Class: Role
- Inherits:
-
ApplicationRecord
- Object
- ActiveRecord::Base
- ApplicationRecord
- Role
- Includes:
- Redmine::SafeAttributes
- Defined in:
- app/models/role.rb
Overview
Redmine - project management software Copyright © 2006- Jean-Philippe Lang
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
Defined Under Namespace
Classes: PermissionsAttributeCoder
Constant Summary collapse
- BUILTIN_NON_MEMBER =
Built-in roles
1
- BUILTIN_ANONYMOUS =
2
- ISSUES_VISIBILITY_OPTIONS =
[ ['all', :label_issues_visibility_all], ['default', :label_issues_visibility_public], ['own', :label_issues_visibility_own] ]
- TIME_ENTRIES_VISIBILITY_OPTIONS =
[ ['all', :label_time_entries_visibility_all], ['own', :label_time_entries_visibility_own] ]
- USERS_VISIBILITY_OPTIONS =
[ ['all', :label_users_visibility_all], ['members_of_visible_projects', :label_users_visibility_members_of_visible_projects] ]
Class Method Summary collapse
-
.anonymous ⇒ Object
Return the builtin ‘anonymous’ role.
-
.find_all_givable ⇒ Object
Find all the roles that can be given to a project member.
-
.non_member ⇒ Object
Return the builtin ‘non member’ role.
Instance Method Summary collapse
- #<=>(role) ⇒ Object
- #add_permission!(*perms) ⇒ Object
-
#allowed_to?(action) ⇒ Boolean
Return true if role is allowed to do the specified action action can be: * a parameter-like Hash (eg. :controller => ‘projects’, :action => ‘edit’) * a permission Symbol (eg. :edit_project).
-
#anonymous? ⇒ Boolean
Return true if the role is the anonymous role.
-
#builtin? ⇒ Boolean
Return true if the role is a builtin role.
- #consider_workflow? ⇒ Boolean
-
#copy_from(arg, options = {}) ⇒ Object
Copies attributes from another role, arg can be an id or a Role.
- #copy_workflow_rules(source_role) ⇒ Object
-
#has_permission?(perm) ⇒ Boolean
Returns true if the role has the given permission.
-
#member? ⇒ Boolean
Return true if the role is a project member role.
- #name ⇒ Object
- #permissions=(perms) ⇒ Object
- #permissions_all_trackers ⇒ Object
- #permissions_all_trackers=(arg) ⇒ Object
-
#permissions_all_trackers?(permission) ⇒ Boolean
Returns true if permission is given for all trackers.
-
#permissions_tracker?(permission, tracker) ⇒ Boolean
Returns true if permission is given for the tracker (explicitly or for all trackers).
- #permissions_tracker_ids(*args) ⇒ Object
- #permissions_tracker_ids=(arg) ⇒ Object
-
#permissions_tracker_ids?(permission, tracker_id) ⇒ Boolean
Returns true if tracker_id belongs to the list of trackers for which permission is given.
- #remove_permission!(*perms) ⇒ Object
-
#set_permission_trackers(permission, tracker_ids) ⇒ Object
Sets the trackers that are allowed for a permission.
-
#setable_permissions ⇒ Object
Return all the permissions that can be given to the role.
- #to_s ⇒ Object
Methods included from Redmine::SafeAttributes
#delete_unsafe_attributes, included, #safe_attribute?, #safe_attribute_names, #safe_attributes=
Methods inherited from ApplicationRecord
Class Method Details
.anonymous ⇒ Object
Return the builtin ‘anonymous’ role. If the role doesn’t exist, it will be created on the fly.
295 296 297 |
# File 'app/models/role.rb', line 295 def self.anonymous find_or_create_system_role(BUILTIN_ANONYMOUS, 'Anonymous') end |
.find_all_givable ⇒ Object
Find all the roles that can be given to a project member
283 284 285 |
# File 'app/models/role.rb', line 283 def self.find_all_givable Role.givable.to_a end |
.non_member ⇒ Object
Return the builtin ‘non member’ role. If the role doesn’t exist, it will be created on the fly.
