From d732ca4d34313b890abfde3ae60caef388adc8e6 Mon Sep 17 00:00:00 2001 From: Ellen Wittingen Date: Tue, 6 Feb 2024 17:14:18 +0100 Subject: [PATCH 01/19] Added secretary role and changed views and policies accordingly --- .../credit_mutations_controller.rb | 5 +-- app/controllers/users_controller.rb | 1 + app/javascript/components/user/UsersTable.vue | 9 ++++- app/javascript/packs/users.js | 4 ++- app/models/credit_mutation.rb | 4 +++ app/models/role.rb | 4 ++- app/models/user.rb | 4 +++ app/policies/activity_policy.rb | 10 +++--- app/policies/application_policy.rb | 4 +-- app/policies/credit_mutation_policy.rb | 14 +++++++- app/policies/invoice_policy.rb | 2 +- app/policies/order_policy.rb | 4 +-- app/policies/price_list_policy.rb | 4 +-- app/policies/user_policy.rb | 2 +- app/views/activities/show.html.erb | 16 +++++++-- app/views/index/index.html.erb | 4 +-- app/views/invoices/index.html.erb | 32 +++++++++++------ app/views/invoices/show.html.erb | 2 +- app/views/partials/_navigation_bar.html.erb | 26 +++++++++----- app/views/price_lists/index.html.erb | 20 ++++++----- app/views/users/index.html.erb | 36 ++++++++++--------- db/seeds.rb | 6 ++-- 22 files changed, 142 insertions(+), 71 deletions(-) diff --git a/app/controllers/credit_mutations_controller.rb b/app/controllers/credit_mutations_controller.rb index 4ed43df97..e02650e86 100644 --- a/app/controllers/credit_mutations_controller.rb +++ b/app/controllers/credit_mutations_controller.rb @@ -1,11 +1,12 @@ class CreditMutationsController < ApplicationController before_action :authenticate_user! after_action :verify_authorized + after_action :verify_policy_scoped, only: :index def index - @credit_mutations = CreditMutation.includes(model_includes) + @credit_mutations = policy_scope(CreditMutation.includes(model_includes) .order(created_at: :desc) - .page params[:page] + .page(params[:page])) authorize @credit_mutations @new_mutation = CreditMutation.new diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 7255bf066..ba2dea4b2 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -10,6 +10,7 @@ def index # rubocop:disable Metrics/AbcSize, Metrics/MethodLength @amber_users = User.in_amber.active.order(:name) @inactive_users = User.inactive.order(:name) @users_credits = User.calculate_credits + @show_links = policy(User).show? @manual_users_json = @manual_users.as_json(only: %w[id name]) .each { |u| u['credit'] = @users_credits.fetch(u['id'], 0) } diff --git a/app/javascript/components/user/UsersTable.vue b/app/javascript/components/user/UsersTable.vue index cd648a70b..97002838f 100644 --- a/app/javascript/components/user/UsersTable.vue +++ b/app/javascript/components/user/UsersTable.vue @@ -26,7 +26,10 @@ {{ user.id }} - {{ user.name }} + + {{ user.name }} + {{ user.name }} + € {{parseFloat(user.credit).toFixed(2)}} @@ -53,6 +56,10 @@ export default { users: { type: Array, required: true + }, + showLinks: { + type: Boolean, + required: true } }, diff --git a/app/javascript/packs/users.js b/app/javascript/packs/users.js index 8d958d8b7..0ce70c81c 100644 --- a/app/javascript/packs/users.js +++ b/app/javascript/packs/users.js @@ -13,12 +13,14 @@ document.addEventListener('turbolinks:load', () => { var manual_users = JSON.parse(element.dataset.manualUsers); var amber_users = JSON.parse(element.dataset.amberUsers); var inactive_users = JSON.parse(element.dataset.inactiveUsers); + var show_links = JSON.parse(element.dataset.showLinks); new Vue({ el: element, data: () => ({ manual_users, amber_users, - inactive_users + inactive_users, + show_links }), components: { UsersTable diff --git a/app/models/credit_mutation.rb b/app/models/credit_mutation.rb index 711c15b5e..9ae803e5b 100644 --- a/app/models/credit_mutation.rb +++ b/app/models/credit_mutation.rb @@ -8,6 +8,10 @@ class CreditMutation < ApplicationRecord validate :activity_not_locked + scope :linked_to_visible_activity, (-> { + where(activity: present?) + }) + before_destroy -> { throw(:abort) } def activity_not_locked diff --git a/app/models/role.rb b/app/models/role.rb index 779a9ad66..1f602992b 100644 --- a/app/models/role.rb +++ b/app/models/role.rb @@ -1,5 +1,5 @@ class Role < ApplicationRecord - enum role_type: { treasurer: 0, main_bartender: 1 } + enum role_type: { treasurer: 0, main_bartender: 1, secretary: 2 } validates :role_type, :group_uid, presence: true has_many :roles_users, class_name: 'RolesUsers', dependent: :destroy, inverse_of: :role @@ -10,6 +10,8 @@ def name Rails.application.config.x.treasurer_title.capitalize elsif main_bartender? 'Hoofdtapper' + elsif secretary? + 'Secretaris' end end end diff --git a/app/models/user.rb b/app/models/user.rb index 04a78dc63..a513f0125 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -65,6 +65,10 @@ def main_bartender? @main_bartender ||= roles.where(role_type: :main_bartender).any? end + def secretary? + @secretary ||= roles.where(role_type: :secretary).any? + end + def update_role(groups) roles_to_have = Role.where(group_uid: groups) roles_users_to_have = roles_to_have.map { |role| RolesUsers.find_or_create_by(role: role, user: self) } diff --git a/app/policies/activity_policy.rb b/app/policies/activity_policy.rb index 66a7ce0a1..a578de8cf 100644 --- a/app/policies/activity_policy.rb +++ b/app/policies/activity_policy.rb @@ -1,7 +1,7 @@ class ActivityPolicy < ApplicationPolicy class Scope < Scope def resolve - if user&.treasurer? + if user&.treasurer? || user&.secretary? scope elsif user&.main_bartender? scope.not_locked @@ -10,11 +10,11 @@ def resolve end def create? - user&.treasurer? || user&.main_bartender? + user&.treasurer? || user&.main_bartender? || user&.secretary? end def update? - user&.treasurer? || user&.main_bartender? + user&.treasurer? || user&.main_bartender? || user&.secretary? end def lock? @@ -26,7 +26,7 @@ def create_invoices? end def destroy? - user&.treasurer? || user&.main_bartender? + user&.treasurer? || user&.main_bartender? || user&.secretary? end def activity_report? @@ -38,6 +38,6 @@ def order_screen? end def product_totals? - user&.treasurer? || user&.main_bartender? + user&.treasurer? || user&.main_bartender? || user&.secretary? end end diff --git a/app/policies/application_policy.rb b/app/policies/application_policy.rb index fa8cc4a04..f2cd5515e 100644 --- a/app/policies/application_policy.rb +++ b/app/policies/application_policy.rb @@ -7,7 +7,7 @@ def initialize(user, record) end def index? - user&.treasurer? || user&.main_bartender? + user&.treasurer? || user&.main_bartender? || user&.secretary? end def show? @@ -31,7 +31,7 @@ def edit? end def destroy? - user&.treasurer? || user&.main_bartender? + user&.treasurer? || user&.main_bartender? || user&.secretary? end def scope diff --git a/app/policies/credit_mutation_policy.rb b/app/policies/credit_mutation_policy.rb index cd9124f39..76be66cd5 100644 --- a/app/policies/credit_mutation_policy.rb +++ b/app/policies/credit_mutation_policy.rb @@ -1,5 +1,17 @@ class CreditMutationPolicy < ApplicationPolicy + class Scope < Scope + def resolve + if user&.treasurer? || user&.secretary? + scope + elsif user&.main_bartender? + scope.linked_to_visible_activity + end + end + end + def create? - user&.treasurer? || user&.main_bartender? + user&.treasurer? || ( + (user&.main_bartender? || user&.secretary?) && record.activity.present? + ) end end diff --git a/app/policies/invoice_policy.rb b/app/policies/invoice_policy.rb index 781bb644f..f8ef054ec 100644 --- a/app/policies/invoice_policy.rb +++ b/app/policies/invoice_policy.rb @@ -1,6 +1,6 @@ class InvoicePolicy < ApplicationPolicy def index? - user&.treasurer? + user&.treasurer? || user&.secretary? end def send_invoice? diff --git a/app/policies/order_policy.rb b/app/policies/order_policy.rb index b75e8b1ce..167367b58 100644 --- a/app/policies/order_policy.rb +++ b/app/policies/order_policy.rb @@ -1,7 +1,7 @@ class OrderPolicy < ApplicationPolicy