Refactor permissions system & misc related fixes

jamesu · Oct 21, 2023 · 819ebe4 · 819ebe4
1 parent 91d67de
commit 819ebe4
Show file tree

Hide file tree

Showing 33 changed files with 513 additions and 293 deletions.
diff --git a/app/assets/stylesheets/general/forms.scss b/app/assets/stylesheets/general/forms.scss
@@ -257,3 +257,12 @@ form .required-label:after {
   color: red;
 }
 
+form .project-perm-boxes {
+  padding-left: 24px; 
+  border-left: 3px solid #dadada;
+}
+
+form .project-perm-breakdown {
+  padding-left: 12px; 
+}
+
diff --git a/app/assets/stylesheets/project/permissions.scss b/app/assets/stylesheets/project/permissions.scss
@@ -3,6 +3,12 @@ div.projectCompany {
   border: 1px solid #ccc;
   padding: 10px;
   min-height: 50px;
+  box-sizing: border-box;
+}
+
+.projectCompanies {
+  display: flex;
+  flex-direction: column;
 }
 
 * html div.projectCompany {
@@ -12,18 +18,23 @@ div.projectCompany {
 div.projectCompanyLogo {
   float: left;
   width: 60px;
+  height: 54px;
 }
 
 div.projectCompanyMeta {
-  margin-left: 60px;
+  box-sizing: border-box;
+  display: flex;
+  flex-direction: row;
+  border-bottom: 1px dashed #cccccc;
+  min-height: 54px;
 }
 
 div.projectCompany .projectCompanyTitle label {
   font-weight: bolder;
 }
 
 div.projectCompany div.projectCompanyUsers {
-  margin: 10px 0 0 10px;
+  margin: 10px 0 0 60px;
 }
 
 div.projectCompany div.projectUserPermissions {
@@ -33,4 +44,12 @@ div.projectCompany div.projectUserPermissions {
 div.projectCompany tr.user {
   border: 1px solid #ccc;
   border-width: 1px 0;
-}
+}
+
+div.companyProject .projectTitle {
+  margin: 10px 0 0 30px;
+}
+
+div.companyProject {
+  border-bottom: 1px dotted #afafaf;
+}
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -175,4 +175,8 @@ def config_page
     @page_actions = page_actions
   end
 
+  def company_list
+    list = [@owner] + @owner.clients
+  end
+
 end
diff --git a/app/controllers/companies_controller.rb b/app/controllers/companies_controller.rb
@@ -141,32 +141,31 @@ def destroy
 
   def permissions
     authorize! :manage, @company
-
-    @projects = Project.order(name: :asc).all
-    if @projects.empty?
-      error_status(true, :no_projects)
-      redirect_back_or_default companies_path
-      return
-    end
+    @projects = @owner.owner_projects
 
     case request.request_method_symbol
+    when :get
+
     when :put
-      project_list = params[:project]
-      project_list ||= []
-      project_ids = project_list.collect { |ids| ids.to_i }
-
-      # Add and remove project associations
-      @projects.each do |project|
-        next unless @logged_user.member_of(project)
-
-        if project_ids.include?(project.id)
-          begin
-            project.companies.find(@company.id)
-          rescue ActiveRecord::RecordNotFound
-            project.companies << @company
-          end
-        else
-          project.companies.delete(@company)
+      @company.perms = company_params[:perms]
+      @company.project_ids = company_params[:project_ids]
+
+      saved = @company.save
+
+      if saved
+        respond_to do |format|
+          format.html {
+            error_status(false, :success_updated_permissions)
+            redirect_back_or_default company_path(id: @company.id)
+          }
+          format.json { render json: :ok }
+        end
+      else
+        respond_to do |format|
+          format.turbo_stream { render turbo_stream: turbo_stream.replace("permissions_form", partial: "companies/permissions_form") }
+          format.html {
+          }
+          format.json { render json: @company.errors, status: :unprocessable_entity }
         end
       end
     end
@@ -230,7 +229,7 @@ def extra_crumbs
   end
 
   def company_params
-    params.require(:company).permit(:logo, :name, :time_zone, :email, :homepage, :phone_number, :fax_number, :address, :address2, :city, :state, :zipcode, :country)
+    params.require(:company).permit(:logo, :name, :time_zone, :email, :homepage, :phone_number, :fax_number, :address, :address2, :city, :state, :zipcode, :country, company_ids: [], perms: [], project_ids: [])
   end
 
   def load_related_object

diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb
@@ -116,76 +116,33 @@ def people
 
   def permissions
     authorize! :manage, @project
-
+    @companies = company_list
+
     case request.request_method_symbol
     when :get
-      @people = @project.users
-      @user_projects = @logged_user.projects
-
-      @companies = [@owner]
-      @permissions = Person.permission_names()
-      clients = @owner.clients
-      if clients.length > 0
-        @companies += clients
-      end
-    when :post, :put
-      # Sort out changes to the company set
-      @project.companies.clear
-      @project.companies << @owner
-      if params[:project_company]
-        valid_companies = Company.where(id: params[:project_company]).select("id", "client_of_id")
-        valid_companies.each { |valid_company| @project.companies << valid_company unless valid_company.is_instance_owner? }
-      end
 
-      valid_user_ids = params[:people] || []
-
-      # Grab the old user set
-      people = @project.people.all
-
-      # Destroy the Person entry for each non-active user
-      people.each do |person|
-        user = person.user
-        next if user.owner_of_owner?
-
-        # Have a look to see if it is on our list
-        has_valid_user = valid_user_ids.include? user.id.to_s
-        # Have another look to see if his company is enabled
-        has_valid_company = valid_companies.include? user.company
-
-        if has_valid_user and has_valid_company
-          permissions = params[:people_permissions] ? params[:people_permissions][user.id.to_s] : nil
-          person.clear_all_permissions
-          person.set_permissions permissions unless permissions.nil?
-          person.set_all_permissions if person.user.member_of_owner?
-          person.save
-        else
-          # Exterminate! (maybe better if this was a single query?)
-          person.destroy
-        end
-        valid_user_ids.delete user.id.to_s if has_valid_user
+    when :put
+      @project.perms = project_params[:perms]
+      @project.company_ids = project_params[:company_ids]
 
-        # Also check if he is activated
-        #
-      end
+      saved = @project.save
 
-      # Create new Person entries for new users
-
-      users = User.where(id: valid_user_ids).includes(:company)
-      users.each do |user|
-        next unless valid_companies.include? user.company
-        person = @project.people.create(user: user)
-        permissions = params[:people_permissions] ? params[:people_permissions][id] : nil
-        person.clear_all_permissions
-        person.set_permissions permissions unless permissions.nil?
-        person.set_all_permissions if person.user.member_of_owner?
-        person.save
+      if saved
+        respond_to do |format|
+          format.html {
+            error_status(false, :success_updated_permissions)
+            redirect_back_or_default people_project_path(id: @project.id)
+          }
+          format.json { render json: :ok }
+        end
+      else
+        respond_to do |format|
+          format.turbo_stream { render turbo_stream: turbo_stream.replace("permissions_form", partial: "projects/permissions_form") }
+          format.html {
+          }
+          format.json { render json: @project.errors, status: :unprocessable_entity }
+        end
       end
-
-      # Now we can do the log keeping!
-      #@project.updated_by = @logged_user
-
-      error_status(false, :success_updated_permissions)
-      redirect_to people_project_path(id: @project.id)
     end
   end
 
@@ -225,7 +182,7 @@ def companies
     end
   end
 
-  def new
+  def neww
     authorize! :create_project, current_user
 
     @project = Project.new
@@ -405,7 +362,7 @@ def page_title
   end
 
   def project_params
-    params.require(:project).permit(:name, :description, :priority, :show_description_in_overview)
+    params.require(:project).permit(:name, :description, :priority, :show_description_in_overview, :company_ids, perms: [], company_ids: [])
   end
 
   def load_related_object

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
@@ -238,53 +238,6 @@ def show
     end
   end
 
-  def permissions
-    authorize! :update_profile, @user
-
-    @projects = @user.company.projects
-    @permissions = Person.permission_names()
-
-    case request.request_method_symbol
-    when :put
-      update_project_permissions(@user, params[:user_project], params[:project_permission], @projects)
-      #Activity.new_log(@project, @logged_user, :edit, true)
-      error_status(false, :success_updated_permissions)
-    end
-  end
-
-  private
-
-  def update_project_permissions(user, project_ids, project_permission, old_projects = nil)
-    project_ids ||= []
-
-    # Grab the list of project id's specified
-    project_list = Project.where(id: project_ids & user.project_ids)
-
-    # Associate project permissions with user
-    project_list.each do |project|
-      permission_list = project_permission.nil? ? nil : project_permission[project.id.to_s]
-
-      # Find permission list
-      person = project.people.find_or_create_by_user_id user.id
-
-      # Reset and update permissions
-      person.clear_all_permissions
-      person.set_permissions permission_list unless permission_list.nil?
-      person.save
-    end
-
-    unless old_projects.nil?
-      # Delete all permissions that aren't in the project list
-      delete_list = old_projects.collect do |project|
-        project.id unless project_list.include?(project)
-      end.compact
-
-      unless delete_list.empty?
-        Person.where(user_id: user.id, project_id: delete_list).delete_all
-      end
-    end
-  end
-
   protected
 
   def page_title
@@ -333,7 +286,7 @@ def admin_user_params
     nl << :auto_assign
     nl << :user_project
     nl << :project_permission
-    params[:user].nil? ? {} : params[:user].permit(*nl)
+    params[:user].nil? ? {} : params[:user].permit(*nl, perms: [])
   end
 
   def load_related_object

diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
@@ -103,8 +103,7 @@ def actions_for_user(user)
 
     if @active_project.nil?
       actions += [
-        { name: I18n.t("delete"), url: user_path(id: user.id), cond: can?(:delete, user), data: { turbo_method: :delete, turbo_confirm: I18n.t("confirm_user_delete") } },
-        { name: I18n.t("permissions"), url: permissions_user_path(id: user.id), cond: can?(:update_permissions, user) },
+        { name: I18n.t("delete"), url: user_path(id: user.id), cond: can?(:delete, user), data: { turbo_method: :delete, turbo_confirm: I18n.t("confirm_user_delete") } }
       ]
     else
       actions << { name: I18n.t("remove"), url: users_project_path(id: @active_project.id, user: user.id), cond: can?(:delete, user), data: { turbo_method: :delete, turbo_confirm: I18n.t("confirm_user_remove") } }