diff --git a/app/controllers/concerns/sample_actions.rb b/app/controllers/concerns/sample_actions.rb
index c70962372..07936b41f 100644
--- a/app/controllers/concerns/sample_actions.rb
+++ b/app/controllers/concerns/sample_actions.rb
@@ -11,7 +11,7 @@ module SampleActions
params[:sample_ids].each do |id|
sample = Sample.find_by_id(id)
- if sample and can_delete_sample(sample)
+ if sample && can_update_or_delete_sample?(sample)
sample.destroy
counter_user += 1
else
@@ -45,7 +45,7 @@ module SampleActions
end
def check_destroy_samples_permissions
- unless can_delete_samples(@project.team)
+ unless can_delete_samples?(@project.team)
render_403
end
end
diff --git a/app/controllers/samples_controller.rb b/app/controllers/samples_controller.rb
index bbbabf6ab..80aab5909 100644
--- a/app/controllers/samples_controller.rb
+++ b/app/controllers/samples_controller.rb
@@ -167,7 +167,7 @@ class SamplesController < ApplicationController
respond_to do |format|
if sample
- if can_update_sample?(sample)
+ if can_update_or_delete_sample?(sample)
if params[:sample]
if params[:sample][:name]
sample.name = params[:sample][:name]
@@ -325,13 +325,13 @@ class SamplesController < ApplicationController
end
def check_edit_permissions
- unless can_update_sample?(@sample)
+ unless can_update_or_delete_sample?(@sample)
render_403
end
end
def check_destroy_permissions
- unless can_delete_samples(@team)
+ unless can_update_or_delete_sample?(@sample)
render_403
end
end
diff --git a/app/helpers/permission_helper.rb b/app/helpers/permission_helper.rb
index 265854b68..226bb9a67 100644
--- a/app/helpers/permission_helper.rb
+++ b/app/helpers/permission_helper.rb
@@ -644,13 +644,13 @@ module PermissionHelper
# end
# Only person who created sample can delete it
- def can_delete_sample(sample)
- sample.user == current_user
- end
+ # def can_delete_sample(sample)
+ # sample.user == current_user
+ # end
- def can_delete_samples(team)
- is_normal_user_or_admin_of_team(team)
- end
+ # def can_delete_samples(team)
+ # is_normal_user_or_admin_of_team(team)
+ # end
def can_add_samples_to_module(my_module)
is_technician_or_higher_of_project(my_module.experiment.project)
diff --git a/app/permissions/team.rb b/app/permissions/team.rb
index d883391f4..c53e76d1b 100644
--- a/app/permissions/team.rb
+++ b/app/permissions/team.rb
@@ -23,6 +23,11 @@ Canaid::Permissions.register_for(Team) do
can :create_sample do |user, team|
user.is_normal_user_or_admin_of_team?(team)
end
+
+ # delete samples (general permission, not for specific sample)
+ can :delete_samples do |user, team|
+ user.is_normal_user_or_admin_of_team?(team)
+ end
end
Canaid::Permissions.register_for(UserTeam) do
@@ -62,8 +67,10 @@ Canaid::Permissions.register_for(Protocol) do
end
Canaid::Permissions.register_for(Sample) do
- # edit sample
- can :update_sample do |user, sample|
- user.is_admin_of_team?(sample.team) || user == sample.user
+ # edit sample, delete sample
+ can :update_or_delete_sample do |user, sample|
+ user.is_admin_of_team?(sample.team) ||
+ user.is_normal_user_or_admin_of_team?(sample.team) &&
+ user == sample.user
end
end
diff --git a/app/views/shared/_samples.html.erb b/app/views/shared/_samples.html.erb
index 6a21ce410..f713fc0a0 100644
--- a/app/views/shared/_samples.html.erb
+++ b/app/views/shared/_samples.html.erb
@@ -99,7 +99,7 @@
<%= t("samples.edit_sample") %>
- <% if can_delete_samples(@team) %>
+ <% if can_delete_samples?(@team) %>