Skip to content

Instantly share code, notes, and snippets.

@JiggyPete

JiggyPete/user_permissions.rb

Created August 29, 2012 07:56
Show Gist options
  • Save JiggyPete/3508232 to your computer and use it in GitHub Desktop.
Save JiggyPete/3508232 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
user_permissions.rb
require 'set'
class UserPermissions
def initialize(user, cm_invoice)
@user = user
@cm_invoice = cm_invoice
end
def get_permissions
result = Set.new
collect_role_to_permission_mappings.each do |mapping|
add_permsissions result, mapping
end
result
end
private
def collect_role_to_permission_mappings
list_of_mappings = []
unless @user.nil?
list_of_mappings << app_permissions
list_of_mappings << app_invoice_finance_permissions if has_cm_invoice_view_role || has_invoice_finance_role
end
unless @cm_invoice.nil?
list_of_mappings << invoice_permissions
list_of_mappings << cm_permissions if has_cm_edit_access
end
list_of_mappings
end
def app_invoice_finance_permissions
{
Proc.new{ true } => :CM_INVOICE_USER_PERMISSION,
Proc.new{ true } => :INVOICE_VIEW_PERMISSION,
Proc.new{ true } => :ACCESS_ALL_INVOICE_PERMISSION,
}
end
def app_permissions
{
app_access_proc( :CM_INVOICE_ROLE ) => :CM_ANY_INVOICE_PERMISSION,
app_access_proc( :PA_INVOICE_ROLE ) => :PA_ANY_INVOICE_PERMISSION,
app_access_proc( :SDT_INVOICE_ROLE ) => :SDT_ANY_INVOICE_PERMISSION,
app_access_proc( nil ) => :CM_INVOICE_USER_PERMISSION,
Proc.new{ has_cm_team_role } => :CM_TEAM_ROLE_PERMISSION,
Proc.new{ true } => :DEFAULT_PERMISSION,
}
end
def invoice_permissions
{
Proc.new{ has_read_access } => :INVOICE_VIEW_PERMISSION,
Proc.new{ has_edit_access } => :COMMENT_ADD_PERMISSION,
Proc.new{ has_cm_invoice_close_right } => :INVOICE_CLOSE_PERMISSION,
Proc.new{ has_approve_access } => :INVOICE_APPROVE_PERMISSION,
Proc.new{ has_reject_access } => :INVOICE_REJECT_PERMISSION,
Proc.new{ has_configure_rules_access } => :CONFIGURE_RULES_PERMISSION,
Proc.new{ has_view_rules_access } => :VIEW_RULES_PERMISSION,
Proc.new{ has_invoice_finance_role } => :FINANCE_INVOICE_PERMISSION,
Proc.new{ has_invoice_log_access } => :INVOICE_LOG_PERMISSION,
}
end
def cm_permissions
{
approval_status(:CM_STATUS) => :CM_EDIT_SETUP_PERMISSION,
approval_status(:APPROVED_STATUS) => :CM_BILLING_PERIOD_ADD_PERMISSION,
approval_status(:NEW_STATUS) => :CM_EDIT_SETUP_PERMISSION,
approval_status(:NEW_STATUS) => :CM_BILLING_PERIOD_ADD_PERMISSION,
approval_status(:CM_STATUS) => :CM_BILLING_PERIOD_EDIT_PERMISSION,
Proc.new{ @cm_invoice.approval_status == :CM_STATUS && @cm_invoice.in_transition?} => :CM_EDIT_BILLING_PERIOD_TRANSITION_PERMISSION,
}
end
def app_access_proc( role )
Proc.new{ has_application_access( role ) }
end
def approval_status( status )
Proc.new{ @cm_invoice.approval_status == status }
end
def add_permsissions( permission_set, permission_map )
permission_map.each do |key,value|
permission_set << value if key.call
end
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment