Add pickups role

2017-11-15 23:58:11 +01:00 · 2017-11-15 23:58:11 +01:00 · ac11ba1cc1
commit ac11ba1cc1
parent 4c41a99fde
14 changed files with 42 additions and 15 deletions
--- a/app/assets/images/role-pickups.png
+++ b/app/assets/images/role-pickups.png
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -68,9 +68,11 @@ class ApplicationController < ActionController::Base
      when "admin"  then current_user.role_admin?
      when "finance"   then  current_user.role_finance?
      when "article_meta" then current_user.role_article_meta?
+      when "pickups" then current_user.role_pickups?
      when "suppliers"  then current_user.role_suppliers?
      when "orders" then current_user.role_orders?
      when "finance_or_orders" then (current_user.role_finance? || current_user.role_orders?)
+      when "pickups_or_orders" then (current_user.role_pickups? || current_user.role_orders?)
      when "any" then true        # no role required
      else false                  # any unknown role will always fail
      end
@ -81,19 +83,23 @@ class ApplicationController < ActionController::Base
      end
    end
  end
-    
+
  def authenticate_admin
    authenticate('admin')
  end
-    
+
  def authenticate_finance
    authenticate('finance')
  end
-    
+
  def authenticate_article_meta
    authenticate('article_meta')
  end

+  def authenticate_pickups
+    authenticate('pickups')
+  end
+
  def authenticate_suppliers
    authenticate('suppliers')
  end
@ -106,6 +112,10 @@ class ApplicationController < ActionController::Base
    authenticate('finance_or_orders')
  end

+  def authenticate_pickups_or_orders
+    authenticate('pickups_or_orders')
+  end
+
  # checks if the current_user is member of given group.
  # if fails the user will redirected to startpage
  def authenticate_membership_or_admin(group_id = params[:id])
--- a/app/controllers/orders_controller.rb
+++ b/app/controllers/orders_controller.rb
@ -4,7 +4,8 @@
 # Normal ordering actions of members of order groups is handled by the OrderingController.
 class OrdersController < ApplicationController

-  before_filter :authenticate_orders
+  before_filter :authenticate_pickups_or_orders
+  before_filter :authenticate_orders, except: [:receive, :receive_on_order_article_create, :receive_on_order_article_update, :show]
  before_filter :remove_empty_article, only: [:create, :update]

  # List orders
--- a/app/controllers/pickups_controller.rb
+++ b/app/controllers/pickups_controller.rb
@ -1,5 +1,7 @@
 class PickupsController < ApplicationController

+  before_filter :authenticate_pickups
+
  def index
    @orders = Order.finished_not_closed.order('pickup DESC').group_by { |o| o.pickup }
  end
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@ -150,7 +150,7 @@ module ApplicationHelper
  end

  def format_roles(record, icon=false)
-    roles = %w(suppliers article_meta orders finance invoices admin)
+    roles = %w(suppliers article_meta orders pickups finance invoices admin)
    roles.select! {|role| record.send "role_#{role}?"}
    names = Hash[roles.map{|r| [r, I18n.t("helpers.application.role_#{r}")]}]
    if icon
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -159,17 +159,22 @@ class User < ActiveRecord::Base
  def role_article_meta?
    groups.detect {|group| group.role_article_meta?}
  end
-  
+
  # Checks the suppliers role
  def role_suppliers?
    groups.detect {|group| group.role_suppliers?}
  end
-  
+
+  # Checks the invoices role
+  def role_pickups?
+    groups.detect {|group| group.role_pickups?}
+  end
+
  # Checks the orders role
  def role_orders?
    groups.detect {|group| group.role_orders?}
  end
-  
+
  def ordergroup_name
    ordergroup ? ordergroup.name : I18n.t('model.user.no_ordergroup')
  end
@ -178,7 +183,7 @@ class User < ActiveRecord::Base
  def member_of?(group)
    group.users.exists?(self.id)
  end
- 
+
  #Returns an array with the users groups (but without the Ordergroups -> because tpye=>"")
  def member_of_groups()
     self.groups.where(type: '')
--- a/app/views/admin/workgroups/_form.html.haml
+++ b/app/views/admin/workgroups/_form.html.haml
@ -7,6 +7,7 @@
    = f.input :role_suppliers
    = f.input :role_article_meta
    = f.input :role_orders
+    = f.input :role_pickups
    = f.input :role_finance
    = f.input :role_invoices
    = f.input :role_admin
--- a/app/views/pickups/index.html.haml
+++ b/app/views/pickups/index.html.haml
@ -24,10 +24,7 @@
          %tr
            %td
              = check_box_tag "orders[]", order.id, true #, style: 'float:left'
-              - if current_user.role_orders?
-                = link_to order.name, order_path(order)
-              - else
-                = order.name
+              = link_to order.name, order_path(order)
            %td= truncate order.note
            %td{style:'white-space:nowrap'}
              = render 'shared/order_download_button', order: order, klass: 'btn-small'