scinote-eln/scinote-web
1
1
Fork 0
mirror of https://github.com/scinote-eln/scinote-web.git synced 2025-01-27 10:08:11 +08:00
Code Issues Projects Releases Packages Wiki Activity

Update permission and model to share repository over all teams

Browse source
This commit is contained in:
Urban Rotnik 2019-08-12 15:49:08 +02:00
parent dc6af10018
commit 0ce331227c
9 changed files with 83 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
app/models/repository.rb
View file

@ -6,6 +6,8 @@ class Repository < ApplicationRecord
include RepositoryImportParser
include Discard::Model
enum permission_level: Extends::SHARED_INVENTORIES_PERMISSION_LEVELS
attribute :discarded_by_id, :integer
belongs_to :team
@ -30,7 +32,9 @@ class Repository < ApplicationRecord
default_scope -> { kept }
scope :accessible_by_teams, lambda { |teams|
left_outer_joins(:team_repositories)
.where('repositories.team_id IN (?) OR team_repositories.team_id IN (?)', teams, teams)
.where('repositories.team_id IN (?) '\
'OR team_repositories.team_id IN (?) '\
'OR repositories.shared = true', teams, teams)
.distinct
.order(:created_at)
}
@ -74,11 +78,21 @@ class Repository < ApplicationRecord
end
def shared_with?(team)
team_repositories.where(team: team).any?
return false if self.team == team
shared? || team_repositories.where(team: team).any?
end
def shared_with_write?(team)
team_repositories.where(team: team, permission_level: :write).any?
return false if self.team == team
shared? && write? || team_repositories.where(team: team, permission_level: :write).any?
end
def shared_with_read?(team)
return false if self.team == team
shared? && read? || team_repositories.where(team: team, permission_level: :read).any?
end
def self.viewable_by_user(_user, teams)

6
app/permissions/repository.rb
View file

@ -3,7 +3,9 @@
Canaid::Permissions.register_for(Repository) do
# repository: read/export
can :read_repository do |user, repository|
user.teams.include?(repository.team) || repository.team_repositories.where(team: user.teams).any?
user.teams.include?(repository.team) ||
repository.shared? ||
repository.team_repositories.where(team: user.teams).any?
end
# repository: update, delete
@ -15,6 +17,8 @@ Canaid::Permissions.register_for(Repository) do
can :create_repository_rows do |user, repository|
if user.teams.include?(repository.team)
user.is_normal_user_or_admin_of_team?(repository.team)
elsif repository.shared? && repository.write?
user.is_normal_user_or_admin_of_team?(user.current_team)
elsif (write_team_repos = repository
.team_repositories
.where(team_id: user.teams.pluck(:id))

2
app/views/repositories/_sidebar.html.erb
View file

@ -25,7 +25,7 @@
<% end %>
<% if repository.shared_with?(current_team) %>
<% if repository.team_repositories.where(team: current_team).take.write? %>
<% if repository.shared_with_write?(current_team) %>
<%= draw_custom_icon('shared-edit') %>
<% else %>
<%= draw_custom_icon('shared-read') %>

4
app/views/repositories/show.html.erb
View file

@ -16,7 +16,7 @@
<span class="repository-name" title="<%= @repository.name %>"><%= @repository.name %></span>
<span class="repository-share-icon">
<% if @repository.shared_with?(current_team) %>
<% if @repository.team_repositories.where(team: current_team).first.write? %>
<% if @repository.shared_with_write?(current_team) %>
<%= draw_custom_icon('shared-edit') %>
<% else %>
<%= draw_custom_icon('shared-read') %>
@ -145,7 +145,7 @@
<span class="fas fa-copy"></span>
<span class="hidden-xs-custom"><%= t("repositories.copy_record") %></span>
</button>
<% elsif @repository.team_repositories.where(team: current_team).first.read? %>
<% elsif @repository.shared_with_read?(current_team) %>
<p class="view-only-label"><%= t('repositories.index.view_only_permission_label') %></p>
<% end %>
</div>

8
db/migrate/20190812065432_add_share_flag_to_repository.rb Normal file
View file

