Refactor roles

This commit is contained in:
Martin Lensment 2015-01-20 17:49:14 +02:00
parent b527221baf
commit b0eb6798b0
16 changed files with 155 additions and 223 deletions

View file

@ -54,7 +54,6 @@ class Admin::UsersController < AdminController
end end
def user_params def user_params
params.require(:user).permit(:username, :password, :identity_code, :email, params.require(:user).permit(:username, :password, :identity_code, :email, :country_id, { roles: [] })
:role_id, :country_id)
end end
end end

View file

@ -1,22 +1,30 @@
class Ability class Ability
include CanCan::Ability include CanCan::Ability
# rubocop: disable Metrics/MethodLength
# rubocop: disable Metrics/CyclomaticComplexity
def initialize(user) def initialize(user)
alias_action :create, :read, :update, :destroy, to: :crud alias_action :create, :read, :update, :destroy, to: :crud
user ||= User.new @user = user || User.new
@user.roles.each { |role| send(role) } if @user.roles
admin_role = (user.role.try(:code) == 'admin') if @user.roles.nil? || @user.roles.empty?
user_role = (user.role.try(:code) == 'user') can :show, :dashboard
customer_service_role = (user.role.try(:code) == 'customer_service') end
no_role = user.role.nil? end
if admin_role def user
can :show, :dashboard
end
def customer_service
user
can :manage, Domain can :manage, Domain
can :manage, Contact can :manage, Contact
can :manage, Registrar can :manage, Registrar
end
def admin
customer_service
can :manage, Setting can :manage, Setting
can :manage, ZonefileSetting can :manage, ZonefileSetting
can :manage, DomainVersion can :manage, DomainVersion
@ -29,44 +37,5 @@ class Ability
can :index, :delayed_job can :index, :delayed_job
can :create, :zonefile can :create, :zonefile
can :access, :settings_menu can :access, :settings_menu
elsif customer_service_role
can :manage, Domain
can :manage, Contact
can :manage, Registrar
elsif user_role
elsif no_role
can :show, :dashboard
end end
can :show, :dashboard if user.persisted?
# Define abilities for the passed in user here. For example:
#
# user ||= User.new # guest user (not logged in)
# if user.admin?
# can :manage, :all
# else
# can :read, :all
# end
#
# The first argument to `can` is the action you are giving the user
# permission to do.
# If you pass :manage it will apply to every action. Other common actions
# here are :read, :create, :update and :destroy.
#
# The second argument is the resource the user can perform the action on.
# If you pass :all it will apply to every resource. Otherwise pass a Ruby
# class of the resource.
#
# The third argument is an optional hash of conditions to further filter the
# objects.
# For example, here the user can only update published articles.
#
# can :update, Article, :published => true
#
# See the wiki for details:
# https://github.com/ryanb/cancan/wiki/Defining-Abilities
end
# rubocop: enable Metrics/MethodLength
# rubocop: enable Metrics/CyclomaticComplexity
end end

View file

@ -1,5 +0,0 @@
class Right < ActiveRecord::Base
# rubocop: disable Rails/HasAndBelongsToMany
has_and_belongs_to_many :roles
# rubocop: enable Rails/HasAndBelongsToMany
end

View file

@ -1,12 +0,0 @@
class Role < ActiveRecord::Base
has_many :users
# rubocop: disable Rails/HasAndBelongsToMany
has_and_belongs_to_many :rights
# rubocop: enbale Rails/HasAndBelongsToMany
validates :code, uniqueness: true
def to_s
code
end
end

View file

@ -6,7 +6,6 @@ class User < ActiveRecord::Base
# After activisation, system should require to change temp password. # After activisation, system should require to change temp password.
# TODO: Estonian id validation # TODO: Estonian id validation
belongs_to :role
belongs_to :country belongs_to :country
validates :username, :password, presence: true validates :username, :password, presence: true
@ -16,6 +15,8 @@ class User < ActiveRecord::Base
validate :validate_identity_code validate :validate_identity_code
ROLES = ['user', 'customer_service', 'admin']
def to_s def to_s
username username
end end

