refactor canvas permissions

app/controllers/canvas_controller.rb

@@ -33,7 +33,7 @@ class CanvasController < ApplicationController
 
     # Make sure that remove parameter is valid
     to_archive = []
-    if can_archive_modules(@experiment.project) and
+    if can_archive_modules(@experiment) and
       update_params[:remove].present? then
       to_archive = update_params[:remove].split(",")
       unless to_archive.all? { |id| is_int? id }
@@ -49,7 +49,7 @@ class CanvasController < ApplicationController
 
     # Make sure connections parameter is valid
     connections = []
-    if can_edit_connections(@experiment.project) and
+    if can_edit_connections(@experiment) and
       update_params[:connections].present? then
       conns = update_params[:connections].split(",")
       unless conns.length % 2 == 0 and
@@ -68,7 +68,7 @@ class CanvasController < ApplicationController
 
     # Make sure positions parameter is valid
     positions = Hash.new
-    if can_reposition_modules(@experiment.project) and
+    if can_reposition_modules(@experiment) and
       update_params[:positions].present? then
       poss = update_params[:positions].split(";")
       center = ""
@@ -104,7 +104,7 @@ class CanvasController < ApplicationController
     # Make sure that to_add is an array of strings,
     # as well as that positions for newly added modules exist
     to_add = []
-    if can_create_modules(@experiment.project) and
+    if can_create_modules(@experiment) and
       update_params[:add].present? and
       update_params["add-names"].present? then
       ids = update_params[:add].split(",")
@@ -131,7 +131,7 @@ class CanvasController < ApplicationController
 
     # Make sure rename parameter is valid
     to_rename = Hash.new
-    if can_edit_modules(@experiment.project) and
+    if can_edit_modules(@experiment) and
       update_params[:rename].present? then
       begin
         to_rename = JSON.parse(update_params[:rename])
@@ -156,7 +156,7 @@ class CanvasController < ApplicationController
     # Make sure that to_clone is an array of pairs,
     # as well as that all IDs exist
     to_clone = Hash.new
-    if can_clone_modules(@experiment.project) and
+    if can_clone_modules(@experiment) and
       update_params[:cloned].present? then
       clones = update_params[:cloned].split(";")
       (clones.collect { |v| v.split(",") }).each do |val|
@@ -177,7 +177,7 @@ class CanvasController < ApplicationController
     end
 
     module_groups = Hash.new
-    if can_edit_module_groups(@experiment.project) and
+    if can_edit_module_groups(@experiment) and
       update_params["module-groups"].present? then
       begin
         module_groups = JSON.parse(update_params["module-groups"])
@@ -265,13 +265,13 @@ class CanvasController < ApplicationController
   end
 
   def check_edit_canvas
-    unless can_edit_canvas(@experiment.project)
+    unless can_edit_canvas(@experiment)
       render_403 and return
     end
   end
 
   def check_view_canvas
-    unless can_view_project(@experiment.project)
+    unless can_view_experiment(@experiment)
       render_403 and return
     end
   end

app/helpers/permission_helper.rb

@@ -301,38 +301,38 @@ module PermissionHelper
 
   # ---- WORKFLOW PERMISSIONS ----
 
-  def can_edit_canvas(project)
+  def can_edit_canvas(experiment)
-    is_user_or_higher_of_project(project)
+    is_user_or_higher_of_project(experiment.project)
   end
 
-  def can_reposition_modules(project)
+  def can_reposition_modules(experiment)
-    is_user_or_higher_of_project(project)
+    is_user_or_higher_of_project(experiment.project)
   end
 
-  def can_edit_connections(project)
+  def can_edit_connections(experiment)
-    is_user_or_higher_of_project(project)
+    is_user_or_higher_of_project(experiment.project)
   end
 
   # ---- MODULE PERMISSIONS ----
 
-  def can_create_modules(project)
+  def can_create_modules(experiment)
-    is_user_or_higher_of_project(project)
+    is_user_or_higher_of_project(experiment.project)
   end
 
-  def can_edit_modules(project)
+  def can_edit_modules(experiment)
-    is_user_or_higher_of_project(project)
+    is_user_or_higher_of_project(experiment.project)
   end
 
-  def can_edit_module_groups(project)
+  def can_edit_module_groups(experiment)
-    is_user_or_higher_of_project(project)
+    is_user_or_higher_of_project(experiment.project)
   end
 
-  def can_clone_modules(project)
+  def can_clone_modules(experiment)
-    is_user_or_higher_of_project(project)
+    is_user_or_higher_of_project(experiment.project)
   end
 
-  def can_archive_modules(project)
+  def can_archive_modules(experiment)
-    is_user_or_higher_of_project(project)
+    is_user_or_higher_of_project(experiment.project)
   end
 
   def can_view_module(my_module)

