lino.jorzick/greenlight
1
0
Fork 0
forked from External/greenlight
Code Issues Pull Requests Projects Releases Wiki Activity

GRN2-xx: Made role priority unique scoped to provider (#942)

Browse Source 
* Made role priority unique scoped to provider

* Fixed issues related to update_role after making role priority unique
This commit is contained in:
Ahmad Farhat
2020-02-19 13:38:16 -05:00
committed by GitHub
parent feccee7d62
commit c75c624a1a
10 changed files with 81 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/concerns/populator.rb
View File

@ -74,7 +74,7 @@ module Populator
def shared_user_list
roles_can_appear = []
Role.where(provider: @user_domain).each do |role|
roles_can_appear << role.name if role.get_permission("can_appear_in_share_list") && role.name != "super_admin"
roles_can_appear << role.name if role.get_permission("can_appear_in_share_list") && role.priority >= 0
end
initial_list = User.where.not(uid: current_user.uid)

33
app/controllers/concerns/rolify.rb
View File

@ -119,17 +119,32 @@ module Rolify
return false if role.priority <= current_user_role.priority || role.provider != @user_domain
end
# Update the roles priority including the user role
top_priority = 0
# Get the priority of the current user's role and start with 1 higher
new_priority = [current_user_role.priority, 0].max + 1
role_to_update.each_with_index do |id, index|
new_priority = index + [current_user_role.priority, 0].max + 1
top_priority = new_priority
Role.where(id: id).update_all(priority: new_priority)
begin
# Save the old priorities incase something fails
old_priority = Role.where(id: role_to_update).select(:id, :priority).index_by(&:id)
# Set all the priorities to nil to avoid unique column issues
Role.where(id: role_to_update).update_all(priority: nil)
# Starting at the starting priority, increase by 1 every time
role_to_update.each_with_index do |id, index|
Role.find(id).update_attribute(:priority, new_priority + index)
end
true
rescue => e
# Reset to old prorities
role_to_update.each_with_index do |id, _index|
Role.find(id).update_attribute(:priority, old_priority[id.to_i].priority)
end
logger.error "#{current_user} failed to update role priorities: #{e}"
false
end
user_role.priority = top_priority + 1
user_role.save!
end
# Update Permissions

6
app/models/role.rb
View File

@ -38,8 +38,8 @@ class Role < ApplicationRecord
send_demoted_email: true, can_edit_site_settings: true, can_manage_rooms_recordings: true,
can_edit_roles: true, can_manage_users: true)
Role.create(name: "pending", provider: provider, priority: -1, colour: "#17a2b8").update_all_role_permissions
Role.create(name: "denied", provider: provider, priority: -1, colour: "#343a40").update_all_role_permissions
Role.create(name: "super_admin", provider: provider, priority: -2, colour: "#cd201f")
Role.create(name: "denied", provider: provider, priority: -2, colour: "#343a40").update_all_role_permissions
Role.create(name: "super_admin", provider: provider, priority: -3, colour: "#cd201f")
.update_all_role_permissions(can_create_rooms: true,
send_promoted_email: true, send_demoted_email: true, can_edit_site_settings: true,
can_edit_roles: true, can_manage_users: true, can_manage_rooms_recordings: true,
@ -56,8 +56,8 @@ class Role < ApplicationRecord
role.priority = user_role.priority
user_role.priority += 1
role.save!
user_role.save!
role.save!
role
end

4
app/models/user.rb
View File

@ -238,9 +238,9 @@ class User < ApplicationRecord
end
def self.all_users_highest_priority_role
User.joins("INNER JOIN (SELECT user_id, role_id, min(roles.priority) FROM users_roles " \
User.joins("INNER JOIN (SELECT user_id, min(roles.priority) as role_priority FROM users_roles " \
"INNER JOIN roles ON users_roles.role_id = roles.id GROUP BY user_id) as a ON " \
"a.user_id = users.id INNER JOIN roles ON roles.id = a.role_id " \
"a.user_id = users.id INNER JOIN roles ON roles.priority = a.role_priority " \
" INNER JOIN role_permissions ON roles.id = role_permissions.role_id").distinct
end

4
app/views/admins/components/_menu_buttons.html.erb
View File

@ -21,13 +21,15 @@
<span class="icon mr-3"><i class="fas fa-users"></i></span><%= t("administrator.users.title") %>
<% end %>
<% end %>
<% if highest_role.get_permission("can_edit_site_settings") || highest_role.name == "super_admin" %>
<% if highest_role.get_permission("can_manage_rooms_recordings") || highest_role.name == "super_admin" %>
<%= link_to admin_rooms_path, class: "list-group-item list-group-item-action dropdown-item #{"active" if active_page == "server_rooms"}" do %>
<span class="icon mr-4"><i class="fas fa-binoculars"></i></span><%= t("administrator.rooms.title") %>
<% end %>
<%= link_to admin_recordings_path, class: "list-group-item list-group-item-action dropdown-item #{"active" if active_page == "server_recordings"}" do %>
<span class="icon mr-4"><i class="fas fa-video"></i></span><%= t("administrator.recordings.title") %>
<% end %>
<% end %>
<% if highest_role.get_permission("can_edit_site_settings") || highest_role.name == "super_admin" %>
<%= link_to admin_site_settings_path, class: "list-group-item list-group-item-action dropdown-item #{"active" if active_page == "site_settings"}" do %>
<span class="icon mr-4"><i class="fas fa-cogs"></i></span><%= t("administrator.site_settings.title") %>
<% end %>

4
app/views/shared/_header.html.erb
View File

@ -63,6 +63,10 @@
<%= link_to admins_path, class: "dropdown-item" do %>
<i class="dropdown-icon fas fa-user-tie mr-3"></i><%= t("header.dropdown.account_settings") %>
<% end %>
<% elsif highest_role.get_permission("can_manage_rooms_recordings")%>
<%= link_to admin_rooms_path, class: "dropdown-item" do %>
<i class="dropdown-icon fas fa-user-tie mr-3"></i><%= t("header.dropdown.account_settings") %>
<% end %>
<% elsif highest_role.get_permission("can_edit_site_settings") %>
<%= link_to admin_site_settings_path, class: "dropdown-item" do %>
<i class="dropdown-icon fas fa-user-tie mr-3"></i><%= t("header.dropdown.account_settings") %>