Feature #24808 » 0003-Add-optional-scope-parameter-to-Role-allowed_to.patch
| app/models/role.rb | ||
|---|---|---|
| 193 | 193 |
# action can be: |
| 194 | 194 |
# * a parameter-like Hash (eg. :controller => 'projects', :action => 'edit') |
| 195 | 195 |
# * a permission Symbol (eg. :edit_project) |
| 196 |
def allowed_to?(action) |
|
| 196 |
# scope can be: |
|
| 197 |
# * an array of permissions which will be used as filter (logical AND) |
|
| 198 | ||
| 199 |
def allowed_to?(action, scope=nil) |
|
| 197 | 200 |
if action.is_a? Hash |
| 198 |
allowed_actions.include? "#{action[:controller]}/#{action[:action]}"
|
|
| 201 |
allowed_actions(scope).include? "#{action[:controller]}/#{action[:action]}"
|
|
| 199 | 202 |
else |
| 200 |
allowed_permissions.include? action |
|
| 203 |
allowed_permissions(scope).include? action
|
|
| 201 | 204 |
end |
| 202 | 205 |
end |
| 203 | 206 | |
| ... | ... | |
| 289 | 292 | |
| 290 | 293 |
private |
| 291 | 294 | |
| 292 |
def allowed_permissions |
|
| 293 |
@allowed_permissions ||= permissions + Redmine::AccessControl.public_permissions.collect {|p| p.name}
|
|
| 295 |
def allowed_permissions(scope = nil) |
|
| 296 |
scope = scope.sort if scope.present? # to maintain stable cache keys |
|
| 297 |
@allowed_permissions ||= {}
|
|
| 298 |
@allowed_permissions[scope] ||= begin |
|
| 299 |
unscoped = permissions + Redmine::AccessControl.public_permissions.collect {|p| p.name}
|
|
| 300 |
scope.present? ? unscoped & scope : unscoped |
|
| 301 |
end |
|
| 294 | 302 |
end |
| 295 | 303 | |
| 296 |
def allowed_actions |
|
| 297 |
@actions_allowed ||= |
|
| 298 |
allowed_permissions.inject([]) do |actions, permission| |
|
| 304 |
def allowed_actions(scope = nil) |
|
| 305 |
scope = scope.sort if scope.present? # to maintain stable cache keys |
|
| 306 |
@actions_allowed ||= {}
|
|
| 307 |
@actions_allowed[scope] ||= |
|
| 308 |
allowed_permissions(scope).inject([]) do |actions, permission| |
|
| 299 | 309 |
actions += Redmine::AccessControl.allowed_actions(permission) |
| 300 | 310 |
end.flatten |
| 301 | 311 |
end |
| test/unit/role_test.rb | ||
|---|---|---|
| 101 | 101 |
assert_equal false, role.has_permission?(:delete_issues) |
| 102 | 102 |
end |
| 103 | 103 | |
| 104 |
def test_allowed_to_with_symbol |
|
| 105 |
role = Role.create!(:name => 'Test', :permissions => [:view_issues]) |
|
| 106 |
assert_equal true, role.allowed_to?(:view_issues) |
|
| 107 |
assert_equal false, role.allowed_to?(:add_issues) |
|
| 108 |
end |
|
| 109 | ||
| 110 |
def test_allowed_to_with_symbol_and_scope |
|
| 111 |
role = Role.create!(:name => 'Test', :permissions => [:view_issues, :delete_issues]) |
|
| 112 |
assert_equal true, role.allowed_to?(:view_issues, [:view_issues, :add_issues]) |
|
| 113 |
assert_equal false, role.allowed_to?(:add_issues, [:view_issues, :add_issues]) |
|
| 114 |
assert_equal false, role.allowed_to?(:delete_issues, [:view_issues, :add_issues]) |
|
| 115 |
end |
|
| 116 | ||
| 117 |
def test_allowed_to_with_hash |
|
| 118 |
role = Role.create!(:name => 'Test', :permissions => [:view_issues]) |
|
| 119 |
assert_equal true, role.allowed_to?(:controller => 'issues', :action => 'show') |
|
| 120 |
assert_equal false, role.allowed_to?(:controller => 'issues', :action => 'create') |
|
| 121 |
end |
|
| 122 | ||
| 123 |
def test_allowed_to_with_hash_and_scope |
|
| 124 |
role = Role.create!(:name => 'Test', :permissions => [:view_issues, :delete_issues]) |
|
| 125 |
assert_equal true, role.allowed_to?({:controller => 'issues', :action => 'show'}, [:view_issues, :add_issues])
|
|
| 126 |
assert_equal false, role.allowed_to?({:controller => 'issues', :action => 'create'}, [:view_issues, :add_issues])
|
|
| 127 |
assert_equal false, role.allowed_to?({:controller => 'issues', :action => 'destroy'}, [:view_issues, :add_issues])
|
|
| 128 |
end |
|
| 129 | ||
| 104 | 130 |
def test_has_permission_without_permissions |
| 105 | 131 |
role = Role.create!(:name => 'Test') |
| 106 | 132 |
assert_equal false, role.has_permission?(:delete_issues) |
