scinote-eln/scinote-web
1
1
Fork 0
mirror of https://github.com/scinote-eln/scinote-web.git synced 2025-10-27 14:37:35 +08:00
Code Issues Projects Releases Packages Wiki Activity

Add permissions for shareable links and some fixes for controller [SCI-8747] (#5709)

Browse source 
Add permissions for shareable links and som fixes for controller [SCI-8747]
This commit is contained in:
ajugo 2023-07-05 16:21:26 +02:00 committed by GitHub
parent b7e04972e1
commit 836d1b6be1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 41 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
app/controllers/my_module_shareable_links_controller.rb
View file

@ -11,8 +11,8 @@ class MyModuleShareableLinksController < ApplicationController
end end
def create def create
@my_module.shareable_link.create!( @my_module.create_shareable_link(
signed_id: @my_module.signed_id, uuid: @my_module.signed_id,
description: params[:description], description: params[:description],
team: @my_module.team, team: @my_module.team,
created_by: current_user created_by: current_user
@ -48,6 +48,6 @@ class MyModuleShareableLinksController < ApplicationController
end end
def check_manage_permissions def check_manage_permissions
render_403 unless can_manage_my_module?(@my_module) render_403 unless can_share_my_module?(@my_module)
end end
end end

2
app/models/my_module.rb
View file

@ -452,7 +452,7 @@ class MyModule < ApplicationRecord
end end
def shared? def shared?
current_team.shareable_links_enabled? && shareable_link.present? team.shareable_links_enabled? && shareable_link.present?
end end
def comments def comments

4
app/permissions/my_module.rb
View file

@ -44,6 +44,10 @@ Canaid::Permissions.register_for(MyModule) do
my_module.permission_granted?(user, MyModulePermissions::MANAGE) my_module.permission_granted?(user, MyModulePermissions::MANAGE)
end end
can :share_my_module do |user, my_module|
my_module.permission_granted?(user, MyModulePermissions::SHARE)
end
can :restore_my_module do |user, my_module| can :restore_my_module do |user, my_module|
my_module.archived? && my_module.permission_granted?(user, MyModulePermissions::MANAGE) my_module.archived? && my_module.permission_granted?(user, MyModulePermissions::MANAGE)
end end

2
app/views/my_modules/shareable_links/_share_button.html.erb
View file

@ -1,6 +1,6 @@
<button class="ml-2 btn <button class="ml-2 btn
<%= my_module.shared? ? " btn-shared" : " btn-secondary" %> <%= my_module.shared? ? " btn-shared" : " btn-secondary" %>
<%= can_manage_my_module?(current_user, my_module) ? "" : " disabled" %>" <%=" disabled" unless can_share_my_module?(current_user, my_module) %>"
id="share-button" id="share-button"
title="<%= my_module.shared? ? t("my_modules.shareable_links.shared") : t("my_modules.shareable_links.share") %>" title="<%= my_module.shared? ? t("my_modules.shareable_links.shared") : t("my_modules.shareable_links.share") %>"
type="button" type="button"

2
config/initializers/extends/permission_extends.rb
View file

@ -69,6 +69,7 @@ module PermissionExtends
READ_ARCHIVED READ_ARCHIVED
ACTIVITIES_READ ACTIVITIES_READ
MANAGE MANAGE
SHARE
UPDATE_START_DATE UPDATE_START_DATE
UPDATE_DUE_DATE UPDATE_DUE_DATE
UPDATE_DESCRIPTION UPDATE_DESCRIPTION
@ -161,6 +162,7 @@ module PermissionExtends
MyModulePermissions::READ_ARCHIVED, MyModulePermissions::READ_ARCHIVED,
MyModulePermissions::ACTIVITIES_READ, MyModulePermissions::ACTIVITIES_READ,
MyModulePermissions::MANAGE, MyModulePermissions::MANAGE,
MyModulePermissions::SHARE,
MyModulePermissions::UPDATE_START_DATE, MyModulePermissions::UPDATE_START_DATE,
MyModulePermissions::UPDATE_DUE_DATE, MyModulePermissions::UPDATE_DUE_DATE,
MyModulePermissions::UPDATE_DESCRIPTION, MyModulePermissions::UPDATE_DESCRIPTION,

2
db/migrate/20230627091027_add_shareable_links.rb
View file

@ -3,7 +3,7 @@
class AddShareableLinks < ActiveRecord::Migration[6.1] class AddShareableLinks < ActiveRecord::Migration[6.1]
def change def change
create_table :shareable_links do |t| create_table :shareable_links do |t|
t.string :signed_id, index: true t.string :uuid, index: true
t.string :description t.string :description
t.references :shareable, polymorphic: true, index: true t.references :shareable, polymorphic: true, index: true
t.references :team, index: true, foreign_key: { to_table: :teams } t.references :team, index: true, foreign_key: { to_table: :teams }

29
db/migrate/20230703141017_add_shareable_link_permissions.rb Normal file
View file

@ -0,0 +1,29 @@
# frozen_string_literal: true
class AddShareableLinkPermissions < ActiveRecord::Migration[6.1]
MY_MODULE_SHARE_PERMISSION = [
MyModulePermissions::SHARE
].freeze
def change
reversible do |dir|
dir.up do
@owner_role = UserRole.find_predefined_owner_role
@normal_user_role = UserRole.find_predefined_normal_user_role
@owner_role.permissions = @owner_role.permissions | MY_MODULE_SHARE_PERMISSION
@normal_user_role.permissions = @normal_user_role.permissions | MY_MODULE_SHARE_PERMISSION
@owner_role.save(validate: false)
@normal_user_role.save(validate: false)
end
dir.down do
@owner_role = UserRole.find_predefined_owner_role
@normal_user_role = UserRole.find_predefined_normal_user_role
@owner_role.permissions = @owner_role.permissions - MY_MODULE_SHARE_PERMISSION
@normal_user_role.permissions = @normal_user_role.permissions - MY_MODULE_SHARE_PERMISSION
@owner_role.save(validate: false)
@normal_user_role.save(validate: false)
end
end
end
end