scinote-eln/scinote-web
1
1
Fork 0
mirror of https://github.com/scinote-eln/scinote-web.git synced 2024-11-15 05:34:53 +08:00
Code Issues Projects Releases Packages Wiki Activity

Fix location permissions for viewer team role [SCI-11181]

Browse source
This commit is contained in:
Martin Artnik 2024-10-14 11:00:43 +02:00
parent c18d2b31b2
commit 7ee81c1a2b
1 changed files with 7 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
app/permissions/storage_location.rb
View file

@ -19,9 +19,7 @@ Canaid::Permissions.register_for(StorageLocation) do
can :manage_storage_location do |user, storage_location|
root_storage_location = storage_location.root_storage_location
next true if root_storage_location.shared_with_write?(user.current_team)
user.current_team == root_storage_location.team && root_storage_location.team.permission_granted?(
next false unless user.current_team.permission_granted?(
user,
if root_storage_location.container?
TeamPermissions::STORAGE_LOCATION_CONTAINERS_MANAGE
@ -29,10 +27,15 @@ Canaid::Permissions.register_for(StorageLocation) do
TeamPermissions::STORAGE_LOCATIONS_MANAGE
end
)
next true if user.current_team == root_storage_location.team
root_storage_location.shared_with_write?(user.current_team)
end
can :create_storage_location_repository_rows do |user, storage_location|
can_read_storage_location?(user, storage_location)
can_read_storage_location?(user, storage_location) &&
user.current_team.permission_granted?(user, TeamPermissions::STORAGE_LOCATION_CONTAINERS_MANAGE)
end
can :share_storage_location do |user, storage_location|