0005-Add-optional-scope-parameter-to-Role-allowed_to.patch

Jan from Planio www.plan.io, 2017-01-18 17:46

Download (4.27 KB)

View differences:

app/models/role.rb
188 188
  # action can be:
189 189
  # * a parameter-like Hash (eg. :controller => 'projects', :action => 'edit')
190 190
  # * a permission Symbol (eg. :edit_project)
191
  def allowed_to?(action)
191
  # scope can be:
192
  # * an array of permissions which will be used as filter (logical AND)
193

  
194
  def allowed_to?(action, scope=nil)
192 195
    if action.is_a? Hash
193
      allowed_actions.include? "#{action[:controller]}/#{action[:action]}"
196
      allowed_actions(scope).include? "#{action[:controller]}/#{action[:action]}"
194 197
    else
195
      allowed_permissions.include? action
198
      allowed_permissions(scope).include? action
196 199
    end
197 200
  end
198 201

  
......
280 283

  
281 284
private
282 285

  
283
  def allowed_permissions
284
    @allowed_permissions ||= permissions + Redmine::AccessControl.public_permissions.collect {|p| p.name}
286
  def allowed_permissions(scope=nil)
287
    scope = scope.sort if scope.present? # to maintain stable cache keys
288
    @allowed_permissions ||= {}
289
    @allowed_permissions[scope] ||= begin
290
      unscoped = permissions + Redmine::AccessControl.public_permissions.collect {|p| p.name}
291
      scope.present? ? unscoped & scope : unscoped
292
    end
285 293
  end
286 294

  
287
  def allowed_actions
288
    @actions_allowed ||= allowed_permissions.inject([]) { |actions, permission| actions += Redmine::AccessControl.allowed_actions(permission) }.flatten
295
  def allowed_actions(scope=nil)
296
    scope = scope.sort if scope.present? # to maintain stable cache keys
297
    @actions_allowed ||= {}
298
    @actions_allowed[scope] ||= allowed_permissions(scope).inject([]) { |actions, permission| actions += Redmine::AccessControl.allowed_actions(permission) }.flatten
289 299
  end
290 300

  
291 301
  def check_deletable
test/unit/role_test.rb
95 95
    assert_equal false, role.has_permission?(:delete_issues)
96 96
  end
97 97

  
98
  def test_allowed_to_with_symbol
99
    role = Role.create!(:name => 'Test', :permissions => [:view_issues])
100
    assert_equal true, role.allowed_to?(:view_issues)
101
    assert_equal false, role.allowed_to?(:add_issues)
102
  end
103

  
104
  def test_allowed_to_with_symbol_and_scope
105
    role = Role.create!(:name => 'Test', :permissions => [:view_issues, :delete_issues])
106
    assert_equal true, role.allowed_to?(:view_issues, [:view_issues, :add_issues])
107
    assert_equal false, role.allowed_to?(:add_issues, [:view_issues, :add_issues])
108
    assert_equal false, role.allowed_to?(:delete_issues, [:view_issues, :add_issues])
109
  end
110

  
111
  def test_allowed_to_with_hash
112
    role = Role.create!(:name => 'Test', :permissions => [:view_issues])
113
    assert_equal true, role.allowed_to?( :controller => 'issues', :action => 'show')
114
    assert_equal false, role.allowed_to?( :controller => 'issues', :action => 'create')
115
  end
116

  
117
  def test_allowed_to_with_hash_and_scope
118
    role = Role.create!(:name => 'Test', :permissions => [:view_issues, :delete_issues])
119
    assert_equal true, role.allowed_to?({:controller => 'issues', :action => 'show'}, [:view_issues, :add_issues])
120
    assert_equal false, role.allowed_to?({:controller => 'issues', :action => 'create'}, [:view_issues, :add_issues])
121
    assert_equal false, role.allowed_to?({:controller => 'issues', :action => 'destroy'}, [:view_issues, :add_issues])
122
  end
123

  
98 124
  def test_has_permission_without_permissions
99 125
    role = Role.create!(:name => 'Test')
100 126
    assert_equal false, role.has_permission?(:delete_issues)
101
-