Feature #24808 » 0005-Add-optional-scope-parameter-to-Role-allowed_to.patch
| app/models/role.rb | ||
|---|---|---|
| 188 | 188 |
# action can be: |
| 189 | 189 |
# * a parameter-like Hash (eg. :controller => 'projects', :action => 'edit') |
| 190 | 190 |
# * a permission Symbol (eg. :edit_project) |
| 191 |
def allowed_to?(action) |
|
| 191 |
# scope can be: |
|
| 192 |
# * an array of permissions which will be used as filter (logical AND) |
|
| 193 | ||
| 194 |
def allowed_to?(action, scope=nil) |
|
| 192 | 195 |
if action.is_a? Hash |
| 193 |
allowed_actions.include? "#{action[:controller]}/#{action[:action]}"
|
|
| 196 |
allowed_actions(scope).include? "#{action[:controller]}/#{action[:action]}"
|
|
| 194 | 197 |
else |
| 195 |
allowed_permissions.include? action |
|
| 198 |
allowed_permissions(scope).include? action
|
|
| 196 | 199 |
end |
| 197 | 200 |
end |
| 198 | 201 | |
| ... | ... | |
| 280 | 283 | |
| 281 | 284 |
private |
| 282 | 285 | |
| 283 |
def allowed_permissions |
|
| 284 |
@allowed_permissions ||= permissions + Redmine::AccessControl.public_permissions.collect {|p| p.name}
|
|
| 286 |
def allowed_permissions(scope=nil) |
|
| 287 |
scope = scope.sort if scope.present? # to maintain stable cache keys |
|
| 288 |
@allowed_permissions ||= {}
|
|
| 289 |
@allowed_permissions[scope] ||= begin |
|
| 290 |
unscoped = permissions + Redmine::AccessControl.public_permissions.collect {|p| p.name}
|
|
| 291 |
scope.present? ? unscoped & scope : unscoped |
|
| 292 |
end |
|
| 285 | 293 |
end |
| 286 | 294 | |
| 287 |
def allowed_actions |
|
| 288 |
@actions_allowed ||= allowed_permissions.inject([]) { |actions, permission| actions += Redmine::AccessControl.allowed_actions(permission) }.flatten
|
|
| 295 |
def allowed_actions(scope=nil) |
|
| 296 |
scope = scope.sort if scope.present? # to maintain stable cache keys |
|
| 297 |
@actions_allowed ||= {}
|
|
| 298 |
@actions_allowed[scope] ||= allowed_permissions(scope).inject([]) { |actions, permission| actions += Redmine::AccessControl.allowed_actions(permission) }.flatten
|
|
| 289 | 299 |
end |
| 290 | 300 | |
| 291 | 301 |
def check_deletable |
| test/unit/role_test.rb | ||
|---|---|---|
| 95 | 95 |
assert_equal false, role.has_permission?(:delete_issues) |
| 96 | 96 |
end |
| 97 | 97 | |
| 98 |
def test_allowed_to_with_symbol |
|
| 99 |
role = Role.create!(:name => 'Test', :permissions => [:view_issues]) |
|
| 100 |
assert_equal true, role.allowed_to?(:view_issues) |
|
| 101 |
assert_equal false, role.allowed_to?(:add_issues) |
|
| 102 |
end |
|
| 103 | ||
| 104 |
def test_allowed_to_with_symbol_and_scope |
|
| 105 |
role = Role.create!(:name => 'Test', :permissions => [:view_issues, :delete_issues]) |
|
| 106 |
assert_equal true, role.allowed_to?(:view_issues, [:view_issues, :add_issues]) |
|
| 107 |
assert_equal false, role.allowed_to?(:add_issues, [:view_issues, :add_issues]) |
|
| 108 |
assert_equal false, role.allowed_to?(:delete_issues, [:view_issues, :add_issues]) |
|
| 109 |
end |
|
| 110 | ||
| 111 |
def test_allowed_to_with_hash |
|
| 112 |
role = Role.create!(:name => 'Test', :permissions => [:view_issues]) |
|
| 113 |
assert_equal true, role.allowed_to?( :controller => 'issues', :action => 'show') |
|
| 114 |
assert_equal false, role.allowed_to?( :controller => 'issues', :action => 'create') |
|
| 115 |
end |
|
| 116 | ||
| 117 |
def test_allowed_to_with_hash_and_scope |
|
| 118 |
role = Role.create!(:name => 'Test', :permissions => [:view_issues, :delete_issues]) |
|
| 119 |
assert_equal true, role.allowed_to?({:controller => 'issues', :action => 'show'}, [:view_issues, :add_issues])
|
|
| 120 |
assert_equal false, role.allowed_to?({:controller => 'issues', :action => 'create'}, [:view_issues, :add_issues])
|
|
| 121 |
assert_equal false, role.allowed_to?({:controller => 'issues', :action => 'destroy'}, [:view_issues, :add_issues])
|
|
| 122 |
end |
|
| 123 | ||
| 98 | 124 |
def test_has_permission_without_permissions |
| 99 | 125 |
role = Role.create!(:name => 'Test') |
| 100 | 126 |
assert_equal false, role.has_permission?(:delete_issues) |
