Revision 355bce36
Added by Ohad Levy over 10 years ago
| app/models/user.rb | ||
|---|---|---|
|
self.auditing_enabled = !(File.basename($0) == "rake" && ARGV.include?("db:migrate"))
|
||
|
|
||
|
attr_protected :password_hash, :password_salt, :admin
|
||
|
attr_accessor :password, :password_confirmation, :editing_self
|
||
|
attr_accessor :password, :password_confirmation
|
||
|
before_destroy EnsureNotUsedBy.new(:direct_hosts, :hostgroups), :ensure_admin_is_not_deleted
|
||
|
after_commit :ensure_default_role
|
||
|
|
||
|
belongs_to :auth_source
|
||
|
has_many :auditable_changes, :class_name => '::Audit', :as => :user
|
||
| ... | ... | |
|
# action can be:
|
||
|
# * a parameter-like Hash (eg. :controller => 'projects', :action => 'edit')
|
||
|
# * a permission Symbol (eg. :edit_project)
|
||
|
def allowed_to?(action, options={})
|
||
|
def allowed_to?(action)
|
||
|
return true if admin?
|
||
|
return true if editing_self
|
||
|
if action.is_a? Hash
|
||
|
# normalize controller name
|
||
|
action[:controller] = action[:controller].to_s.gsub(/::/, "_").sub(/^\//,'').underscore
|
||
|
return true if editing_self?(action)
|
||
|
end
|
||
|
roles.detect {|role| role.allowed_to?(action)}.present?
|
||
|
end
|
||
|
|
||
| ... | ... | |
|
@role_ids_was ||= role_ids
|
||
|
end
|
||
|
|
||
|
def editing_self?(options = {})
|
||
|
options[:controller].to_s == 'users' &&
|
||
|
options[:action] =~ /edit|update/ &&
|
||
|
options[:id].to_i == self.id
|
||
|
end
|
||
|
|
||
|
private
|
||
|
|
||
|
def prepare_password
|
||
| ... | ... | |
|
errors.add :admin, _("You can't change Administrator flag")
|
||
|
end
|
||
|
end
|
||
|
|
||
|
def ensure_default_role
|
||
|
role = Role.find_by_name('Anonymous')
|
||
|
self.roles << role unless self.role_ids.include?(role.id)
|
||
|
end
|
||
|
end
|
||
Also available in: Unified diff
fixes #3930 - refactoring of edit_self implementation.