2017-11-27 18:24:41 +08:00
|
|
|
Canaid::Permissions.register_for(Team) do
|
2020-08-31 22:29:23 +08:00
|
|
|
# team: leave, read users, read projects
|
2019-07-17 22:00:49 +08:00
|
|
|
# read protocols
|
2018-02-16 01:46:29 +08:00
|
|
|
#
|
2017-11-27 18:24:41 +08:00
|
|
|
can :read_team do |user, team|
|
|
|
|
user.is_member_of_team?(team)
|
|
|
|
end
|
2017-11-28 22:41:52 +08:00
|
|
|
|
2018-02-16 01:46:29 +08:00
|
|
|
# team: update
|
2017-12-04 18:12:35 +08:00
|
|
|
can :update_team do |user, team|
|
|
|
|
user.is_admin_of_team?(team)
|
|
|
|
end
|
|
|
|
|
2018-02-16 01:46:29 +08:00
|
|
|
# team: assign/unassing user, change user role
|
2018-01-05 22:15:50 +08:00
|
|
|
can :manage_team_users do |user, team|
|
2017-11-28 22:41:52 +08:00
|
|
|
user.is_admin_of_team?(team)
|
|
|
|
end
|
2017-12-04 20:07:23 +08:00
|
|
|
|
2020-02-27 00:25:38 +08:00
|
|
|
# team: invite new users to the team
|
|
|
|
can :invite_team_users do
|
|
|
|
true
|
|
|
|
end
|
|
|
|
|
2020-12-01 16:59:08 +08:00
|
|
|
# project_folder: create
|
|
|
|
can :create_project_folders do |user, team|
|
|
|
|
user.is_admin_of_team?(team)
|
|
|
|
end
|
|
|
|
|
2018-02-16 01:46:29 +08:00
|
|
|
# project: create
|
2018-01-05 22:15:50 +08:00
|
|
|
can :create_projects do |user, team|
|
2017-12-08 00:08:41 +08:00
|
|
|
user.is_normal_user_or_admin_of_team?(team)
|
|
|
|
end
|
|
|
|
|
2018-02-16 01:46:29 +08:00
|
|
|
# protocol in repository: create, import
|
2018-01-05 22:15:50 +08:00
|
|
|
can :create_protocols_in_repository do |user, team|
|
2017-12-04 20:07:23 +08:00
|
|
|
user.is_normal_user_or_admin_of_team?(team)
|
|
|
|
end
|
2017-12-04 23:45:23 +08:00
|
|
|
|
2021-08-26 20:50:54 +08:00
|
|
|
can :manage_bmt_filters do |user, team|
|
|
|
|
user.is_normal_user_or_admin_of_team?(team)
|
|
|
|
end
|
|
|
|
|
2018-02-16 19:03:44 +08:00
|
|
|
# repository: create, copy
|
2018-01-05 22:15:50 +08:00
|
|
|
can :create_repositories do |user, team|
|
2020-03-05 22:26:25 +08:00
|
|
|
within_limits = Repository.within_global_limits?
|
|
|
|
within_limits = Repository.within_team_limits?(team) if within_limits
|
2020-02-21 21:40:17 +08:00
|
|
|
within_limits && user.is_admin_of_team?(team)
|
2017-12-12 22:35:43 +08:00
|
|
|
end
|
2018-04-18 22:47:52 +08:00
|
|
|
|
2018-04-23 18:26:21 +08:00
|
|
|
# this permission is scattered around the application
|
|
|
|
# if you want to make changes here keep in mind to check/change the
|
|
|
|
# SQL view that lists reports in index page:
|
|
|
|
# - db/views/datatables_reports_v01.sql
|
|
|
|
# - check the model app/models/views/datatables/datatables_report.rb
|
|
|
|
# - check visible_by method in Project model
|
2018-04-18 22:47:52 +08:00
|
|
|
can :manage_reports do |user, team|
|
|
|
|
user.is_normal_user_or_admin_of_team?(team)
|
|
|
|
end
|
2017-11-28 22:41:52 +08:00
|
|
|
end
|
|
|
|
|
2021-10-01 16:47:32 +08:00
|
|
|
Canaid::Permissions.register_for(ProjectFolder) do
|
|
|
|
# ProjectFolder: delete
|
|
|
|
can :delete_project_folder do |user, project_folder|
|
|
|
|
user.is_admin_of_team?(project_folder.team) &&
|
|
|
|
project_folder.projects.none? &&
|
|
|
|
project_folder.project_folders.none?
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-12-06 02:51:44 +08:00
|
|
|
Canaid::Permissions.register_for(Protocol) do
|
2018-02-16 01:46:29 +08:00
|
|
|
# protocol in repository: read, export, read step, read/download step asset
|
2017-12-06 02:51:44 +08:00
|
|
|
can :read_protocol_in_repository do |user, protocol|
|
|
|
|
user.is_member_of_team?(protocol.team) &&
|
|
|
|
(protocol.in_repository_public? ||
|
|
|
|
protocol.in_repository_private? && user == protocol.added_by)
|
|
|
|
end
|
2017-12-07 00:23:08 +08:00
|
|
|
|
2018-02-16 01:46:29 +08:00
|
|
|
# protocol in repository: update, create/update/delete/reorder step,
|
2018-02-16 19:03:44 +08:00
|
|
|
# toggle private/public visibility, archive
|
2018-02-16 01:46:29 +08:00
|
|
|
can :manage_protocol_in_repository do |user, protocol|
|
2017-12-07 01:40:49 +08:00
|
|
|
protocol.in_repository_active? &&
|
2018-02-16 01:46:29 +08:00
|
|
|
user.is_normal_user_or_admin_of_team?(protocol.team) &&
|
2017-12-07 01:40:49 +08:00
|
|
|
user == protocol.added_by
|
2017-12-07 00:23:08 +08:00
|
|
|
end
|
2017-12-07 18:11:27 +08:00
|
|
|
|
2018-02-16 19:03:44 +08:00
|
|
|
# protocol in repository: restore
|
|
|
|
can :restore_protocol_in_repository do |user, protocol|
|
|
|
|
protocol.in_repository_archived? &&
|
|
|
|
user.is_normal_user_or_admin_of_team?(protocol.team) &&
|
|
|
|
user == protocol.added_by
|
|
|
|
end
|
|
|
|
|
|
|
|
# protocol in repository: copy
|
2018-01-05 22:15:50 +08:00
|
|
|
can :clone_protocol_in_repository do |user, protocol|
|
2018-02-16 19:03:44 +08:00
|
|
|
can_read_protocol_in_repository?(user, protocol) &&
|
|
|
|
can_create_protocols_in_repository?(user, protocol.team)
|
2017-12-07 18:11:27 +08:00
|
|
|
end
|
2017-12-06 02:51:44 +08:00
|
|
|
end
|