Class: Role
- Inherits:
-
ActiveRecord::Base
- Object
- ActiveRecord::Base
- Role
- Includes:
- Redmine::SafeAttributes
- Defined in:
- app/models/role.rb
Overview
Redmine - project management software Copyright (C) 2006-2017 Jean-Philippe Lang
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
Defined Under Namespace
Classes: PermissionsAttributeCoder
Constant Summary collapse
- BUILTIN_NON_MEMBER =
Built-in roles
1
- BUILTIN_ANONYMOUS =
2
- ISSUES_VISIBILITY_OPTIONS =
[ ['all', :label_issues_visibility_all], ['default', :label_issues_visibility_public], ['own', :label_issues_visibility_own] ]
- TIME_ENTRIES_VISIBILITY_OPTIONS =
[ ['all', :label_time_entries_visibility_all], ['own', :label_time_entries_visibility_own] ]
- USERS_VISIBILITY_OPTIONS =
[ ['all', :label_users_visibility_all], ['members_of_visible_projects', :label_users_visibility_members_of_visible_projects] ]
Class Method Summary collapse
-
.anonymous ⇒ Object
Return the builtin 'anonymous' role.
-
.find_all_givable ⇒ Object
Find all the roles that can be given to a project member.
-
.non_member ⇒ Object
Return the builtin 'non member' role.
Instance Method Summary collapse
- #<=>(role) ⇒ Object
- #add_permission!(*perms) ⇒ Object
-
#allowed_to?(action) ⇒ Boolean
Return true if role is allowed to do the specified action action can be: * a parameter-like Hash (eg. :controller => 'projects', :action => 'edit') * a permission Symbol (eg. :edit_project).
-
#anonymous? ⇒ Boolean
Return true if the role is the anonymous role.
-
#builtin? ⇒ Boolean
Return true if the role is a builtin role.
- #consider_workflow? ⇒ Boolean
-
#copy_from(arg, options = {}) ⇒ Object
Copies attributes from another role, arg can be an id or a Role.
- #copy_workflow_rules(source_role) ⇒ Object
-
#has_permission?(perm) ⇒ Boolean
Returns true if the role has the given permission.
-
#member? ⇒ Boolean
Return true if the role is a project member role.
- #name ⇒ Object
- #permissions=(perms) ⇒ Object
- #permissions_all_trackers ⇒ Object
- #permissions_all_trackers=(arg) ⇒ Object
-
#permissions_all_trackers?(permission) ⇒ Boolean
Returns true if permission is given for all trackers.
-
#permissions_tracker?(permission, tracker) ⇒ Boolean
Returns true if permission is given for the tracker (explicitly or for all trackers).
- #permissions_tracker_ids(*args) ⇒ Object
- #permissions_tracker_ids=(arg) ⇒ Object
-
#permissions_tracker_ids?(permission, tracker_id) ⇒ Boolean
Returns true if tracker_id belongs to the list of trackers for which permission is given.
- #remove_permission!(*perms) ⇒ Object
-
#set_permission_trackers(permission, tracker_ids) ⇒ Object
Sets the trackers that are allowed for a permission.
-
#setable_permissions ⇒ Object
Return all the permissions that can be given to the role.
- #to_s ⇒ Object
Methods included from Redmine::SafeAttributes
#delete_unsafe_attributes, #safe_attribute?, #safe_attribute_names, #safe_attributes=
Class Method Details
.anonymous ⇒ Object
Return the builtin 'anonymous' role. If the role doesn't exist, it will be created on the fly.
276 277 278 |
# File 'app/models/role.rb', line 276 def self.anonymous find_or_create_system_role(BUILTIN_ANONYMOUS, 'Anonymous') end |
.find_all_givable ⇒ Object
Find all the roles that can be given to a project member
264 265 266 |
# File 'app/models/role.rb', line 264 def self.find_all_givable Role.givable.to_a end |
.non_member ⇒ Object
Return the builtin 'non member' role. If the role doesn't exist, it will be created on the fly.
