Content
Updated by Klaus Zanders 29 days ago
In version 13.1 we We have introduced the ability to have permissions not only on a project or global level, but also on resources like work packages. We took that chance to also overhaul the way how we **check** permissions, because there was some ambiguity and we want the intention behind permission checks to be as concise as possible.
The deprecated methods are:
* `User#allowed_to?`
* `User#allowed_to_globally?`
* `User#allowed_to_in_project?`
Here are the new old `user.allowed_to?` methods that replace them and what they are supposed to be used for:
## `User#allowed_globally?(permission)`
Is used to check if the user has a global permission like `:create_user` or `:add_project`. When trying to check for a non-global permission, an `IllegalPermissionContextError` will be raised.
## `User#allowed_in_project?(permission, projects)`
Is used to check if the user has a permission on **all** of the specified projects. This is useful when you are navigating inside the project context and want to check if the user has a permission on the project at hand.
## `User#allowed_in_any_project?(permission)`
Is used to check if the user has a permission in **any** project. This is useful for global pages or to check if menu items should be showm
## `User#allowed_in_work_package(permission, work_packages)`
As some permissions can also be defined on the work package level, this method is used to check if the user has the permission in **all** of the given work packages. When you are checking for a permission that is not applicaple to work packages, an `IllegalPermissionContextError` will be raised. If a permission can be given on a project or a work package level, we also check if the user has the permission via the project the work package belongs to.
## `User#allowed_in_any_work_package(permission[, in_project:])`
This method checks if the user has the permission in **any** work package. Additionally with the `in_project:` argument, you can specifically check if the user has the permission in **any** work package **within the given project** or on the project itself.
Using these methods shows clear intent what type of permission you are checking for and if you are intending to check for it on a specific project/work package or any of those. With the old methods we had some duplication where we used `allowed_to?(permission, global: true)` to check for global permissions and a permission on any project.
If for some reason, you don't know the context beforehand (i.e. for a menu helper where you can be in a global or in a project area) there is one more helper method that generalizes the checking of permissions: `User#allowed_based_on_permission_context?(permission, project: @project, entity: @work_package)`. This method `UserAllowedService`. We should just be used if there is no other way and not as a general replacement for the old generic `User#allowed_to?` method. remove them
The deprecated methods are:
* `User#allowed_to?`
* `User#allowed_to_globally?`
* `User#allowed_to_in_project?`
Here are the new
## `User#allowed_globally?(permission)`
Is used to check if the user has a global permission like `:create_user` or `:add_project`. When trying to check for a non-global permission, an `IllegalPermissionContextError` will be raised.
## `User#allowed_in_project?(permission, projects)`
Is used to check if the user has a permission on **all** of the specified projects. This is useful when you are navigating inside the project context and want to check if the user has a permission on the project at hand.
## `User#allowed_in_any_project?(permission)`
Is used to check if the user has a permission in **any** project. This is useful for global pages or to check if menu items should be showm
## `User#allowed_in_work_package(permission, work_packages)`
As some permissions can also be defined on the work package level, this method is used to check if the user has the permission in **all** of the given work packages. When you are checking for a permission that is not applicaple to work packages, an `IllegalPermissionContextError` will be raised. If a permission can be given on a project or a work package level, we also check if the user has the permission via the project the work package belongs to.
## `User#allowed_in_any_work_package(permission[, in_project:])`
This method checks if the user has the permission in **any** work package. Additionally with the `in_project:` argument, you can specifically check if the user has the permission in **any** work package **within the given project** or on the project itself.
Using these methods shows clear intent what type of permission you are checking for and if you are intending to check for it on a specific project/work package or any of those. With the old methods we had some duplication where we used `allowed_to?(permission, global: true)` to check for global permissions and a permission on any project.
If for some reason, you don't know the context beforehand (i.e. for a menu helper where you can be in a global or in a project area) there is one more helper method that generalizes the checking of permissions: `User#allowed_based_on_permission_context?(permission, project: @project, entity: @work_package)`. This method