summaryrefslogtreecommitdiffstats
path: root/app/controllers/roles_controller.rb
blob: dfe7c2b8f736330d1f407774e3c4b90b1e0b5878 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
# frozen_string_literal: true

# Redmine - project management software
# Copyright (C) 2006-  Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

class RolesController < ApplicationController
  layout 'admin'
  self.main_menu = false

  before_action :require_admin, :except => [:index, :show]
  before_action :require_admin_or_api_request, :only => [:index, :show]
  before_action :find_role, :only => [:show, :edit, :update, :destroy]
  accept_api_auth :index, :show

  include RolesHelper

  require_sudo_mode :create, :update, :destroy

  def index
    respond_to do |format|
      format.html do
        @roles = Role.sorted.to_a
        render :layout => false if request.xhr?
      end
      format.api do
        @roles = Role.givable.to_a
      end
    end
  end

  def show
    respond_to do |format|
      format.api
    end
  end

  def new
    # Prefills the form with 'Non member' role permissions by default
    @role = Role.new
    @role.safe_attributes = params[:role] || {:permissions => Role.non_member.permissions}
    if params[:copy].present? && @copy_from = Role.find_by_id(params[:copy])
      @role.copy_from(@copy_from)
    end
    @roles = Role.sorted.to_a
  end

  def create
    @role = Role.new
    @role.safe_attributes = params[:role]
    if request.post? && @role.save
      # workflow copy
      if params[:copy_workflow_from].present? && (copy_from = Role.find_by_id(params[:copy_workflow_from]))
        @role.copy_workflow_rules(copy_from)
      end
      flash[:notice] = l(:notice_successful_create)
      redirect_to roles_path
    else
      @roles = Role.sorted.to_a
      render :action => 'new'
    end
  end

  def edit
  end

  def update
    @role.safe_attributes = params[:role]
    if @role.save
      respond_to do |format|
        format.html do
          flash[:notice] = l(:notice_successful_update)
          redirect_to roles_path(:page => params[:page])
        end
        format.js {head :ok}
      end
    else
      respond_to do |format|
        format.html {render :action => 'edit'}
        format.js   {head :unprocessable_content}
      end
    end
  end

  def destroy
    begin
      @role.destroy
    rescue
      flash[:error] =  l(:error_can_not_remove_role)
    end
    redirect_to roles_path
  end

  def permissions
    scope = Role.sorted
    if params[:ids].present?
      scope = scope.where(:id => params[:ids])
    end
    @roles = scope.to_a
    @permissions = Redmine::AccessControl.permissions.reject(&:public?)
    respond_to do |format|
      format.html
      format.csv do
        send_data(permissions_to_csv(@roles, @permissions), :type => 'text/csv; header=present', :filename => 'permissions.csv')
      end
    end
  end

  def update_permissions
    @roles = Role.where(:id => params[:permissions].keys)
    @roles.each do |role|
      role.permissions = params[:permissions][role.id.to_s]
      role.save
    end
    flash[:notice] = l(:notice_successful_update)
    redirect_to roles_path
  end

  private

  def find_role
    @role = Role.find(params[:id])
  rescue ActiveRecord::RecordNotFound
    render_404
  end
end