-
Notifications
You must be signed in to change notification settings - Fork 434
/
permission.rb
89 lines (72 loc) · 2.34 KB
/
permission.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
# require "project"
# require "package"
#
# This is basically only a helper class around permission checking for user model
#
module Suse
class Permission
def to_s
"OpenSUSE Permissions for user #{@user.login}"
end
def initialize(u)
@user = u
logger.debug "User #{@user.login} initialised"
end
def project_change?(project = nil)
# one is project admin if he has the permission Project_Admin or if he
# is the owner of the project
logger.debug "User #{@user.login} wants to change the project"
case project
when Project
prj = project
when String
prj = Project.find_by_name(project)
# avoid remote projects
return false unless prj.is_a?(Project)
end
raise ArgumentError, "unable to find project object for #{project}" if prj.nil?
return true if @user.has_global_permission?('global_project_change')
@user.can_modify?(prj)
end
# args can either be an instance of the respective class (Package, Project),
# the database object or package/project names.
#
# the second arg can be omitted if the first one is a Package object. second
# arg is needed if first arg is a string
def package_change?(package, project = nil)
logger.debug "User #{@user.login} wants to change the package"
# Get DbPackage object
if package.is_a?(Package)
pkg = package
else
if project.nil?
raise 'autofetch of project only works with objects of class Package'
end
pkg = Package.find_by_project_and_name(project, package)
if pkg.nil?
raise ArgumentError, "unable to find package object for #{project} / #{package}"
end
end
return true if @user.can_modify?(pkg)
false
end
def method_missing(perm, *_args, &_block)
logger.debug "Dynamic Permission requested: <#{perm}>"
if @user
if @user.has_global_permission?(perm.to_s)
logger.debug "User #{@user.login} has permission #{perm}"
return true
else
logger.debug "User #{@user.login} does NOT have permission #{perm}"
return false
end
else
logger.debug 'Permission check failed because no user is checked in'
return false
end
end
def logger
Rails.logger
end
end
end