View file

@ -26,8 +26,8 @@
= f.label :email = f.label :email
= f.text_field(:email, class: 'form-control') = f.text_field(:email, class: 'form-control')
.form-group .form-group
= f.label :role_id = f.label :role
= f.select(:role_id, Role.all.map {|x| [t(x.code), x.id] }, {}, { class: 'form-control selectize' }) = select_tag 'user[roles][]', options_for_select(User::ROLES.map {|x| [t(x), x] }, @user.roles.try(:first)), class: 'form-control selectize'
%hr %hr
.row .row

View file

@ -25,8 +25,8 @@
%td= link_to(x, [:admin, x]) %td= link_to(x, [:admin, x])
%td= x.email %td= x.email
%td= x.identity_code %td= x.identity_code
- if x.role - if x.roles
%td= t(x.role) %td= t(x.roles.first)
- else - else
%td %td
.row .row

View file

@ -40,7 +40,7 @@
%dd= @user.email %dd= @user.email
%dt= t('role') %dt= t('role')
- if @user.role - if @user.roles
%dd= t(@user.role) %dd= t(@user.roles.first)
- else - else
%dd %dd

View file

@ -0,0 +1,16 @@
class RefactorRoles < ActiveRecord::Migration
def change
add_column :users, :roles, :string, array: true
User.all.each do |x|
x.roles = [x.role.code]
x.save
end
remove_column :users, :role_id
drop_table :roles
drop_table :rights
drop_table :rights_roles
end
end

