Refactor authorize method (created service object)

pull/1435/head
Marek Takac 11 years ago
parent cb464d9329
commit 4564bae6f5
  1. 1
      Gemfile
  2. 1
      Gemfile.lock
  3. 47
      app/api/work_packages/work_package_representer.rb
  4. 9
      app/controllers/application_controller.rb
  5. 47
      app/services/authorization_service.rb

@ -143,6 +143,7 @@ gem 'nokogiri', '>=1.5.11'
group :test do
gem 'pry'
gem 'shoulda'
gem 'object-daddy', '~> 1.1.0'
gem "launchy", "~> 2.3.0"

@ -502,6 +502,7 @@ DEPENDENCIES
pg (~> 0.17.1)
prototype-rails
prototype_legacy_helper (= 0.0.0)!
pry
pry-byebug
pry-doc
pry-rails

@ -0,0 +1,47 @@
require 'roar/representer/json'
require 'roar/decorator'
class WorkPackageRepresenter < Roar::Decorator
include Roar::Representer::JSON
include Roar::Representer::Feature::Hypermedia
include Rails.application.routes.url_helpers
property :id
property :subject
property :description
property :type, getter: lambda { |*| self.type.try(:name) }
property :due_date, as: :dueDate, getter: lambda { |*| self.due_date.try(:to_s) }
property :status, getter: lambda { |*| self.status.try(:name) }
property :priority, getter: lambda { |*| self.priority.try(:name) }
property :done_ratio, as: :percentageDone
property :estimated_time, as: :estimatedTime, exec_context: :decorator
property :start_date, as: :startDate, getter: lambda { |*| self.start_date.try(:to_s) }
property :created_at, as: :createdAt, getter: lambda { |*| self.created_at.try(:to_s) }
property :updated_at, as: :updatedAt, getter: lambda { |*| self.updated_at.try(:to_s) }
property :custom_fields, as: :customFields, exec_context: :decorator
property :_type, exec_context: :decorator
property :_links, exec_context: :decorator
def estimated_time
{ units: :hours, value: represented.estimated_hours}
end
def custom_fields
fields = []
represented.custom_field_values.each do |value|
fields << { name: value.custom_field.name, format: value.custom_field.field_format, value: value.value }
end
fields
end
def _type
"WorkPackage"
end
def _links
{
self: { href: api_v3_work_package_path(represented.id) },
update: { href: api_v3_work_package_path(represented.id), method: :put }
}
end
end

@ -288,17 +288,16 @@ class ApplicationController < ActionController::Base
# Authorize the user for the requested action
def authorize(ctrl = params[:controller], action = params[:action], global = false)
allowed = User.current.allowed_to?({ controller: ctrl, action: action },
@project || @projects, :global => global)
if allowed
true
else
is_authorized = AuthorizationService.new(ctrl, action, @project, @projects, global).perform
unless is_authorized
if @project && @project.archived?
render_403 :message => :notice_not_authorized_archived_project
else
deny_access
end
end
is_authorized
end
# Authorize the user for the requested action outside a project

@ -0,0 +1,47 @@
#-- encoding: UTF-8
#-- copyright
# OpenProject is a project management system.
# Copyright (C) 2012-2014 the OpenProject Foundation (OPF)
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
# Copyright (C) 2006-2013 Jean-Philippe Lang
# Copyright (C) 2010-2013 the ChiliProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
# See doc/COPYRIGHT.rdoc for more details.
#++
class AuthorizationService
def initialize(ctrl, action, project, projects, global)
@ctrl = ctrl
@action = action
@project = project
@projects = projects
@global = global
end
def perform
allowed = User.current.allowed_to?({:controller => @ctrl, :action => @action}, @project || @projects, :global => @global)
if allowed
true
else
false
end
end
end
Loading…
Cancel
Save