diary/diary_policy.rb

155 lines
3.5 KiB
Ruby
Raw Normal View History

# SPDX-License-Identifier: Apache-2.0
# Copyright (C) 2021-2022 OKTET Labs Ltd. All rights reserved.
#
# Class Policy for Diary Management Application.
#
require_relative 'ldap_record'
#require_relative 'project'
require_relative 'diary_env'
require_relative 'diary_datamapper'
# Policy for full employees
class EmployeePolicy
def initialize(user)
@user = user
end
def customer_list
Organization.all.sort
end
def project_list
Project.where("1").sort
end
def engineer_list
Person.find_by_org(DiaryEnv::HOME_ORGANIZATION).sort
end
# Check whether current user can edit entries for user {who}
# in project {prj}
def can_edit?(prj, who)
@user == who or
@user == self.is_director? or (prj != nil and
(@user.uid == prj["leader"] or @user.uid == prj["manager"]))
end
# Check whether current user needs confirmations when editing things in
# the past
def needs_confirmation?(prj, who)
not (self.is_director? or
(prj != nil and
(@user.uid == prj["leader"] or @user.uid == prj["manager"])))
end
def can_approve?(prj, who)
prj.approvals[who.uid] == @user.uid
end
def can_account?(prj)
true
end
def can_edit_project?(prj = nil)
true
end
def is_director?
DiaryEnv.director.include?(@user)
end
def can_edit_approval?(prj)
#@user.director? or @user.uid == prj["leader"]
true
end
def restriction
[]
end
end
# Policy for customers and contractors
class CustomerPolicy
def initialize(user)
@user = user
@extra_prj = nil
end
def extra_project_list
return @extra_prj if @extra_prj
@extra_prj = Array.new
Project.where("extra_rights IS NOT NULL").each do |prj|
if not Person.find_by_filter("(&(uid=#{@user.uid})#{prj["extra_rights"]})").empty?
@extra_prj.push(prj)
end
end
@extra_prj
end
def customer_list
([@user.organization] +
extra_project_list.collect {|prj| prj.customer }).uniq.sort
end
def project_list
(Project.where("customer='%s' AND extra_rights IS NULL",
@user.organization.uid) +
extra_project_list).uniq.sort
end
def engineer_list
return [@user] if @user.local? # For contractors
engs = Person.find_by_org(DiaryEnv::HOME_ORGANIZATION)
if @user.customer?
engs_active = Array.new
DataMapper.database.select_all("SELECT DISTINCT who " +
"FROM diary INNER JOIN project " +
"ON diary.prj_id = project.id " +
"WHERE project.id IN " +
"(#{project_list.collect {"?"}.join(",")})",
*(project_list.collect { |prj| prj.id })
) do |row|
engs_active.push(row["who"])
end
engs.delete_if { |x| not engs_active.include?(x.uid) }
end
engs.sort
end
def can_account?(prj)
not prj["hide_hrs"]
end
def can_edit?(prj, who)
@user.local? ? who == @user : false
end
def needs_confirmation?(prj, who)
return true
end
def can_approve?(prj, who)
false
end
def can_edit_project?(prj = nil)
false
end
def can_edit_approval?(prj)
false
end
def is_director?
false
end
def restriction
@user.local? ? [:project, :engineer] : [:project]
end
end