From 4ab5c311eb6c29be80ad66a3bf83e4280be6df7c Mon Sep 17 00:00:00 2001 From: Aung Myo Date: Wed, 21 Jun 2017 10:05:07 +0630 Subject: [PATCH] update crm --- Gemfile | 2 ++ Gemfile.lock | 12 ++++--- app/controllers/application_controller.rb | 10 ++++++ app/controllers/crm/customers_controller.rb | 12 +++---- .../reports/receipt_no_controller.rb | 1 + .../reports/sale_item_controller.rb | 2 +- .../settings/employees_controller.rb | 2 ++ app/models/ability.rb | 33 +++++++++++++++++++ config/environment.rb | 1 + 9 files changed, 63 insertions(+), 12 deletions(-) create mode 100644 app/models/ability.rb diff --git a/Gemfile b/Gemfile index 99489d5b..227cfa72 100644 --- a/Gemfile +++ b/Gemfile @@ -66,6 +66,8 @@ gem 'kaminari', '~> 1.0.1' # Datatable gem 'filterrific' +gem 'cancancan', '~> 1.10' + # Use Capistrano for deployment # gem 'capistrano-rails', group: :development diff --git a/Gemfile.lock b/Gemfile.lock index e6f683f6..e4b905ea 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -39,7 +39,7 @@ GEM minitest (~> 5.1) tzinfo (~> 1.1) arel (8.0.0) - autoprefixer-rails (7.1.1) + autoprefixer-rails (7.1.1.2) execjs bcrypt (3.1.11) bindex (0.5.0) @@ -50,6 +50,7 @@ GEM railties (>= 3.0) builder (3.2.3) byebug (9.0.6) + cancancan (1.17.0) coffee-rails (4.2.2) coffee-script (>= 2.2.0) railties (>= 4.0.0) @@ -121,7 +122,7 @@ GEM nokogiri (1.8.0) mini_portile2 (~> 2.2.0) pdf-core (0.7.0) - pg (0.20.0) + pg (0.21.0) prawn (2.2.2) pdf-core (~> 0.7.0) ttfunk (~> 1.5) @@ -159,8 +160,8 @@ GEM thor (>= 0.18.1, < 2.0) rake (12.0.0) rb-fsevent (0.9.8) - rb-inotify (0.9.8) - ffi (>= 0.5.0) + rb-inotify (0.9.10) + ffi (>= 0.5.0, < 2) redis (3.3.3) rspec-core (3.6.0) rspec-support (~> 3.6.0) @@ -191,7 +192,7 @@ GEM activesupport (>= 3.2.1) shoulda-matchers (3.1.1) activesupport (>= 4.0.0) - sidekiq (5.0.2) + sidekiq (5.0.3) concurrent-ruby (~> 1.0) connection_pool (~> 2.2, >= 2.2.0) rack-protection (>= 1.5.0) @@ -245,6 +246,7 @@ DEPENDENCIES bootstrap (~> 4.0.0.alpha3) bootstrap-datepicker-rails byebug + cancancan (~> 1.10) coffee-rails (~> 4.2) cups (~> 0.0.7) database_cleaner diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index bfde77c9..50278d71 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -8,6 +8,16 @@ class ApplicationController < ActionController::Base #this is base api base controller to need to inherit. #all token authentication must be done here #response format must be set to JSON + + # rescue_from CanCan::AccessDenied do |exception| + # flash[:warning] = exception.message + # redirect_to root_path + # end + + def current_user + @current_user ||= Employee.find_by_token_session(session[:session_token]) if session[:session_token] + end + def current_company begin return Company.first diff --git a/app/controllers/crm/customers_controller.rb b/app/controllers/crm/customers_controller.rb index 0adefbf4..c1b67509 100644 --- a/app/controllers/crm/customers_controller.rb +++ b/app/controllers/crm/customers_controller.rb @@ -46,14 +46,14 @@ class Crm::CustomersController < BaseCrmController end #get customer amount - # @customer = Customer.find(params[:id]) - # response = Customer.get_member_account(@customer) + @customer = Customer.find(params[:id]) + response = Customer.get_member_account(@customer) - # if(response["status"] == true) - # @membership = response["data"] - # else + if(response["status"] == true) + @membership = response["data"] + else @membership = 0 - # end + end #end customer amount diff --git a/app/controllers/reports/receipt_no_controller.rb b/app/controllers/reports/receipt_no_controller.rb index 8569c051..6f501fd1 100644 --- a/app/controllers/reports/receipt_no_controller.rb +++ b/app/controllers/reports/receipt_no_controller.rb @@ -1,4 +1,5 @@ class Reports::ReceiptNoController < BaseReportController + load_and_authorize_resource def index from, to = get_date_range_from_params puts "from..." diff --git a/app/controllers/reports/sale_item_controller.rb b/app/controllers/reports/sale_item_controller.rb index 40aea618..9e2b728b 100644 --- a/app/controllers/reports/sale_item_controller.rb +++ b/app/controllers/reports/sale_item_controller.rb @@ -1,5 +1,5 @@ class Reports::SaleItemController < BaseReportController - + load_and_authorize_resource def index from, to, report_type = get_date_range_from_params diff --git a/app/controllers/settings/employees_controller.rb b/app/controllers/settings/employees_controller.rb index 31e93d97..dc7093f3 100644 --- a/app/controllers/settings/employees_controller.rb +++ b/app/controllers/settings/employees_controller.rb @@ -1,6 +1,8 @@ class Settings::EmployeesController < ApplicationController + # load_and_authorize_resource before_action :set_employee, only: [:show, :edit, :update, :destroy] + # GET /employees # GET /employees.json def index diff --git a/app/models/ability.rb b/app/models/ability.rb new file mode 100644 index 00000000..2b28ab61 --- /dev/null +++ b/app/models/ability.rb @@ -0,0 +1,33 @@ +class Ability + include CanCan::Ability + + def initialize(user) + user ||= Employee.new + + if user.role? :administrator + + can :manage, :all + + elsif user.role? :cashier + can :read, Order + can :update, Order + can :completed_order_item, Order + + can :read, Sale + can :update, Sale + + + elsif user.role? :accountant + + can :read, Order + can :update, Order + can :completed_order_item, Order + + can :read, Sale + can :update, Sale + can :manual_complete_sale, Sale + + end + + end +end \ No newline at end of file diff --git a/config/environment.rb b/config/environment.rb index 426333bb..f467c11e 100644 --- a/config/environment.rb +++ b/config/environment.rb @@ -3,3 +3,4 @@ require_relative 'application' # Initialize the Rails application. Rails.application.initialize! +