2012-12-30 15:19:31 +01:00
|
|
|
# == Authority role
|
|
|
|
#
|
|
|
|
# Control access to project repository based on users role in team
|
|
|
|
#
|
|
|
|
# Used by Project
|
|
|
|
#
|
2012-06-07 14:44:57 +02:00
|
|
|
module Authority
|
|
|
|
# Compatible with all access rights
|
|
|
|
# Should be rewrited for new access rights
|
|
|
|
def add_access(user, *access)
|
2012-10-09 02:10:04 +02:00
|
|
|
access = if access.include?(:admin)
|
|
|
|
{ project_access: UsersProject::MASTER }
|
2012-06-07 14:44:57 +02:00
|
|
|
elsif access.include?(:write)
|
2012-10-09 02:10:04 +02:00
|
|
|
{ project_access: UsersProject::DEVELOPER }
|
2012-06-07 14:44:57 +02:00
|
|
|
else
|
2012-10-09 02:10:04 +02:00
|
|
|
{ project_access: UsersProject::REPORTER }
|
2012-06-07 14:44:57 +02:00
|
|
|
end
|
2012-08-11 00:07:50 +02:00
|
|
|
opts = { user: user }
|
2012-06-07 14:44:57 +02:00
|
|
|
opts.merge!(access)
|
|
|
|
users_projects.create(opts)
|
|
|
|
end
|
|
|
|
|
|
|
|
def reset_access(user)
|
2012-08-11 00:07:50 +02:00
|
|
|
users_projects.where(project_id: self.id, user_id: user.id).destroy if self.id
|
2012-06-07 14:44:57 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
def repository_readers
|
2012-08-11 00:07:50 +02:00
|
|
|
keys = Key.joins({user: :users_projects}).
|
2012-06-07 14:44:57 +02:00
|
|
|
where("users_projects.project_id = ? AND users_projects.project_access = ?", id, UsersProject::REPORTER)
|
|
|
|
keys.map(&:identifier) + deploy_keys.map(&:identifier)
|
|
|
|
end
|
|
|
|
|
|
|
|
def repository_writers
|
2012-08-11 00:07:50 +02:00
|
|
|
keys = Key.joins({user: :users_projects}).
|
2012-06-07 14:44:57 +02:00
|
|
|
where("users_projects.project_id = ? AND users_projects.project_access = ?", id, UsersProject::DEVELOPER)
|
|
|
|
keys.map(&:identifier)
|
|
|
|
end
|
|
|
|
|
|
|
|
def repository_masters
|
2012-08-11 00:07:50 +02:00
|
|
|
keys = Key.joins({user: :users_projects}).
|
2012-06-07 14:44:57 +02:00
|
|
|
where("users_projects.project_id = ? AND users_projects.project_access = ?", id, UsersProject::MASTER)
|
|
|
|
keys.map(&:identifier)
|
|
|
|
end
|
|
|
|
|
|
|
|
def allow_read_for?(user)
|
2012-08-11 00:07:50 +02:00
|
|
|
!users_projects.where(user_id: user.id).empty?
|
2012-06-07 14:44:57 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
def guest_access_for?(user)
|
2012-08-11 00:07:50 +02:00
|
|
|
!users_projects.where(user_id: user.id).empty?
|
2012-06-07 14:44:57 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
def report_access_for?(user)
|
2012-08-11 00:07:50 +02:00
|
|
|
!users_projects.where(user_id: user.id, project_access: [UsersProject::REPORTER, UsersProject::DEVELOPER, UsersProject::MASTER]).empty?
|
2012-06-07 14:44:57 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
def dev_access_for?(user)
|
2012-08-11 00:07:50 +02:00
|
|
|
!users_projects.where(user_id: user.id, project_access: [UsersProject::DEVELOPER, UsersProject::MASTER]).empty?
|
2012-06-07 14:44:57 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
def master_access_for?(user)
|
2012-10-21 11:12:14 +02:00
|
|
|
!users_projects.where(user_id: user.id, project_access: [UsersProject::MASTER]).empty?
|
2012-06-07 14:44:57 +02:00
|
|
|
end
|
|
|
|
end
|