authority.rb
1.89 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
# == Authority role
#
# Control access to project repository based on users role in team
#
# Used by Project
#
module Authority
# Compatible with all access rights
# Should be rewrited for new access rights
def add_access(user, *access)
access = if access.include?(:admin)
{ project_access: UsersProject::MASTER }
elsif access.include?(:write)
{ project_access: UsersProject::DEVELOPER }
else
{ project_access: UsersProject::REPORTER }
end
opts = { user: user }
opts.merge!(access)
users_projects.create(opts)
end
def reset_access(user)
users_projects.where(project_id: self.id, user_id: user.id).destroy if self.id
end
def repository_readers
repository_members[UsersProject::REPORTER]
end
def repository_writers
repository_members[UsersProject::DEVELOPER]
end
def repository_masters
repository_members[UsersProject::MASTER]
end
def repository_members
keys = Hash.new {|h,k| h[k] = [] }
UsersProject.select("keys.identifier, project_access").
joins(user: :keys).where(project_id: id).
each {|row| keys[row.project_access] << [row.identifier] }
keys[UsersProject::REPORTER] += deploy_keys.pluck(:identifier)
keys
end
def allow_read_for?(user)
!users_projects.where(user_id: user.id).empty?
end
def guest_access_for?(user)
!users_projects.where(user_id: user.id).empty?
end
def report_access_for?(user)
!users_projects.where(user_id: user.id, project_access: [UsersProject::REPORTER, UsersProject::DEVELOPER, UsersProject::MASTER]).empty?
end
def dev_access_for?(user)
!users_projects.where(user_id: user.id, project_access: [UsersProject::DEVELOPER, UsersProject::MASTER]).empty?
end
def master_access_for?(user)
!users_projects.where(user_id: user.id, project_access: [UsersProject::MASTER]).empty?
end
end