View file

@ -11,16 +11,16 @@
# #
# It's strongly recommended that you check this file into your version control system. # It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 20150109081914) do ActiveRecord::Schema.define(version: 20150120140346) do
# These are extensions that must be enabled in order to support this database # These are extensions that must be enabled in order to support this database
enable_extension "plpgsql" enable_extension "plpgsql"
create_table "address_versions", force: :cascade do |t| create_table "address_versions", force: :cascade do |t|
t.string "item_type", null: false t.string "item_type", limit: 255, null: false
t.integer "item_id", null: false t.integer "item_id", null: false
t.string "event", null: false t.string "event", limit: 255, null: false
t.string "whodunnit" t.string "whodunnit", limit: 255
t.text "object" t.text "object"
t.datetime "created_at" t.datetime "created_at"
end end
@ -30,13 +30,13 @@ ActiveRecord::Schema.define(version: 20150109081914) do
create_table "addresses", force: :cascade do |t| create_table "addresses", force: :cascade do |t|
t.integer "contact_id" t.integer "contact_id"
t.integer "country_id" t.integer "country_id"
t.string "city" t.string "city", limit: 255
t.string "street" t.string "street", limit: 255
t.string "zip" t.string "zip", limit: 255
t.datetime "created_at" t.datetime "created_at"
t.datetime "updated_at" t.datetime "updated_at"
t.string "street2" t.string "street2", limit: 255
t.string "street3" t.string "street3", limit: 255
end end
create_table "cached_nameservers", id: false, force: :cascade do |t| create_table "cached_nameservers", id: false, force: :cascade do |t|
@ -60,18 +60,18 @@ ActiveRecord::Schema.define(version: 20150109081914) do
end end
create_table "contact_statuses", force: :cascade do |t| create_table "contact_statuses", force: :cascade do |t|
t.string "value" t.string "value", limit: 255
t.string "description" t.string "description", limit: 255
t.integer "contact_id" t.integer "contact_id"
t.datetime "created_at" t.datetime "created_at"
t.datetime "updated_at" t.datetime "updated_at"
end end
create_table "contact_versions", force: :cascade do |t| create_table "contact_versions", force: :cascade do |t|
t.string "item_type", null: false t.string "item_type", limit: 255, null: false
t.integer "item_id", null: false t.integer "item_id", null: false
t.string "event", null: false t.string "event", limit: 255, null: false
t.string "whodunnit" t.string "whodunnit", limit: 255
t.text "object" t.text "object"
t.datetime "created_at" t.datetime "created_at"
end end
@ -79,27 +79,27 @@ ActiveRecord::Schema.define(version: 20150109081914) do
add_index "contact_versions", ["item_type", "item_id"], name: "index_contact_versions_on_item_type_and_item_id", using: :btree add_index "contact_versions", ["item_type", "item_id"], name: "index_contact_versions_on_item_type_and_item_id", using: :btree
create_table "contacts", force: :cascade do |t| create_table "contacts", force: :cascade do |t|
t.string "code" t.string "code", limit: 255
t.string "type" t.string "type", limit: 255
t.string "reg_no" t.string "reg_no", limit: 255
t.string "phone" t.string "phone", limit: 255
t.string "email" t.string "email", limit: 255
t.string "fax" t.string "fax", limit: 255
t.datetime "created_at" t.datetime "created_at"
t.datetime "updated_at" t.datetime "updated_at"
t.string "ident" t.string "ident", limit: 255
t.string "ident_type" t.string "ident_type", limit: 255
t.integer "created_by_id" t.integer "created_by_id"
t.integer "updated_by_id" t.integer "updated_by_id"
t.string "auth_info" t.string "auth_info", limit: 255
t.string "name" t.string "name", limit: 255
t.string "org_name" t.string "org_name", limit: 255
t.integer "registrar_id" t.integer "registrar_id"
end end
create_table "countries", force: :cascade do |t| create_table "countries", force: :cascade do |t|
t.string "iso" t.string "iso", limit: 255
t.string "name" t.string "name", limit: 255
t.datetime "created_at" t.datetime "created_at"
t.datetime "updated_at" t.datetime "updated_at"
end end
@ -112,8 +112,8 @@ ActiveRecord::Schema.define(version: 20150109081914) do
t.datetime "run_at" t.datetime "run_at"
t.datetime "locked_at" t.datetime "locked_at"
t.datetime "failed_at" t.datetime "failed_at"
t.string "locked_by" t.string "locked_by", limit: 255
t.string "queue" t.string "queue", limit: 255
t.datetime "created_at" t.datetime "created_at"
t.datetime "updated_at" t.datetime "updated_at"
end end
@ -122,10 +122,10 @@ ActiveRecord::Schema.define(version: 20150109081914) do
create_table "delegation_signers", force: :cascade do |t| create_table "delegation_signers", force: :cascade do |t|
t.integer "domain_id" t.integer "domain_id"
t.string "key_tag" t.string "key_tag", limit: 255
t.integer "alg" t.integer "alg"
t.integer "digest_type" t.integer "digest_type"
t.string "digest" t.string "digest", limit: 255
end end
create_table "dnskeys", force: :cascade do |t| create_table "dnskeys", force: :cascade do |t|
@ -135,26 +135,26 @@ ActiveRecord::Schema.define(version: 20150109081914) do
t.integer "alg" t.integer "alg"
t.text "public_key" t.text "public_key"
t.integer "delegation_signer_id" t.integer "delegation_signer_id"
t.string "ds_key_tag" t.string "ds_key_tag", limit: 255
t.integer "ds_alg" t.integer "ds_alg"
t.integer "ds_digest_type" t.integer "ds_digest_type"
t.string "ds_digest" t.string "ds_digest", limit: 255
end end
