assets.rb 3.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125
  1. # Copyright (C) 2012-2024 Zammad Foundation, https://zammad-foundation.org/
  2. class User
  3. module Assets
  4. extend ActiveSupport::Concern
  5. =begin
  6. get all assets / related models for this user
  7. user = User.find(123)
  8. result = user.assets(assets_if_exists)
  9. returns
  10. result = {
  11. :User => {
  12. 123 => user_model_123,
  13. 1234 => user_model_1234,
  14. }
  15. }
  16. =end
  17. def assets(data)
  18. return data if assets_added_to?(data)
  19. app_model = User.to_app_model
  20. if !data[ app_model ]
  21. data[ app_model ] = {}
  22. end
  23. return data if data[ app_model ][ id ]
  24. local_attributes = attributes_with_association_ids
  25. # do not transfer crypted pw
  26. local_attributes.delete('password')
  27. # set temp. current attributes to assets pool to prevent
  28. # loops, will be updated with lookup attributes later
  29. data[ app_model ][ id ] = local_attributes
  30. # get linked accounts
  31. accounts = assets_accounts
  32. if accounts.present?
  33. local_attributes['accounts'] = accounts
  34. end
  35. # get roles
  36. local_attributes['role_ids']&.each do |role_id|
  37. next if data[:Role] && data[:Role][role_id]
  38. role = Role.lookup(id: role_id)
  39. next if !role
  40. data = role.assets(data)
  41. end
  42. # get groups
  43. local_attributes['group_ids']&.each_key do |group_id|
  44. next if data[:Group] && data[:Group][group_id]
  45. group = Group.lookup(id: group_id)
  46. next if !group
  47. data = group.assets(data)
  48. end
  49. # get organizations
  50. Array(local_attributes['organization_ids'])[0, 3].each do |organization_id|
  51. next if data[:Organization] && data[:Organization][organization_id]
  52. organization = Organization.lookup(id: organization_id)
  53. next if !organization
  54. data = organization.assets(data)
  55. end
  56. data[ app_model ][ id ] = local_attributes
  57. # add organization
  58. if self.organization_id
  59. if !data[:Organization] || !data[:Organization][self.organization_id] # rubocop:disable Style/SoleNestedConditional
  60. organization = Organization.lookup(id: self.organization_id)
  61. if organization
  62. data = organization.assets(data)
  63. end
  64. end
  65. end
  66. data
  67. end
  68. def filter_unauthorized_attributes(attributes)
  69. return super if UserInfo.assets.blank? || UserInfo.assets.agent?
  70. # customer assets for the user session
  71. if UserInfo.current_user_id == id
  72. attributes = super
  73. attributes.except!('web', 'phone', 'mobile', 'fax', 'department', 'street', 'zip', 'city', 'country', 'address', 'note')
  74. return attributes
  75. end
  76. # customer assets for other user
  77. attributes = super
  78. attributes.slice('id', 'firstname', 'lastname', 'image', 'image_source', 'active')
  79. end
  80. def assets_accounts
  81. return nil if UserInfo.assets.present? && !UserInfo.assets.agent? && UserInfo.current_user_id != id
  82. Rails.cache.fetch("User/authorizations/#{cache_key_with_version}") do
  83. local_accounts = {}
  84. authorizations = self.authorizations
  85. authorizations.each do |authorization|
  86. local_accounts[authorization.provider] = {
  87. uid: authorization[:uid],
  88. username: authorization[:username]
  89. }
  90. end
  91. local_accounts
  92. end
  93. end
  94. end
  95. end