Make scope for repositories accessible by teams and simplify read permission

2025-02-28 17:54:16 +08:00 · 2019-07-24 16:01:02 +02:00 · 2019-07-24 16:01:02 +02:00 · 7e9be932f3
commit 7e9be932f3
parent 15432ac851
4 changed files with 13 additions and 10 deletions
--- a/app/controllers/repositories_controller.rb
+++ b/app/controllers/repositories_controller.rb
@ -303,7 +303,7 @@ class RepositoriesController < ApplicationController
  def load_parent_vars
    @team = current_team
    render_404 unless @team
-    @repositories = (@team.repositories + @team.shared_repositories).uniq.sort_by(&:created_at)
+    @repositories = Repository.accessible_by_teams(@team)
  end

  def check_team
--- a/app/models/repository.rb
+++ b/app/models/repository.rb
@ -28,6 +28,11 @@ class Repository < ApplicationRecord
  validates :created_by, presence: true

  default_scope -> { kept }
+  scope :accessible_by_teams, lambda { |teams|
+    left_outer_joins(:team_repositories)
+      .where('repositories.team_id IN (?) OR team_repositories.team_id IN (?)', teams, teams)
+      .uniq.sort_by(&:created_at)
+  }

  def self.search(
    user,
@ -66,6 +71,10 @@ class Repository < ApplicationRecord
    end
  end

+  def shared_with?(team)
+    team_repositories.where(team: team).any?
+  end
+
  def self.viewable_by_user(_user, teams)
    where(team: teams)
  end
--- a/app/permissions/repository.rb
+++ b/app/permissions/repository.rb
@ -3,14 +3,8 @@
 Canaid::Permissions.register_for(Repository) do
  # repository: read/export
  can :read_repository do |user, repository|
-    if user.teams.include?(repository.team)
-      user.is_member_of_team?(repository.team)
-    elsif (read_team_repo = repository
-                                .team_repositories
-                                .where(team: user.teams).take)
-      # When has some repository's relations with read permissions for at least one of user's teams.
-
-      user.is_member_of_team?(read_team_repo.team)
+    if user.teams.include?(repository.team) || repository.team_repositories.where(team: user.teams).any?
+      true
    else
      false
    end
--- a/app/views/repositories/_sidebar.html.erb
+++ b/app/views/repositories/_sidebar.html.erb
@ -13,7 +13,7 @@
                            data: { 'no-turbolink' => 'true' } %>
              <% end %>

-              <% if repository.team_repositories.where(team: current_team).any? %>
+              <% if repository.shared_with?(current_team) %>
                <i class="fas fa-user-friends"></i>
              <% end %>
            </span>