scinote-eln/scinote-web
1
1
Fork 0
mirror of https://github.com/scinote-eln/scinote-web.git synced 2025-03-01 02:05:41 +08:00
Code Issues Projects Releases Packages Wiki Activity

Make scope for repositories accessible by teams and simplify read permission

Browse source
This commit is contained in:
Mojca Lorber 2019-07-24 16:01:02 +02:00 committed by Urban Rotnik
parent 15432ac851
commit 7e9be932f3
4 changed files with 13 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/controllers/repositories_controller.rb
View file

@ -303,7 +303,7 @@ class RepositoriesController < ApplicationController
def load_parent_vars def load_parent_vars
@team = current_team @team = current_team
render_404 unless @team render_404 unless @team
@repositories = (@team.repositories + @team.shared_repositories).uniq.sort_by(&:created_at) @repositories = Repository.accessible_by_teams(@team)
end end
def check_team def check_team

9
app/models/repository.rb
View file

@ -28,6 +28,11 @@ class Repository < ApplicationRecord
validates :created_by, presence: true validates :created_by, presence: true
default_scope -> { kept } default_scope -> { kept }
scope :accessible_by_teams, lambda { |teams|
left_outer_joins(:team_repositories)
.where('repositories.team_id IN (?) OR team_repositories.team_id IN (?)', teams, teams)
.uniq.sort_by(&:created_at)
}
def self.search( def self.search(
user, user,
@ -66,6 +71,10 @@ class Repository < ApplicationRecord
end end
end end
def shared_with?(team)
team_repositories.where(team: team).any?
end
def self.viewable_by_user(_user, teams) def self.viewable_by_user(_user, teams)
where(team: teams) where(team: teams)
end end

10
app/permissions/repository.rb
View file

@ -3,14 +3,8 @@
Canaid::Permissions.register_for(Repository) do Canaid::Permissions.register_for(Repository) do
# repository: read/export # repository: read/export
can :read_repository do |user, repository| can :read_repository do |user, repository|
if user.teams.include?(repository.team) if user.teams.include?(repository.team) || repository.team_repositories.where(team: user.teams).any?
user.is_member_of_team?(repository.team) true
elsif (read_team_repo = repository
.team_repositories
.where(team: user.teams).take)
# When has some repository's relations with read permissions for at least one of user's teams.
user.is_member_of_team?(read_team_repo.team)
else else
false false
end end

2
app/views/repositories/_sidebar.html.erb
View file

@ -13,7 +13,7 @@
data: { 'no-turbolink' => 'true' } %> data: { 'no-turbolink' => 'true' } %>
<% end %> <% end %>
<% if repository.team_repositories.where(team: current_team).any? %> <% if repository.shared_with?(current_team) %>
<i class="fas fa-user-friends"></i> <i class="fas fa-user-friends"></i>
<% end %> <% end %>
</span> </span>