zammad/db/migrate/20160805000001_add_permission.rb

class AddPermission < ActiveRecord::Migration
  def change

    # return if it's a new setup
    return if !Setting.find_by(name: 'system_init_done')

    create_table :permissions do |t|
      t.string :name, limit: 255, null: false
      t.string :note, limit: 500, null: true
      t.string :preferences, limit: 10_000, null: true
      t.timestamps limit: 3, null: false
    end
    add_index :permissions, [:name], unique: true

    create_table :permissions_roles, id: false do |t|
      t.belongs_to :role, index: true
      t.belongs_to :permission, index: true
    end

    Permission.create_or_update(
      name: 'admin',
      note: 'Admin Interface',
      preferences: {},
    )
    Permission.create_or_update(
      name: 'admin.user',
      note: 'Manage %s',
      preferences: {
        translations: ['Users']
      },
    )
    Permission.create_or_update(
      name: 'admin.group',
      note: 'Manage %s',
      preferences: {
        translations: ['Groups']
      },
    )
    Permission.create_or_update(
      name: 'admin.role',
      note: 'Manage %s',
      preferences: {
        translations: ['Roles']
      },
    )
    Permission.create_or_update(
      name: 'admin.organization',
      note: 'Manage %s',
      preferences: {
        translations: ['Organizations']
      },
    )
    Permission.create_or_update(
      name: 'admin.overview',
      note: 'Manage %s',
      preferences: {
        translations: ['Overviews']
      },
    )
    Permission.create_or_update(
      name: 'admin.text_module',
      note: 'Manage %s',
      preferences: {
        translations: ['Text Modules']
      },
    )
    Permission.create_or_update(
      name: 'admin.macro',
      note: 'Manage %s',
      preferences: {
        translations: ['Macros']
      },
    )
    Permission.create_or_update(
      name: 'admin.tag',
      note: 'Manage %s',
      preferences: {
        translations: ['Tags']
      },
    )
    Permission.create_or_update(
      name: 'admin.calendar',
      note: 'Manage %s',
      preferences: {
        translations: ['Calendar']
      },
    )
    Permission.create_or_update(
      name: 'admin.sla',
      note: 'Manage %s',
      preferences: {
        translations: ['SLA']
      },
    )
    Permission.create_or_update(
      name: 'admin.scheduler',
      note: 'Manage %s',
      preferences: {
        translations: ['Scheduler']
      },
    )
    Permission.create_or_update(
      name: 'admin.report_profile',
      note: 'Manage %s',
      preferences: {
        translations: ['Report Profiles']
      },
    )
    Permission.create_or_update(
      name: 'admin.channel_web',
      note: 'Manage %s',
      preferences: {
        translations: ['Channel - Web']
      },
    )
    Permission.create_or_update(
      name: 'admin.channel_formular',
      note: 'Manage %s',
      preferences: {
        translations: ['Channel - Formular']
      },
    )
    Permission.create_or_update(
      name: 'admin.channel_web',
      note: 'Manage %s',
      preferences: {
        translations: ['Channel - Web']
      },
    )
    Permission.create_or_update(
      name: 'admin.channel_email',
      note: 'Manage %s',
      preferences: {
        translations: ['Channel - Email']
      },
    )
    Permission.create_or_update(
      name: 'admin.channel_twitter',
      note: 'Manage %s',
      preferences: {
        translations: ['Channel - Twitter']
      },
    )
    Permission.create_or_update(
      name: 'admin.channel_facebook',
      note: 'Manage %s',
      preferences: {
        translations: ['Channel - Facebook']
      },
    )
    Permission.create_or_update(
      name: 'admin.channel_chat',
      note: 'Manage %s',
      preferences: {
        translations: ['Channel - Chat']
      },
    )
    Permission.create_or_update(
      name: 'admin.branding',
      note: 'Manage %s',
      preferences: {
        translations: ['Branding']
      },
    )
    Permission.create_or_update(
      name: 'admin.setting_system',
      note: 'Manage %s Settings',
      preferences: {
        translations: ['System']
      },
    )
    Permission.create_or_update(
      name: 'admin.security',
      note: 'Manage %s Settings',
      preferences: {
        translations: ['Security']
      },
    )
    Permission.create_or_update(
      name: 'admin.ticket',
      note: 'Manage %s Settings',
      preferences: {
        translations: ['Ticket']
      },
    )
    Permission.create_or_update(
      name: 'admin.package',
      note: 'Manage %s',
      preferences: {
        translations: ['Packages']
      },
    )
    Permission.create_or_update(
      name: 'admin.integration',
      note: 'Manage %s',
      preferences: {
        translations: ['Integrations']
      },
    )
    Permission.create_or_update(
      name: 'admin.api',
      note: 'Manage %s',
      preferences: {
        translations: ['API']
      },
    )
    Permission.create_or_update(
      name: 'admin.object',
      note: 'Manage %s',
      preferences: {
        translations: ['Objects']
      },
    )
    Permission.create_or_update(
      name: 'admin.translation',
      note: 'Manage %s',
      preferences: {
        translations: ['Translations']
      },
    )
    Permission.create_or_update(
      name: 'admin.maintenance',
      note: 'Manage %s',
      preferences: {
        translations: ['Maintenance']
      },
    )
    Permission.create_or_update(
      name: 'admin.session',
      note: 'Manage %s',
      preferences: {
        translations: ['Sessions']
      },
    )
    Permission.create_or_update(
      name: 'user_preferences',
      note: 'User Preferences',
      preferences: {},
    )
    Permission.create_or_update(
      name: 'user_preferences.password',
      note: 'Change %s',
      preferences: {
        translations: ['Password']
      },
    )
    Permission.create_or_update(
      name: 'user_preferences.notifications',
      note: 'Manage %s',
      preferences: {
        translations: ['Notifications'],
        required: ['ticket.agent'],
      },
    )
    Permission.create_or_update(
      name: 'user_preferences.access_token',
      note: 'Manage %s',
      preferences: {
        translations: ['Token Access']
      },
    )
    Permission.create_or_update(
      name: 'user_preferences.language',
      note: 'Change %s',
      preferences: {
        translations: ['Language']
      },
    )
    Permission.create_or_update(
      name: 'user_preferences.linked_accounts',
      note: 'Manage %s',
      preferences: {
        translations: ['Linked Accounts']
      },
    )
    Permission.create_or_update(
      name: 'user_preferences.device',
      note: 'Manage %s',
      preferences: {
        translations: ['Devices']
      },
    )
    Permission.create_or_update(
      name: 'user_preferences.avatar',
      note: 'Manage %s',
      preferences: {
        translations: ['Avatar']
      },
    )
    Permission.create_or_update(
      name: 'user_preferences.calendar',
      note: 'Access to %s',
      preferences: {
        translations: ['Calendars'],
        required: ['ticket.agent'],
      },
    )

