forked from Gitlink/forgeplus
127 lines
4.4 KiB
Ruby
127 lines
4.4 KiB
Ruby
module ProjectOperable
|
|
extend ActiveSupport::Concern
|
|
|
|
included do
|
|
has_many :members, dependent: :destroy
|
|
has_many :except_owner_members, -> { joins(:roles).where.not(roles: { name: 'Manager' }) }, class_name: 'Member'
|
|
has_many :managers, -> { joins(:roles).where(roles: { name: 'Manager' }) }, class_name: 'Member'
|
|
has_many :developers, -> { joins(:roles).where(roles: { name: 'Developer' }) }, class_name: 'Member'
|
|
has_many :reporters, -> { joins(:roles).where(roles: { name: 'Reporter' }) }, class_name: 'Member'
|
|
has_many :writable_members, -> { joins(:roles).where.not(roles: {name: 'Reporter'}) }, class_name: 'Member'
|
|
has_many :team_projects, dependent: :destroy
|
|
has_many :teams, through: :team_projects, source: :team
|
|
end
|
|
|
|
def set_owner_permission(creator)
|
|
return unless owner.is_a?(Organization)
|
|
owner.build_permit_team_projects!(id)
|
|
# 避免自己创建的项目,却无法拥有访问权,因为该用户所在团队暂未获得项目访问权
|
|
return if creator.nil? || owner.is_owner?(creator.id)
|
|
add_member!(creator.id, "Manager")
|
|
end
|
|
|
|
def add_member!(user_id, role_name='Developer')
|
|
member = members.create!(user_id: user_id)
|
|
set_developer_role(member, role_name)
|
|
end
|
|
|
|
def remove_member!(user_id)
|
|
member = members.find_by(user_id: user_id)
|
|
member.destroy! if member && self.user_id != user_id
|
|
end
|
|
|
|
def member?(user_id)
|
|
if owner.is_a?(User)
|
|
members.exists?(user_id: user_id)
|
|
elsif owner.is_a?(Organization)
|
|
members.exists?(user_id: user_id) || team_projects.joins(team: :team_users).where(team_users: {user_id: user_id}).present?
|
|
else
|
|
false
|
|
end
|
|
end
|
|
|
|
# 除了项目创建者本身
|
|
def member(user_id)
|
|
members.where.not("members.user_id = ? ", owner.id).find_by(user_id: user_id)
|
|
end
|
|
|
|
def change_member_role!(user_id, role)
|
|
member = self.member(user_id)
|
|
member.member_roles.last.update_attributes!(role: role)
|
|
end
|
|
|
|
def owner?(user)
|
|
if owner.is_a?(User)
|
|
self.owner == user
|
|
elsif owner.is_a?(Organization)
|
|
owner.is_owner?(user.id)
|
|
else
|
|
false
|
|
end
|
|
end
|
|
|
|
# 项目管理员(包含项目拥有者),权限:仓库设置、仓库可读可写
|
|
def manager?(user)
|
|
if owner.is_a?(User)
|
|
managers.exists?(user_id: user.id)
|
|
elsif owner.is_a?(Organization)
|
|
managers.exists?(user_id: user.id) || owner.is_owner?(user.id) || owner.is_only_admin?(user.id)
|
|
else
|
|
false
|
|
end
|
|
end
|
|
|
|
# 项目开发者,可读可写权限
|
|
def develper?(user)
|
|
if owner.is_a?(User)
|
|
developers.exists?(user_id: user.id)
|
|
elsif owner.is_a?(Organization)
|
|
developers.exists?(user_id: user.id) || owner.is_only_write?(user.id)
|
|
else
|
|
false
|
|
end
|
|
end
|
|
|
|
# 报告者,只有可读权限
|
|
def reporter?(user)
|
|
if owner.is_a?(User)
|
|
reporters.exists?(user_id: user.id)
|
|
elsif owner.is_a?(Organization)
|
|
reporters.exists?(user_id: user.id) || owner.is_only_read?(user.id)
|
|
else
|
|
false
|
|
end
|
|
end
|
|
|
|
def operator?(user)
|
|
user.admin? || (member?(user.id) && !reporter?(user))
|
|
end
|
|
|
|
def set_developer_role(member, role_name)
|
|
role = Role.find_by(name: role_name)
|
|
member.member_roles.create!(role: role)
|
|
end
|
|
|
|
def has_menu_permission(unit_type)
|
|
self.project_units.where(unit_type: unit_type).exists?
|
|
end
|
|
|
|
def all_collaborators
|
|
member_sql = User.joins(members: :roles).where(members: {project_id: self.id}, roles: {name: %w(Manager Developer Reporter)}).to_sql
|
|
team_user_sql = User.joins(teams: :team_projects).where(team_projects: {project_id: self.id}).to_sql
|
|
return User.from("( #{ member_sql } UNION #{ team_user_sql } ) AS users").distinct
|
|
end
|
|
|
|
def all_developers
|
|
member_sql = User.joins(members: :roles).where(members: {project_id: self.id}, roles: {name: %w(Manager Developer)}).to_sql
|
|
team_user_sql = User.joins(teams: :team_projects).where(teams: {authorize: %w(owner admin write)}, team_projects: {project_id: self.id}).to_sql
|
|
return User.from("( #{ member_sql } UNION #{ team_user_sql } ) AS users").distinct
|
|
end
|
|
|
|
def all_managers
|
|
member_sql = User.joins(members: :roles).where(members: {project_id: self.id}, roles: {name: %w(Manager)}).to_sql
|
|
team_user_sql = User.joins(teams: :team_projects).where(teams: {authorize: %w(owner admin)},team_projects: {project_id: self.id}).to_sql
|
|
return User.from("( #{ member_sql} UNION #{ team_user_sql } ) AS users").distinct
|
|
end
|
|
end
|