rooty/fab-manager
1
0
Fork 0
mirror of https://github.com/LaCasemate/fab-manager.git synced 2025-02-19 13:54:25 +01:00
Code Issues Releases Activity

refactored roles methods to match ruby conventions

Browse Source
This commit is contained in:
Sylvain 2019-01-14 12:57:31 +01:00
parent 0927336956
commit f6e236aeb5
57 changed files with 104 additions and 102 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/api/admins_controller.rb
View File

@ -34,7 +34,7 @@ class API::AdminsController < API::ApiController
def destroy
@admin = User.admins.find(params[:id])
if current_user.is_admin? and @admin != current_user
if current_user.admin? and @admin != current_user
@admin.destroy
head :no_content
else

10
app/controllers/api/availabilities_controller.rb
View File

@ -139,14 +139,14 @@ class API::AvailabilitiesController < API::ApiController
else
current_user
end
@current_user_role = current_user.is_admin? ? 'admin' : 'user'
@current_user_role = current_user.admin? ? 'admin' : 'user'
@machine = Machine.friendly.find(params[:machine_id])
@slots = []
@reservations = Reservation.where('reservable_type = ? and reservable_id = ?', @machine.class.to_s, @machine.id)
.includes(:slots, user: [:profile])
.references(:slots, :user)
.where('slots.start_at > ?', Time.now)
if @user.is_admin?
if @user.admin?
@availabilities = @machine.availabilities.includes(:tags)
.where("end_at > ? AND available_type = 'machines'", Time.now)
.where(lock: false)
@ -201,7 +201,7 @@ class API::AvailabilitiesController < API::ApiController
# who made the request?
# 1) an admin (he can see all future availabilities)
if current_user.is_admin?
if current_user.admin?
@availabilities = @availabilities.includes(:tags, :slots, trainings: [:machines])
.where('availabilities.start_at > ?', Time.now)
.where(lock: false)
@ -227,13 +227,13 @@ class API::AvailabilitiesController < API::ApiController
else
current_user
end
@current_user_role = current_user.is_admin? ? 'admin' : 'user'
@current_user_role = current_user.admin? ? 'admin' : 'user'
@space = Space.friendly.find(params[:space_id])
@slots = []
@reservations = Reservation.where('reservable_type = ? and reservable_id = ?', @space.class.to_s, @space.id)
.includes(:slots, user: [:profile]).references(:slots, :user)
.where('slots.start_at > ?', Time.now)
if current_user.is_admin?
if current_user.admin?
@availabilities = @space.availabilities.includes(:tags)
.where("end_at > ? AND available_type = 'space'", Time.now)
.where(lock: false)

2
app/controllers/api/coupons_controller.rb
View File

@ -24,7 +24,7 @@ class API::CouponsController < API::ApiController
if @coupon.nil?
render json: {status: 'rejected'}, status: :not_found
else
if !current_user.is_admin?
if !current_user.admin?
_user_id = current_user.id
else
_user_id = params[:user_id]

2
app/controllers/api/events_controller.rb
View File

@ -11,7 +11,7 @@ class API::EventsController < API::ApiController
@events = @events.joins(:event_themes).where('event_themes.id = :theme', theme: params[:theme_id]) if params[:theme_id]
@events = @events.where('age_range_id = :age_range', age_range: params[:age_range_id]) if params[:age_range_id]
if current_user and current_user.is_admin?
if current_user and current_user.admin?
case params[:scope]
when 'future'
@events = @events.where('availabilities.start_at >= ?', Time.now).order('availabilities.start_at DESC')

2
app/controllers/api/groups_controller.rb
View File

@ -2,7 +2,7 @@ class API::GroupsController < API::ApiController
before_action :authenticate_user!, except: :index
def index
if current_user and current_user.is_admin?
if current_user and current_user.admin?
@groups = Group.all
else
@groups = Group.where.not(slug: 'admins')

