "C
|
|||
=end
|
||||
|
||||
def update
|
||||
return if deny_if_not_role('Agent')
|
||||
return if deny_if_not_role(Z_ROLENAME_AGENT)
|
||||
model_update_render(Organization, params)
|
||||
end
|
||||
|
||||
|
@ -178,7 +178,7 @@ Test:
|
|||
def history
|
||||
|
||||
# permissin check
|
||||
if !is_role(Z_ROLENAME_ADMIN) && !is_role('Agent')
|
||||
if !is_role(Z_ROLENAME_ADMIN) && !is_role(Z_ROLENAME_AGENT)
|
||||
response_access_deny
|
||||
return
|
||||
end
|
||||
|
|
|
@ -7,7 +7,7 @@ class SearchController < ApplicationController
|
|||
def search_user_org
|
||||
|
||||
# enable search only for agents and admins
|
||||
if !current_user.is_role('Agent') && !current_user.is_role(Z_ROLENAME_ADMIN)
|
||||
if !current_user.is_role(Z_ROLENAME_AGENT) && !current_user.is_role(Z_ROLENAME_ADMIN)
|
||||
response_access_deny
|
||||
return true
|
||||
end
|
||||
|
|
Loading…
Reference in a new issue