Sha256: 0c9a39183af20691f1135fbb22d1c7c1999878fe4bc1e14d89822ffb6e853b5c
Contents?: true
Size: 1.59 KB
Versions: 18
Compression:
Stored size: 1.59 KB
Contents
# frozen_string_literal: true
# The policy will resolve to all locations that a user has access. This includes
# locations that a user has roles for but also those locations for which a user
# has a client role. Global roles grant access to ALL locations.
module G5Updatable
class LocationPolicy < G5Authenticatable::BasePolicy
class Scope < G5Authenticatable::BasePolicy::BaseScope
def resolve
locations_from_client_location_roles
end
private
def location_roles
G5Authenticatable::Role
.joins('INNER JOIN g5_updatable_locations as l ON l.id = g5_authenticatable_roles.resource_id')
.joins('INNER JOIN g5_authenticatable_users_roles as ur ON g5_authenticatable_roles.id = ur.role_id')
.where('g5_authenticatable_roles.resource_type = ? and ur.user_id = ?',
G5Updatable::Location.name, user.id)
end
def locations_from_client_roles
G5Updatable::Location
.joins('INNER JOIN g5_updatable_clients as c on g5_updatable_locations.client_uid=c.uid')
.joins('INNER JOIN g5_authenticatable_roles as r on r.resource_id=c.id')
.joins('INNER JOIN g5_authenticatable_users_roles as ur on r.id=ur.role_id')
.where('ur.user_id=?',user.id)
.where('r.resource_type=?', G5Updatable::Client.name)
end
def locations_from_client_location_roles
return scope.all if has_global_role?
location_ids = locations_from_client_roles.map(&:id) | location_roles.map(&:resource_id)
G5Updatable::Location.where(id: location_ids)
end
end
end
end
Version data entries
18 entries across 18 versions & 1 rubygems