    Permission.create_or_update(
      name: 'report',
      note: 'Report Interface',
      preferences: {},
    )
    Permission.create_or_update(
      name: 'ticket',
      note: 'Ticket Interface',
      preferences: {
        disabled: true
      },
    )
    Permission.create_or_update(
      name: 'ticket.agent',
      note: 'Access to Agent Tickets based on Group Access',
      preferences: {
        not: ['ticket.customer'],
        plugin: ['groups']
      },
    )
    Permission.create_or_update(
      name: 'ticket.customer',
      note: 'Access to Customer Tickets based on current_user and current_user.organization',
      preferences: {
        not: ['ticket.agent'],
      },
    )
    Permission.create_or_update(
      name: 'chat',
      note: 'Access to %s',
      preferences: {
        disabled: true,
        translations: ['Chat']
      },
    )
    Permission.create_or_update(
      name: 'chat.agent',
      note: 'Access to %s',
      preferences: {
        translations: ['Chat'],
        not: ['chat.customer'],
      },
    )
    Permission.create_or_update(
      name: 'cti',
      note: 'CTI',
      preferences: {
        disabled: true
      },
    )
    Permission.create_or_update(
      name: 'cti.agent',
      note: 'Access to %s',
      preferences: {
        translations: ['CTI'],
        not: ['cti.customer'],
      },
    )

    admin = Role.find_by(name: 'Admin')
    admin.permission_grand('user_preferences')
    admin.permission_grand('admin')
    admin.permission_grand('report')

    agent = Role.find_by(name: 'Agent')
    agent.permission_grand('user_preferences')
    agent.permission_grand('ticket.agent')
    agent.permission_grand('chat.agent')
    agent.permission_grand('cti.agent')

    customer = Role.find_by(name: 'Customer')
    customer.permission_grand('user_preferences.password')
    customer.permission_grand('user_preferences.language')
    customer.permission_grand('user_preferences.linked_accounts')
    customer.permission_grand('user_preferences.avatar')
    customer.permission_grand('ticket.customer')

  end
end