class Scope < Scope def resolve - if user&.treasurer? || user&.main_bartender? + if user&.treasurer? || user&.main_bartender? || user&.secretary? scope elsif user scope.orders_for(user) @@ -14,6 +14,6 @@ def index? end def create? - user&.treasurer? || user&.main_bartender? + user&.treasurer? || user&.main_bartender? || user&.secretary? end end diff --git a/app/policies/price_list_policy.rb b/app/policies/price_list_policy.rb index 4d6d653ec..7efcc1afc 100644 --- a/app/policies/price_list_policy.rb +++ b/app/policies/price_list_policy.rb @@ -1,10 +1,10 @@ class PriceListPolicy < ApplicationPolicy def index? - user&.treasurer? || user&.main_bartender? + user&.treasurer? || user&.main_bartender? || user&.secretary? end def show? - user&.treasurer? || user&.main_bartender? + user&.treasurer? || user&.main_bartender? || user&.secretary? end def create? diff --git a/app/policies/user_policy.rb b/app/policies/user_policy.rb index 80b8604e3..97837597e 100644 --- a/app/policies/user_policy.rb +++ b/app/policies/user_policy.rb @@ -1,6 +1,6 @@ class UserPolicy < ApplicationPolicy def index? - user&.treasurer? + user&.treasurer? || user&.main_bartender? || user&.secretary? end def refresh_user_list? diff --git a/app/views/activities/show.html.erb b/app/views/activities/show.html.erb index 46d429286..b3cb41b5f 100644 --- a/app/views/activities/show.html.erb +++ b/app/views/activities/show.html.erb @@ -68,7 +68,7 @@ <% end %> - <% else %> + <% elsif policy(Activity).order_screen? %>

Je kan bestellingen plaatsen in het streepscherm.

@@ -78,6 +78,12 @@ <%= fa_icon 'calculator', class: 'ms-1' %> <% end %> + <% else %> +
+
+ Op deze activiteit kan nog gestreept worden. +
+
<% end %> @@ -243,7 +249,13 @@ <%= mutation.id %> <%= l mutation.created_at, format: :time_only %> - <%= link_to mutation.user.name, mutation.user %> + + <% if policy(User).show? %> + <%= link_to mutation.user.name, mutation.user %> + <% else %> + <%= mutation.user.name %> + <% end %> + <%= number_to_currency(mutation.amount, unit: '€') %> <% end %> diff --git a/app/views/index/index.html.erb b/app/views/index/index.html.erb index 45247a974..97a7776e1 100644 --- a/app/views/index/index.html.erb +++ b/app/views/index/index.html.erb @@ -3,7 +3,7 @@
- <% if current_user&.treasurer? || current_user&.main_bartender? %> + <% if current_user&.treasurer? || current_user&.main_bartender? || current_user&.secretary? %>
Welkom, <%= current_user.name %> @@ -49,7 +49,7 @@ <% end %> - <% if @current_activities&.any? %> + <% if policy(Activity).order_screen? && @current_activities&.any? %>

Direct naar het streepscherm diff --git a/app/views/invoices/index.html.erb b/app/views/invoices/index.html.erb index 6d0ff1c2d..6be44c7a9 100644 --- a/app/views/invoices/index.html.erb +++ b/app/views/invoices/index.html.erb @@ -10,9 +10,11 @@

Facturen

- + <% if policy(Invoice).create? %> + + <% end %>
@@ -27,7 +29,9 @@ Naam Mailadres Status - Verstuur + <% if policy(Invoice).send_invoice? %> + Verstuur + <% end %> @@ -40,7 +44,11 @@ <%= link_to invoice.human_id, invoice %> - <%= link_to invoice.user.name, invoice.user %> + <% if policy(User).show? %> + <%= link_to invoice.user.name, invoice.user %> + <% else %> + <%= invoice.user.name %> + <% end%> <%= link_to invoice.activity.title, invoice.activity %> @@ -57,13 +65,15 @@ <%= t(invoice.status).humanize %> - - <% if invoice.pending? %> - <%= simple_form_for invoice, wrapper: :horizontal_form, url: send_invoice_invoice_path(id: invoice.id), method: :post do |f| %> - <%= f.button :submit, 'Factuur versturen', class: 'btn btn-primary' %> + <% if policy(Invoice).send_invoice? %> + + <% if invoice.pending? %> + <%= simple_form_for invoice, wrapper: :horizontal_form, url: send_invoice_invoice_path(id: invoice.id), method: :post do |f| %> + <%= f.button :submit, 'Factuur versturen', class: 'btn btn-primary' %> + <% end %> <% end %> - <% end %> - + + <% end %> <% end %> diff --git