##// END OF EJS Templates
jro_apps » redmine
RSS
Refactor builtin roles creation....
Jean-Philippe Lang -
r6179:cf56698d91ce
parent child
Show More
Side by Side Unified
Context file:
r6179:cf56698d91ce Loading diff...:
Show file before | Show file after | Hide comments
@@ -1,179 +1,176
1 1 # Redmine - project management software
2 2 # Copyright (C) 2006-2011 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 class Role < ActiveRecord::Base
19 19 # Built-in roles
20 20 BUILTIN_NON_MEMBER = 1
21 21 BUILTIN_ANONYMOUS = 2
22 22
23 23 ISSUES_VISIBILITY_OPTIONS = [
24 24 ['all', :label_issues_visibility_all],
25 25 ['default', :label_issues_visibility_public],
26 26 ['own', :label_issues_visibility_own]
27 27 ]
28 28
29 29 named_scope :givable, { :conditions => "builtin = 0", :order => 'position' }
30 30 named_scope :builtin, lambda { |*args|
31 31 compare = 'not' if args.first == true
32 32 { :conditions => "#{compare} builtin = 0" }
33 33 }
34 34
35 35 before_destroy :check_deletable
36 36 has_many :workflows, :dependent => :delete_all do
37 37 def copy(source_role)
38 38 Workflow.copy(nil, source_role, nil, proxy_owner)
39 39 end
40 40 end
41 41
42 42 has_many :member_roles, :dependent => :destroy
43 43 has_many :members, :through => :member_roles
44 44 acts_as_list
45 45
46 46 serialize :permissions, Array
47 47 attr_protected :builtin
48 48
49 49 validates_presence_of :name
50 50 validates_uniqueness_of :name
51 51 validates_length_of :name, :maximum => 30
52 52 validates_inclusion_of :issues_visibility,
53 53 :in => ISSUES_VISIBILITY_OPTIONS.collect(&:first),
54 54 :if => lambda {|role| role.respond_to?(:issues_visibility)}
55 55
56 56 def permissions
57 57 read_attribute(:permissions) || []
58 58 end
59 59
60 60 def permissions=(perms)
61 61 perms = perms.collect {|p| p.to_sym unless p.blank? }.compact.uniq if perms
62 62 write_attribute(:permissions, perms)
63 63 end
64 64
65 65 def add_permission!(*perms)
66 66 self.permissions = [] unless permissions.is_a?(Array)
67 67
68 68 permissions_will_change!
69 69 perms.each do |p|
70 70 p = p.to_sym
71 71 permissions << p unless permissions.include?(p)
72 72 end
73 73 save!
74 74 end
75 75
76 76 def remove_permission!(*perms)
77 77 return unless permissions.is_a?(Array)
78 78 permissions_will_change!
79 79 perms.each { |p| permissions.delete(p.to_sym) }
80 80 save!
81 81 end
82 82
83 83 # Returns true if the role has the given permission
84 84 def has_permission?(perm)
85 85 !permissions.nil? && permissions.include?(perm.to_sym)
86 86 end
87 87
88 88 def <=>(role)
89 89 role ? position <=> role.position : -1
90 90 end
91 91
92 92 def to_s
93 93 name
94 94 end
95 95
96 96 def name
97 97 case builtin
98 98 when 1; l(:label_role_non_member, :default => read_attribute(:name))
99 99 when 2; l(:label_role_anonymous, :default => read_attribute(:name))
100 100 else; read_attribute(:name)
101 101 end
102 102 end
103 103
104 104 # Return true if the role is a builtin role
105 105 def builtin?
106 106 self.builtin != 0
107 107 end
108 108
109 109 # Return true if the role is a project member role
110 110 def member?
111 111 !self.builtin?
112 112 end
113 113
114 114 # Return true if role is allowed to do the specified action
115 115 # action can be:
116 116 # * a parameter-like Hash (eg. :controller => 'projects', :action => 'edit')
117 117 # * a permission Symbol (eg. :edit_project)
118 118 def allowed_to?(action)
119 119 if action.is_a? Hash
120 120 allowed_actions.include? "#{action[:controller]}/#{action[:action]}"
121 121 else
122 122 allowed_permissions.include? action
123 123 end
124 124 end
125 125
126 126 # Return all the permissions that can be given to the role
127 127 def setable_permissions
128 128 setable_permissions = Redmine::AccessControl.permissions - Redmine::AccessControl.public_permissions
129 129 setable_permissions -= Redmine::AccessControl.members_only_permissions if self.builtin == BUILTIN_NON_MEMBER
130 130 setable_permissions -= Redmine::AccessControl.loggedin_only_permissions if self.builtin == BUILTIN_ANONYMOUS
131 131 setable_permissions
132 132 end
133 133
134 134 # Find all the roles that can be given to a project member
135 135 def self.find_all_givable
136 136 find(:all, :conditions => {:builtin => 0}, :order => 'position')
137 137 end
138 138
139 139 # Return the builtin 'non member' role. If the role doesn't exist,
140 140 # it will be created on the fly.
141 141 def self.non_member
142 non_member_role = find(:first, :conditions => {:builtin => BUILTIN_NON_MEMBER})
143 if non_member_role.nil?
144 non_member_role = create(:name => 'Non member', :position => 0) do |role|
145 role.builtin = BUILTIN_NON_MEMBER
146 end
147 raise 'Unable to create the non-member role.' if non_member_role.new_record?
148 end
149 non_member_role
142 find_or_create_system_role(BUILTIN_NON_MEMBER, 'Non member')
150 143 end
151 144
152 145 # Return the builtin 'anonymous' role. If the role doesn't exist,
153 146 # it will be created on the fly.
154 147 def self.anonymous
155 anonymous_role = find(:first, :conditions => {:builtin => BUILTIN_ANONYMOUS})
156 if anonymous_role.nil?
157 anonymous_role = create(:name => 'Anonymous', :position => 0) do |role|
158 role.builtin = BUILTIN_ANONYMOUS
159 end
160 raise 'Unable to create the anonymous role.' if anonymous_role.new_record?
161 end
162 anonymous_role
148 find_or_create_system_role(BUILTIN_ANONYMOUS, 'Anonymous')
163 149 end
164
165 150
166 151 private
152
167 153 def allowed_permissions
168 154 @allowed_permissions ||= permissions + Redmine::AccessControl.public_permissions.collect {|p| p.name}
169 155 end
170 156
171 157 def allowed_actions
172 158 @actions_allowed ||= allowed_permissions.inject([]) { |actions, permission| actions += Redmine::AccessControl.allowed_actions(permission) }.flatten
173 159 end
174 160
175 161 def check_deletable
176 162 raise "Can't delete role" if members.any?
177 163 raise "Can't delete builtin role" if builtin?
178 164 end
165
166 def self.find_or_create_system_role(builtin, name)
167 role = first(:conditions => {:builtin => builtin})
168 if role.nil?
169 role = create(:name => name, :position => 0) do |r|
170 r.builtin = builtin
171 end
172 raise "Unable to create the #{name} role." if role.new_record?
173 end
174 role
175 end
179 176 end
General Comments 0
You need to be logged in to leave comments. Login now