diff --git a/app/abilities/pbs/group_ability.rb b/app/abilities/pbs/group_ability.rb index 34180a7f3..e112b4941 100644 --- a/app/abilities/pbs/group_ability.rb +++ b/app/abilities/pbs/group_ability.rb @@ -29,6 +29,10 @@ module Pbs::GroupAbility may(:remind_census, :update_member_counts, :delete_member_counts). in_same_layer_or_below_if_leader + permission(:layer_and_below_full). + may(:show_past_members). + if_abteilungsleitung_in_layer + permission(:approve_applications).may(:index_pending_approvals).if_layer_and_in_same_group permission(:any).may(:'index_event/camps').all @@ -48,6 +52,11 @@ def if_mitarbeiter_gs role_type?(Group::Bund::MitarbeiterGs) end + def if_abteilungsleitung_in_layer + in_same_layer_or_below && + role_type?(Group::Abteilung::Abteilungsleitung, Group::Abteilung::AbteilungsleitungStv) + end + def if_layer_and_in_same_group if_layer_group && user.groups_with_permission(permission).map(&:id).include?(group.id) end diff --git a/app/controllers/group_health_controller.rb b/app/controllers/group_health_controller.rb index 56f50f099..8bb5888b6 100644 --- a/app/controllers/group_health_controller.rb +++ b/app/controllers/group_health_controller.rb @@ -31,11 +31,6 @@ class GroupHealthController < ApplicationController GROUP_HEALTH_JOIN = "INNER JOIN #{Group.quoted_table_name} AS layer " \ "ON #{Group.quoted_table_name}.layer_group_id = layer.id " \ 'AND layer.group_health = TRUE'.freeze - # query the group of type "Kantonalverband" which lies above in the hierarchical structure - CANTON_JOIN = "LEFT JOIN #{Group.quoted_table_name} AS canton " \ - "ON #{Group.quoted_table_name}.lft >= canton.lft " \ - "AND #{Group.quoted_table_name}.lft < canton.rgt " \ - 'AND canton.type = "Group::Kantonalverband"'.freeze DEFAULT_PAGE_SIZE = 20.freeze before_action do @@ -65,7 +60,7 @@ def roles end def groups - respond(Group.from("((#{bund}) UNION (#{cantons}) UNION (#{abt_and_below})) " \ + respond(Group.from("((#{bund}) UNION (#{cantons})) " \ "AS #{Group.quoted_table_name}") .page(params[:page]).per(params[:size] || DEFAULT_PAGE_SIZE) .as_json(only: GROUPS_FIELDS)) @@ -193,14 +188,6 @@ def cantons .to_sql end - def abt_and_below - Group.select("#{Group.quoted_table_name}.*", 'canton.id as canton_id', - 'canton.name as canton_name') - .joins(CANTON_JOIN) - .joins(GROUP_HEALTH_JOIN).distinct - .to_sql - end - def set_j_s_kind(camp) j_s_kind = camp['j_s_kind'].presence || 'none' camp.merge(j_s_kind: "j_s_kind_#{j_s_kind}") diff --git a/app/decorators/pbs/person_decorator.rb b/app/decorators/pbs/person_decorator.rb index a6363646f..1a674abc0 100644 --- a/app/decorators/pbs/person_decorator.rb +++ b/app/decorators/pbs/person_decorator.rb @@ -24,14 +24,15 @@ def roles_grouped private - def layer_group_ids - @layer_group_ids ||= (current_user || current_service_token.dynamic_user).layer_group_ids - end + def layer_group_ids + @layer_group_ids ||= (current_user || current_service_token.dynamic_user).layer_group_ids + end - def visible_roles - @visible_roles ||= roles.select do |role| - layer_group_ids.include?(role.group.layer_group_id) || role.visible_from_above - end + def visible_roles + @visible_roles ||= roles_with_deleted.select do |role| + (layer_group_ids.include?(role.group.layer_group_id) || role.visible_from_above) && + (!role.deleted? || can?(:show_past_members, role.group)) end + end end diff --git a/app/models/pbs/person.rb b/app/models/pbs/person.rb index 9db94b831..d3b826bc7 100644 --- a/app/models/pbs/person.rb +++ b/app/models/pbs/person.rb @@ -57,7 +57,8 @@ module Pbs::Person included do Person::PUBLIC_ATTRS << :title << :salutation << :correspondence_language << - :prefers_digital_correspondence << :kantonalverband_id + :prefers_digital_correspondence << :kantonalverband_id << + :pbs_number << :entry_date << :leaving_date alias_method_chain :full_name, :title diff --git a/app/serializers/pbs/people_serializer.rb b/app/serializers/pbs/people_serializer.rb new file mode 100644 index 000000000..edb3c173a --- /dev/null +++ b/app/serializers/pbs/people_serializer.rb @@ -0,0 +1,21 @@ +# encoding: utf-8 + +# Copyright (c) 2021, Pfadibewegung Schweiz. This file is part of +# hitobito and licensed under the Affero General Public License version 3 +# or later. See the COPYING file at the top-level directory or at +# https://github.com/hitobito/hitobito. + +module Pbs::PeopleSerializer + extend ActiveSupport::Concern + + included do + extension(:public) do |_| + details = h.can?(:show_details, item) + if details + map_properties :gender, :birthday, :pbs_number, :entry_date, :leaving_date, + :primary_group_id + end + end + end + +end diff --git a/lib/hitobito_pbs/wagon.rb b/lib/hitobito_pbs/wagon.rb index fba46fe8d..3193525cd 100644 --- a/lib/hitobito_pbs/wagon.rb +++ b/lib/hitobito_pbs/wagon.rb @@ -95,6 +95,7 @@ class Wagon < Rails::Engine ### serializers PersonSerializer.include Pbs::PersonSerializer + PeopleSerializer.include Pbs::PeopleSerializer GroupSerializer.include Pbs::GroupSerializer EventSerializer.include Pbs::EventSerializer EventParticipationSerializer.include Pbs::EventParticipationSerializer diff --git a/spec/controllers/group_health_controller_spec.rb b/spec/controllers/group_health_controller_spec.rb index 81fae3c6c..62f07a0d6 100644 --- a/spec/controllers/group_health_controller_spec.rb +++ b/spec/controllers/group_health_controller_spec.rb @@ -79,13 +79,6 @@ groups(:schekka).update(group_health: true) end - it 'does export the group having opted in' do - get :groups, format: :json - json = JSON.parse(response.body) - groups = json['groups'].select {|g| g['name'] == groups(:schekka).name} - expect(groups.size).to eq(1) - end - it 'does only export people with roles in a group having opted in' do get :people, format: :json json = JSON.parse(response.body)