update crm

2017-06-21 10:05:07 +06:30
parent 0e619f3f2a
commit 4ab5c311eb
9 changed files with 63 additions and 12 deletions
--- a/2
+++ b/2
@@ -66,6 +66,8 @@ gem 'kaminari', '~> 1.0.1'
 # Datatable
 gem 'filterrific'

+gem 'cancancan', '~> 1.10'
+
 # Use Capistrano for deployment
 # gem 'capistrano-rails', group: :development

--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -39,7 +39,7 @@ GEM
      minitest (~> 5.1)
      tzinfo (~> 1.1)
    arel (8.0.0)
-    autoprefixer-rails (7.1.1)
+    autoprefixer-rails (7.1.1.2)
      execjs
    bcrypt (3.1.11)
    bindex (0.5.0)
@@ -50,6 +50,7 @@ GEM
      railties (>= 3.0)
    builder (3.2.3)
    byebug (9.0.6)
+    cancancan (1.17.0)
    coffee-rails (4.2.2)
      coffee-script (>= 2.2.0)
      railties (>= 4.0.0)
@@ -121,7 +122,7 @@ GEM
    nokogiri (1.8.0)
      mini_portile2 (~> 2.2.0)
    pdf-core (0.7.0)
-    pg (0.20.0)
+    pg (0.21.0)
    prawn (2.2.2)
      pdf-core (~> 0.7.0)
      ttfunk (~> 1.5)
@@ -159,8 +160,8 @@ GEM
      thor (>= 0.18.1, < 2.0)
    rake (12.0.0)
    rb-fsevent (0.9.8)
-    rb-inotify (0.9.8)
-      ffi (>= 0.5.0)
+    rb-inotify (0.9.10)
+      ffi (>= 0.5.0, < 2)
    redis (3.3.3)
    rspec-core (3.6.0)
      rspec-support (~> 3.6.0)
@@ -191,7 +192,7 @@ GEM
      activesupport (>= 3.2.1)
    shoulda-matchers (3.1.1)
      activesupport (>= 4.0.0)
-    sidekiq (5.0.2)
+    sidekiq (5.0.3)
      concurrent-ruby (~> 1.0)
      connection_pool (~> 2.2, >= 2.2.0)
      rack-protection (>= 1.5.0)
@@ -245,6 +246,7 @@ DEPENDENCIES
  bootstrap (~> 4.0.0.alpha3)
  bootstrap-datepicker-rails
  byebug
+  cancancan (~> 1.10)
  coffee-rails (~> 4.2)
  cups (~> 0.0.7)
  database_cleaner
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -8,6 +8,16 @@ class ApplicationController < ActionController::Base
  #this is base api base controller to need to inherit.
  #all token authentication must be done here
  #response format must be set to JSON
+
+  # rescue_from CanCan::AccessDenied do |exception|
+  #   flash[:warning] = exception.message
+  #   redirect_to root_path
+  # end
+
+  def current_user
+    @current_user ||= Employee.find_by_token_session(session[:session_token]) if session[:session_token]
+  end
+
  def current_company
    begin
     return Company.first
--- a/app/controllers/crm/customers_controller.rb
+++ b/app/controllers/crm/customers_controller.rb
@@ -46,14 +46,14 @@ class Crm::CustomersController < BaseCrmController
    end

    #get customer amount
-      # @customer       = Customer.find(params[:id])
-      # response        = Customer.get_member_account(@customer)
+      @customer       = Customer.find(params[:id])
+      response        = Customer.get_member_account(@customer)

-      # if(response["status"] == true)
-      #   @membership = response["data"]
-      # else
+      if(response["status"] == true)
+        @membership = response["data"]
+      else
        @membership = 0
-      # end
+      end

      #end customer amount

--- a/app/controllers/reports/receipt_no_controller.rb
+++ b/app/controllers/reports/receipt_no_controller.rb
@@ -1,4 +1,5 @@
 class Reports::ReceiptNoController < BaseReportController	  
+	load_and_authorize_resource
 	def index
 		from, to = get_date_range_from_params
 		puts "from..."
--- a/app/controllers/reports/sale_item_controller.rb
+++ b/app/controllers/reports/sale_item_controller.rb
@@ -1,5 +1,5 @@
 class Reports::SaleItemController < BaseReportController
-
+	load_and_authorize_resource
  def index
      
      from, to, report_type  = get_date_range_from_params
--- a/app/controllers/settings/employees_controller.rb
+++ b/app/controllers/settings/employees_controller.rb
@@ -1,6 +1,8 @@
 class Settings::EmployeesController < ApplicationController
+  # load_and_authorize_resource
  before_action :set_employee, only: [:show, :edit, :update, :destroy]

+
  # GET /employees
  # GET /employees.json
  def index
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -0,0 +1,33 @@
+class Ability
+  include CanCan::Ability
+
+  def initialize(user)
+    user ||= Employee.new
+
+    if user.role? :administrator
+
+        can :manage, :all
+
+    elsif user.role? :cashier
+      can :read, Order
+      can :update, Order
+      can :completed_order_item, Order 
+      
+      can :read, Sale  
+      can :update, Sale      
+      
+                                               
+    elsif user.role? :accountant
+
+      can :read, Order
+      can :update, Order
+      can :completed_order_item, Order
+
+      can :read, Sale
+      can :update, Sale
+      can :manual_complete_sale, Sale      
+
+    end
+
+  end
+end
--- a/config/environment.rb
+++ b/config/environment.rb
@@ -3,3 +3,4 @@ require_relative 'application'

 # Initialize the Rails application.
 Rails.application.initialize!
+