Revision 13265
Added by Jean-Philippe Lang almost 11 years ago
| sandbox/rails-4.1/app/models/user.rb | ||
|---|---|---|
| 562 | 562 |
# Authorize if user is authorized on every element of the array |
| 563 | 563 |
context.map {|project| allowed_to?(action, project, options, &block)}.reduce(:&)
|
| 564 | 564 |
end |
| 565 |
elsif context |
|
| 566 |
raise ArgumentError.new("#allowed_to? context argument must be a Project, an Array of projects or nil")
|
|
| 565 | 567 |
elsif options[:global] |
| 566 | 568 |
# Admin users are always authorized |
| 567 | 569 |
return true if admin? |
| sandbox/rails-4.1/test/unit/user_test.rb | ||
|---|---|---|
| 996 | 996 |
end |
| 997 | 997 |
|
| 998 | 998 |
should "return true only if user has permission on all these projects" do |
| 999 |
assert_equal true, @admin.allowed_to?(:view_project, Project.all) |
|
| 1000 |
assert_equal false, @dlopper.allowed_to?(:view_project, Project.all) #cannot see Project(2) |
|
| 1001 |
assert_equal true, @jsmith.allowed_to?(:edit_issues, @jsmith.projects) #Manager or Developer everywhere |
|
| 1002 |
assert_equal false, @jsmith.allowed_to?(:delete_issue_watchers, @jsmith.projects) #Dev cannot delete_issue_watchers |
|
| 999 |
assert_equal true, @admin.allowed_to?(:view_project, Project.all.to_a)
|
|
| 1000 |
assert_equal false, @dlopper.allowed_to?(:view_project, Project.all.to_a) #cannot see Project(2)
|
|
| 1001 |
assert_equal true, @jsmith.allowed_to?(:edit_issues, @jsmith.projects.to_a) #Manager or Developer everywhere
|
|
| 1002 |
assert_equal false, @jsmith.allowed_to?(:delete_issue_watchers, @jsmith.projects.to_a) #Dev cannot delete_issue_watchers
|
|
| 1003 | 1003 |
end |
| 1004 | 1004 |
|
| 1005 | 1005 |
should "behave correctly with arrays of 1 project" do |
Also available in: Unified diff
Raise an ArgumentError when User#allowed_to? is called with wrong context.