create_table "domain_contacts", force: :cascade do |t| create_table "domain_contacts", force: :cascade do |t|
t.integer "contact_id" t.integer "contact_id"
t.integer "domain_id" t.integer "domain_id"
t.string "contact_type" t.string "contact_type", limit: 255
t.datetime "created_at" t.datetime "created_at"
t.datetime "updated_at" t.datetime "updated_at"
t.string "contact_code_cache" t.string "contact_code_cache", limit: 255
end end
create_table "domain_status_versions", force: :cascade do |t| create_table "domain_status_versions", force: :cascade do |t|
t.string "item_type", null: false t.string "item_type", limit: 255, null: false
t.integer "item_id", null: false t.integer "item_id", null: false
t.string "event", null: false t.string "event", limit: 255, null: false
t.string "whodunnit" t.string "whodunnit", limit: 255
t.text "object" t.text "object"
t.datetime "created_at" t.datetime "created_at"
end end
@ -163,13 +163,13 @@ ActiveRecord::Schema.define(version: 20150109081914) do
create_table "domain_statuses", force: :cascade do |t| create_table "domain_statuses", force: :cascade do |t|
t.integer "domain_id" t.integer "domain_id"
t.string "description" t.string "description", limit: 255
t.string "value" t.string "value", limit: 255
end end
create_table "domain_transfers", force: :cascade do |t| create_table "domain_transfers", force: :cascade do |t|
t.integer "domain_id" t.integer "domain_id"
t.string "status" t.string "status", limit: 255
t.datetime "transfer_requested_at" t.datetime "transfer_requested_at"
t.datetime "transferred_at" t.datetime "transferred_at"
t.integer "transfer_from_id" t.integer "transfer_from_id"
@ -180,10 +180,10 @@ ActiveRecord::Schema.define(version: 20150109081914) do
end end
create_table "domain_versions", force: :cascade do |t| create_table "domain_versions", force: :cascade do |t|
t.string "item_type", null: false t.string "item_type", limit: 255, null: false
t.integer "item_id", null: false t.integer "item_id", null: false
t.string "event", null: false t.string "event", limit: 255, null: false
t.string "whodunnit" t.string "whodunnit", limit: 255
t.text "object" t.text "object"
t.datetime "created_at" t.datetime "created_at"
t.text "snapshot" t.text "snapshot"
@ -192,24 +192,24 @@ ActiveRecord::Schema.define(version: 20150109081914) do
add_index "domain_versions", ["item_type", "item_id"], name: "index_domain_versions_on_item_type_and_item_id", using: :btree add_index "domain_versions", ["item_type", "item_id"], name: "index_domain_versions_on_item_type_and_item_id", using: :btree
create_table "domains", force: :cascade do |t| create_table "domains", force: :cascade do |t|
t.string "name" t.string "name", limit: 255
t.integer "registrar_id" t.integer "registrar_id"
t.datetime "registered_at" t.datetime "registered_at"
t.string "status" t.string "status", limit: 255
t.datetime "valid_from" t.datetime "valid_from"
t.datetime "valid_to" t.datetime "valid_to"
t.integer "owner_contact_id" t.integer "owner_contact_id"
t.string "auth_info" t.string "auth_info", limit: 255
t.datetime "created_at" t.datetime "created_at"
t.datetime "updated_at" t.datetime "updated_at"
t.string "name_dirty" t.string "name_dirty", limit: 255
t.string "name_puny" t.string "name_puny", limit: 255
t.integer "period" t.integer "period"
t.string "period_unit", limit: 1 t.string "period_unit", limit: 1
end end
create_table "epp_sessions", force: :cascade do |t| create_table "epp_sessions", force: :cascade do |t|
t.string "session_id" t.string "session_id", limit: 255
t.text "data" t.text "data"
t.datetime "created_at" t.datetime "created_at"
t.datetime "updated_at" t.datetime "updated_at"
@ -220,8 +220,8 @@ ActiveRecord::Schema.define(version: 20150109081914) do
create_table "epp_users", force: :cascade do |t| create_table "epp_users", force: :cascade do |t|
t.integer "registrar_id" t.integer "registrar_id"
t.string "username" t.string "username", limit: 255
t.string "password" t.string "password", limit: 255
t.boolean "active", default: false t.boolean "active", default: false
t.text "csr" t.text "csr"
t.text "crt" t.text "crt"
@ -232,12 +232,12 @@ ActiveRecord::Schema.define(version: 20150109081914) do
create_table "keyrelays", force: :cascade do |t| create_table "keyrelays", force: :cascade do |t|
t.integer "domain_id" t.integer "domain_id"
t.datetime "pa_date" t.datetime "pa_date"
t.string "key_data_flags" t.string "key_data_flags", limit: 255
t.string "key_data_protocol" t.string "key_data_protocol", limit: 255
t.string "key_data_alg" t.string "key_data_alg", limit: 255
t.text "key_data_public_key" t.text "key_data_public_key"
t.string "auth_info_pw" t.string "auth_info_pw", limit: 255
t.string "expiry_relative" t.string "expiry_relative", limit: 255
t.datetime "expiry_absolute" t.datetime "expiry_absolute"
t.integer "requester_id" t.integer "requester_id"
t.integer "accepter_id" t.integer "accepter_id"
@ -246,29 +246,29 @@ ActiveRecord::Schema.define(version: 20150109081914) do
end end
create_table "legal_documents", force: :cascade do |t| create_table "legal_documents", force: :cascade do |t|
t.string "document_type" t.string "document_type", limit: 255
t.text "body" t.text "body"
t.integer "documentable_id" t.integer "documentable_id"
t.string "documentable_type" t.string "documentable_type", limit: 255
t.datetime "created_at" t.datetime "created_at"
t.datetime "updated_at" t.datetime "updated_at"
end end
create_table "messages", force: :cascade do |t| create_table "messages", force: :cascade do |t|
