diff --git a/app/controllers/canvas_controller.rb b/app/controllers/canvas_controller.rb index 804dc5747..c07e59ad3 100644 --- a/app/controllers/canvas_controller.rb +++ b/app/controllers/canvas_controller.rb @@ -33,7 +33,7 @@ class CanvasController < ApplicationController # Make sure that remove parameter is valid to_archive = [] - if can_archive_modules(@experiment.project) and + if can_archive_modules(@experiment) and update_params[:remove].present? then to_archive = update_params[:remove].split(",") unless to_archive.all? { |id| is_int? id } @@ -49,7 +49,7 @@ class CanvasController < ApplicationController # Make sure connections parameter is valid connections = [] - if can_edit_connections(@experiment.project) and + if can_edit_connections(@experiment) and update_params[:connections].present? then conns = update_params[:connections].split(",") unless conns.length % 2 == 0 and @@ -68,7 +68,7 @@ class CanvasController < ApplicationController # Make sure positions parameter is valid positions = Hash.new - if can_reposition_modules(@experiment.project) and + if can_reposition_modules(@experiment) and update_params[:positions].present? then poss = update_params[:positions].split(";") center = "" @@ -104,7 +104,7 @@ class CanvasController < ApplicationController # Make sure that to_add is an array of strings, # as well as that positions for newly added modules exist to_add = [] - if can_create_modules(@experiment.project) and + if can_create_modules(@experiment) and update_params[:add].present? and update_params["add-names"].present? then ids = update_params[:add].split(",") @@ -131,7 +131,7 @@ class CanvasController < ApplicationController # Make sure rename parameter is valid to_rename = Hash.new - if can_edit_modules(@experiment.project) and + if can_edit_modules(@experiment) and update_params[:rename].present? then begin to_rename = JSON.parse(update_params[:rename]) @@ -156,7 +156,7 @@ class CanvasController < ApplicationController # Make sure that to_clone is an array of pairs, # as well as that all IDs exist to_clone = Hash.new - if can_clone_modules(@experiment.project) and + if can_clone_modules(@experiment) and update_params[:cloned].present? then clones = update_params[:cloned].split(";") (clones.collect { |v| v.split(",") }).each do |val| @@ -177,7 +177,7 @@ class CanvasController < ApplicationController end module_groups = Hash.new - if can_edit_module_groups(@experiment.project) and + if can_edit_module_groups(@experiment) and update_params["module-groups"].present? then begin module_groups = JSON.parse(update_params["module-groups"]) @@ -265,13 +265,13 @@ class CanvasController < ApplicationController end def check_edit_canvas - unless can_edit_canvas(@experiment.project) + unless can_edit_canvas(@experiment) render_403 and return end end def check_view_canvas - unless can_view_project(@experiment.project) + unless can_view_experiment(@experiment) render_403 and return end end diff --git a/app/helpers/permission_helper.rb b/app/helpers/permission_helper.rb index 5b8b23d4d..4251d0eb1 100644 --- a/app/helpers/permission_helper.rb +++ b/app/helpers/permission_helper.rb @@ -301,38 +301,38 @@ module PermissionHelper # ---- WORKFLOW PERMISSIONS ---- - def can_edit_canvas(project) - is_user_or_higher_of_project(project) + def can_edit_canvas(experiment) + is_user_or_higher_of_project(experiment.project) end - def can_reposition_modules(project) - is_user_or_higher_of_project(project) + def can_reposition_modules(experiment) + is_user_or_higher_of_project(experiment.project) end - def can_edit_connections(project) - is_user_or_higher_of_project(project) + def can_edit_connections(experiment) + is_user_or_higher_of_project(experiment.project) end # ---- MODULE PERMISSIONS ---- - def can_create_modules(project) - is_user_or_higher_of_project(project) + def can_create_modules(experiment) + is_user_or_higher_of_project(experiment.project) end - def can_edit_modules(project) - is_user_or_higher_of_project(project) + def can_edit_modules(experiment) + is_user_or_higher_of_project(experiment.project) end - def can_edit_module_groups(project) - is_user_or_higher_of_project(project) + def can_edit_module_groups(experiment) + is_user_or_higher_of_project(experiment.project) end - def can_clone_modules(project) - is_user_or_higher_of_project(project) + def can_clone_modules(experiment) + is_user_or_higher_of_project(experiment.project) end - def can_archive_modules(project) - is_user_or_higher_of_project(project) + def can_archive_modules(experiment) + is_user_or_higher_of_project(experiment.project) end def can_view_module(my_module) diff --git a/app/views/canvas/_edit.html.erb b/app/views/canvas/_edit.html.erb index 360bb4a3c..167d13537 100644 --- a/app/views/canvas/_edit.html.erb +++ b/app/views/canvas/_edit.html.erb @@ -1,11 +1,11 @@
