refactor manage sample permissions again by removing authorship and refactor manage sample elements permissions

app/controllers/concerns/sample_actions.rb

@@ -11,7 +11,7 @@ module SampleActions
       params[:sample_ids].each do |id|
         sample = Sample.find_by_id(id)
 
-        if sample && can_update_or_delete_sample?(sample)
+        if sample
           sample.destroy
           counter_user += 1
         else
@@ -45,7 +45,7 @@ module SampleActions
   end
 
   def check_destroy_samples_permissions
-    unless can_delete_samples?(@project.team)
+    unless can_manage_sample?(@project.team)
       render_403
     end
   end

app/controllers/custom_fields_controller.rb

@@ -3,9 +3,7 @@ class CustomFieldsController < ApplicationController
 
   before_action :load_vars, except: :create
   before_action :load_vars_nested, only: [:create, :destroy_html]
-  before_action :check_create_permissions, only: :create
+  before_action :check_permissions
-  before_action :check_update_permissions, only: :update
-  before_action :check_destroy_permissions, only: [:destroy, :destroy_html]
 
   def create
     @custom_field = CustomField.new(custom_field_params)
@@ -105,16 +103,8 @@ class CustomFieldsController < ApplicationController
     render_404 unless @team
   end
 
-  def check_create_permissions
+  def check_permissions
-    render_403 unless can_create_custom_field_in_team(@team)
+    render_403 unless can_manage_sample_elements?(@team)
-  end
-
-  def check_update_permissions
-    render_403 unless can_edit_custom_field(@custom_field)
-  end
-
-  def check_destroy_permissions
-    render_403 unless can_delete_custom_field(@custom_field)
   end
 
   def custom_field_params

app/controllers/sample_groups_controller.rb

@@ -1,7 +1,7 @@
 class SampleGroupsController < ApplicationController
   before_action :load_vars_nested
-  before_action :check_create_permissions
+  before_action :check_permissions, except: %i(index sample_group_element)
-  before_action :set_sample_group, except: [:create, :index]
+  before_action :set_sample_group, except: %i(create index)
   before_action :set_project_my_module, only: :index
   layout 'fluid'
 
@@ -133,8 +133,8 @@ class SampleGroupsController < ApplicationController
     render_404 unless @team
   end
 
-  def check_create_permissions
+  def check_permissions
-    render_403 unless can_create_sample_type_in_team(@team)
+    render_403 unless can_manage_sample_elements?(@team)
   end
 
   def sample_group_params

app/controllers/sample_types_controller.rb

@@ -1,7 +1,7 @@
 class SampleTypesController < ApplicationController
   before_action :load_vars_nested
-  before_action :check_create_permissions
+  before_action :check_permissions, except: %i(index sample_type_element)
-  before_action :set_sample_type, except: [:create, :index]
+  before_action :set_sample_type, except: %i(create index)
   before_action :set_project_my_module, only: :index
   layout 'fluid'
 
@@ -129,8 +129,8 @@ class SampleTypesController < ApplicationController
     render_404 unless @team
   end
 
-  def check_create_permissions
+  def check_permissions
-    render_403 unless can_create_sample_type_in_team(@team)
+    render_403 unless can_manage_sample_elements?(@team)
   end
 
   def set_sample_type

app/controllers/samples_controller.rb

@@ -6,13 +6,11 @@ class SamplesController < ApplicationController
   before_action :load_vars, only: [:edit, :update, :destroy, :show]
   before_action :load_vars_nested, only: [:new, :create]
 
-  before_action :check_edit_permissions, only: :edit
+  before_action :check_manage_permissions, exept: :show
-  before_action :check_destroy_permissions, only: :destroy
 
   def new
     respond_to do |format|
       format.html
-      if can_create_sample?(@team)
       groups = @team.sample_groups.map do |g|
         { id: g.id, name: sanitize_input(g.name), color: g.color }
       end
@@ -25,9 +23,6 @@ class SamplesController < ApplicationController
           sample_types: types.as_json
         }
       end
-      else
-        format.json { render json: {}, status: :unauthorized }
-      end
     end
   end
 
@@ -43,7 +38,6 @@ class SamplesController < ApplicationController
     };
 
     respond_to do |format|
-      if can_create_sample?(@team)
       if params[:sample]
         # Sample name
         if params[:sample][:name]
@@ -106,9 +100,6 @@ class SamplesController < ApplicationController
       else
         format.json { render json: errors, status: :bad_request }
       end
-      else
-        format.json { render json: {}, status: :unauthorized }
-      end
     end
   end
 
@@ -167,7 +158,6 @@ class SamplesController < ApplicationController
 
     respond_to do |format|
       if sample
-        if can_update_or_delete_sample?(sample)
         if params[:sample]
           if params[:sample][:name]
             sample.name = params[:sample][:name]
@@ -287,9 +277,6 @@ class SamplesController < ApplicationController
         else
           format.json { render json: errors, status: :bad_request }
         end
-        else
-          format.json { render json: {}, status: :unauthorized }
-        end
       else
         format.json { render json: {}, status: :not_found }
       end
@@ -318,22 +305,8 @@ class SamplesController < ApplicationController
     end
   end
 