a/app/views/invoices/show.html.erb b/app/views/invoices/show.html.erb index bfcd4daa1..546dc80a4 100644 --- a/app/views/invoices/show.html.erb +++ b/app/views/invoices/show.html.erb @@ -63,7 +63,7 @@ - <% unless @invoice.paid? %> + <% unless !policy(Invoice).send_invoice? || @invoice.paid? %> <%= link_to pay_invoice_url @invoice.token do %> <% end %> diff --git a/app/views/partials/_navigation_bar.html.erb b/app/views/partials/_navigation_bar.html.erb index a70b5f94b..76aa2248c 100644 --- a/app/views/partials/_navigation_bar.html.erb +++ b/app/views/partials/_navigation_bar.html.erb @@ -13,14 +13,14 @@ <%= fa_icon 'home', class: 'me-2', text: 'Home' %> <% end %> - <% if current_user&.main_bartender? || current_user&.treasurer? %> + <% if policy(Activity).index? %> <% end %> - <% if current_user&.treasurer? %> + <% if current_user&.treasurer? || current_user&.secretary? %> + <% end %> + <% if current_user&.treasurer? %> + <% end %> + <% if policy(:zatladder).index? %> + <% end %> + <% if policy(Invoice).index? %> - <% if policy(Payment).index? %> - - <% end %> + <% end %> + <% if policy(Payment).index? %> + + <% end %> + <% if policy(:finance_overview).index? %>
<%= content_tag :table, id: 'price_lists_table', class: 'price_lists_table table table-striped table-responsive-md', @@ -95,10 +97,12 @@
- + <% if policy(Product).create? %> + + <% end %>
diff --git a/app/views/users/index.html.erb b/app/views/users/index.html.erb index d43f11001..d7ee1bbf9 100644 --- a/app/views/users/index.html.erb +++ b/app/views/users/index.html.erb @@ -6,34 +6,38 @@ diff --git a/db/seeds.rb b/db/seeds.rb index a307eeab8..ccea57fc5 100644 --- a/db/seeds.rb +++ b/db/seeds.rb @@ -42,7 +42,7 @@ FactoryBot.create_list(:invoice, 3, :with_rows) p 'Seeding roles...' -Role.create(role_type: :treasurer, group_uid: 3) -Role.create(role_type: :main_bartender, group_uid: 3) -Role.create(role_type: :main_bartender, group_uid: 2) +Role.create(role_type: :treasurer, group_uid: 4) +Role.create(role_type: :secretary, group_uid: 5) +Role.create(role_type: :main_bartender, group_uid: 6) # rubocop:enable Rails/Output From 8b6177385dbc79d2b7db664f395ea89b520a5b44 Mon Sep 17 00:00:00 2001 From: Ellen Wittingen Date: Tue, 27 Feb 2024 11:34:58 +0100 Subject: [PATCH 02/19] Changed what the renting manager has access to + cleanup --- app/controllers/activities_controller.rb | 3 +- app/controllers/users_controller.rb | 7 +- .../components/activity/ProductTotals.vue | 9 + app/javascript/components/user/UsersTable.vue | 7 +- app/javascript/packs/activities.js | 6 + app/javascript/packs/users.js | 4 +- app/models/credit_mutation.rb | 2 +- app/models/role.rb | 6 +- app/models/user.rb | 4 +- app/policies/activity_policy.rb | 22 +- app/policies/application_policy.rb | 4 +- app/policies/credit_mutation_policy.rb | 12 +- app/policies/invoice_policy.rb | 2 +- app/policies/order_policy.rb | 6 +- app/policies/price_list_policy.rb | 4 +- app/policies/user_policy.rb | 6 +- app/views/activities/show.html.erb | 310 +++++++++--------- app/views/index/index.html.erb | 2 +- app/views/invoices/index.html.erb | 2 +- app/views/partials/_navigation_bar.html.erb | 2 +- app/views/users/index.html.erb | 8 +- db/seeds.rb | 2 +- 22 files changed, 227 insertions(+), 203 deletions(-) diff --git a/app/controllers/activities_controller.rb b/app/controllers/activities_controller.rb index 1dacda3f9..17788943e 100644 --- a/app/controllers/activities_controller.rb +++ b/app/controllers/activities_controller.rb @@ -63,8 +63,7 @@ def destroy def show # rubocop:disable Metrics/AbcSize, Metrics/MethodLength @activity = Activity.includes(:price_list, - { orders: [{ order_rows: :product }, :user, :created_by] }, - credit_mutations: [:user]).find(params[:id]) + { orders: [{ order_rows: :product }, :user, :created_by] }).find(params[:id]) authorize @activity @price_list = @activity.price_list diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index