6
app/controllers/api/members_controller.rb
View File

@ -43,7 +43,7 @@ class API::MembersController < API::ApiController
# if the user is created by an admin and the authentication is made through an SSO, generate a migration token
if current_user.is_admin? and AuthProvider.active.providable_type != DatabaseProvider.name
if current_user.admin? and AuthProvider.active.providable_type != DatabaseProvider.name
@member.generate_auth_migration_token
end
@ -226,7 +226,7 @@ class API::MembersController < API::ApiController
.where("users.is_active = 'true' AND roles.name = 'member'")
.where("lower(f_unaccent(profiles.first_name)) ~ regexp_replace(:search, E'\\\\s+', '|') OR lower(f_unaccent(profiles.last_name)) ~ regexp_replace(:search, E'\\\\s+', '|')", search: params[:query].downcase)
if current_user.is_member?
if current_user.member?
# non-admin can only retrieve users with "public profiles"
@members = @members.where("users.is_allow_contact = 'true'")
else
@ -266,7 +266,7 @@ class API::MembersController < API::ApiController
organization_attributes: [:id, :name,
address_attributes: %i[id address]]])
elsif current_user.is_admin?
elsif current_user.admin?
params.require(:user).permit(:username, :email, :password, :password_confirmation,
:is_allow_contact, :is_allow_newsletter, :group_id,
training_ids: [], tag_ids: [],

2
app/controllers/api/prices_controller.rb
View File

@ -44,7 +44,7 @@ class API::PricesController < API::ApiController
@amount = {elements: nil, total: 0, before_coupon: 0}
else
_reservable = _price_params[:reservable_type].constantize.find(_price_params[:reservable_id])
@amount = Price.compute(current_user.is_admin?, _user, _reservable, _price_params[:slots_attributes] || [], _price_params[:plan_id], _price_params[:nb_reserve_places], _price_params[:tickets_attributes], coupon_params[:coupon_code])
@amount = Price.compute(current_user.admin?, _user, _reservable, _price_params[:slots_attributes] || [], _price_params[:plan_id], _price_params[:nb_reserve_places], _price_params[:tickets_attributes], coupon_params[:coupon_code])
end

8
app/controllers/api/reservations_controller.rb
View File

@ -5,10 +5,10 @@ class API::ReservationsController < API::ApiController
def index
if params[:reservable_id] && params[:reservable_type] && params[:user_id]
params[:user_id] = current_user.id unless current_user.is_admin?
params[:user_id] = current_user.id unless current_user.admin?
@reservations = Reservation.where(params.permit(:reservable_id, :reservable_type, :user_id))
elsif params[:reservable_id] && params[:reservable_type] && current_user.is_admin?
elsif params[:reservable_id] && params[:reservable_type] && current_user.admin?
@reservations = Reservation.where(params.permit(:reservable_id, :reservable_type))
else
@reservations = []
@ -18,8 +18,8 @@ class API::ReservationsController < API::ApiController
def show; end
def create
method = current_user.is_admin? ? :local : :stripe
user_id = current_user.is_admin? ? reservation_params[:user_id] : current_user.id
method = current_user.admin? ? :local : :stripe
user_id = current_user.admin? ? reservation_params[:user_id] : current_user.id
@reservation = Reservation.new(reservation_params)
is_reserve = Reservations::Reserve.new(user_id)

4
app/controllers/api/subscriptions_controller.rb
View File

@ -12,8 +12,8 @@ class API::SubscriptionsController < API::ApiController
if fablab_plans_deactivated?
head 403
else
method = current_user.is_admin? ? :local : :stripe
user_id = current_user.is_admin? ? subscription_params[:user_id] : current_user.id
method = current_user.admin? ? :local : :stripe
user_id = current_user.admin? ? subscription_params[:user_id] : current_user.id
@subscription = Subscription.new(subscription_params)
is_subscribe = Subscriptions::Subscribe.new(user_id)

2
app/controllers/api/trainings_pricings_controller.rb
View File

@ -6,7 +6,7 @@ class API::TrainingsPricingsController < API::ApiController
end
def update
if current_user.is_admin?
if current_user.admin?
@trainings_pricing = TrainingsPricing.find(params[:id])
_trainings_pricing_params = trainings_pricing_params
_trainings_pricing_params[:amount] = _trainings_pricing_params[:amount] * 100

