106 lines
4.6 KiB
JavaScript
106 lines
4.6 KiB
JavaScript
"use strict";
|
|
/**
|
|
* Created by igor.samulenko on 5/20/2014.
|
|
*/
|
|
(function () {
|
|
'use strict';
|
|
angular.module('securityModule').factory('permissionModel', ['$rootScope', 'events', 'AUTH_EVENTS', 'roles',
|
|
function ($rootScope, events, AUTH_EVENTS, roles) {
|
|
var permissionList = [];
|
|
var roleList = [];
|
|
var permissionModel = {};
|
|
/**
|
|
* Inits list of roles
|
|
*
|
|
* @param {Array} permissions
|
|
*/
|
|
permissionModel.setPermissions = function (permissions) {
|
|
permissionList = permissions;
|
|
$rootScope.$broadcast(events.PERMISSIONS_CHANGED);
|
|
};
|
|
/**
|
|
* Returns true if specified permission is contained in a list of permissions or access is "write" for the specified role
|
|
*
|
|
* @param {String} permission
|
|
* @returns {Boolean}
|
|
*/
|
|
permissionModel.hasPermission = function (permission) {
|
|
if (_.contains(permissionList, permission.trim())) {
|
|
return true;
|
|
}
|
|
else {
|
|
return (_.find(roleList, { id: permission, permission: 'write' }));
|
|
}
|
|
};
|
|
/**
|
|
* Returns true if user has write permission for a ticket type, else it returns false
|
|
*
|
|
* @param {String} type
|
|
* @returns {Boolean}
|
|
*/
|
|
permissionModel.hasPermissionForTicket = function (type) {
|
|
var permission;
|
|
if (type == EntityVO.TYPE_CHANGE) {
|
|
permission = roles.ITSM_CHANGE_USER_ROLE;
|
|
}
|
|
else if (type == EntityVO.TYPE_PROBLEM || type == EntityVO.TYPE_KNOWNERROR) {
|
|
permission = roles.ITSM_PROBLEM_USER_ROLE;
|
|
}
|
|
else if (type == EntityVO.TYPE_RELEASE) {
|
|
permission = roles.ITSM_RELEASE_USER_ROLE;
|
|
}
|
|
else if (type == EntityVO.TYPE_KNOWLEDGE) {
|
|
permission = roles.ITSM_KNOWLEDGE_USER_ROLE;
|
|
}
|
|
else if (type == EntityVO.TYPE_ASSET) {
|
|
permission = roles.ITSM_ASSET_USER_ROLE;
|
|
}
|
|
else {
|
|
permission = roles.ITSM_AGENT_ROLE;
|
|
}
|
|
var index = _.findIndex(roleList, { id: permission, permission: 'write' });
|
|
if ((index === -1) && type === EntityVO.TYPE_TASK) {
|
|
index = _.findIndex(roleList, function (role) {
|
|
return role.permission === 'write' && (role.id === roles.ITSM_PROBLEM_USER_ROLE || role.id === roles.ITSM_CHANGE_USER_ROLE);
|
|
});
|
|
}
|
|
return index === -1 ? false : true;
|
|
};
|
|
/**
|
|
* Returns true if specified role is contained in a list of roles.
|
|
*
|
|
* @param {String} role
|
|
* @returns {Boolean}
|
|
*/
|
|
permissionModel.hasRole = function (role) {
|
|
return _.find(roleList, function (item) {
|
|
return item.id === role.trim();
|
|
}) !== undefined;
|
|
};
|
|
$rootScope.$on(events.PERSON_PERMISSION_DATA_LOADED, handlePersonDataLoaded);
|
|
$rootScope.$on(AUTH_EVENTS.LOGOUT_SUCCESS, handleLogout);
|
|
permissionModel.hasAdminOnlyRole = function () {
|
|
var hasAdminRole = permissionModel.hasRole(roles.ITSM_ADMIN_ROLE), hasOtherRoles = (permissionModel.hasRole(roles.ITSM_AGENT_ROLE) || permissionModel.hasRole(roles.ITSM_CHANGE_USER_ROLE) || permissionModel.hasRole(roles.ITSM_KNOWLEDGE_USER_ROLE));
|
|
return hasAdminRole && !hasOtherRoles;
|
|
};
|
|
permissionModel.hasKnowledgeOnlyRole = function () {
|
|
var noAdminRoles = _.reject(roleList, { id: roles.ITSM_ADMIN_ROLE });
|
|
return noAdminRoles.length === 1 && permissionModel.hasRole(roles.ITSM_KNOWLEDGE_USER_ROLE);
|
|
};
|
|
/**
|
|
* Private functions
|
|
*/
|
|
function handlePersonDataLoaded(event, data) {
|
|
roleList = data;
|
|
if (_.find(roleList, { id: roles.ITSM_ADMIN_ROLE, permission: 'write' })) {
|
|
permissionList = ['admin:screenConfiguration'];
|
|
}
|
|
$rootScope.$broadcast(events.PERMISSIONS_CHANGED);
|
|
}
|
|
function handleLogout() {
|
|
permissionModel.setPermissions([]);
|
|
}
|
|
return permissionModel;
|
|
}]);
|
|
})();
|