ba2dea4b2..ba7e6d785 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -6,11 +6,10 @@ class UsersController < ApplicationController # rubocop:disable Metrics/ClassLen def index # rubocop:disable Metrics/AbcSize, Metrics/MethodLength authorize User - @manual_users = User.manual.active.order(:name) - @amber_users = User.in_amber.active.order(:name) - @inactive_users = User.inactive.order(:name) + @manual_users = User.manual.active.order(:name).select { |u| policy(u).show? } + @amber_users = User.in_amber.active.order(:name).select { |u| policy(u).show? } + @inactive_users = User.inactive.order(:name).select { |u| policy(u).show? } @users_credits = User.calculate_credits - @show_links = policy(User).show? @manual_users_json = @manual_users.as_json(only: %w[id name]) .each { |u| u['credit'] = @users_credits.fetch(u['id'], 0) } diff --git a/app/javascript/components/activity/ProductTotals.vue b/app/javascript/components/activity/ProductTotals.vue index 83aa4e142..503ffb6a4 100644 --- a/app/javascript/components/activity/ProductTotals.vue +++ b/app/javascript/components/activity/ProductTotals.vue @@ -23,6 +23,13 @@ {{orderTotal.amount}} x {{doubleToCurrency(orderTotal.price)}} + + Totaal + + + {{doubleToCurrency(totalAmount)}} + + @@ -56,6 +63,7 @@ export default { return { user: {}, orderTotals: [], + totalAmount: 0.0, isLoading: true }; }, @@ -71,6 +79,7 @@ export default { let params = {user: this.user.id, paid_with_cash: this.user.paid_with_cash, paid_with_pin: this.user.paid_with_pin}; this.$http.get('/activities/'+this.activity+'/product_totals', { params }).then((response) => { this.orderTotals = response.body; + this.totalAmount = this.orderTotals.reduce((a, b) => a + parseFloat(b.price), 0.0) this.isLoading = false; }); }, diff --git a/app/javascript/components/user/UsersTable.vue b/app/javascript/components/user/UsersTable.vue index 97002838f..049919cce 100644 --- a/app/javascript/components/user/UsersTable.vue +++ b/app/javascript/components/user/UsersTable.vue @@ -27,8 +27,7 @@ @@ -57,10 +56,6 @@ export default { type: Array, required: true }, - showLinks: { - type: Boolean, - required: true - } }, data() { diff --git a/app/javascript/packs/activities.js b/app/javascript/packs/activities.js index 7754e20fb..ea5bd8e3b 100644 --- a/app/javascript/packs/activities.js +++ b/app/javascript/packs/activities.js @@ -6,6 +6,12 @@ Vue.use(TurbolinksAdapter); Vue.use(VueResource); document.addEventListener('turbolinks:load', () => { + // Selects the first visible tab in the activity detail tabs + var firstTabEl = document.querySelector('#activityTabs li:first-child a') + var firstTab = new bootstrap.Tab(firstTabEl) + firstTab.show() + + // Create Vue instance on the new activty modal Vue.http.headers.common['X-CSRF-TOKEN'] = document.querySelector('meta[name="csrf-token"]').getAttribute('content'); var element = document.getElementById('new_activity_modal'); diff --git a/app/javascript/packs/users.js b/app/javascript/packs/users.js index 0ce70c81c..8d958d8b7 100644 --- a/app/javascript/packs/users.js +++ b/app/javascript/packs/users.js @@ -13,14 +13,12 @@ document.addEventListener('turbolinks:load', () => { var manual_users = JSON.parse(element.dataset.manualUsers); var amber_users = JSON.parse(element.dataset.amberUsers); var inactive_users = JSON.parse(element.dataset.inactiveUsers); - var show_links = JSON.parse(element.dataset.showLinks); new Vue({ el: element, data: () => ({ manual_users, amber_users, - inactive_users, - show_links + inactive_users }), components: { UsersTable diff --git a/app/models/credit_mutation.rb b/app/models/credit_mutation.rb index 9ae803e5b..364491460 100644 --- a/app/models/credit_mutation.rb +++ b/app/models/credit_mutation.rb @@ -8,7 +8,7 @@ class CreditMutation < ApplicationRecord validate :activity_not_locked - scope :linked_to_visible_activity, (-> { + scope :linked_to_activity, (lambda { where(activity: present?) }) diff --git a/app/models/role.rb b/app/models/role.rb index 1f602992b..55d9a47a2 100644 --- a/app/models/role.rb +++ b/app/models/role.rb @@ -1,5 +1,5 @@ class Role < ApplicationRecord - enum role_type: { treasurer: 0, main_bartender: 1, secretary: 2 } + enum role_type: { treasurer: 0, main_bartender: 1, renting_manager: 2 } validates :role_type, :group_uid, presence: true has_many :roles_users, class_name: 'RolesUsers', dependent: :destroy, inverse_of: :role @@ -10,8 +10,8 @@ def name Rails.application.config.x.treasurer_title.capitalize elsif main_bartender? 