@ -0,0 +1,8 @@
# frozen_string_literal: true
class AddShareFlagToRepository < ActiveRecord::Migration[5.2]
def change
add_column :repositories, :shared, :boolean, null: false, default: false
add_column :repositories, :permission_level, :integer, null: false, default: 0
end
end

10
db/migrate/20190812072649_add_indexes_to_sharing_columns.rb Normal file
View file

@ -0,0 +1,10 @@
# frozen_string_literal: true
class AddIndexesToSharingColumns < ActiveRecord::Migration[5.2]
def change
add_index :team_repositories, :permission_level
add_index :repositories, :shared
add_index :repositories, :permission_level
change_column_default :team_repositories, :permission_level, from: nil, to: 0
end
end

9
db/schema.rb
View file

@ -10,7 +10,7 @@
#
# It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 2019_07_15_150326) do
ActiveRecord::Schema.define(version: 2019_08_12_072649) do
# These are extensions that must be enabled in order to support this database
enable_extension "btree_gist"
@ -416,7 +416,11 @@ ActiveRecord::Schema.define(version: 2019_07_15_150326) do
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "discarded_at"
t.boolean "shared", default: false, null: false
t.integer "permission_level", default: 0, null: false
t.index ["discarded_at"], name: "index_repositories_on_discarded_at"
t.index ["permission_level"], name: "index_repositories_on_permission_level"
t.index ["shared"], name: "index_repositories_on_shared"
t.index ["team_id"], name: "index_repositories_on_team_id"
end
@ -721,9 +725,10 @@ ActiveRecord::Schema.define(version: 2019_07_15_150326) do
create_table "team_repositories", force: :cascade do |t|
t.bigint "team_id"
t.bigint "repository_id"
t.integer "permission_level", null: false
t.integer "permission_level", default: 0, null: false
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.index ["permission_level"], name: "index_team_repositories_on_permission_level"
t.index ["repository_id"], name: "index_team_repositories_on_repository_id"
t.index ["team_id", "repository_id"], name: "index_team_repositories_on_team_id_and_repository_id", unique: true
t.index ["team_id"], name: "index_team_repositories_on_team_id"

8
spec/factories/repositories.rb
View file

@ -5,5 +5,13 @@ FactoryBot.define do
sequence(:name) { |n| "My repository-#{n}" }
created_by { create :user }
team
trait :write_shared do
shared { true }
permission_level { :write }
end
trait :read_shared do
shared { true }
permission_level { :read }
end
end
end

25
spec/permissions/repositroy_permissions_spec.rb
View file

@ -8,6 +8,8 @@ describe 'RepositoryPermissions' do
let(:user) { create :user }
let(:repository) { build :repository, team: team }
let(:team) { create :team }
let(:write_shared_repository) { create :repository, :write_shared }
let(:read_shared_repository) { create :repository, :read_shared }
describe 'create_repository_rows, manage_repository_rows, create_repository_columns' do
context 'when team\'s repositroy' do
@ -62,6 +64,19 @@ describe 'RepositoryPermissions' do
expect(can_create_repository_rows?(user, new_repository)).to be_falsey
end
end
context 'when shared with all organization' do
it 'should be true when repo has write permission' do
create :user_team, :normal_user, user: user, team: team
allow_any_instance_of(User).to receive(:current_team).and_return(team)
expect(can_create_repository_rows?(user, write_shared_repository)).to be_truthy
end
it 'should be false when repo has read permission' do
expect(can_create_repository_rows?(user, read_shared_repository)).to be_falsey
end
end
end
describe 'read_repository' do
@ -91,5 +106,15 @@ describe 'RepositoryPermissions' do
expect(can_read_repository?(user, new_repository)).to be_falsey
end
end
context 'when shared with all organization' do
it 'should be true when repo has write permission' do
expect(can_read_repository?(user, write_shared_repository)).to be_truthy
end
it 'should be true when repo has read permission' do
expect(can_read_repository?(user, read_shared_repository)).to be_truthy
end
end
end
end