mirror of
https://github.com/scinote-eln/scinote-web.git
synced 2024-12-26 01:35:34 +08:00
Update permissions for my_module_comments controller [SCI-6065]
This commit is contained in:
parent
895509a26c
commit
6206f8a6e9
5 changed files with 71 additions and 28 deletions
|
@ -49,7 +49,7 @@ class MyModuleCommentsController < ApplicationController
|
|||
end
|
||||
|
||||
def check_view_permissions
|
||||
render_403 unless can_read_experiment?(@my_module.experiment)
|
||||
render_403 unless can_read_my_module?(@my_module)
|
||||
end
|
||||
|
||||
def check_add_permissions
|
||||
|
@ -59,7 +59,7 @@ class MyModuleCommentsController < ApplicationController
|
|||
def check_manage_permissions
|
||||
@comment = TaskComment.find_by_id(params[:id])
|
||||
render_403 unless @comment.present? &&
|
||||
can_manage_comment_in_module?(@comment.becomes(Comment))
|
||||
can_manage_my_module_comments?(@comment)
|
||||
end
|
||||
|
||||
def comment_params
|
||||
|
|
|
@ -112,25 +112,3 @@ Canaid::Permissions.register_for(Protocol) do
|
|||
can_update_my_module_status?(user, protocol.my_module)
|
||||
end
|
||||
end
|
||||
|
||||
Canaid::Permissions.register_for(Comment) do
|
||||
# Module, its experiment and its project must be active for all the specified
|
||||
# permissions
|
||||
%i(manage_comment_in_module)
|
||||
.each do |perm|
|
||||
can perm do |_, comment|
|
||||
my_module = ::PermissionsUtil.get_comment_module(comment)
|
||||
my_module.active? &&
|
||||
my_module.experiment.active? &&
|
||||
my_module.experiment.project.active?
|
||||
end
|
||||
end
|
||||
|
||||
# module: update/delete comment
|
||||
# result: update/delete comment
|
||||
# step: update/delete comment
|
||||
can :manage_comment_in_module do |user, comment|
|
||||
my_module = ::PermissionsUtil.get_comment_module(comment)
|
||||
comment.user == user || my_module.permission_granted?(user, MyModulePermissions::MANAGE_COMMENTS)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -55,10 +55,6 @@ Canaid::Permissions.register_for(MyModule) do
|
|||
my_module.permission_granted?(user, MyModulePermissions::STEPS_MANAGE)
|
||||
end
|
||||
|
||||
can :manage_my_module_comments do |user, my_module|
|
||||
my_module.permission_granted?(user, MyModulePermissions::COMMENTS_MANAGE)
|
||||
end
|
||||
|
||||
can :create_my_module_comments do |user, my_module|
|
||||
my_module.permission_granted?(user, MyModulePermissions::COMMENTS_CREATE)
|
||||
end
|
||||
|
@ -143,3 +139,24 @@ Canaid::Permissions.register_for(MyModule) do
|
|||
my_module.permission_granted?(user, MyModulePermissions::REPOSITORY_ROWS_MANAGE)
|
||||
end
|
||||
end
|
||||
|
||||
Canaid::Permissions.register_for(Comment) do
|
||||
# Module, its experiment and its project must be active for all the specified
|
||||
# permissions
|
||||
%i(manage_my_module_comments)
|
||||
.each do |perm|
|
||||
can perm do |_, comment|
|
||||
my_module = ::PermissionsUtil.get_comment_module(comment)
|
||||
!my_module.archived_branch?
|
||||
end
|
||||
end
|
||||
|
||||
# module: update/delete comment
|
||||
# result: update/delete comment
|
||||
# step: update/delete comment
|
||||
can :manage_my_module_comments do |user, comment|
|
||||
my_module = ::PermissionsUtil.get_comment_module(comment)
|
||||
(comment.user == user && my_module.permission_granted?(user, MyModulePermissions::COMMENTS_MANAGE_OWN)) ||
|
||||
my_module.permission_granted?(user, MyModulePermissions::COMMENTS_MANAGE)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -46,6 +46,7 @@ module PermissionExtends
|
|||
TAGS_MANAGE
|
||||
STEPS_MANAGE
|
||||
COMMENTS_MANAGE
|
||||
COMMENTS_MANAGE_OWN
|
||||
COMMENTS_CREATE
|
||||
REPOSITORY_ROWS_ASSIGN
|
||||
REPOSITORY_ROWS_MANAGE
|
||||
|
|
|
@ -0,0 +1,47 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'rails_helper'
|
||||
|
||||
describe MyModuleCommentsController, type: :controller do
|
||||
include PermissionExtends
|
||||
|
||||
it_behaves_like "a controller with authentication", {
|
||||
index: { my_module_id: 1, id: 1 },
|
||||
create: { my_module_id: 1, id: 1 },
|
||||
update: { my_module_id: 1, id: 1 },
|
||||
destroy: { my_module_id: 1, id: 1 }
|
||||
}, []
|
||||
|
||||
login_user
|
||||
|
||||
describe 'permissions checking' do
|
||||
include_context 'reference_project_structure', {
|
||||
team_role: :normal_user,
|
||||
my_module_comment: true
|
||||
}
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :get, :index do
|
||||
let(:testable) { my_module }
|
||||
let(:permissions) { [MyModulePermissions::READ] }
|
||||
let(:action_params) { { my_module_id: my_module.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :post, :create do
|
||||
let(:testable) { my_module }
|
||||
let(:permissions) { [MyModulePermissions::COMMENTS_CREATE] }
|
||||
let(:action_params) { { my_module_id: my_module.id, comment: { message: 'Test' } } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :put, :update do
|
||||
let(:testable) { my_module }
|
||||
let(:permissions) { [MyModulePermissions::COMMENTS_MANAGE, MyModulePermissions::COMMENTS_MANAGE_OWN] }
|
||||
let(:action_params) { { my_module_id: my_module.id, id: my_module_comment.id, comment: { message: 'Test1' } } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :post, :destroy do
|
||||
let(:testable) { my_module }
|
||||
let(:permissions) { [MyModulePermissions::COMMENTS_MANAGE, MyModulePermissions::COMMENTS_MANAGE_OWN] }
|
||||
let(:action_params) { { my_module_id: my_module.id, id: my_module_comment.id } }
|
||||
end
|
||||
end
|
||||
end
|
Loading…
Reference in a new issue