t.integer "registrar_id" t.integer "registrar_id"
t.string "body" t.string "body", limit: 255
t.string "attached_obj_type" t.string "attached_obj_type", limit: 255
t.string "attached_obj_id" t.string "attached_obj_id", limit: 255
t.boolean "queued" t.boolean "queued"
t.datetime "created_at" t.datetime "created_at"
t.datetime "updated_at" t.datetime "updated_at"
end end
create_table "nameserver_versions", force: :cascade do |t| create_table "nameserver_versions", force: :cascade do |t|
t.string "item_type", null: false t.string "item_type", limit: 255, null: false
t.integer "item_id", null: false t.integer "item_id", null: false
t.string "event", null: false t.string "event", limit: 255, null: false
t.string "whodunnit" t.string "whodunnit", limit: 255
t.text "object" t.text "object"
t.datetime "created_at" t.datetime "created_at"
end end
@ -276,50 +276,33 @@ ActiveRecord::Schema.define(version: 20150109081914) do
add_index "nameserver_versions", ["item_type", "item_id"], name: "index_nameserver_versions_on_item_type_and_item_id", using: :btree add_index "nameserver_versions", ["item_type", "item_id"], name: "index_nameserver_versions_on_item_type_and_item_id", using: :btree
create_table "nameservers", force: :cascade do |t| create_table "nameservers", force: :cascade do |t|
t.string "hostname" t.string "hostname", limit: 255
t.string "ipv4" t.string "ipv4", limit: 255
t.datetime "created_at" t.datetime "created_at"
t.datetime "updated_at" t.datetime "updated_at"
t.string "ipv6" t.string "ipv6", limit: 255
t.integer "domain_id" t.integer "domain_id"
end end
create_table "registrars", force: :cascade do |t| create_table "registrars", force: :cascade do |t|
t.string "name" t.string "name", limit: 255
t.string "reg_no" t.string "reg_no", limit: 255
t.string "vat_no" t.string "vat_no", limit: 255
t.string "address" t.string "address", limit: 255
t.integer "country_id" t.integer "country_id"
t.string "billing_address" t.string "billing_address", limit: 255
t.datetime "created_at" t.datetime "created_at"
t.datetime "updated_at" t.datetime "updated_at"
end end
create_table "reserved_domains", force: :cascade do |t| create_table "reserved_domains", force: :cascade do |t|
t.string "name" t.string "name", limit: 255
t.datetime "created_at"
t.datetime "updated_at"
end
create_table "rights", force: :cascade do |t|
t.string "code"
t.datetime "created_at"
t.datetime "updated_at"
end
create_table "rights_roles", force: :cascade do |t|
t.integer "right_id"
t.integer "role_id"
end
create_table "roles", force: :cascade do |t|
t.string "code"
t.datetime "created_at" t.datetime "created_at"
t.datetime "updated_at" t.datetime "updated_at"
end end
create_table "settings", force: :cascade do |t| create_table "settings", force: :cascade do |t|
t.string "var", null: false t.string "var", limit: 255, null: false
t.text "value" t.text "value"
t.integer "thing_id" t.integer "thing_id"
t.string "thing_type", limit: 30 t.string "thing_type", limit: 30
@ -330,26 +313,26 @@ ActiveRecord::Schema.define(version: 20150109081914) do
add_index "settings", ["thing_type", "thing_id", "var"], name: "index_settings_on_thing_type_and_thing_id_and_var", unique: true, using: :btree add_index "settings", ["thing_type", "thing_id", "var"], name: "index_settings_on_thing_type_and_thing_id_and_var", unique: true, using: :btree
create_table "users", force: :cascade do |t| create_table "users", force: :cascade do |t|
t.string "username" t.string "username", limit: 255
t.string "password" t.string "password", limit: 255
t.integer "role_id"
t.datetime "created_at" t.datetime "created_at"
t.datetime "updated_at" t.datetime "updated_at"
t.string "email" t.string "email", limit: 255
t.integer "sign_in_count", default: 0, null: false t.integer "sign_in_count", default: 0, null: false
t.datetime "current_sign_in_at" t.datetime "current_sign_in_at"
t.datetime "last_sign_in_at" t.datetime "last_sign_in_at"
t.inet "current_sign_in_ip" t.inet "current_sign_in_ip"
t.inet "last_sign_in_ip" t.inet "last_sign_in_ip"
t.string "identity_code" t.string "identity_code", limit: 255
t.integer "country_id" t.integer "country_id"
t.string "roles", array: true
end end
create_table "versions", force: :cascade do |t| create_table "versions", force: :cascade do |t|
t.string "item_type", null: false t.string "item_type", limit: 255, null: false
t.integer "item_id", null: false t.integer "item_id", null: false
t.string "event", null: false t.string "event", limit: 255, null: false
t.string "whodunnit" t.string "whodunnit", limit: 255
t.text "object" t.text "object"
t.datetime "created_at" t.datetime "created_at"
end end
@ -357,14 +340,14 @@ ActiveRecord::Schema.define(version: 20150109081914) do
add_index "versions", ["item_type", "item_id"], name: "index_versions_on_item_type_and_item_id", using: :btree add_index "versions", ["item_type", "item_id"], name: "index_versions_on_item_type_and_item_id", using: :btree
create_table "zonefile_settings", force: :cascade do |t| create_table "zonefile_settings", force: :cascade do |t|
t.string "origin" t.string "origin", limit: 255
t.integer "ttl" t.integer "ttl"
t.integer "refresh" t.integer "refresh"
t.integer "retry" t.integer "retry"
t.integer "expire" t.integer "expire"
t.integer "minimum_ttl" t.integer "minimum_ttl"
t.string "email" t.string "email", limit: 255
t.string "master_nameserver" t.string "master_nameserver", limit: 255
t.datetime "created_at" t.datetime "created_at"
t.datetime "updated_at" t.datetime "updated_at"
end end

