| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546 |
- # Copyright (C) 2012-2016 Zammad Foundation, http://zammad-foundation.org/
- class User
- module ChecksAccess
- extend ActiveSupport::Concern
- # Checks the given access of a given user for another user.
- #
- # @param [User] The user that will be checked for given access.
- # @param [String] The access that should get checked.
- #
- # @example
- # user.access?(user, 'read')
- # #=> true
- #
- # @return [Boolean]
- def access?(user, _access)
- # check agent
- return true if user.permissions?('admin.user')
- return true if user.permissions?('ticket.agent')
- # check customer
- if user.permissions?('ticket.customer')
- # access ok if its own user
- return id == user.id
- end
- false
- end
- # Checks the given access of a given user for another user and fails with an exception.
- #
- # @param (see User#access?)
- #
- # @example
- # user.access!(user, 'read')
- #
- # @raise [NotAuthorized] Gets raised if given user doesn't have the given access.
- #
- # @return [nil]
- def access!(user, access)
- return if access?(user, access)
- raise Exceptions::NotAuthorized
- end
- end
- end
|
