scinote-eln/scinote-web
1
1
Fork 0
mirror of https://github.com/scinote-eln/scinote-web.git synced 2025-01-27 18:21:50 +08:00
Code Issues Projects Releases Packages Wiki Activity

Fixed Hound warnings.

Browse source
This commit is contained in:
Matej Zrimšek 2018-01-25 12:00:30 +01:00
parent d423700e84
commit 279da20060
4 changed files with 20 additions and 42 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
app/controllers/project_activities_controller.rb
View file

@ -26,9 +26,7 @@ class ProjectActivitiesController < ApplicationController
end
def check_view_permissions
unless can_read_project?(@project)
render_403
end
render_403 unless can_read_project?(@project)
end
end

14
app/controllers/project_comments_controller.rb
View file

@ -171,25 +171,23 @@ class ProjectCommentsController < ApplicationController
end
def check_view_permissions
unless can_read_project?(@project)
render_403
end
render_403 unless can_read_project?(@project)
end
def check_add_permissions
unless can_add_comment_to_project?(@project)
render_403
end
render_403 unless can_add_comment_to_project?(@project)
end
def check_edit_permissions
@comment = ProjectComment.find_by_id(params[:id])
render_403 unless @comment.present? && can_update_or_delete_project_comment?(@comment)
render_403 unless @comment.present? &&
can_update_or_delete_project_comment?(@comment)
end
def check_destroy_permissions
@comment = ProjectComment.find_by_id(params[:id])
render_403 unless @comment.present? && can_update_or_delete_project_comment?(@comment)
render_403 unless @comment.present? &&
can_update_or_delete_project_comment?(@comment)
end
def comment_params

16
app/controllers/projects_controller.rb
View file

@ -119,8 +119,8 @@ class ProjectsController < ApplicationController
# Check archive permissions if archiving/restoring
if project_params.include? :archive
if (project_params[:archive] and !can_update_project?(@project)) or
(!project_params[:archive] and !can_restore_project?(@project))
if (project_params[:archive] && !can_update_project?(@project)) ||
(!project_params[:archive] && !can_restore_project?(@project))
return_error = true
is_archive = URI(request.referer).path == projects_archive_path ? "restore" : "archive"
flash_error = t("projects.#{is_archive}.error_flash", name: @project.name)
@ -318,9 +318,7 @@ class ProjectsController < ApplicationController
end
def check_view_permissions
unless can_read_project?(@project)
render_403
end
render_403 unless can_read_project?(@project)
end
def check_create_permissions
@ -328,15 +326,11 @@ class ProjectsController < ApplicationController
end
def check_view_notifications_permissions
unless can_read_project?(@project)
render_403
end
render_403 unless can_read_project?(@project)
end
def check_edit_permissions
unless can_update_project?(@project)
render_403
end
render_403 unless can_update_project?(@project)
end
def check_experiment_archive_permissions

28
app/controllers/user_projects_controller.rb
View file

@ -181,38 +181,26 @@ class UserProjectsController < ApplicationController
end
def check_view_tab_permissions
unless can_read_project?(@project)
render_403
end
render_403 unless can_read_project?(@project)
end
def check_view_permissions
unless can_update_project?(@project)
render_403
end
render_403 unless can_update_project?(@project)
end
def check_create_permissions
unless can_update_project?(@project)
render_403
end
render_403 unless can_update_project?(@project)
end
def check_update_permisisons
# TODO improve permissions for changing your role on project
unless params[:id] != current_user.id
render_403
end
# TODO: improve permissions for changing your role on project
render_403 unless params[:id] != current_user.id
end
def check_delete_permisisons
# TODO improve permissions for remove yourself from project
unless params[:id] != current_user.id
render_403
end
unless can_update_project?(@project)
render_403
end
# TODO: improve permissions for remove yourself from project
render_403 unless params[:id] != current_user.id
render_403 unless can_update_project?(@project)
end
def init_gui