-  def check_create_permissions
+  def check_manage_permissions
-    unless can_create_sample?(@team)
+    render_403 unless can_manage_sample?(@team)
-      render_403
-    end
-  end
-
-  def check_edit_permissions
-    unless can_update_or_delete_sample?(@sample)
-      render_403
-    end
-  end
-
-  def check_destroy_permissions
-    unless can_update_or_delete_sample?(@sample)
-      render_403
-    end
   end
 
   def sample_params

app/controllers/teams_controller.rb

@@ -249,7 +249,7 @@ class TeamsController < ApplicationController
   end
 
   def check_create_sample_permissions
-    unless can_create_sample?(@team)
+    unless can_manage_sample?(@team)
       render_403
     end
   end

app/helpers/permission_helper.rb

@@ -662,31 +662,31 @@ module PermissionHelper
 
   # ---- SAMPLE TYPES PERMISSIONS ----
 
-  def can_create_sample_type_in_team(team)
+  # def can_create_sample_type_in_team(team)
-    is_normal_user_or_admin_of_team(team)
+  #   is_normal_user_or_admin_of_team(team)
-  end
+  # end
 
   # ---- SAMPLE GROUPS PERMISSIONS ----
 
-  def can_create_sample_group_in_team(team)
+  # def can_create_sample_group_in_team(team)
-    is_normal_user_or_admin_of_team(team)
+  #   is_normal_user_or_admin_of_team(team)
-  end
+  # end
 
   # ---- CUSTOM FIELDS PERMISSIONS ----
 
-  def can_create_custom_field_in_team(team)
+  # def can_create_custom_field_in_team(team)
-    is_normal_user_or_admin_of_team(team)
+  #   is_normal_user_or_admin_of_team(team)
-  end
+  # end
 
-  def can_edit_custom_field(custom_field)
+  # def can_edit_custom_field(custom_field)
-    custom_field.user == current_user ||
+  #   custom_field.user == current_user ||
-      is_admin_of_team(custom_field.team)
+  #     is_admin_of_team(custom_field.team)
-  end
+  # end
 
-  def can_delete_custom_field(custom_field)
+  # def can_delete_custom_field(custom_field)
-    custom_field.user == current_user ||
+  #   custom_field.user == current_user ||
-      is_admin_of_team(custom_field.team)
+  #     is_admin_of_team(custom_field.team)
-  end
+  # end
 
   # ---- PROTOCOL PERMISSIONS ----
 

app/helpers/samples_helper.rb

@@ -8,9 +8,7 @@ module SamplesHelper
   end
 
   def can_add_sample_related_things_to_team
-    can_create_custom_field_in_team(@team) &&
+    can_manage_sample_elements?(@team)
-      can_create_sample_type_in_team(@team) &&
-      can_create_sample_group_in_team(@team)
   end
 
   def all_custom_fields

app/permissions/team.rb

@@ -24,13 +24,13 @@ Canaid::Permissions.register_for(Team) do
     user.is_normal_user_or_admin_of_team?(team)
   end
 
-  # create sample, import sample
+  # create, import, edit, delete sample
-  can :create_sample do |user, team|
+  can :manage_sample do |user, team|
     user.is_normal_user_or_admin_of_team?(team)
   end
 
-  # delete samples (general permission, not for specific sample)
+  # create, update, delete custom field, sample type and sample group
-  can :delete_samples do |user, team|
+  can :manage_sample_elements do |user, team|
     user.is_normal_user_or_admin_of_team?(team)
   end
 end
@@ -70,12 +70,3 @@ Canaid::Permissions.register_for(Protocol) do
       can_read_protocol_in_repository?(user, protocol)
   end
 end
-
-Canaid::Permissions.register_for(Sample) do
-  # edit sample, delete sample
-  can :update_or_delete_sample do |user, sample|
-    user.is_admin_of_team?(sample.team) ||
-      user.is_normal_user_or_admin_of_team?(sample.team) &&
-        user == sample.user
-  end
-end

app/views/shared/_samples.html.erb

@@ -21,7 +21,7 @@
     data-module-id="<%= @my_module.id %>"
   <% end %>>
 
-  <% if can_create_sample?(@team) %>
+  <% if can_manage_sample?(@team) %>
     <button type="button" class="btn btn-default editAdd" id="addSample" onclick="onClickAddSample()">
       <span class="glyphicon glyphicon-plus"></span>
       <span class="hidden-xs"><%= t("samples.add_new_sample") %></span>
@@ -51,7 +51,7 @@
         <span class="caret"></span>
       </button>
       <ul class="dropdown-menu dropdown-menu-right smart-dropdown" id="samples-columns-list">
-        <% if can_create_custom_field_in_team(@team) %>
+        <% if can_manage_sample_elements?(@team) %>
           <li class="add-new-column-form">
             <div id="new-column-form" class="form-group" data-action="<%= team_custom_fields_path(@team) %>">
               <div class="input-group">
@@ -99,7 +99,7 @@
     <span class="hidden-xs-custom"><%= t("samples.edit_sample") %></span>
   </button>
 
-  <% if can_delete_samples?(@team) %>
+  <% if can_manage_sample?(@team) %>
     <button type="button" class="btn btn-default"
       id="deleteSamplesButton" data-target="#deleteSamples" data-toggle="modal" disabled>
       <span class="glyphicon glyphicon-trash"></span>
@@ -148,8 +148,8 @@
         <% all_custom_fields.each do |cf| %>
         <th class="custom-field"
             id="<%= cf.id %>"
-            <%= 'data-editable' if can_edit_custom_field(cf) %>
+            <%= 'data-editable' if can_manage_sample_elements?(@team) %>
-            <%= 'data-deletable' if can_delete_custom_field(cf) %>
+            <%= 'data-deletable' if can_manage_sample_elements?(@team) %>
             <%= "data-edit-url='#{edit_team_custom_field_path(@team, cf)}'" %>
             <%= "data-update-url='#{team_custom_field_path(@team, cf)}'" %>
             <%= "data-destroy-html-url='#{team_custom_field_destroy_html_path(@team, cf)}'" %>