Fix for query_roles bug
This commit is contained in:
Eric Schultz
parent
51ec6f906c
commit
893bfd38b3
2 changed files with 50 additions and 13 deletions
|
|
@ -1,27 +1,27 @@
|
|||
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
|
||||
module QueryRoles
|
||||
|
||||
def self.user_has_role?(user_id, role_names, host_id=nil)
|
||||
expr = Qx.select("COUNT(roles)").from(:roles)
|
||||
.where("name IN ($names)", names: Array(role_names))
|
||||
.and_where(user_id: user_id)
|
||||
expr = expr.and_where(host_id: host_id) if host_id
|
||||
return expr.execute.first['count'] > 0
|
||||
def self.user_has_role?(user_id, role_names, host_id=nil)
|
||||
expr = Qx.select("COUNT(roles)").from(:roles)
|
||||
.where("name IN ($names)", names: Array(role_names))
|
||||
.and_where(user_id: user_id)
|
||||
expr = expr.and_where(host_id: host_id) if host_id
|
||||
return expr.execute.first['count'] > 0
|
||||
end
|
||||
|
||||
# Get host tables -- host can be nonprofit, campaign, event
|
||||
# Get host tables -- host can be nonprofit, campaign, event
|
||||
def self.host_ids(user_id, role_names)
|
||||
Qx.select("host_id").from(:roles)
|
||||
.where(user_id: user_id)
|
||||
.and_where("roles.name IN ($names)", names: role_names)
|
||||
.execute.map{|h| h['host_id']}
|
||||
Qx.select("host_id").from(:roles)
|
||||
.where(user_id: user_id)
|
||||
.and_where("roles.name IN ($names)", names: role_names)
|
||||
.execute.map{|h| h['host_id']}
|
||||
end
|
||||
|
||||
def self.is_nonprofit_user?(user_id, np_id)
|
||||
user_has_role?(user_id, [:nonprofit_admin, :nonprofit_user], np_id)
|
||||
user_has_role?(user_id, [:nonprofit_admin, :nonprofit_associate], np_id)
|
||||
end
|
||||
|
||||
def self.is_authorized_for_nonprofit?(user_id, np_id)
|
||||
user_has_role?(user_id, [:super_admin]) || is_nonprofit_user?(user_id, np_id)
|
||||
end
|
||||
end
|
||||
end
|
||||
37
spec/lib/query/query_roles_spec.rb
Normal file
37
spec/lib/query/query_roles_spec.rb
Normal file
|
|
@ -0,0 +1,37 @@
|
|||
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
|
||||
require 'rails_helper'
|
||||
|
||||
describe QueryRoles do
|
||||
include_context :shared_donation_charge_context
|
||||
let(:nonprofit_admin_role) {force_create(:role, user: user, host: nonprofit, name: :nonprofit_admin)}
|
||||
let(:other_nonprofit_admin_role) {force_create(:role, user: user, host: other_nonprofit, name: :nonprofit_admin)}
|
||||
let(:nonprofit_associate_role) {force_create(:role, user: user, host: nonprofit, name: :nonprofit_associate)}
|
||||
let(:other_nonprofit_associate_role) {force_create(:role, user: user, host: other_nonprofit, name: :nonprofit_associate)}
|
||||
|
||||
describe 'is_nonprofit_user?' do
|
||||
it 'false for no role' do
|
||||
expect(QueryRoles.is_nonprofit_user?(user.id, nonprofit.id)).to be_falsey
|
||||
end
|
||||
|
||||
it 'false for other nonprofit admin' do
|
||||
other_nonprofit_admin_role
|
||||
expect(QueryRoles.is_nonprofit_user?(user.id, nonprofit.id)).to be_falsey
|
||||
end
|
||||
|
||||
it 'false for other nonprofit associate' do
|
||||
other_nonprofit_associate_role
|
||||
expect(QueryRoles.is_nonprofit_user?(user.id, nonprofit.id)).to be_falsey
|
||||
end
|
||||
|
||||
it 'true for nonprofit admin' do
|
||||
nonprofit_admin_role
|
||||
expect(QueryRoles.is_nonprofit_user?(user.id, nonprofit.id)).to be_truthy
|
||||
end
|
||||
|
||||
it 'true for nonprofit admin' do
|
||||
nonprofit_associate_role
|
||||
expect(QueryRoles.is_nonprofit_user?(user.id, nonprofit.id)).to be_truthy
|
||||
end
|
||||
end
|
||||
|
||||
end
|
||||
Loading…
Reference in a new issue