270 271 272 |
# File 'app/models/role.rb', line 270 def self.non_member find_or_create_system_role(BUILTIN_NON_MEMBER, 'Non member') end |
Instance Method Details
#<=>(role) ⇒ Object
143 144 145 146 147 148 149 150 151 152 153 |
# File 'app/models/role.rb', line 143 def <=>(role) if role if builtin == role.builtin position <=> role.position else builtin <=> role.builtin end else -1 end end |
#add_permission!(*perms) ⇒ Object
116 117 118 119 120 121 122 123 124 125 |
# File 'app/models/role.rb', line 116 def (*perms) self. = [] unless .is_a?(Array) perms.each do |p| p = p.to_sym << p unless .include?(p) end save! end |
#allowed_to?(action) ⇒ Boolean
Return true if role is allowed to do the specified action action can be:
-
a parameter-like Hash (eg. :controller => 'projects', :action => 'edit')
-
a permission Symbol (eg. :edit_project)
186 187 188 189 190 191 192 |
# File 'app/models/role.rb', line 186 def allowed_to?(action) if action.is_a? Hash allowed_actions.include? "#{action[:controller]}/#{action[:action]}" else .include? action end end |
#anonymous? ⇒ Boolean
Return true if the role is the anonymous role
173 174 175 |
# File 'app/models/role.rb', line 173 def anonymous? builtin == 2 end |
#builtin? ⇒ Boolean
Return true if the role is a builtin role
168 169 170 |
# File 'app/models/role.rb', line 168 def builtin? self.builtin != 0 end |
#consider_workflow? ⇒ Boolean
139 140 141 |
# File 'app/models/role.rb', line 139 def consider_workflow? (:add_issues) || (:edit_issues) end |
#copy_from(arg, options = {}) ⇒ Object
Copies attributes from another role, arg can be an id or a Role
102 103 104 105 106 107 108 109 |
# File 'app/models/role.rb', line 102 def copy_from(arg, ={}) return unless arg.present? role = arg.is_a?(Role) ? arg : Role.find_by_id(arg.to_s) self.attributes = role.attributes.dup.except("id", "name", "position", "builtin", "permissions") self. = role..dup self.managed_role_ids = role.managed_role_ids.dup self end |
#copy_workflow_rules(source_role) ⇒ Object
259 260 261 |
# File 'app/models/role.rb', line 259 def copy_workflow_rules(source_role) WorkflowRule.copy(nil, source_role, nil, self) end |
#has_permission?(perm) ⇒ Boolean
Returns true if the role has the given permission
135 136 137 |
# File 'app/models/role.rb', line 135 def (perm) !.nil? && .include?(perm.to_sym) end |
#member? ⇒ Boolean
Return true if the role is a project member role
178 179 180 |
# File 'app/models/role.rb', line 178 def member? !self.builtin? end |
#name ⇒ Object
159 160 161 162 163 164 165 |
# File 'app/models/role.rb', line 159 def name case builtin when 1; l(:label_role_non_member, :default => read_attribute(:name)) when 2; l(:label_role_anonymous, :default => read_attribute(:name)) else; read_attribute(:name) end end |
#permissions=(perms) ⇒ Object
111 112 113 114 |
# File 'app/models/role.rb', line 111 def (perms) perms = perms.collect {|p| p.to_sym unless p.blank? }.compact.uniq if perms write_attribute(:permissions, perms) end |
#permissions_all_trackers ⇒ Object
222 223 224 |
# File 'app/models/role.rb', line 222 def super || {} end |
#permissions_all_trackers=(arg) ⇒ Object
226 227 228 |
# File 'app/models/role.rb', line 226 def (arg) super(arg.to_hash) end |
#permissions_all_trackers?(permission) ⇒ Boolean
Returns true if permission is given for all trackers
231 232 233 |
# File 'app/models/role.rb', line 231 def () [.to_s].to_s != '0' end |
#permissions_tracker?(permission, tracker) ⇒ Boolean
Returns true if permission is given for the tracker (explicitly or for all trackers)
237 238 239 240 |
# File 'app/models/role.rb', line 237 def (, tracker) () || (, tracker.try(:id)) end |
#permissions_tracker_ids(*args) ⇒ Object
202 203 204 205 206 207 208 |
# File 'app/models/role.rb', line 202 def (*args) if args.any? Array([args.first.to_s]).map(&:to_i) else super || {} end end |
#permissions_tracker_ids=(arg) ⇒ Object
210 211 212 213 214 |
# File 'app/models/role.rb', line 210 def (arg) h = arg.to_hash h.values.each {|v| v.reject!(&:blank?)} super(h) end |
#permissions_tracker_ids?(permission, tracker_id) ⇒ Boolean
Returns true if tracker_id belongs to the list of trackers for which permission is given
218 219 220 |
# File 'app/models/role.rb', line 218 def (, tracker_id) ().include?(tracker_id) end |
#remove_permission!(*perms) ⇒ Object
127 128 129 130 131 132 |
# File 'app/models/role.rb', line 127 def (*perms) return unless .is_a?(Array) perms.each { |p| .delete(p.to_sym) } save! end |
#set_permission_trackers(permission, tracker_ids) ⇒ Object
Sets the trackers that are allowed for a permission. tracker_ids can be an array of tracker ids or :all for no restrictions.
Examples:
role. :add_issues, [1, 3]
role. :add_issues, :all
249 250 251 252 253 254 255 256 257 |
# File 'app/models/role.rb', line 249 def (, tracker_ids) h = {.to_s => (tracker_ids == :all ? '1' : '0')} self. = .merge(h) h = {.to_s => (tracker_ids == :all ? [] : tracker_ids)} self. = .merge(h) self end |
#setable_permissions ⇒ Object
Return all the permissions that can be given to the role
195 196 197 198 199 200 |
# File 'app/models/role.rb', line 195 def = Redmine::AccessControl. - Redmine::AccessControl. -= Redmine::AccessControl. if self.builtin == BUILTIN_NON_MEMBER -= Redmine::AccessControl. if self.builtin == BUILTIN_ANONYMOUS end |
#to_s ⇒ Object
155 156 157 |
# File 'app/models/role.rb', line 155 def to_s name end |