4
app/controllers/api/users_controller.rb
View File

@ -2,7 +2,7 @@ class API::UsersController < API::ApiController
before_action :authenticate_user!
def index
if current_user.is_admin? && params[:role] == 'partner'
if current_user.admin? && params[:role] == 'partner'
@users = User.with_role(:partner).includes(:profile)
else
head 403
@ -10,7 +10,7 @@ class API::UsersController < API::ApiController
end
def create
if current_user.is_admin?
if current_user.admin?
generated_password = Devise.friendly_token.first(8)
@user = User.new(email: partner_params[:email],
username: "#{partner_params[:first_name]}#{partner_params[:last_name]}",

16
app/models/user.rb
View File

@ -1,8 +1,12 @@
# frozen_string_literal: true
# User is a physical or moral person with its authentication parameters
# It is linked to the Profile model with hold informations about this person (like address, name, etc.)
class User < ActiveRecord::Base
include NotifyWith::NotificationReceiver
include NotifyWith::NotificationAttachedObject
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
# :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable,
:confirmable, :async
rolify
@ -73,7 +77,7 @@ class User < ActiveRecord::Base
scope :without_subscription, -> { includes(:subscriptions).where(subscriptions: { user_id: nil }) }
scope :with_subscription, -> { joins(:subscriptions) }
def to_json(options = {})
def to_json(*)
ApplicationController.new.view_context.render(
partial: 'api/members/member',
locals: { member: self },
@ -87,7 +91,7 @@ class User < ActiveRecord::Base
end
def training_machine?(machine)
return true if is_admin?
return true if admin?
trainings.map(&:machines).flatten.uniq.include?(machine)
end
@ -106,11 +110,11 @@ class User < ActiveRecord::Base
subscriptions.order(:created_at).last
end
def is_admin?
def admin?
has_role? :admin
end
def is_member?
def member?
has_role? :member
end
@ -285,7 +289,6 @@ class User < ActiveRecord::Base
false
end
private
def assign_default_role
@ -340,5 +343,4 @@ class User < ActiveRecord::Base
receiver: self,
attached_object: self
end
end

4
app/policies/admin_policy.rb
View File

@ -1,9 +1,9 @@
class AdminPolicy < ApplicationPolicy
def index?
user.is_admin?
user.admin?
end
def create?
user.is_admin?
user.admin?
end
end

2
app/policies/age_range_policy.rb
View File

@ -1,7 +1,7 @@
class AgeRangePolicy < ApplicationPolicy
%w(create update destroy show).each do |action|
define_method "#{action}?" do
user.is_admin?
user.admin?
end
end
end

2
app/policies/auth_provider_policy.rb
View File

@ -8,7 +8,7 @@ class AuthProviderPolicy < ApplicationPolicy
%w(index? show? create? update? destroy? mapping_fields?).each do |action|
define_method action do
user.is_admin?
user.admin?
end
end

2
app/policies/availability_policy.rb
View File

@ -1,7 +1,7 @@
class AvailabilityPolicy < ApplicationPolicy
%w(index? show? create? update? destroy? reservations? export? lock?).each do |action|
define_method action do
user.is_admin?
user.admin?
end
end
end

2
app/policies/category_policy.rb
View File

@ -1,7 +1,7 @@
class CategoryPolicy < ApplicationPolicy
%w(create update destroy show).each do |action|
define_method "#{action}?" do
user.is_admin?
user.admin?
end
end
end

2
app/policies/component_policy.rb
View File

@ -1,6 +1,6 @@
class ComponentPolicy < ApplicationPolicy
def create?
user.is_admin?
user.admin?
end
def update?

2
app/policies/coupon_policy.rb
View File

@ -1,7 +1,7 @@
class CouponPolicy < ApplicationPolicy
%w(index show create update destroy send_to).each do |action|
define_method "#{action}?" do
user.is_admin?
user.admin?
end
end
end

2
app/policies/credit_policy.rb
View File

@ -1,6 +1,6 @@
class CreditPolicy < ApplicationPolicy
def index?
user.is_admin?
user.admin?
end
def create?