View file

@ -61,9 +61,5 @@ User.where(
country: Country.where(name: 'Estonia').first country: Country.where(name: 'Estonia').first
).first_or_create ).first_or_create
Role.create(code: 'admin') User.update_all(roles: ['admin'])
Role.create(code: 'user')
Role.create(code: 'customer_service')
User.update_all(role_id: Role.first.id)
# Setting.whois_enabled = true only uncomment this if you wish whois # Setting.whois_enabled = true only uncomment this if you wish whois

View file

@ -1,3 +0,0 @@
Fabricator(:role) do
code 'admin'
end

View file

@ -4,5 +4,5 @@ Fabricator(:user) do
email 'info@gitlab.eu' email 'info@gitlab.eu'
identity_code '37810013108' identity_code '37810013108'
country country
role roles ['admin']
end end

View file

@ -1,5 +0,0 @@
require 'rails_helper'
describe Right do
it { should have_and_belong_to_many(:roles) }
end

View file

@ -1,5 +0,0 @@
require 'rails_helper'
describe Role do
it { should have_and_belong_to_many(:rights) }
end

View file

@ -2,8 +2,6 @@ require 'rails_helper'
require 'cancan/matchers' require 'cancan/matchers'
describe User do describe User do
it { should belong_to(:role) }
describe 'abilities' do describe 'abilities' do
subject(:ability) { Ability.new(user) } subject(:ability) { Ability.new(user) }
let(:user) { nil } let(:user) { nil }
@ -29,7 +27,7 @@ describe User do
end end
context 'when user is customer service' do context 'when user is customer service' do
let(:user) { Fabricate(:user, role: Role.new(code: 'customer_service')) } let(:user) { Fabricate(:user, roles: ['customer_service']) }
it { should be_able_to(:manage, Domain.new) } it { should be_able_to(:manage, Domain.new) }
it { should be_able_to(:manage, Contact.new) } it { should be_able_to(:manage, Contact.new) }