mirror of
https://github.com/scinote-eln/scinote-web.git
synced 2025-09-08 14:15:35 +08:00
Fix automatic user assigning to reports and inventories [SCI-7365][SCI-7366]
This commit is contained in:
Oleksii Kriuchykhin
parent
a55390898a
commit
94978ea2ea
14 changed files with 117 additions and 62 deletions
|
|
@ -83,7 +83,7 @@ module AccessPermissions
|
|||
|
||||
def update_default_public_user_role
|
||||
@project.update!(permitted_default_public_user_role_params)
|
||||
UserAssignments::GroupAssignmentJob.perform_later(current_team, @project, current_user)
|
||||
UserAssignments::ProjectGroupAssignmentJob.perform_later(current_team, @project, current_user)
|
||||
end
|
||||
|
||||
private
|
||||
|
|
|
|||
|
|
@ -16,6 +16,8 @@ module UserAssignments
|
|||
assign_users_to_repository(object)
|
||||
when Protocol
|
||||
assign_users_to_protocol(object)
|
||||
when Report
|
||||
assign_users_to_report(object)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
@ -49,6 +51,13 @@ module UserAssignments
|
|||
protocol.add_team_users_as_viewers!(@assigned_by)
|
||||
end
|
||||
|
||||
def assign_users_to_report(report)
|
||||
team = report.team
|
||||
team.user_assignments.find_each do |user_assignment|
|
||||
create_or_update_user_assignment(user_assignment, report)
|
||||
end
|
||||
end
|
||||
|
||||
def create_or_update_user_assignment(parent_user_assignment, object)
|
||||
user_role = parent_user_assignment.user_role
|
||||
user = parent_user_assignment.user
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
module UserAssignments
|
||||
class GroupAssignmentJob < ApplicationJob
|
||||
class ProjectGroupAssignmentJob < ApplicationJob
|
||||
queue_as :high_priority
|
||||
|
||||
def perform(team, project, assigned_by)
|
||||
|
|
@ -18,7 +18,7 @@ module UserAssignments
|
|||
next if user_assignment.manually_assigned?
|
||||
|
||||
user_assignment.update!(
|
||||
user_role: project.default_public_user_role,
|
||||
user_role: project.default_public_user_role || UserRole.find_predefined_viewer_role,
|
||||
assigned_by: @assigned_by
|
||||
)
|
||||
|
||||
|
|
@ -26,7 +26,7 @@ module UserAssignments
|
|||
UserAssignments::PropagateAssignmentJob.perform_later(
|
||||
project,
|
||||
user,
|
||||
project.default_public_user_role,
|
||||
project.default_public_user_role || UserRole.find_predefined_viewer_role,
|
||||
@assigned_by
|
||||
)
|
||||
end
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
module UserAssignments
|
||||
class GroupUnAssignmentJob < ApplicationJob
|
||||
class ProjectGroupUnAssignmentJob < ApplicationJob
|
||||
queue_as :high_priority
|
||||
|
||||
def perform(project)
|
||||
|
|
@ -1,12 +1,12 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
module UserAssignments
|
||||
class RemoveTeamUserAssignmentJob < ApplicationJob
|
||||
class RemoveTeamUserAssignmentsJob < ApplicationJob
|
||||
queue_as :high_priority
|
||||
|
||||
def perform(user, team)
|
||||
ActiveRecord::Base.transaction do
|
||||
RemoveTeamUserAssignmentService.new(user, team).call
|
||||
RemoveTeamUserAssignmentsService.new(user, team).call
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
@ -1,12 +1,12 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
module UserAssignments
|
||||
class UpdateTeamUserAssignmentJob < ApplicationJob
|
||||
class UpdateTeamUserAssignmentsJob < ApplicationJob
|
||||
queue_as :high_priority
|
||||
|
||||
def perform(user, team, user_role)
|
||||
ActiveRecord::Base.transaction do
|
||||
UpdateTeamUserAssignmentService.new(user, team, user_role).call
|
||||
UpdateTeamUserAssignmentsService.new(user, team, user_role).call
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
@ -326,7 +326,7 @@ class Project < ApplicationRecord
|
|||
def auto_assign_project_members
|
||||
return if skip_user_assignments
|
||||
|
||||
UserAssignments::GroupAssignmentJob.perform_now(
|
||||
UserAssignments::ProjectGroupAssignmentJob.perform_now(
|
||||
team,
|
||||
self,
|
||||
last_modified_by || created_by
|
||||
|
|
@ -345,7 +345,7 @@ class Project < ApplicationRecord
|
|||
if visible?