289 290 291 |
# File 'app/models/role.rb', line 289 def self.non_member find_or_create_system_role(BUILTIN_NON_MEMBER, 'Non member') end |
Instance Method Details
#<=>(role) ⇒ Object
157 158 159 160 161 162 163 164 165 166 167 |
# File 'app/models/role.rb', line 157 def <=>(role) # returns -1 for nil since r2726 return -1 if role.nil? return nil unless role.is_a?(Role) if builtin == role.builtin position <=> role.position else builtin <=> role.builtin end end |
#add_permission!(*perms) ⇒ Object
129 130 131 132 133 134 135 136 137 138 |
# File 'app/models/role.rb', line 129 def (*perms) self. = [] unless .is_a?(Array) perms.each do |p| p = p.to_sym << p unless .include?(p) end save! end |
#allowed_to?(action) ⇒ Boolean
Return true if role is allowed to do the specified action action can be:
-
a parameter-like Hash (eg. :controller => ‘projects’, :action => ‘edit’)
-
a permission Symbol (eg. :edit_project)
201 202 203 204 205 206 207 |
# File 'app/models/role.rb', line 201 def allowed_to?(action) if action.is_a? Hash allowed_actions.include? "#{action[:controller]}/#{action[:action]}" else .include? action end end |
#anonymous? ⇒ Boolean
Return true if the role is the anonymous role
188 189 190 |
# File 'app/models/role.rb', line 188 def anonymous? builtin == 2 end |
#builtin? ⇒ Boolean
Return true if the role is a builtin role
183 184 185 |
# File 'app/models/role.rb', line 183 def builtin? self.builtin != 0 end |
#consider_workflow? ⇒ Boolean
153 154 155 |
# File 'app/models/role.rb', line 153 def consider_workflow? (:add_issues) || (:edit_issues) end |
#copy_from(arg, options = {}) ⇒ Object
Copies attributes from another role, arg can be an id or a Role
114 115 116 117 118 119 120 121 122 |
# File 'app/models/role.rb', line 114 def copy_from(arg, ={}) return unless arg.present? role = arg.is_a?(Role) ? arg : Role.find_by_id(arg.to_s) self.attributes = role.attributes.dup.except("id", "name", "position", "builtin", "permissions") self. = role..dup self.managed_role_ids = role.managed_role_ids.dup self end |
#copy_workflow_rules(source_role) ⇒ Object
278 279 280 |
# File 'app/models/role.rb', line 278 def copy_workflow_rules(source_role) WorkflowRule.copy(nil, source_role, nil, self) end |
#has_permission?(perm) ⇒ Boolean
Returns true if the role has the given permission
149 150 151 |
# File 'app/models/role.rb', line 149 def (perm) !.nil? && .include?(perm.to_sym) end |
#member? ⇒ Boolean
Return true if the role is a project member role
193 194 195 |
# File 'app/models/role.rb', line 193 def member? !self.builtin? end |
#name ⇒ Object
173 174 175 176 177 178 179 180 |
# File 'app/models/role.rb', line 173 def name case builtin when 1 then l(:label_role_non_member, :default => read_attribute(:name)) when 2 then l(:label_role_anonymous, :default => read_attribute(:name)) else read_attribute(:name) end end |
#permissions=(perms) ⇒ Object
124 125 126 127 |
# File 'app/models/role.rb', line 124 def (perms) perms = perms.filter_map {|p| p.to_sym unless p.blank?}.uniq if perms write_attribute(:permissions, perms) end |
#permissions_all_trackers ⇒ Object
239 240 241 |
# File 'app/models/role.rb', line 239 def super || {} end |
#permissions_all_trackers=(arg) ⇒ Object
243 244 245 |
# File 'app/models/role.rb', line 243 def (arg) super(arg.to_hash) end |
#permissions_all_trackers?(permission) ⇒ Boolean
Returns true if permission is given for all trackers
248 249 250 251 252 |
# File 'app/models/role.rb', line 248 def () return false unless () [.to_s].to_s != '0' end |
#permissions_tracker?(permission, tracker) ⇒ Boolean
Returns true if permission is given for the tracker (explicitly or for all trackers)
256 257 258 259 |
# File 'app/models/role.rb', line 256 def (, tracker) () || (, tracker.try(:id)) end |
#permissions_tracker_ids(*args) ⇒ Object
217 218 219 220 221 222 223 |
# File 'app/models/role.rb', line 217 def (*args) if args.any? Array([args.first.to_s]).map(&:to_i) else super || {} end end |
#permissions_tracker_ids=(arg) ⇒ Object
225 226 227 228 229 |
# File 'app/models/role.rb', line 225 def (arg) h = arg.to_hash h.each_value {|v| v.reject!(&:blank?)} super(h) end |
#permissions_tracker_ids?(permission, tracker_id) ⇒ Boolean
Returns true if tracker_id belongs to the list of trackers for which permission is given
233 234 235 236 237 |
# File 'app/models/role.rb', line 233 def (, tracker_id) return false unless () ().include?(tracker_id) end |
#remove_permission!(*perms) ⇒ Object
140 141 142 143 144 145 146 |
# File 'app/models/role.rb', line 140 def (*perms) return unless .is_a?(Array) perms.each {|p| .delete(p.to_sym)} save! end |
#set_permission_trackers(permission, tracker_ids) ⇒ Object
Sets the trackers that are allowed for a permission. tracker_ids can be an array of tracker ids or :all for no restrictions.
Examples:
role. :add_issues, [1, 3]
role. :add_issues, :all
268 269 270 271 272 273 274 275 276 |
# File 'app/models/role.rb', line 268 def (, tracker_ids) h = {.to_s => (tracker_ids == :all ? '1' : '0')} self. = .merge(h) h = {.to_s => (tracker_ids == :all ? [] : tracker_ids)} self. = .merge(h) self end |
#setable_permissions ⇒ Object
Return all the permissions that can be given to the role
210 211 212 213 214 215 |
# File 'app/models/role.rb', line 210 def = Redmine::AccessControl. - Redmine::AccessControl. -= Redmine::AccessControl. if self.builtin == BUILTIN_NON_MEMBER -= Redmine::AccessControl. if self.builtin == BUILTIN_ANONYMOUS end |
#to_s ⇒ Object
169 170 171 |
# File 'app/models/role.rb', line 169 def to_s name end |