4
app/policies/custom_asset_policy.rb
View File

@ -1,11 +1,11 @@
class CustomAssetPolicy < ApplicationPolicy
def create?
user.is_admin?
user.admin?
end
def update?
user.is_admin?
user.admin?
end
end

4
app/policies/event_policy.rb
View File

@ -1,7 +1,7 @@
class EventPolicy < ApplicationPolicy
class Scope < Scope
def resolve
if user.nil? or (user and !user.is_admin?)
if user.nil? or (user and !user.admin?)
scope.includes(:event_image, :event_files, :availability, :category)
.where('availabilities.start_at >= ?', Time.now)
.order('availabilities.start_at ASC')
@ -14,7 +14,7 @@ class EventPolicy < ApplicationPolicy
end
def create?
user.is_admin?
user.admin?
end
def update?

2
app/policies/event_theme_policy.rb
View File

@ -1,7 +1,7 @@
class EventThemePolicy < ApplicationPolicy
%w(create update destroy show).each do |action|
define_method "#{action}?" do
user.is_admin?
user.admin?
end
end
end

2
app/policies/export_policy.rb
View File

@ -1,7 +1,7 @@
class ExportPolicy < Struct.new(:user, :export)
%w(export_reservations export_members export_subscriptions export_availabilities download status).each do |action|
define_method "#{action}?" do
user.is_admin?
user.admin?
end
end
end

6
app/policies/group_policy.rb
View File

@ -1,13 +1,13 @@
class GroupPolicy < ApplicationPolicy
def create?
user.is_admin?
user.admin?
end
def update?
user.is_admin?
user.admin?
end
def destroy?
user.is_admin? and record.destroyable?
user.admin? and record.destroyable?
end
end

8
app/policies/invoice_policy.rb
View File

@ -1,17 +1,17 @@
class InvoicePolicy < ApplicationPolicy
def index?
user.is_admin?
user.admin?
end
def download?
user.is_admin? or (record.user_id == user.id)
user.admin? or (record.user_id == user.id)
end
def create?
user.is_admin?
user.admin?
end
def list?
user.is_admin?
user.admin?
end
end

2
app/policies/licence_policy.rb
View File

@ -1,6 +1,6 @@
class LicencePolicy < ApplicationPolicy
def create?
user.is_admin?
user.admin?
end
def update?

6
app/policies/machine_policy.rb
View File

@ -1,13 +1,13 @@
class MachinePolicy < ApplicationPolicy
def create?
user.is_admin?
user.admin?
end
def update?
user.is_admin?
user.admin?
end
def destroy?
user.is_admin? and record.destroyable?
user.admin? and record.destroyable?
end
end

8
app/policies/partner_plan_policy.rb
View File

@ -1,17 +1,17 @@
class PartnerPlanPolicy < ApplicationPolicy
def index?
user.is_admin?
user.admin?
end
def create?
user.is_admin?
user.admin?
end
def update?
user.is_admin?
user.admin?
end
def destroy?
user.is_admin? and record.destroyable?
user.admin? and record.destroyable?
end
end

6
app/policies/plan_policy.rb
View File

@ -1,13 +1,13 @@
class PlanPolicy < ApplicationPolicy
def create?
user.is_admin?
user.admin?
end
def update?
user.is_admin?
user.admin?
end
def destroy?
user.is_admin? and record.destroyable?
user.admin? and record.destroyable?
end
end

2
app/policies/price_category_policy.rb
View File

@ -1,7 +1,7 @@
class PriceCategoryPolicy < ApplicationPolicy
%w(show create update destroy).each do |action|
define_method "#{action}?" do
user.is_admin?
user.admin?
end
end
end

4
app/policies/price_policy.rb
View File

@ -1,9 +1,9 @@
class PricePolicy < ApplicationPolicy
def index?
user.is_admin?
user.admin?
end
def update?
user.is_admin?
user.admin?
end
end

2
app/policies/pricing_policy.rb
View File

@ -1,5 +1,5 @@
class PricingPolicy < ApplicationPolicy
def update?
user.is_admin?
user.admin?
end
end