'Hoofdtapper' - elsif secretary? - 'Secretaris' + elsif renting_manager? + 'Verhuur manager' end end end diff --git a/app/models/user.rb b/app/models/user.rb index a513f0125..086e3d444 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -65,8 +65,8 @@ def main_bartender? @main_bartender ||= roles.where(role_type: :main_bartender).any? end - def secretary? - @secretary ||= roles.where(role_type: :secretary).any? + def renting_manager? + @renting_manager ||= roles.where(role_type: :renting_manager).any? end def update_role(groups) diff --git a/app/policies/activity_policy.rb b/app/policies/activity_policy.rb index a578de8cf..c48d0642e 100644 --- a/app/policies/activity_policy.rb +++ b/app/policies/activity_policy.rb @@ -1,7 +1,7 @@ class ActivityPolicy < ApplicationPolicy class Scope < Scope def resolve - if user&.treasurer? || user&.secretary? + if user&.treasurer? || user&.renting_manager? scope elsif user&.main_bartender? scope.not_locked @@ -10,11 +10,11 @@ def resolve end def create? - user&.treasurer? || user&.main_bartender? || user&.secretary? + user&.treasurer? || user&.main_bartender? || user&.renting_manager? end def update? - user&.treasurer? || user&.main_bartender? || user&.secretary? + user&.treasurer? || user&.main_bartender? || user&.renting_manager? end def lock? @@ -26,18 +26,22 @@ def create_invoices? end def destroy? - user&.treasurer? || user&.main_bartender? || user&.secretary? - end - - def activity_report? - user&.treasurer? + user&.treasurer? || user&.main_bartender? || user&.renting_manager? end def order_screen? user&.treasurer? || user&.main_bartender? end + def summary? + user&.treasurer? + end + def product_totals? - user&.treasurer? || user&.main_bartender? || user&.secretary? + user&.treasurer? || user&.main_bartender? || user&.renting_manager? + end + + def orders? + user&.treasurer? || user&.renting_manager? || user&.main_bartender? end end diff --git a/app/policies/application_policy.rb b/app/policies/application_policy.rb index f2cd5515e..542610763 100644 --- a/app/policies/application_policy.rb +++ b/app/policies/application_policy.rb @@ -7,7 +7,7 @@ def initialize(user, record) end def index? - user&.treasurer? || user&.main_bartender? || user&.secretary? + user&.treasurer? || user&.main_bartender? || user&.renting_manager? end def show? @@ -31,7 +31,7 @@ def edit? end def destroy? - user&.treasurer? || user&.main_bartender? || user&.secretary? + user&.treasurer? || user&.main_bartender? || user&.renting_manager? end def scope diff --git a/app/policies/credit_mutation_policy.rb b/app/policies/credit_mutation_policy.rb index 76be66cd5..60ab794dc 100644 --- a/app/policies/credit_mutation_policy.rb +++ b/app/policies/credit_mutation_policy.rb @@ -1,17 +1,19 @@ class CreditMutationPolicy < ApplicationPolicy class Scope < Scope def resolve - if user&.treasurer? || user&.secretary? + if user&.treasurer? scope elsif user&.main_bartender? - scope.linked_to_visible_activity + scope.linked_to_activity end end end + def index? + user&.treasurer? || user&.main_bartender? + end + def create? - user&.treasurer? || ( - (user&.main_bartender? || user&.secretary?) && record.activity.present? - ) + user&.treasurer? || (user&.main_bartender? && record.activity.present?) end end diff --git a/app/policies/invoice_policy.rb b/app/policies/invoice_policy.rb index f8ef054ec..bbc1f1f13 100644 --- a/app/policies/invoice_policy.rb +++ b/app/policies/invoice_policy.rb @@ -1,6 +1,6 @@ class InvoicePolicy < ApplicationPolicy def index? - user&.treasurer? || user&.secretary? + user&.treasurer? || user&.renting_manager? end def send_invoice? diff --git a/app/policies/order_policy.rb b/app/policies/order_policy.rb index 167367b58..77a3aa9b4 100644 --- a/app/policies/order_policy.rb +++ b/app/policies/order_policy.rb @@ -1,7 +1,7 @@ class OrderPolicy < ApplicationPolicy class Scope < Scope - def resolve - if user&.treasurer? || user&.main_bartender? || user&.secretary? + def resolve # rubocop:disable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity + if user&.treasurer? || user&.main_bartender? || user&.renting_manager? scope elsif user scope.orders_for(user) @@ -14,6 +14,6 @@ def index? end def create? - user&.treasurer? || user&.main_bartender? || user&.secretary? + user&.treasurer? || user&.main_bartender? end end diff --git a/app/policies/price_list_policy.rb b/app/policies/price_list_policy.rb index 7efcc1afc..de77be10c 100644 --- a/app/policies/price_list_policy.rb +++ b/app/policies/price_list_policy.rb @@ -1,10 +1,10 @@ class PriceListPolicy < ApplicationPolicy def index? - user&.treasurer? || user&.main_bartender? || user&.secretary? + user&.treasurer? || user&.main_bartender? || user&.renting_manager? end def show? - user&.treasurer? || user&.main_bartender? || user&.secretary? + user&.treasurer? || user&.main_bartender? || user&.renting_manager? end def create? diff --git a/app/policies/user_policy.rb b/app/policies/user_policy.rb index 97837597e..835d2e394 100644 --- a/app/policies/user_policy.rb +++ b/app/policies/user_policy.rb @@ -1,6 +1,6 @@ class UserPolicy < ApplicationPolicy def index? - user&.treasurer? || user&.main_bartender? || user&.secretary? + user&.treasurer? || user&.main_bartender? || user&.renting_manager? end def refresh_user_list? @@ -12,7 +12,7 @@ def search? end def show? - user&.treasurer? || record == user + user&.treasurer? || (user&.renting_manager? && User.manual.exists?(id: record)) || record == user end def json? @@ -20,6 +20,6 @@ def json? end def activities? - user&.treasurer? || record == user + show? end end diff --git a/app/views/activities/show.html.erb b/app/views/activities/show.html.erb index b3cb41b5f..bc15dab66 100644 --- a/app/views/activities/show.html.erb +++ b/app/views/activities/show.html.erb @@ -3,7 +3,7 @@ <%= render 'edit_modal' %> <% end %> -
{{ user.id }} - {{ user.name }} - {{ user.name }} + {{ user.name }} € {{parseFloat(user.credit).toFixed(2)}}
- + <% if policy(Activity).summary? %> +
+
+ <% if @credit_mutations.empty? && @orders.empty? %> +
+
+ + + + + +
+

+ + Er zijn nog geen bestellingen en er is nog niet ingelegd + +

+
+
+ <% else %> +
+ + + + + + + + + + <% Product.categories.each do |category| %> + <% if Rails.application.config.x.codes[category.first.to_sym] != nil %> + + + + + + <% end %> + <% end %> + + + + + + +
ResultaatCodeCredit
<%= t(category.first).capitalize %> + <%= Rails.application.config.x.codes[category.first.to_sym] %> + + <%= number_to_currency(@revenue_by_category[category[0]] || 0, unit: '€') %> +
Totaal opbrengsten + <%= number_to_currency(@revenue_total, unit: '€') %> + +
+
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
BalansCodeDebitCredit
Inleg Zatladder Inlegsysteem<%= Rails.application.config.x.codes[:credit_mutation] %> + <%= number_to_currency(@credit_mutations_total, unit: '€') %> +
Contante bestellingen<%= number_to_currency(@revenue_with_cash, unit: '€') %>
+ + Totaal kas + + <%= Rails.application.config.x.codes[:cash] %><%= number_to_currency(@cash_total, unit: '€') %>
Omzet Pin<%= Rails.application.config.x.codes[:pin] %><%= number_to_currency(@revenue_with_pin, unit: '€') %>
Omzet Zatladder Inlegsysteem<%= Rails.application.config.x.codes[:credit_mutation] %><%= number_to_currency(@revenue_with_credit, unit: '€') %>
+
+ <% end %>
+
+ <% end %> + <% if policy(CreditMutation).index? %> +
