2018-03-29 15:55:26 +02:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
|
|
module SmartAnnotations
|
|
|
|
|
class PermissionEval
|
|
|
|
|
class << self
|
|
|
|
|
include Canaid::Helpers::PermissionsHelper
|
|
|
|
|
|
2019-03-20 12:58:22 +01:00
|
|
|
def check(user, team, type, object)
|
2019-05-31 09:56:54 +02:00
|
|
|
__send__("validate_#{type}_permissions", user, team, object)
|
2018-03-29 15:55:26 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
2019-03-20 12:58:22 +01:00
|
|
|
def validate_prj_permissions(user, team, object)
|
2020-09-21 14:09:11 +02:00
|
|
|
object.archived = false
|
2020-09-21 14:41:51 +02:00
|
|
|
permission_check = object.team.id == team.id && can_read_project?(user, object)
|
2020-09-24 11:56:17 +02:00
|
|
|
object.archived = true if object.archived_changed?
|
2020-09-21 14:41:51 +02:00
|
|
|
permission_check
|
2018-03-29 15:55:26 +02:00
|
|
|
end
|
|
|
|
|
|
2019-03-20 12:58:22 +01:00
|
|
|
def validate_exp_permissions(user, team, object)
|
2020-09-21 14:09:11 +02:00
|
|
|
object.archived = false
|
2020-09-21 14:41:51 +02:00
|
|
|
permission_check = object.project.team.id == team.id && can_read_experiment?(user, object)
|
2020-09-24 11:56:17 +02:00
|
|
|
object.archived = true if object.archived_changed?
|
2020-09-21 14:41:51 +02:00
|
|
|
permission_check
|
2018-03-29 15:55:26 +02:00
|
|
|
end
|
|
|
|
|
|
2019-03-20 12:58:22 +01:00
|
|
|
def validate_tsk_permissions(user, team, object)
|
2020-09-21 14:09:11 +02:00
|
|
|
validate_exp_permissions(user, team, object.experiment)
|
2018-03-29 15:55:26 +02:00
|
|
|
end
|
|
|
|
|
|
2019-03-20 12:58:22 +01:00
|
|
|
def validate_rep_item_permissions(user, team, object)
|
2020-09-21 14:09:11 +02:00
|
|
|
return can_read_repository?(user, object.repository) if object.repository
|
2019-03-20 12:58:22 +01:00
|
|
|
|
2018-05-25 11:41:43 +02:00
|
|
|
# handles discarded repositories
|
2020-09-21 14:09:11 +02:00
|
|
|
repository = Repository.with_discarded.find_by(id: object.repository_id)
|
2018-05-25 11:41:43 +02:00
|
|
|
# evaluate to false if repository not found
|
|
|
|
|
return false unless repository
|
2019-03-20 12:58:22 +01:00
|
|
|
|
2019-07-26 15:41:23 +02:00
|
|
|
(repository.team.id == team.id ||
|
2019-08-07 13:44:57 +02:00
|
|
|
repository.team_repositories.where(team_id: team.id).any?) &&
|
2019-07-26 15:41:23 +02:00
|
|
|
can_read_repository?(user, repository)
|
2018-03-29 15:55:26 +02:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
