Minor permissions and their calls refactoring and fixing.

app/controllers/my_module_tags_controller.rb

@@ -78,7 +78,7 @@ class MyModuleTagsController < ApplicationController
   end
 
   def check_manage_permissions
-    render_403 unless can_manage_module?(@my_module)
+    render_403 unless can_manage_tags?(@my_module.experiment.project)
   end
 
   def init_gui

app/controllers/user_my_modules_controller.rb

@@ -137,7 +137,7 @@ class UserMyModulesController < ApplicationController
   end
 
   def check_manage_permissions
-    render_403 unless manage_users_in_module?(@my_module)
+    render_403 unless can_manage_users_in_module?(@my_module)
   end
 
   def init_gui

app/permissions/project.rb

@@ -74,6 +74,6 @@ Canaid::Permissions.register_for(ProjectComment) do
   # project: update/delete comment
   can :manage_comment_in_project do |user, project_comment|
     project_comment.project.present? && (project_comment.user == user ||
-      user.is_owner_of_project?(project))
+      user.is_owner_of_project?(project_comment.project))
   end
 end

app/views/canvas/edit/modal/_move_module.html.erb

@@ -6,7 +6,7 @@
         <h4 class="modal-title" id="modal-move-module-label"><%=t "experiments.canvas.edit.modal_move_module.title" %></h4>
       </div>
       <div class="modal-body">
-        <% experiments = @experiment.project.experiments %>
+        <% experiments = @experiment.project.experiments.is_archived(false) %>
         <% if experiments.count > 1 %>
           <%= bootstrap_form_tag do |f| %>
             <%= f.select :experiment_id, experiments

app/views/my_module_tags/_index_edit.html.erb

@@ -11,42 +11,38 @@
             <h4><%= tag.name %></h4>
           </div>
             <div class="pull-right">
-              <% if can_manage_tags?(@my_module.experiment.project) %>
-                <%= link_to "", remote: true, class: 'btn btn-link edit-tag-link', title: t("experiments.canvas.modal_manage_tags.edit_tag") do %>
-                  <span class="glyphicon glyphicon-adjust"></span>
-                <% end %>
-                <%= link_to my_module_my_module_tag_path(@my_module, mmt, format: :json), method: :delete, remote: true, class: 'btn btn-link remove-tag-link', title: t("experiments.canvas.modal_manage_tags.remove_tag", module: @my_module.name) do %>
-                  <span class="glyphicon glyphicon-remove"></span>
-                <% end %>
-                <%= bootstrap_form_for tag, remote: true, url: project_tag_path(@my_module.experiment.project, tag, format: :json), method: :delete, html: { class: "delete-tag-form"} do |f| %>
-                  <%= hidden_field_tag :my_module_id, @my_module.id %>
-                  <%= f.button class: 'btn btn-link delete-tag-link', title: t("experiments.canvas.modal_manage_tags.delete_tag") do %>
-                    <span class="glyphicon glyphicon-trash"></span>
-                  <% end %>
+              <%= link_to "", remote: true, class: 'btn btn-link edit-tag-link', title: t("experiments.canvas.modal_manage_tags.edit_tag") do %>
+                <span class="glyphicon glyphicon-adjust"></span>
+              <% end %>
+              <%= link_to my_module_my_module_tag_path(@my_module, mmt, format: :json), method: :delete, remote: true, class: 'btn btn-link remove-tag-link', title: t("experiments.canvas.modal_manage_tags.remove_tag", module: @my_module.name) do %>
+                <span class="glyphicon glyphicon-remove"></span>
+              <% end %>
+              <%= bootstrap_form_for tag, remote: true, url: project_tag_path(@my_module.experiment.project, tag, format: :json), method: :delete, html: { class: "delete-tag-form"} do |f| %>
+                <%= hidden_field_tag :my_module_id, @my_module.id %>
+                <%= f.button class: 'btn btn-link delete-tag-link', title: t("experiments.canvas.modal_manage_tags.delete_tag") do %>
+                  <span class="glyphicon glyphicon-trash"></span>
                 <% end %>
               <% end %>
             </div>
         </div>
 
