TheDude
/
openproject
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
OpenProject is the leading open source project management software.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
58898 Commits
139 Branches
203 Tags
1.2 GiB
Tag: Branch: Tree: 57aa62240e
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '57aa62240e'
${ noResults }
openproject/app/models/actions/scopes/default.rb

76 lines
2.5 KiB
Raw Normal View History Unescape

Capabilities API (#9083) * Capabilities API * introduce auxilliary capability model * capability model and query * render in sql * fix pagination * introduce sql representer * extract abstract sql representer class * remove yet unused methods * abstract sql collection representer * contract_actions as part of permissions * filter for capability id - used in GET * id filter validation * remove unused representer * remove unused wp representer * reuse renaming class * add spec for access control * add principal filter to capability * add context filter * extract capability sql into scope * admin gets all capabilities * require to have one filter set to keep performance bearable * consider active project modules for capabilities * limit capability based on principal visiblity and user state * rework capability to be tableless * spec not being allowed to see on request level * add actions to capability representer * add action api * extract sql index endpoint * remove unused class * prepare sending signaling error - not yet frontend exposed * extract show endpoint for sql rendered responses * use UNION for better performance * include navigation links on collections * remove string replacements * extract collection representer into hal sql module * no capabilities when blocked * remove commented out code
4 years ago
#-- copyright
# OpenProject is an open source project management software.
# Copyright (C) 2012-2021 the OpenProject GmbH
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
# Copyright (C) 2006-2013 Jean-Philippe Lang
# Copyright (C) 2010-2013 the ChiliProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
# See docs/COPYRIGHT.rdoc for more details.
#++
module Actions::Scopes
module Default
extend ActiveSupport::Concern
class_methods do
def default
capabilities_sql = <<~SQL
(SELECT id, permission, global, module FROM (VALUES #{action_map}) AS t(id, permission, global, module)) actions
SQL
select('actions.*')
.from(capabilities_sql)
end
private
def action_map
OpenProject::AccessControl
.contract_actions_map
.map { |permission, v| map_actions(permission, v[:actions], v[:global], v[:module]) }
.flatten
.join(', ')
end
def map_actions(permission, actions, global, module_name)
actions.map do |namespace, actions|
actions.map do |action|
values = [quote_string("#{action_v3_name(namespace)}/#{action}"),
quote_string(permission),
global,
module_name ? quote_string(module_name) : 'NULL'].join(', ')
"(#{values})"
end
end
end
def action_v3_name(name)
API::Utilities::PropertyNameConverter.from_ar_name(name.to_s.singularize).pluralize
end
def quote_string(string)
ActiveRecord::Base.connection.quote(string.to_s)
end
end
end
end