12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455 |
- # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
- class Permission < ApplicationModel
- include ChecksClientNotification
- include ChecksHtmlSanitized
- include HasCollectionUpdate
- has_and_belongs_to_many :roles
- store :preferences
- validates :name, presence: true
- # This is added to handle migrations from before the columns were modified.
- # For example when upgrading from pre-6.4.
- # Otherwise older migrations fail since those columnsa are not yet available.
- with_options if: -> { respond_to?(:label) && respond_to?(:description) } do
- validates :label, length: { maximum: 255 }
- validates :description, length: { maximum: 500 }
- end
- sanitized_html :description
- # Returns permission name with parent permission names
- #
- # @return [String]
- #
- # @example
- # Permission.with_parents('some_key.sub_key')
- # #=> ['some_key.sub_key', 'some_key']
- def self.with_parents(key)
- key
- .split('.')
- .each_with_object([]) do |elem, memo|
- memo << if (previous = memo.last)
- "#{previous}.#{elem}"
- else
- elem
- end
- end
- end
- def to_s
- name
- end
- def self.join_with(object, permissions)
- return object if !object.method_defined?(:permissions?)
- permissions = with_parents(permissions)
- object
- .joins(roles: :permissions)
- .where(roles: { active: true }, permissions: { name: permissions, active: true })
- end
- end
|