4
app/policies/project_policy.rb
View File

@ -15,10 +15,10 @@ class ProjectPolicy < ApplicationPolicy
end
def update?
user.is_admin? or record.author == user or record.users.include?(user)
user.admin? or record.author == user or record.users.include?(user)
end
def destroy?
user.is_admin? or record.author == user
user.admin? or record.author == user
end
end

2
app/policies/reservation_policy.rb
View File

@ -1,5 +1,5 @@
class ReservationPolicy < ApplicationPolicy
def update?
user.is_admin? or record.user == user
user.admin? or record.user == user
end
end

2
app/policies/setting_policy.rb
View File

@ -1,7 +1,7 @@
class SettingPolicy < ApplicationPolicy
%w(update).each do |action|
define_method "#{action}?" do
user.is_admin?
user.admin?
end
end
end

4
app/policies/slot_policy.rb
View File

@ -5,11 +5,11 @@ class SlotPolicy < ApplicationPolicy
enabled = (Setting.find_by( name: 'booking_move_enable').value == 'true')
# these condition does not apply to admins
user.is_admin? or
user.admin? or
(record.reservation.user == user and enabled and ((record.start_at - Time.now).to_i / 3600 >= delay))
end
def cancel?
user.is_admin? or record.reservation.user == user
user.admin? or record.reservation.user == user
end
end

6
app/policies/space_policy.rb
View File

@ -1,13 +1,13 @@
class SpacePolicy < ApplicationPolicy
def create?
user.is_admin?
user.admin?
end
def update?
user.is_admin?
user.admin?
end
def destroy?
user.is_admin? and record.destroyable?
user.admin? and record.destroyable?
end
end

2
app/policies/statistic_policy.rb
View File

@ -2,7 +2,7 @@ class StatisticPolicy < ApplicationPolicy
%w(index account event machine project subscription training user space scroll export_subscription export_machine
export_training export_event export_account export_project export_space export_global).each do |action|
define_method "#{action}?" do
user.is_admin?
user.admin?
end
end
end

4
app/policies/subscription_policy.rb
View File

@ -1,9 +1,9 @@
class SubscriptionPolicy < ApplicationPolicy
def show?
user.is_admin? or record.user_id == user.id
user.admin? or record.user_id == user.id
end
def update?
user.is_admin?
user.admin?
end
end

2
app/policies/tag_policy.rb
View File

@ -1,6 +1,6 @@
class TagPolicy < ApplicationPolicy
def create?
user.is_admin?
user.admin?
end
def update?

2
app/policies/theme_policy.rb
View File

@ -1,6 +1,6 @@
class ThemePolicy < ApplicationPolicy
def create?
user.is_admin?
user.admin?
end
def update?

6
app/policies/training_policy.rb
View File

@ -7,15 +7,15 @@ class TrainingPolicy < ApplicationPolicy
%w(create update).each do |action|
define_method "#{action}?" do
user.is_admin?
user.admin?
end
end
def destroy?
user.is_admin? and record.destroyable?
user.admin? and record.destroyable?
end
def availabilities?
user.is_admin?
user.admin?
end
end

8
app/policies/user_policy.rb
View File

@ -1,7 +1,7 @@
class UserPolicy < ApplicationPolicy
class Scope < Scope
def resolve
if user.is_admin?
if user.admin?
scope.includes(:group, :training_credits, :machine_credits, :subscriptions => [:plan => [:credits]], :profile => [:user_avatar]).joins(:roles).where("users.is_active = 'true' AND roles.name = 'member'").order('users.created_at desc')
else
scope.includes(:profile => [:user_avatar]).joins(:roles).where("users.is_active = 'true' AND roles.name = 'member'").where(is_allow_contact: true).order('users.created_at desc')
@ -10,11 +10,11 @@ class UserPolicy < ApplicationPolicy
end
def show?
user.is_admin? or (record.is_allow_contact and record.is_member?) or (user.id == record.id)
user.admin? or (record.is_allow_contact and record.member?) or (user.id == record.id)
end
def update?
user.is_admin? or (user.id == record.id)
user.admin? or (user.id == record.id)
end
def destroy?
@ -27,7 +27,7 @@ class UserPolicy < ApplicationPolicy
%w(list create mapping).each do |action|
define_method "#{action}?" do
user.is_admin?
user.admin?
end
end
end

