blob: aefe50fe1b48934c2ced8f215fa2965c2562eefb (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
module Stif
module PermissionTranslator extend self
def translate(sso_extra_permissions, organisation=nil)
permissions = sso_extra_permissions.sort
.flat_map(&method(:extra_permission_translation))
permissions += extra_organisation_permissions(organisation)
permissions.uniq
end
private
def all_destructive_permissions
destructive_permissions_for( all_resources )
end
def all_resources
%w[
access_points
connection_links
calendars
footnotes
imports
exports
merges
journey_patterns
referentials
routes
routing_constraint_zones
time_tables
vehicle_journeys
api_keys
compliance_controls
compliance_control_sets
compliance_control_blocks
compliance_check_sets
]
end
def destructive_permissions_for(models)
models.product( %w{create destroy update} ).map{ |model_action| model_action.join('.') }
end
def extra_permission_translation extra_permission
translation_table.fetch(extra_permission, [])
end
def translation_table
{
"boiv:read-offer" => %w{sessions.create},
"boiv:edit-offer" => all_destructive_permissions + %w{sessions.create workbenches.update},
}
end
def extra_organisation_permissions organisation
if organisation&.name&.downcase == "stif"
return %w{calendars.share stop_area_referentials.synchronize line_referentials.synchronize}
end
[]
end
end
end
|
