"use strict"; /** * Created by igor.samulenko on 5/20/2014. */ (function () { 'use strict'; angular.module('securityModule').factory('permissionModel', ['$rootScope', 'events', 'AUTH_EVENTS', 'roles', function ($rootScope, events, AUTH_EVENTS, roles) { var permissionList = []; var roleList = []; var permissionModel = {}; /** * Inits list of roles * * @param {Array} permissions */ permissionModel.setPermissions = function (permissions) { permissionList = permissions; $rootScope.$broadcast(events.PERMISSIONS_CHANGED); }; /** * Returns true if specified permission is contained in a list of permissions or access is "write" for the specified role * * @param {String} permission * @returns {Boolean} */ permissionModel.hasPermission = function (permission) { if (_.contains(permissionList, permission.trim())) { return true; } else { return (_.find(roleList, { id: permission, permission: 'write' })); } }; /** * Returns true if user has write permission for a ticket type, else it returns false * * @param {String} type * @returns {Boolean} */ permissionModel.hasPermissionForTicket = function (type) { var permission; if (type == EntityVO.TYPE_CHANGE) { permission = roles.ITSM_CHANGE_USER_ROLE; } else if (type == EntityVO.TYPE_PROBLEM || type == EntityVO.TYPE_KNOWNERROR) { permission = roles.ITSM_PROBLEM_USER_ROLE; } else if (type == EntityVO.TYPE_RELEASE) { permission = roles.ITSM_RELEASE_USER_ROLE; } else if (type == EntityVO.TYPE_KNOWLEDGE) { permission = roles.ITSM_KNOWLEDGE_USER_ROLE; } else if (type == EntityVO.TYPE_ASSET) { permission = roles.ITSM_ASSET_USER_ROLE; } else { permission = roles.ITSM_AGENT_ROLE; } var index = _.findIndex(roleList, { id: permission, permission: 'write' }); if ((index === -1) && type === EntityVO.TYPE_TASK) { index = _.findIndex(roleList, function (role) { return role.permission === 'write' && (role.id === roles.ITSM_PROBLEM_USER_ROLE || role.id === roles.ITSM_CHANGE_USER_ROLE); }); } return index === -1 ? false : true; }; /** * Returns true if specified role is contained in a list of roles. * * @param {String} role * @returns {Boolean} */ permissionModel.hasRole = function (role) { return _.find(roleList, function (item) { return item.id === role.trim(); }) !== undefined; }; $rootScope.$on(events.PERSON_PERMISSION_DATA_LOADED, handlePersonDataLoaded); $rootScope.$on(AUTH_EVENTS.LOGOUT_SUCCESS, handleLogout); permissionModel.hasAdminOnlyRole = function () { var hasAdminRole = permissionModel.hasRole(roles.ITSM_ADMIN_ROLE), hasOtherRoles = (permissionModel.hasRole(roles.ITSM_AGENT_ROLE) || permissionModel.hasRole(roles.ITSM_CHANGE_USER_ROLE) || permissionModel.hasRole(roles.ITSM_KNOWLEDGE_USER_ROLE)); return hasAdminRole && !hasOtherRoles; }; permissionModel.hasKnowledgeOnlyRole = function () { var noAdminRoles = _.reject(roleList, { id: roles.ITSM_ADMIN_ROLE }); return noAdminRoles.length === 1 && permissionModel.hasRole(roles.ITSM_KNOWLEDGE_USER_ROLE); }; /** * Private functions */ function handlePersonDataLoaded(event, data) { roleList = data; if (_.find(roleList, { id: roles.ITSM_ADMIN_ROLE, permission: 'write' })) { permissionList = ['admin:screenConfiguration']; } $rootScope.$broadcast(events.PERMISSIONS_CHANGED); } function handleLogout() { permissionModel.setPermissions([]); } return permissionModel; }]); })();