-        <% if can_manage_tags?(@my_module.experiment.project) %>
-          <div class="row tag-edit" style="display: none;">
-            <%= bootstrap_form_for tag, remote: true, url: project_tag_path(@my_module.experiment.project, tag, format: :json), method: :put, html: { class: "edit-tag-form" } do |f| %>
-              <%= hidden_field_tag :my_module_id, @my_module.id %>
-              <div class="col-xs-7">
-                <%= f.text_field :name, hide_label: true %>
-              </div>
-              <div class="pull-right">
-                <%= f.color_picker_select :color, Constants::TAG_COLORS, class: "edit-tag-color" %>
-                <%= f.button class: "btn btn-link save-tag-link", title: t("experiments.canvas.modal_manage_tags.save_tag") do %>
-                  <span class="glyphicon glyphicon-ok"></span>
-                <% end %>
-                <%= link_to "", remote: true, class: 'btn btn-link cancel-tag-link', title: t("experiments.canvas.modal_manage_tags.cancel_tag") do %>
-                  <span class="glyphicon glyphicon-remove"></span>
-                <% end %>
-              </div>
-            <% end %>
-          </div>
-        <% end %>
+        <div class="row tag-edit" style="display: none;">
+          <%= bootstrap_form_for tag, remote: true, url: project_tag_path(@my_module.experiment.project, tag, format: :json), method: :put, html: { class: "edit-tag-form" } do |f| %>
+            <%= hidden_field_tag :my_module_id, @my_module.id %>
+            <div class="col-xs-7">
+              <%= f.text_field :name, hide_label: true %>
+            </div>
+            <div class="pull-right">
+              <%= f.color_picker_select :color, Constants::TAG_COLORS, class: "edit-tag-color" %>
+              <%= f.button class: "btn btn-link save-tag-link", title: t("experiments.canvas.modal_manage_tags.save_tag") do %>
+                <span class="glyphicon glyphicon-ok"></span>
+              <% end %>
+              <%= link_to "", remote: true, class: 'btn btn-link cancel-tag-link', title: t("experiments.canvas.modal_manage_tags.cancel_tag") do %>
+                <span class="glyphicon glyphicon-remove"></span>
+              <% end %>
+            </div>
+          <% end %>
+        </div>
 
       </li>
     <% end %>
@@ -55,7 +51,6 @@
 
 <hr>
 <div class="row">
-  <% if can_manage_tags?(@my_module.experiment.project) %>
     <%= bootstrap_form_for [@my_module, @new_mmt], remote: true, format: :json, html: { class: 'add-tag-form' } do |f| %>
       <div class="col-xs-6">
         <div class="well well-sm">
@@ -85,5 +80,4 @@
         <% end %>
       <% end %>
     </div>
-  <% end %>
 </div>

app/views/user_my_modules/_index.html.erb

@@ -25,7 +25,7 @@
     <% end %>
   <% end %>
 </ul>
-<% if manage_users_in_module?(@my_module) %>
+<% if can_manage_users_in_module?(@my_module) %>
     <p>
       <hr>
       <%= link_to t('experiments.canvas.popups.manage_users'), my_module_users_edit_path(@my_module, format: :json), remote: true, class: "manage-users-link" %>

app/views/user_my_modules/_index_edit.html.erb

@@ -19,7 +19,7 @@
         </span>
       </div>
 
-      <% if manage_users_in_module?(@my_module) %>
+      <% if can_manage_users_in_module?(@my_module) %>
         <div class="col-xs-2">
           <%= link_to my_module_user_my_module_path(@my_module, umm, format: :json), method: :delete, remote: true, class: 'btn btn-link remove-user-link' do %>
           <span class="glyphicon glyphicon-remove"></span>
@@ -32,7 +32,7 @@
   <% end %>
 <% end %>
 
-<% if manage_users_in_module?(@my_module) && @unassigned_users.count > 0 %>
+<% if can_manage_users_in_module?(@my_module) && @unassigned_users.count > 0 %>
   <li>
     <hr>
     <div class="row">