Merge pull request #3010 from urbanrotnik/ur-sci-5294-remove-editing-options-of-archived-results

Refactor result permissions [SCI-5294]

app/permissions/asset.rb

@@ -9,7 +9,7 @@ Canaid::Permissions.register_for(Asset) do
       protocol = object.protocol
       can_read_protocol_in_module?(user, protocol) || can_read_protocol_in_repository?(user, protocol)
     when Result
-      can_read_experiment?(user, object.my_module.experiment)
+      can_read_result?(object)
     when RepositoryCell
       can_read_repository?(user, object.repository_column.repository)
     end
@@ -23,7 +23,7 @@ Canaid::Permissions.register_for(Asset) do
       protocol = object.protocol
       can_manage_protocol_in_module?(user, protocol) || can_manage_protocol_in_repository?(user, protocol)
     when Result
-      can_manage_module?(user, object.my_module)
+      can_manage_result?(object)
     when RepositoryCell
       return false if object.repository_column.repository.is_a?(RepositorySnapshot)
 

app/permissions/experiment.rb

@@ -108,25 +108,6 @@ Canaid::Permissions.register_for(Protocol) do
   end
 end
 
-Canaid::Permissions.register_for(Result) do
-  # Module, its experiment and its project must be active for all the specified
-  # permissions
-  %i(manage_result).each do |perm|
-    can perm do |_, result|
-      my_module = result.my_module
-      my_module.active? &&
-        my_module.experiment.active? &&
-        my_module.experiment.project.active?
-    end
-  end
-
-  # result: delete, archive
-  can :manage_result do |user, result|
-    result.unlocked?(result) &&
-      user.is_owner_of_project?(result.my_module.experiment.project)
-  end
-end
-
 Canaid::Permissions.register_for(Comment) do
   # Module, its experiment and its project must be active for all the specified
   # permissions

app/permissions/result.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+Canaid::Permissions.register_for(Result) do
+  can :read_result do |user, result|
+    can_read_experiment?(user, result.my_module.experiment)
+  end
+
+  can :manage_result do |user, result|
+    can_manage_module?(user, result.my_module) && result.active? && result.unlocked?(result)
+  end
+end

spec/permissions/result_permission_spec.rb

@@ -0,0 +1,53 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+describe 'ResultPermissions' do
+  include Canaid::Helpers::PermissionsHelper
+
+  let(:user) { create :user, current_team_id: team.id }
+  let(:team) { create :team }
+  let(:result) { create :result, user: user, my_module: my_module }
+  let(:my_module) { create :my_module, experiment: experiment }
+  let(:experiment) { create :experiment, user: user }
+
+  before do
+    create :user_project, :normal_user, user: user, project: experiment.project
+  end
+
+  describe 'can_read_result?' do
+    it 'should be true for active result' do
+      expect(can_read_result?(user, result)).to be_truthy
+    end
+
+    it 'should be true for archived result' do
+      result.archive!(user)
+
+      expect(can_read_result?(user, result)).to be_truthy
+    end
+
+    it 'should be true for archived experiment' do
+      experiment.update(archived_on: Time.zone.now, archived_by: user)
+
+      expect(can_read_result?(user, result)).to be_truthy
+    end
+  end
+
+  describe 'can_manage_result?' do
+    it 'should be true for active result' do
+      expect(can_manage_result?(user, result)).to be_truthy
+    end
+
+    it 'should be false for archived result' do
+      result.archive!(user)
+
+      expect(can_manage_result?(user, result)).to be_falsey
+    end
+
+    it 'should be false for archived experiment' do
+      experiment.update(archived_on: Time.zone.now, archived_by: user, archived: true)
+
+      expect(can_manage_result?(user, result)).to be_falsey
+    end
+  end
+end