From c29a524e2312e06830e8658a2f82299d4b87d9e2 Mon Sep 17 00:00:00 2001
From: Hadi Cheaito <38328371+hadicheaito1@users.noreply.github.com>
Date: Fri, 25 Nov 2022 03:11:43 -0500
Subject: [PATCH] SuperAdmin permission check (#4179)
* SuperAdmin permission checker
* spelling
---
.rubocop.yml | 2 +-
app/services/permissions_checker.rb | 2 ++
spec/services/permissions_checker_spec.rb | 12 ++++++++++++
3 files changed, 15 insertions(+), 1 deletion(-)
diff --git a/.rubocop.yml b/.rubocop.yml
index 96d82be6..b6908154 100644
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -76,7 +76,7 @@ RSpec/AnyInstance:
Enabled: false
Metrics/CyclomaticComplexity:
- Max: 13
+ Max: 14
Metrics/PerceivedComplexity:
Max: 13
diff --git a/app/services/permissions_checker.rb b/app/services/permissions_checker.rb
index 03e40aa4..cb169c76 100644
--- a/app/services/permissions_checker.rb
+++ b/app/services/permissions_checker.rb
@@ -10,6 +10,8 @@ class PermissionsChecker
end
def call
+ return true if @current_user.role == Role.find_by(name: 'SuperAdmin', provider: 'bn')
+
return true if RolePermission.joins(:permission).exists?(
role_id: @current_user.role_id,
permission: { name: @permission_names },
diff --git a/spec/services/permissions_checker_spec.rb b/spec/services/permissions_checker_spec.rb
index 20ff3589..21cb986b 100644
--- a/spec/services/permissions_checker_spec.rb
+++ b/spec/services/permissions_checker_spec.rb
@@ -66,6 +66,18 @@ describe PermissionsChecker, type: :service do
record_id: ''
).call).to be(true)
end
+
+ it 'checks the users role and returns true since user has SuperAdmin role' do
+ super_admin_role = create(:role, name: 'SuperAdmin', provider: 'bn')
+ super_admin_user = create(:user, provider: 'bn', role: super_admin_role)
+ expect(described_class.new(
+ current_user: super_admin_user,
+ permission_names: [],
+ user_id: super_admin_user.id,
+ friendly_id: '',
+ record_id: ''
+ ).call).to be(true)
+ end
end
end
end
--
GitLab