Revision 355bce36
Added by Ohad Levy over 10 years ago
app/models/user.rb | ||
---|---|---|
self.auditing_enabled = !(File.basename($0) == "rake" && ARGV.include?("db:migrate"))
|
||
|
||
attr_protected :password_hash, :password_salt, :admin
|
||
attr_accessor :password, :password_confirmation, :editing_self
|
||
attr_accessor :password, :password_confirmation
|
||
before_destroy EnsureNotUsedBy.new(:direct_hosts, :hostgroups), :ensure_admin_is_not_deleted
|
||
after_commit :ensure_default_role
|
||
|
||
belongs_to :auth_source
|
||
has_many :auditable_changes, :class_name => '::Audit', :as => :user
|
||
... | ... | |
# action can be:
|
||
# * a parameter-like Hash (eg. :controller => 'projects', :action => 'edit')
|
||
# * a permission Symbol (eg. :edit_project)
|
||
def allowed_to?(action, options={})
|
||
def allowed_to?(action)
|
||
return true if admin?
|
||
return true if editing_self
|
||
if action.is_a? Hash
|
||
# normalize controller name
|
||
action[:controller] = action[:controller].to_s.gsub(/::/, "_").sub(/^\//,'').underscore
|
||
return true if editing_self?(action)
|
||
end
|
||
roles.detect {|role| role.allowed_to?(action)}.present?
|
||
end
|
||
|
||
... | ... | |
@role_ids_was ||= role_ids
|
||
end
|
||
|
||
def editing_self?(options = {})
|
||
options[:controller].to_s == 'users' &&
|
||
options[:action] =~ /edit|update/ &&
|
||
options[:id].to_i == self.id
|
||
end
|
||
|
||
private
|
||
|
||
def prepare_password
|
||
... | ... | |
errors.add :admin, _("You can't change Administrator flag")
|
||
end
|
||
end
|
||
|
||
def ensure_default_role
|
||
role = Role.find_by_name('Anonymous')
|
||
self.roles << role unless self.role_ids.include?(role.id)
|
||
end
|
||
end
|
Also available in: Unified diff
fixes #3930 - refactoring of edit_self implementation.