SmartIT_Extensions/BMC/smart-it-full-helix/scripts/app/security/permission-model.js

"use strict";
/**
 * Created by igor.samulenko on 5/20/2014.
 */
(function () {
    'use strict';
    angular.module('securityModule').factory('permissionModel', ['$rootScope', 'events', 'AUTH_EVENTS', 'roles',
        function ($rootScope, events, AUTH_EVENTS, roles) {
            var permissionList = [];
            var roleList = [];
            var permissionModel = {};
            /**
             * Inits list of roles
             *
             * @param {Array} permissions
             */
            permissionModel.setPermissions = function (permissions) {
                permissionList = permissions;
                $rootScope.$broadcast(events.PERMISSIONS_CHANGED);
            };
            /**
             * Returns true if specified permission is contained in a list of permissions or access is "write" for the specified role
             *
             * @param {String} permission
             * @returns {Boolean}
             */
            permissionModel.hasPermission = function (permission) {
                if (_.includes(permissionList, permission.trim())) {
                    return true;
                }
                else {
                    return (_.find(roleList, { id: permission, permission: 'write' }));
                }
            };
            /**
             * Returns role
             *
             * @param {String} permission
             * @returns {Boolean}
             */
            permissionModel.getRolePermission = function (role) {
                return (_.find(roleList, { id: role }));
            };
            permissionModel.hasAssetCreatePermission = function () {
                var assetUserRole = permissionModel.getRolePermission('galileo-asset-access');
                var assetCreator = permissionModel.getRolePermission('galileo-asset-creator');
                if ((assetUserRole && assetUserRole.permission === 'write') || ((assetUserRole && assetUserRole.permission === 'read') && (assetCreator && assetCreator.permission === 'write'))) {
                    return true;
                }
                else {
                    return false;
                }
            };
            /**
             * Returns true if user has write permission for a ticket type for calendar, else it returns false
             *
             * @param {String} type
             * @returns {Boolean}
             */
            permissionModel.hasPermissionForCalendar = function (type) {
                var permission;
                if (type == EntityVO.TYPE_CHANGE) {
                    permission = roles.ITSM_CHANGE_USER_ROLE;
                }
                else if (type == EntityVO.TYPE_RELEASE) {
                    permission = roles.ITSM_RELEASE_USER_ROLE;
                }
                else {
                    permission = roles.ITSM_AGENT_ROLE;
                }
                var index = _.findIndex(roleList, { id: permission });
                return (index > -1);
            };
            /**
             * Returns true if user has write permission for a ticket type, else it returns false
             *
             * @param {String} type
             * @returns {Boolean}
             */
            permissionModel.hasPermissionForTicket = function (type) {
                var permission;
                if (type == EntityVO.TYPE_CHANGE) {
                    permission = roles.ITSM_CHANGE_USER_ROLE;
                }
                else if (type == EntityVO.TYPE_PROBLEM || type == EntityVO.TYPE_KNOWNERROR) {
                    permission = roles.ITSM_PROBLEM_USER_ROLE;
                }
                else if (type == EntityVO.TYPE_RELEASE) {
                    permission = roles.ITSM_RELEASE_USER_ROLE;
                }
                else if (type == EntityVO.TYPE_KNOWLEDGE) {
                    permission = roles.ITSM_KNOWLEDGE_USER_ROLE;
                }
                else if (type == EntityVO.TYPE_ASSET) {
                    permission = roles.ITSM_ASSET_USER_ROLE;
                }
                else {
                    permission = roles.ITSM_AGENT_ROLE;
                }
                var index = _.findIndex(roleList, { id: permission, permission: 'write' });
                if ((index === -1) && type === EntityVO.TYPE_TASK) {
                    index = _.findIndex(roleList, function (role) {
                        return role.id === roles.ITSM_PROBLEM_USER_ROLE || role.id === roles.ITSM_CHANGE_USER_ROLE;
                    });
                }
                return index === -1 ? false : true;
            };
            /**
             * Returns true if specified role is contained in a list of roles.
             *
             * @param {String} role
             * @returns {Boolean}
             */
            permissionModel.hasRole = function (role) {
                return _.find(roleList, function (item) {
                    return item.id === role.trim();
                }) !== undefined;
            };
            $rootScope.$on(events.PERSON_PERMISSION_DATA_LOADED, handlePersonDataLoaded);
            $rootScope.$on(AUTH_EVENTS.LOGOUT_SUCCESS, handleLogout);
            /**
             * Returns true if both Live Chat agent and Live Chat admin/supervisor roles are in the list of roles.
             */
            permissionModel.checkLiveChatRoles = function () {
                return permissionModel.hasRole(roles.ESCHAT_AGENT_ROLE) && permissionModel.hasRole(roles.ESCHAT_ADMIN_ROLE);
            };
            permissionModel.hasAdminOnlyRole = function () {
                var hasAdminRole = permissionModel.hasRole(roles.ITSM_ADMIN_ROLE), hasOtherRoles = (permissionModel.hasRole(roles.ITSM_AGENT_ROLE) || permissionModel.hasRole(roles.ITSM_CHANGE_USER_ROLE) || permissionModel.hasRole(roles.ITSM_KNOWLEDGE_USER_ROLE));
                return hasAdminRole && !hasOtherRoles;
            };
            permissionModel.hasKnowledgeOnlyRole = function () {
                var noAdminRoles = _.reject(roleList, { id: roles.ITSM_ADMIN_ROLE });
                return noAdminRoles.length === 1 && permissionModel.hasRole(roles.ITSM_KNOWLEDGE_USER_ROLE);
            };
            /**
             * Private functions
             */
            function handlePersonDataLoaded(event, data) {
                roleList = data;
                if (_.find(roleList, { id: roles.ITSM_ADMIN_ROLE, permission: 'write' })) {
                    permissionList = ['admin:screenConfiguration'];
                }
                if (_.find(roleList, { id: roles.ITSM_ASSET_USER_ROLE, permission: 'write' })) {
                    roleList.push({ id: roles.ITSM_ASSET_ADMIN_ROLE, permission: 'write' });
                }
                $rootScope.$broadcast(events.PERMISSIONS_CHANGED);
            }
            function handleLogout() {
                permissionModel.setPermissions([]);
            }
            return permissionModel;
        }]);
})();