From c29a524e2312e06830e8658a2f82299d4b87d9e2 Mon Sep 17 00:00:00 2001 From: Hadi Cheaito <38328371+hadicheaito1@users.noreply.github.com> Date: Fri, 25 Nov 2022 03:11:43 -0500 Subject: [PATCH] SuperAdmin permission check (#4179) * SuperAdmin permission checker * spelling --- .rubocop.yml | 2 +- app/services/permissions_checker.rb | 2 ++ spec/services/permissions_checker_spec.rb | 12 ++++++++++++ 3 files changed, 15 insertions(+), 1 deletion(-) diff --git a/.rubocop.yml b/.rubocop.yml index 96d82be6..b6908154 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -76,7 +76,7 @@ RSpec/AnyInstance: Enabled: false Metrics/CyclomaticComplexity: - Max: 13 + Max: 14 Metrics/PerceivedComplexity: Max: 13 diff --git a/app/services/permissions_checker.rb b/app/services/permissions_checker.rb index 03e40aa4..cb169c76 100644 --- a/app/services/permissions_checker.rb +++ b/app/services/permissions_checker.rb @@ -10,6 +10,8 @@ class PermissionsChecker end def call + return true if @current_user.role == Role.find_by(name: 'SuperAdmin', provider: 'bn') + return true if RolePermission.joins(:permission).exists?( role_id: @current_user.role_id, permission: { name: @permission_names }, diff --git a/spec/services/permissions_checker_spec.rb b/spec/services/permissions_checker_spec.rb index 20ff3589..21cb986b 100644 --- a/spec/services/permissions_checker_spec.rb +++ b/spec/services/permissions_checker_spec.rb @@ -66,6 +66,18 @@ describe PermissionsChecker, type: :service do record_id: '' ).call).to be(true) end + + it 'checks the users role and returns true since user has SuperAdmin role' do + super_admin_role = create(:role, name: 'SuperAdmin', provider: 'bn') + super_admin_user = create(:user, provider: 'bn', role: super_admin_role) + expect(described_class.new( + current_user: super_admin_user, + permission_names: [], + user_id: super_admin_user.id, + friendly_id: '', + record_id: '' + ).call).to be(true) + end end end end -- GitLab