Class: Role

Inherits:
ActiveRecord::Base
  • Object
show all
Defined in:
app/models/role.rb

Overview

Redmine - project management software Copyright (C) 2006-2014 Jean-Philippe Lang

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

Defined Under Namespace

Classes: PermissionsAttributeCoder

Constant Summary collapse

BUILTIN_NON_MEMBER =

Built-in roles

1
BUILTIN_ANONYMOUS =
2
ISSUES_VISIBILITY_OPTIONS =
[
  ['all', :label_issues_visibility_all],
  ['default', :label_issues_visibility_public],
  ['own', :label_issues_visibility_own]
]
USERS_VISIBILITY_OPTIONS =
[
  ['all', :label_users_visibility_all],
  ['members_of_visible_projects', :label_users_visibility_members_of_visible_projects]
]

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.anonymousObject

Return the builtin 'anonymous' role. If the role doesn't exist, it will be created on the fly.


192
193
194
# File 'app/models/role.rb', line 192

def self.anonymous
  find_or_create_system_role(BUILTIN_ANONYMOUS, 'Anonymous')
end

.find_all_givableObject

Find all the roles that can be given to a project member


180
181
182
# File 'app/models/role.rb', line 180

def self.find_all_givable
  Role.givable.to_a
end

.non_memberObject

Return the builtin 'non member' role. If the role doesn't exist, it will be created on the fly.


186
187
188
# File 'app/models/role.rb', line 186

def self.non_member
  find_or_create_system_role(BUILTIN_NON_MEMBER, 'Non member')
end

Instance Method Details

#<=>(role) ⇒ Object


120
121
122
123
124
125
126
127
128
129
130
# File 'app/models/role.rb', line 120

def <=>(role)
  if role
    if builtin == role.builtin
      position <=> role.position
    else
      builtin <=> role.builtin
    end
  else
    -1
  end
end

#add_permission!(*perms) ⇒ Object


93
94
95
96
97
98
99
100
101
102
# File 'app/models/role.rb', line 93

def add_permission!(*perms)
  self.permissions = [] unless permissions.is_a?(Array)

  permissions_will_change!
  perms.each do |p|
    p = p.to_sym
    permissions << p unless permissions.include?(p)
  end
  save!
end

#allowed_to?(action) ⇒ Boolean

Return true if role is allowed to do the specified action action can be:

  • a parameter-like Hash (eg. :controller => 'projects', :action => 'edit')

  • a permission Symbol (eg. :edit_project)

Returns:

  • (Boolean)

163
164
165
166
167
168
169
# File 'app/models/role.rb', line 163

def allowed_to?(action)
  if action.is_a? Hash
    allowed_actions.include? "#{action[:controller]}/#{action[:action]}"
  else
    allowed_permissions.include? action
  end
end

#anonymous?Boolean

Return true if the role is the anonymous role

Returns:

  • (Boolean)

150
151
152
# File 'app/models/role.rb', line 150

def anonymous?
  builtin == 2
end

#builtin?Boolean

Return true if the role is a builtin role

Returns:

  • (Boolean)

145
146
147
# File 'app/models/role.rb', line 145

def builtin?
  self.builtin != 0
end

#consider_workflow?Boolean

Returns:

  • (Boolean)

116
117
118
# File 'app/models/role.rb', line 116

def consider_workflow?
  has_permission?(:add_issues) || has_permission?(:edit_issues)
end

#copy_from(arg, options = {}) ⇒ Object

Copies attributes from another role, arg can be an id or a Role


80
81
82
83
84
85
86
# File 'app/models/role.rb', line 80

def copy_from(arg, options={})
  return unless arg.present?
  role = arg.is_a?(Role) ? arg : Role.find_by_id(arg.to_s)
  self.attributes = role.attributes.dup.except("id", "name", "position", "builtin", "permissions")
  self.permissions = role.permissions.dup
  self
end

#has_permission?(perm) ⇒ Boolean

Returns true if the role has the given permission

Returns:

  • (Boolean)

112
113
114
# File 'app/models/role.rb', line 112

def has_permission?(perm)
  !permissions.nil? && permissions.include?(perm.to_sym)
end

#member?Boolean

Return true if the role is a project member role

Returns:

  • (Boolean)

155
156
157
# File 'app/models/role.rb', line 155

def member?
  !self.builtin?
end

#nameObject


136
137
138
139
140
141
142
# File 'app/models/role.rb', line 136

def name
  case builtin
  when 1; l(:label_role_non_member, :default => read_attribute(:name))
  when 2; l(:label_role_anonymous,  :default => read_attribute(:name))
  else; read_attribute(:name)
  end
end

#permissions=(perms) ⇒ Object


88
89
90
91
# File 'app/models/role.rb', line 88

def permissions=(perms)
  perms = perms.collect {|p| p.to_sym unless p.blank? }.compact.uniq if perms
  write_attribute(:permissions, perms)
end

#remove_permission!(*perms) ⇒ Object


104
105
106
107
108
109
# File 'app/models/role.rb', line 104

def remove_permission!(*perms)
  return unless permissions.is_a?(Array)
  permissions_will_change!
  perms.each { |p| permissions.delete(p.to_sym) }
  save!
end

#setable_permissionsObject

Return all the permissions that can be given to the role


172
173
174
175
176
177
# File 'app/models/role.rb', line 172

def setable_permissions
  setable_permissions = Redmine::AccessControl.permissions - Redmine::AccessControl.public_permissions
  setable_permissions -= Redmine::AccessControl.members_only_permissions if self.builtin == BUILTIN_NON_MEMBER
  setable_permissions -= Redmine::AccessControl.loggedin_only_permissions if self.builtin == BUILTIN_ANONYMOUS
  setable_permissions
end

#to_sObject


132
133
134
# File 'app/models/role.rb', line 132

def to_s
  name
end