gitlabhq/app/roles/authority.rb

module Authority
  # Compatible with all access rights
  # Should be rewrited for new access rights
  def add_access(user, *access)
    access = if access.include?(:admin)
               { project_access: UsersProject::MASTER }
             elsif access.include?(:write)
               { project_access: UsersProject::DEVELOPER }
             else
               { project_access: UsersProject::REPORTER }
             end
    opts = { user: user }
    opts.merge!(access)
    users_projects.create(opts)
  end

  def reset_access(user)
    users_projects.where(project_id: self.id, user_id: user.id).destroy if self.id
  end

  def repository_readers
    keys = Key.joins({user: :users_projects}).
      where("users_projects.project_id = ? AND users_projects.project_access = ?", id, UsersProject::REPORTER)
    keys.map(&:identifier) + deploy_keys.map(&:identifier)
  end

  def repository_writers
    keys = Key.joins({user: :users_projects}).
      where("users_projects.project_id = ? AND users_projects.project_access = ?", id, UsersProject::DEVELOPER)
    keys.map(&:identifier)
  end

  def repository_masters
    keys = Key.joins({user: :users_projects}).
      where("users_projects.project_id = ? AND users_projects.project_access = ?", id, UsersProject::MASTER)
    keys.map(&:identifier)
  end

  def allow_read_for?(user)
    !users_projects.where(user_id: user.id).empty?
  end

  def guest_access_for?(user)
    !users_projects.where(user_id: user.id).empty?
  end

  def report_access_for?(user)
    !users_projects.where(user_id: user.id, project_access: [UsersProject::REPORTER, UsersProject::DEVELOPER, UsersProject::MASTER]).empty?
  end

  def dev_access_for?(user)
    !users_projects.where(user_id: user.id, project_access: [UsersProject::DEVELOPER, UsersProject::MASTER]).empty?
  end

  def master_access_for?(user)
    !users_projects.where(user_id: user.id, project_access: [UsersProject::MASTER]).empty?
  end
end
Models Refactoring: Move methods to roles 2012-06-07 14:44:57 +02:00			`module Authority`
			`# Compatible with all access rights`
			`# Should be rewrited for new access rights`
			`def add_access(user, *access)`
simple refactoring 2012-10-09 02:10:04 +02:00			`access = if access.include?(:admin)`
			`{ project_access: UsersProject::MASTER }`
Models Refactoring: Move methods to roles 2012-06-07 14:44:57 +02:00			`elsif access.include?(:write)`
simple refactoring 2012-10-09 02:10:04 +02:00			`{ project_access: UsersProject::DEVELOPER }`
Models Refactoring: Move methods to roles 2012-06-07 14:44:57 +02:00			`else`
simple refactoring 2012-10-09 02:10:04 +02:00			`{ project_access: UsersProject::REPORTER }`
Models Refactoring: Move methods to roles 2012-06-07 14:44:57 +02:00			`end`
Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-11 00:07:50 +02:00			`opts = { user: user }`
Models Refactoring: Move methods to roles 2012-06-07 14:44:57 +02:00			`opts.merge!(access)`
			`users_projects.create(opts)`
			`end`

			`def reset_access(user)`
Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-11 00:07:50 +02:00			`users_projects.where(project_id: self.id, user_id: user.id).destroy if self.id`
Models Refactoring: Move methods to roles 2012-06-07 14:44:57 +02:00			`end`

			`def repository_readers`
Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-11 00:07:50 +02:00			`keys = Key.joins({user: :users_projects}).`
Models Refactoring: Move methods to roles 2012-06-07 14:44:57 +02:00			`where("users_projects.project_id = ? AND users_projects.project_access = ?", id, UsersProject::REPORTER)`
			`keys.map(&:identifier) + deploy_keys.map(&:identifier)`
			`end`

			`def repository_writers`
Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-11 00:07:50 +02:00			`keys = Key.joins({user: :users_projects}).`
Models Refactoring: Move methods to roles 2012-06-07 14:44:57 +02:00			`where("users_projects.project_id = ? AND users_projects.project_access = ?", id, UsersProject::DEVELOPER)`
			`keys.map(&:identifier)`
			`end`

			`def repository_masters`
Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-11 00:07:50 +02:00			`keys = Key.joins({user: :users_projects}).`
Models Refactoring: Move methods to roles 2012-06-07 14:44:57 +02:00			`where("users_projects.project_id = ? AND users_projects.project_access = ?", id, UsersProject::MASTER)`
			`keys.map(&:identifier)`
			`end`

			`def allow_read_for?(user)`
Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-11 00:07:50 +02:00			`!users_projects.where(user_id: user.id).empty?`
Models Refactoring: Move methods to roles 2012-06-07 14:44:57 +02:00			`end`

			`def guest_access_for?(user)`
Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-11 00:07:50 +02:00			`!users_projects.where(user_id: user.id).empty?`
Models Refactoring: Move methods to roles 2012-06-07 14:44:57 +02:00			`end`

			`def report_access_for?(user)`
Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-11 00:07:50 +02:00			`!users_projects.where(user_id: user.id, project_access: [UsersProject::REPORTER, UsersProject::DEVELOPER, UsersProject::MASTER]).empty?`
Models Refactoring: Move methods to roles 2012-06-07 14:44:57 +02:00			`end`

			`def dev_access_for?(user)`
Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-11 00:07:50 +02:00			`!users_projects.where(user_id: user.id, project_access: [UsersProject::DEVELOPER, UsersProject::MASTER]).empty?`
Models Refactoring: Move methods to roles 2012-06-07 14:44:57 +02:00			`end`

			`def master_access_for?(user)`
Security for online editor. Replace dev_access?, master_access? with can? method usage 2012-10-21 11:12:14 +02:00			`!users_projects.where(user_id: user.id, project_access: [UsersProject::MASTER]).empty?`
Models Refactoring: Move methods to roles 2012-06-07 14:44:57 +02:00			`end`
			`end`