+
+ + <% if @credit_mutations.empty? %> - -

- Er zijn nog geen bestellingen en er is nog niet ingelegd + Er zijn nog geen correcties en er is nog niet ingelegd

-
- <% else %> -
- + <% else %> - - - + + + + - <% Product.categories.each do |category| %> - <% if Rails.application.config.x.codes[category.first.to_sym] != nil %> - - - - - - <% end %> + <% @credit_mutations.each do |mutation| %> + + + + + + <% end %> - - - - - - -
ResultaatCodeCredit#TijdGebruikerBedrag
<%= t(category.first).capitalize %> - <%= Rails.application.config.x.codes[category.first.to_sym] %> - - <%= number_to_currency(@revenue_by_category[category[0]] || 0, unit: '€') %> -
<%= mutation.id %><%= l mutation.created_at, format: :time_only %> + <% if policy(User).show? %> + <%= link_to mutation.user.name, mutation.user %> + <% else %> + <%= mutation.user.name %> + <% end %> + <%= number_to_currency(mutation.amount, unit: '€') %>
Totaal opbrengsten - <%= number_to_currency(@revenue_total, unit: '€') %> - -
-
-
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
BalansCodeDebitCredit
Inleg Zatladder Inlegsysteem<%= Rails.application.config.x.codes[:credit_mutation] %> - <%= number_to_currency(@credit_mutations_total, unit: '€') %> -
Contante bestellingen<%= number_to_currency(@revenue_with_cash, unit: '€') %>
- - Totaal kas - - <%= Rails.application.config.x.codes[:cash] %><%= number_to_currency(@cash_total, unit: '€') %>
Omzet Pin<%= Rails.application.config.x.codes[:pin] %><%= number_to_currency(@revenue_with_pin, unit: '€') %>
Omzet Zatladder Inlegsysteem<%= Rails.application.config.x.codes[:credit_mutation] %><%= number_to_currency(@revenue_with_credit, unit: '€') %>
-
- <% end %>
-
-
-
- - <% if @credit_mutations.empty? %> - - - - <% else %> - - - - - - - - - - <% @credit_mutations.each do |mutation| %> - - - - - - <% end %> - - <% end %> -
-

- - Er zijn nog geen correcties en er is nog niet ingelegd - -

-
#TijdGebruikerBedrag
<%= mutation.id %><%= l mutation.created_at, format: :time_only %> - <% if policy(User).show? %> - <%= link_to mutation.user.name, mutation.user %> - <% else %> - <%= mutation.user.name %> - <% end %> - <%= number_to_currency(mutation.amount, unit: '€') %>
+ +
- - <% if current_user.treasurer? %> + <% end %> + <% if policy(Activity).orders? %>
@@ -313,7 +323,7 @@ <% order.order_rows.each_with_index do |order_row, i| %> <%= order_row.product.name %> <% if order_row.product_count > 1 %> - ( <%= order_row.product_count %> x) + (<%= order_row.product_count %>x) <% end %> <% if i < order.order_rows.size - 1 %> , @@ -328,13 +338,15 @@ <% end %> -
-
-
- + <% if policy(Activity).product_totals? %> +
+
+
+ +
-
+ <% end %>
diff --git a/app/views/index/index.html.erb b/app/views/index/index.html.erb index 97a7776e1..1232f83cd 100644 --- a/app/views/index/index.html.erb +++ b/app/views/index/index.html.erb @@ -3,7 +3,7 @@
- <% if current_user&.treasurer? || current_user&.main_bartender? || current_user&.secretary? %> + <% if current_user&.treasurer? || current_user&.main_bartender? || current_user&.renting_manager? %>
Welkom, <%= current_user.name %> diff --git a/app/views/invoices/index.html.erb b/app/views/invoices/index.html.erb index 6be44c7a9..1cdd42f29 100644 --- a/app/views/invoices/index.html.erb +++ b/app/views/invoices/index.html.erb @@ -44,7 +44,7 @@ <%= link_to invoice.human_id, invoice %>
- <% if policy(User).show? %> + <% if policy(invoice.user).show? %> <%= link_to invoice.user.name, invoice.user %> <% else %> <%= invoice.user.name %> diff --git a/app/views/partials/_navigation_bar.html.erb b/app/views/partials/_navigation_bar.html.erb index 76aa2248c..e4ebdf08f 100644 --- a/app/views/partials/_navigation_bar.html.erb +++ b/app/views/partials/_navigation_bar.html.erb @@ -20,7 +20,7 @@ <% end %> <% end %> - <% if current_user&.treasurer? || current_user&.secretary? %> + <% if current_user&.treasurer? || current_user&.renting_manager? %>