From 53f75f3cd6444edb107cb3cd590882c893ef0afd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matej=20Zrim=C5=A1ek?= Date: Sun, 4 Mar 2018 14:49:28 +0100 Subject: [PATCH] Minor permissions and their calls refactoring and fixing. --- app/controllers/my_module_tags_controller.rb | 2 +- app/controllers/user_my_modules_controller.rb | 2 +- app/permissions/project.rb | 2 +- .../canvas/edit/modal/_move_module.html.erb | 2 +- app/views/my_module_tags/_index_edit.html.erb | 60 +++++++++---------- app/views/user_my_modules/_index.html.erb | 2 +- .../user_my_modules/_index_edit.html.erb | 4 +- 7 files changed, 34 insertions(+), 40 deletions(-) diff --git a/app/controllers/my_module_tags_controller.rb b/app/controllers/my_module_tags_controller.rb index f56992bff..79ff20cb5 100644 --- a/app/controllers/my_module_tags_controller.rb +++ b/app/controllers/my_module_tags_controller.rb @@ -78,7 +78,7 @@ class MyModuleTagsController < ApplicationController end def check_manage_permissions - render_403 unless can_manage_module?(@my_module) + render_403 unless can_manage_tags?(@my_module.experiment.project) end def init_gui diff --git a/app/controllers/user_my_modules_controller.rb b/app/controllers/user_my_modules_controller.rb index 68db8b360..de02df711 100644 --- a/app/controllers/user_my_modules_controller.rb +++ b/app/controllers/user_my_modules_controller.rb @@ -137,7 +137,7 @@ class UserMyModulesController < ApplicationController end def check_manage_permissions - render_403 unless manage_users_in_module?(@my_module) + render_403 unless can_manage_users_in_module?(@my_module) end def init_gui diff --git a/app/permissions/project.rb b/app/permissions/project.rb index b95c8d342..3b07cf6cd 100644 --- a/app/permissions/project.rb +++ b/app/permissions/project.rb @@ -74,6 +74,6 @@ Canaid::Permissions.register_for(ProjectComment) do # project: update/delete comment can :manage_comment_in_project do |user, project_comment| project_comment.project.present? && (project_comment.user == user || - user.is_owner_of_project?(project)) + user.is_owner_of_project?(project_comment.project)) end end diff --git a/app/views/canvas/edit/modal/_move_module.html.erb b/app/views/canvas/edit/modal/_move_module.html.erb index 491ba9ff5..6c5d32a8a 100644 --- a/app/views/canvas/edit/modal/_move_module.html.erb +++ b/app/views/canvas/edit/modal/_move_module.html.erb @@ -6,7 +6,7 @@
- <% experiments = @experiment.project.experiments %> + <% experiments = @experiment.project.experiments.is_archived(false) %> <% if experiments.count > 1 %> <%= bootstrap_form_tag do |f| %> <%= f.select :experiment_id, experiments diff --git a/app/views/my_module_tags/_index_edit.html.erb b/app/views/my_module_tags/_index_edit.html.erb index 8ec64984a..7564ad3f8 100644 --- a/app/views/my_module_tags/_index_edit.html.erb +++ b/app/views/my_module_tags/_index_edit.html.erb @@ -11,42 +11,38 @@

<%= tag.name %>

- <% if can_manage_tags?(@my_module.experiment.project) %> - <%= link_to "", remote: true, class: 'btn btn-link edit-tag-link', title: t("experiments.canvas.modal_manage_tags.edit_tag") do %> - - <% end %> - <%= link_to my_module_my_module_tag_path(@my_module, mmt, format: :json), method: :delete, remote: true, class: 'btn btn-link remove-tag-link', title: t("experiments.canvas.modal_manage_tags.remove_tag", module: @my_module.name) do %> - - <% end %> - <%= bootstrap_form_for tag, remote: true, url: project_tag_path(@my_module.experiment.project, tag, format: :json), method: :delete, html: { class: "delete-tag-form"} do |f| %> - <%= hidden_field_tag :my_module_id, @my_module.id %> - <%= f.button class: 'btn btn-link delete-tag-link', title: t("experiments.canvas.modal_manage_tags.delete_tag") do %> - - <% end %> + <%= link_to "", remote: true, class: 'btn btn-link edit-tag-link', title: t("experiments.canvas.modal_manage_tags.edit_tag") do %> + + <% end %> + <%= link_to my_module_my_module_tag_path(@my_module, mmt, format: :json), method: :delete, remote: true, class: 'btn btn-link remove-tag-link', title: t("experiments.canvas.modal_manage_tags.remove_tag", module: @my_module.name) do %> + + <% end %> + <%= bootstrap_form_for tag, remote: true, url: project_tag_path(@my_module.experiment.project, tag, format: :json), method: :delete, html: { class: "delete-tag-form"} do |f| %> + <%= hidden_field_tag :my_module_id, @my_module.id %> + <%= f.button class: 'btn btn-link delete-tag-link', title: t("experiments.canvas.modal_manage_tags.delete_tag") do %> + <% end %> <% end %>
- <% if can_manage_tags?(@my_module.experiment.project) %> - - <% end %> + <% end %> @@ -55,7 +51,6 @@
- <% if can_manage_tags?(@my_module.experiment.project) %> <%= bootstrap_form_for [@my_module, @new_mmt], remote: true, format: :json, html: { class: 'add-tag-form' } do |f| %>
@@ -85,5 +80,4 @@ <% end %> <% end %>
- <% end %>
diff --git a/app/views/user_my_modules/_index.html.erb b/app/views/user_my_modules/_index.html.erb index 445caddc1..9afdc53ad 100644 --- a/app/views/user_my_modules/_index.html.erb +++ b/app/views/user_my_modules/_index.html.erb @@ -25,7 +25,7 @@ <% end %> <% end %> -<% if manage_users_in_module?(@my_module) %> +<% if can_manage_users_in_module?(@my_module) %>

<%= link_to t('experiments.canvas.popups.manage_users'), my_module_users_edit_path(@my_module, format: :json), remote: true, class: "manage-users-link" %> diff --git a/app/views/user_my_modules/_index_edit.html.erb b/app/views/user_my_modules/_index_edit.html.erb index a5b52f19a..013cf51b6 100644 --- a/app/views/user_my_modules/_index_edit.html.erb +++ b/app/views/user_my_modules/_index_edit.html.erb @@ -19,7 +19,7 @@
- <% if manage_users_in_module?(@my_module) %> + <% if can_manage_users_in_module?(@my_module) %>
<%= link_to my_module_user_my_module_path(@my_module, umm, format: :json), method: :delete, remote: true, class: 'btn btn-link remove-user-link' do %> @@ -32,7 +32,7 @@ <% end %> <% end %> -<% if manage_users_in_module?(@my_module) && @unassigned_users.count > 0 %> +<% if can_manage_users_in_module?(@my_module) && @unassigned_users.count > 0 %>