2
app/policies/version_policy.rb
View File

@ -1,5 +1,5 @@
class VersionPolicy < ApplicationPolicy
def show?
user.is_admin?
user.admin?
end
end

6
app/policies/wallet_policy.rb
View File

@ -1,13 +1,13 @@
class WalletPolicy < ApplicationPolicy
def by_user?
user.is_admin? or user == record.user
user.admin? or user == record.user
end
def transactions?
user.is_admin? or user == record.user
user.admin? or user == record.user
end
def credit?
user.is_admin?
user.admin?
end
end

2
app/views/api/age_ranges/index.json.jbuilder
View File

@ -1,4 +1,4 @@
user_is_admin = (current_user and current_user.is_admin?)
user_is_admin = (current_user and current_user.admin?)
json.array!(@age_ranges) do |ar|
json.extract! ar, :id, :name

2
app/views/api/categories/index.json.jbuilder
View File

@ -1,4 +1,4 @@
user_is_admin = (current_user and current_user.is_admin?)
user_is_admin = (current_user and current_user.admin?)
json.array!(@categories) do |category|
json.extract! category, :id, :name

2
app/views/api/event_themes/index.json.jbuilder
View File

@ -1,4 +1,4 @@
user_is_admin = (current_user and current_user.is_admin?)
user_is_admin = (current_user and current_user.admin?)
json.array!(@event_themes) do |theme|
json.extract! theme, :id, :name

2
app/views/api/members/index.json.jbuilder
View File

@ -1,4 +1,4 @@
user_is_admin = (current_user and current_user.is_admin?)
user_is_admin = (current_user and current_user.admin?)
max_members = @query.except(:offset, :limit, :order).count
json.array!(@members) do |member|

2
app/views/api/price_categories/index.json.jbuilder
View File

@ -1,4 +1,4 @@
user_is_admin = (current_user and current_user.is_admin?)
user_is_admin = (current_user and current_user.admin?)
json.array!(@price_categories) do |category|
json.extract! category, :id, :name, :conditions

2
app/views/api/trainings/index.json.jbuilder
View File

@ -1,4 +1,4 @@
role = (current_user and current_user.is_admin?) ? 'admin' : 'user'
role = (current_user and current_user.admin?) ? 'admin' : 'user'
json.array!(@trainings) do |training|
json.extract! training, :id, :name, :description, :machine_ids, :nb_total_places, :slug, :disabled

2
app/workers/availabilities_export_worker.rb
View File

@ -4,7 +4,7 @@ class AvailabilitiesExportWorker
def perform(export_id)
export = Export.find(export_id)
unless export.user.is_admin?
unless export.user.admin?
raise SecurityError, 'Not allowed to export'
end

2
app/workers/statistics_export_worker.rb
View File

@ -4,7 +4,7 @@ class StatisticsExportWorker
def perform(export_id)
export = Export.find(export_id)
unless export.user.is_admin?
unless export.user.admin?
raise SecurityError, 'Not allowed to export'
end

2
app/workers/users_export_worker.rb
View File

@ -4,7 +4,7 @@ class UsersExportWorker
def perform(export_id)
export = Export.find(export_id)
unless export.user.is_admin?
unless export.user.admin?
raise SecurityError, 'Not allowed to export'
end

2
config/routes.rb
View File

@ -176,7 +176,7 @@ Rails.application.routes.draw do
match '/project_collaborator/:valid_token', to: 'api/projects#collaborator_valid', via: :get
authenticate :user, lambda { |u| u.is_admin? } do
authenticate :user, lambda { |u| u.admin? } do
mount Sidekiq::Web => '/admin/sidekiq'
end

2
lib/tasks/fablab/fix.rake
View File

@ -51,7 +51,7 @@ namespace :fablab do
task migrate_admins_group: :environment do
admins = Group.find_by(slug: 'admins')
User.all.each do |user|
if user.is_admin?
if user.admin?
user.group = admins
user.save!
end