|
||||
auto_assign_project_members
|
||||
else
|
||||
UserAssignments::GroupUnAssignmentJob.perform_now(self)
|
||||
UserAssignments::ProjectGroupUnAssignmentJob.perform_now(self)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -85,7 +85,8 @@ class Report < ApplicationRecord
|
|||
end
|
||||
|
||||
def self.viewable_by_user(user, teams)
|
||||
where(project: Project.viewable_by_user(user, teams))
|
||||
with_granted_permissions(user, ReportPermissions::READ)
|
||||
.where(project: Project.viewable_by_user(user, teams))
|
||||
end
|
||||
|
||||
def self.filter_by_teams(teams = [])
|
||||
|
|
|
|||
|
|
@ -2,10 +2,8 @@
|
|||
|
||||
class UserAssignment < ApplicationRecord
|
||||
before_validation -> { self.team ||= (assignable.is_a?(Team) ? assignable : assignable.team) }
|
||||
after_create :assign_shared_inventories, if: -> { assignable.is_a?(Team) }
|
||||
after_create :assign_public_projects, if: -> { assignable.is_a?(Team) }
|
||||
after_create :assign_team_child_objects, if: -> { assignable.is_a?(Team) }
|
||||
after_update :update_team_children_assignments, if: -> { assignable.is_a?(Team) && saved_change_to_user_role_id? }
|
||||
before_destroy :unassign_shared_inventories, if: -> { assignable.is_a?(Team) }
|
||||
before_destroy :unassign_team_child_objects, if: -> { assignable.is_a?(Team) }
|
||||
|
||||
belongs_to :assignable, polymorphic: true, touch: true
|
||||
|
|
@ -20,46 +18,15 @@ class UserAssignment < ApplicationRecord
|
|||
|
||||
private
|
||||
|
||||
def assign_shared_inventories
|
||||
viewer_role = UserRole.find_by(name: UserRole.public_send('viewer_role').name)
|
||||
normal_user_role = UserRole.find_by(name: UserRole.public_send('normal_user_role').name)
|
||||
|
||||
assignable.team_shared_repositories.find_each do |team_shared_repository|
|
||||
assignable.repository_sharing_user_assignments.create!(
|
||||
user: user,
|
||||
user_role: team_shared_repository.shared_write? ? normal_user_role : viewer_role,
|
||||
assignable: team_shared_repository.shared_object
|
||||
)
|
||||
end
|
||||
|
||||
Repository.globally_shared.find_each do |repository|
|
||||
assignable.repository_sharing_user_assignments.create!(
|
||||
user: user,
|
||||
user_role: repository.shared_write? ? normal_user_role : viewer_role,
|
||||
assignable: repository
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
def assign_public_projects
|
||||
assignable.projects.visible.find_each do |project|
|
||||
UserAssignments::GroupAssignmentJob.perform_later(
|
||||
assignable,
|
||||
project,
|
||||
assigned_by
|
||||
)
|
||||
end
|
||||
def assign_team_child_objects
|
||||
UserAssignments::CreateTeamUserAssignmentsService.new(self).call
|
||||
end
|
||||
|
||||
def update_team_children_assignments
|
||||
UserAssignments::UpdateTeamUserAssignmentService.new(user, assignable, user_role).call
|
||||
end
|
||||
|
||||
def unassign_shared_inventories
|
||||
assignable.repository_sharing_user_assignments.where(user: user).find_each(&:destroy!)
|
||||
UserAssignments::UpdateTeamUserAssignmentsService.new(self).call
|
||||
end
|
||||
|
||||
def unassign_team_child_objects
|
||||
UserAssignments::RemoveTeamUserAssignmentService.new(user, assignable).call
|
||||
UserAssignments::RemoveTeamUserAssignmentsService.new(self).call
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -57,7 +57,7 @@ class UserTeam < ApplicationRecord
|
|||
|
||||
def assign_user_to_visible_projects
|
||||
team.projects.visible.each do |project|
|
||||
UserAssignments::GroupAssignmentJob.perform_later(
|
||||
UserAssignments::ProjectGroupAssignmentJob.perform_later(
|
||||
team,
|
||||
project,
|
||||
assigned_by
|
||||
|
|
|
|||
|
|
@ -94,11 +94,11 @@ end
|
|||
|
||||
Canaid::Permissions.register_for(Report) do
|
||||
can :read_report do |user, report|
|
||||
report.permission_granted?(user, ReportPermissions::READ)
|
||||
can_read_project?(report.project) && report.permission_granted?(user, ReportPermissions::READ)
|
||||
end
|
||||
|
||||
can :manage_report do |user, report|
|
||||
report.permission_granted?(user, ReportPermissions::MANAGE)
|
||||
can_read_project?(report.project) && report.permission_granted?(user, ReportPermissions::MANAGE)
|
||||
end
|
||||
|
||||
can :manage_report_users do |user, report|
|
||||
|
|
|
|||
|
|
@ -0,0 +1,77 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