" - data-can-edit-modules="<%= can_edit_modules(@project) ? "yes" : "no" %>" - data-can-edit-module-groups="<%= can_edit_module_groups(@project) ? "yes" : "no" %>" - data-can-clone-modules="<%= can_clone_modules(@project) ? "yes" : "no" %>" - data-can-delete-modules="<%= can_archive_modules(@project) ? "yes" : "no" %>" - data-can-reposition-modules="<%= can_reposition_modules(@project) ? "yes" : "no" %>" - data-can-edit-connections="<%= can_edit_connections(@project) ? "yes" : "no" %>" + data-can-create-modules="<%= can_create_modules(@experiment) ? "yes" : "no" %>" + data-can-edit-modules="<%= can_edit_modules(@experiment) ? "yes" : "no" %>" + data-can-edit-module-groups="<%= can_edit_module_groups(@experiment) ? "yes" : "no" %>" + data-can-clone-modules="<%= can_clone_modules(@experiment) ? "yes" : "no" %>" + data-can-delete-modules="<%= can_archive_modules(@experiment) ? "yes" : "no" %>" + data-can-reposition-modules="<%= can_reposition_modules(@experiment) ? "yes" : "no" %>" + data-can-edit-connections="<%= can_edit_connections(@experiment) ? "yes" : "no" %>" data-unsaved-work-text="<%=t "experiments.canvas.edit.unsaved_work" %>" > <%= bootstrap_form_tag url: canvas_project_url, method: "post" do |f| %> @@ -19,7 +19,7 @@   <% end %>
- <% if can_create_modules(@project) %> + <% if can_create_modules(@experiment) %> <%=link_to "", type: "button", class: "btn btn-default", id: "canvas-new-module" do %> @@ -69,20 +69,20 @@
<% my_modules.each do |my_module| %> - <%= render partial: "canvas/edit/my_module", locals: {project: @project, my_module: my_module} %> + <%= render partial: "canvas/edit/my_module", locals: {experiment: @experiment, my_module: my_module} %> <% end %>
-<% if can_create_modules(@project) %> - <%= render partial: "canvas/edit/modal/new_module", locals: {project: @project} %> +<% if can_create_modules(@experiment) %> + <%= render partial: "canvas/edit/modal/new_module", locals: {experiment: @experiment} %> <% end %> -<% if can_edit_modules(@project) %> - <%= render partial: "canvas/edit/modal/edit_module", locals: {project: @project } %> +<% if can_edit_modules(@experiment) %> + <%= render partial: "canvas/edit/modal/edit_module", locals: {experiment: @experiment } %> <% end %> -<% if can_edit_module_groups(@project) %> - <%= render partial: "canvas/edit/modal/edit_module_group", locals: {project: @project } %> +<% if can_edit_module_groups(@experiment) %> + <%= render partial: "canvas/edit/modal/edit_module_group", locals: {experiment: @experiment } %> <% end %> -<% if can_archive_modules(@project) %> - <%= render partial: "canvas/edit/modal/delete_module", locals: {project: @project} %> - <%= render partial: "canvas/edit/modal/delete_module_group", locals: {project: @project} %> +<% if can_archive_modules(@experiment) %> + <%= render partial: "canvas/edit/modal/delete_module", locals: {experiment: @experiment} %> + <%= render partial: "canvas/edit/modal/delete_module_group", locals: {experiment: @experiment} %> <% end %> diff --git a/app/views/canvas/edit/_my_module.html.erb b/app/views/canvas/edit/_my_module.html.erb index a5acfe020..c9670ce93 100644 --- a/app/views/canvas/edit/_my_module.html.erb +++ b/app/views/canvas/edit/_my_module.html.erb @@ -26,12 +26,12 @@ <%=t "experiments.canvas.edit.edit_module" %> <% end %> - <% if can_edit_module_groups(my_module.experiment.project) %> + <% if can_edit_module_groups(my_module.experiment) %>
  • > <%=t "experiments.canvas.edit.edit_module_group" %>
    • <% end %> - <% if can_clone_modules(my_module.experiment.project) %> + <% if can_clone_modules(my_module.experiment) %>
  • <%=t "experiments.canvas.edit.clone_module" %>
    • @@ -44,7 +44,7 @@ <%=t "experiments.canvas.edit.delete_module" %> <% end %> - <% if can_archive_modules(my_module.experiment.project) %> + <% if can_archive_modules(my_module.experiment) %>
  • > <%=t "experiments.canvas.edit.delete_module_group" %>
    • @@ -54,7 +54,7 @@
    - <% if can_edit_connections(my_module.experiment.project) %> + <% if can_edit_connections(my_module.experiment) %>
    <%=t "experiments.canvas.edit.drag_connections" %>