From 2b2888e6f7b3fab52b48aec7bddce4004f632e46 Mon Sep 17 00:00:00 2001
From: ajugo <andrej.jugovic7@gmail.com>
Date: Fri, 22 Apr 2022 11:50:32 +0200
Subject: [PATCH] Allow tag creation on task level if you have permission
 [SCI-6573] (#4031)

---
 app/controllers/tags_controller.rb            |  7 +-----
 app/views/my_module_tags/_index_edit.html.erb | 24 +++++++++----------
 2 files changed, 12 insertions(+), 19 deletions(-)

diff --git a/app/controllers/tags_controller.rb b/app/controllers/tags_controller.rb
index b1164cf4d..e561e1d4d 100644
--- a/app/controllers/tags_controller.rb
+++ b/app/controllers/tags_controller.rb
@@ -2,7 +2,6 @@ class TagsController < ApplicationController
   before_action :load_vars, only: [:create, :update, :destroy]
   before_action :load_vars_nested, only: [:update, :destroy]
   before_action :check_manage_permissions, only: %i(create update destroy)
-  before_action :check_manage_my_module_permissions, only: %i(create)
 
   def create
     @tag = Tag.new(tag_params)
@@ -154,16 +153,12 @@ class TagsController < ApplicationController
     end
   end
 
-  def check_manage_my_module_permissions
+  def check_manage_permissions
     my_module = MyModule.find_by id: params[:my_module_id]
 
     render_403 if my_module && !can_manage_my_module_tags?(my_module)
   end
 
-  def check_manage_permissions
-    render_403 unless can_manage_project_tags?(@project)
-  end
-
   def tag_params
     params.require(:tag).permit(:name, :color, :project_id)
   end
diff --git a/app/views/my_module_tags/_index_edit.html.erb b/app/views/my_module_tags/_index_edit.html.erb
index 534e84b40..18f742db1 100644
--- a/app/views/my_module_tags/_index_edit.html.erb
+++ b/app/views/my_module_tags/_index_edit.html.erb
@@ -67,18 +67,16 @@
         </div>
       </div>
     <% end %>
-    <% if can_manage_project_tags?(@my_module.experiment.project) && can_manage_my_module_tags?(@my_module) %>
-      <div class="pull-right create-new-tag-btn">
-        <%= bootstrap_form_for [@my_module.experiment.project, @new_tag], remote: true, format: :json, html: { class: 'add-tag-form' } do |f| %>
-          <%= hidden_field_tag :my_module_id, @my_module.id %>
-          <%= f.hidden_field :project_id, :value => @my_module.experiment.project.id %>
-          <%= f.hidden_field :name, :value => t("tags.create.new_name") %>
-          <%= f.hidden_field :color, :value => Constants::TAG_COLORS[0] %>
-          <%= f.button class: "btn btn-primary" do %>
-            <span class="fas fa-plus"></span>
-            <span class="hidden-xs"><%=t "experiments.canvas.modal_manage_tags.create_new" %></span>
-          <% end %>
+    <div class="pull-right create-new-tag-btn">
+      <%= bootstrap_form_for [@my_module.experiment.project, @new_tag], remote: true, format: :json, html: { class: 'add-tag-form' } do |f| %>
+        <%= hidden_field_tag :my_module_id, @my_module.id %>
+        <%= f.hidden_field :project_id, :value => @my_module.experiment.project.id %>
+        <%= f.hidden_field :name, :value => t("tags.create.new_name") %>
+        <%= f.hidden_field :color, :value => Constants::TAG_COLORS[0] %>
+        <%= f.button class: "btn btn-primary" do %>
+          <span class="fas fa-plus"></span>
+          <span class="hidden-xs"><%=t "experiments.canvas.modal_manage_tags.create_new" %></span>
         <% end %>
-      </div>
-    <% end %>
+      <% end %>
+    </div>
 </div>