module UserAssignments
|
||||
class CreateTeamUserAssignmentsService
|
||||
def initialize(team_user_assignment)
|
||||
@user = team_user_assignment.user
|
||||
@team = team_user_assignment.assignable
|
||||
@user_role = team_user_assignment.user_role
|
||||
@assigned_by = team_user_assignment.assigned_by
|
||||
@viewer_role = UserRole.find_predefined_viewer_role
|
||||
@normal_user_role = UserRole.find_predefined_normal_user_role
|
||||
end
|
||||
|
||||
def call
|
||||
create_public_projects_assignments
|
||||
create_repositories_assignments
|
||||
create_protocols_assignments
|
||||
create_reports_assignments
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def create_public_projects_assignments
|
||||
@team.projects.visible.find_each do |project|
|
||||
UserAssignments::ProjectGroupAssignmentJob.perform_later(
|
||||
@team,
|
||||
project,
|
||||
@assigned_by
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
def create_repositories_assignments
|
||||
@team.repositories.find_each do |repository|
|
||||
create_or_update_user_assignment(repository)
|
||||
end
|
||||
|
||||
@team.team_shared_repositories.find_each do |team_shared_repository|
|
||||
@team.repository_sharing_user_assignments.create!(
|
||||
user: @user,
|
||||
user_role: team_shared_repository.shared_write? ? @normal_user_role : @viewer_role,
|
||||
assignable: team_shared_repository.shared_object
|
||||
)
|
||||
end
|
||||
|
||||
Repository.globally_shared.where.not(team: @team).find_each do |repository|
|
||||
@team.repository_sharing_user_assignments.create!(
|
||||
user: @user,
|
||||
user_role: repository.shared_write? ? @normal_user_role : @viewer_role,
|
||||
assignable: repository
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
def create_protocols_assignments
|
||||
@team.repository_protocols.in_repository_public.find_each do |protocol|
|
||||
create_or_update_user_assignment(protocol, @viewer_role)
|
||||
end
|
||||
end
|
||||
|
||||
def create_reports_assignments
|
||||
@team.reports.find_each do |report|
|
||||
create_or_update_user_assignment(report)
|
||||
end
|
||||
end
|
||||
|
||||
def create_or_update_user_assignment(object, role = nil)
|
||||
new_user_assignment = object.user_assignments.find_or_initialize_by(user: @user)
|
||||
return if new_user_assignment.manually_assigned?
|
||||
|
||||
new_user_assignment.user_role = role || @user_role
|
||||
new_user_assignment.assigned_by = @assigned_by
|
||||
new_user_assignment.assigned = :automatically
|
||||
new_user_assignment.save!
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
@ -1,10 +1,10 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
module UserAssignments
|
||||
class RemoveTeamUserAssignmentService
|
||||
def initialize(user, team)
|
||||
@user = user
|
||||
@team = team
|
||||
class RemoveTeamUserAssignmentsService
|
||||
def initialize(team_user_assignment)
|
||||
@user = team_user_assignment.user
|
||||
@team = team_user_assignment.assignable
|
||||
end
|
||||
|
||||
def call
|
||||
|
|
@ -28,6 +28,7 @@ module UserAssignments
|
|||
.select { |assignment| assignment.user_id == @user.id && assignment.team_id == @team.id }
|
||||
.each(&:destroy!)
|
||||
end
|
||||
@team.repository_sharing_user_assignments.where(user: @user).find_each(&:destroy!)
|
||||
end
|
||||
|
||||
def remove_protocols_assignments
|
||||
|
|
@ -1,10 +1,10 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
module UserAssignments
|
||||
class UpdateTeamUserAssignmentService
|
||||
def initialize(user, team, user_role)
|
||||
@user = user
|
||||
@team = team
|
||||
class UpdateTeamUserAssignmentsService
|
||||
def initialize(team_user_assignment)
|
||||
@user = team_user_assignment.user
|
||||
@team = team_user_assignment.assignable
|
||||
@user_role = user_role
|
||||
end
|
||||
|
||||
|
|
@ -34,7 +34,7 @@ module UserAssignments
|
|||
.where(automatic_user_assignments: { user: @user })
|
||||
.find_each do |report|
|
||||
report.automatic_user_assignments
|
||||
.select { |assignment| assignment.user_id == @user.id && assignment.automatically_assigned? }
|
||||
.select { |assignment| assignment.user_id == @user.id }
|
||||
.each { |assignment| assignment.update!(user_role: @user_role) }
|
||||
end
|
||||
end
|
||||
Loading…
Add table
Reference in a new issue