app/views/canvas/_edit.html.erb

@@ -1,11 +1,11 @@
 <div id="update-canvas"
-  data-can-create-modules="<%= can_create_modules(@project) ? "yes" : "no" %>"
+  data-can-create-modules="<%= can_create_modules(@experiment) ? "yes" : "no" %>"
-  data-can-edit-modules="<%= can_edit_modules(@project) ? "yes" : "no" %>"
+  data-can-edit-modules="<%= can_edit_modules(@experiment) ? "yes" : "no" %>"
-  data-can-edit-module-groups="<%= can_edit_module_groups(@project) ? "yes" : "no" %>"
+  data-can-edit-module-groups="<%= can_edit_module_groups(@experiment) ? "yes" : "no" %>"
-  data-can-clone-modules="<%= can_clone_modules(@project) ? "yes" : "no" %>"
+  data-can-clone-modules="<%= can_clone_modules(@experiment) ? "yes" : "no" %>"
-  data-can-delete-modules="<%= can_archive_modules(@project) ? "yes" : "no" %>"
+  data-can-delete-modules="<%= can_archive_modules(@experiment) ? "yes" : "no" %>"
-  data-can-reposition-modules="<%= can_reposition_modules(@project) ? "yes" : "no" %>"
+  data-can-reposition-modules="<%= can_reposition_modules(@experiment) ? "yes" : "no" %>"
-  data-can-edit-connections="<%= can_edit_connections(@project) ? "yes" : "no" %>"
+  data-can-edit-connections="<%= can_edit_connections(@experiment) ? "yes" : "no" %>"
   data-unsaved-work-text="<%=t "experiments.canvas.edit.unsaved_work" %>"
 >
   <%= bootstrap_form_tag url: canvas_project_url, method: "post" do |f| %>
@@ -19,7 +19,7 @@
         <span class="glyphicon glyphicon-remove visible-xs" style="height: 16px;margin-top: 4px;">&nbsp;</span>
       <% end %>
     </div>
-    <% if can_create_modules(@project) %>
+    <% if can_create_modules(@experiment) %>
         <%=link_to "", type: "button", class: "btn btn-default", id: "canvas-new-module" do %>
           <span class="hbtn-default">
             <span class="glyphicon glyphicon-credit-card"></span>
@@ -69,20 +69,20 @@
 <div id="diagram-container">
   <div id="diagram" class="diagram">
     <% my_modules.each do |my_module| %>
-      <%= render partial: "canvas/edit/my_module", locals: {project: @project, my_module: my_module} %>
+      <%= render partial: "canvas/edit/my_module", locals: {experiment: @experiment, my_module: my_module} %>
     <% end %>
 </div>
 
-<% if can_create_modules(@project) %>
+<% if can_create_modules(@experiment) %>
-  <%= render partial: "canvas/edit/modal/new_module", locals: {project: @project} %>
+  <%= render partial: "canvas/edit/modal/new_module", locals: {experiment: @experiment} %>
 <% end %>
-<% if can_edit_modules(@project) %>
+<% if can_edit_modules(@experiment) %>
-  <%= render partial: "canvas/edit/modal/edit_module", locals: {project: @project } %>
+  <%= render partial: "canvas/edit/modal/edit_module", locals: {experiment: @experiment } %>
 <% end %>
-<% if can_edit_module_groups(@project) %>
+<% if can_edit_module_groups(@experiment) %>
-  <%= render partial: "canvas/edit/modal/edit_module_group", locals: {project: @project } %>
+  <%= render partial: "canvas/edit/modal/edit_module_group", locals: {experiment: @experiment } %>
 <% end %>
-<% if can_archive_modules(@project) %>
+<% if can_archive_modules(@experiment) %>
-  <%= render partial: "canvas/edit/modal/delete_module", locals: {project: @project} %>
+  <%= render partial: "canvas/edit/modal/delete_module", locals: {experiment: @experiment} %>
-  <%=  render partial: "canvas/edit/modal/delete_module_group", locals: {project: @project} %>
+  <%=  render partial: "canvas/edit/modal/delete_module_group", locals: {experiment: @experiment} %>
 <% end %>

app/views/canvas/edit/_my_module.html.erb

@@ -26,12 +26,12 @@
               <a class="edit-module" href="" data-module-id="<%= my_module.id %>"><%=t "experiments.canvas.edit.edit_module" %></a>
           </li>
         <% end %>
-        <% if can_edit_module_groups(my_module.experiment.project) %>
+        <% if can_edit_module_groups(my_module.experiment) %>
           <li <%= 'style=display:none;' if my_module.my_module_group.blank? %>>
               <a class="edit-module-group" href="" data-module-id="<%= my_module.id %>"><%=t "experiments.canvas.edit.edit_module_group" %></a>
           </li>
         <% end %>
-        <% if can_clone_modules(my_module.experiment.project) %>
+        <% if can_clone_modules(my_module.experiment) %>
           <li>
             <a class ="clone-module" href="" data-module-id="<%= my_module.id %>"><%=t "experiments.canvas.edit.clone_module" %></a>
           </li>
@@ -44,7 +44,7 @@
             <a class="delete-module" href="" data-module-id="<%= my_module.id %>"><%=t "experiments.canvas.edit.delete_module" %></a>
           </li>
         <% end %>
-        <% if can_archive_modules(my_module.experiment.project) %>
+        <% if can_archive_modules(my_module.experiment) %>
           <li <%= 'style=display:none;' if my_module.my_module_group.blank? %>>
             <a class ="delete-module-group" href="" data-module-id="<%= my_module.id %>"><%=t "experiments.canvas.edit.delete_module_group" %></a>
           </li>
@@ -54,7 +54,7 @@
 
   </div>
 
-  <% if can_edit_connections(my_module.experiment.project) %>
+  <% if can_edit_connections(my_module.experiment) %>
     <div class="panel-body ep">
       <%=t "experiments.canvas.edit.drag_connections" %>
     </div>