scinote-eln/scinote-web
1
1
Fork 0
mirror of https://github.com/scinote-eln/scinote-web.git synced 2025-04-04 11:20:22 +08:00
Code Issues Projects Releases Packages Wiki Activity

Update permissions for team owner to see all protocols and can manage users [SCI-8380] ()

Browse source
This commit is contained in:
Alex Kriuchykhin 2023-05-09 16:23:29 +02:00 committed by GitHub
parent 783d5d03ab
commit ab318df1af
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 16 additions and 5 deletions
app
controllers/api/v1
protocol_templates_controller.rb
datatables
protocols_datatable.rb
models
protocol.rb
permissions
team.rb

2
app/controllers/api/v1/protocol_templates_controller.rb
View file

@ -12,7 +12,7 @@ module Api
def index def index
protocol_templates = Protocol.latest_available_versions(@team) protocol_templates = Protocol.latest_available_versions(@team)
.with_granted_permissions(current_user, ProtocolPermissions::READ) .viewable_by_user(current_user, @team)
.page(params.dig(:page, :number)) .page(params.dig(:page, :number))
.per(params.dig(:page, :size)) .per(params.dig(:page, :size))

2
app/datatables/protocols_datatable.rb
View file

@ -149,7 +149,7 @@ class ProtocolsDatatable < CustomDatatable
records = @type == :archived ? records.archived : records.active records = @type == :archived ? records.archived : records.active
records.with_granted_permissions(@user, ProtocolPermissions::READ) records.viewable_by_user(@user, @team)
end end
# Query database for records (this will be later paginated and filtered) # Query database for records (this will be later paginated and filtered)

14
app/models/protocol.rb
View file

@ -209,8 +209,18 @@ class Protocol < ApplicationRecord
end end
def self.viewable_by_user(user, teams) def self.viewable_by_user(user, teams)
where(team: teams, protocol_type: REPOSITORY_TYPES).with_granted_permissions(user, ProtocolPermissions::READ) # Team owners see all protocol templates in the team
.or(where(my_module: MyModule.viewable_by_user(user, teams))) owner_role = UserRole.find_predefined_owner_role
protocols = Protocol.left_outer_joins(:team, user_assignments: :user_role)
.joins("LEFT OUTER JOIN user_assignments team_user_assignments " \
"ON team_user_assignments.assignable_type = 'Team' " \
"AND team_user_assignments.assignable_id = team.id")
.where(team: teams)
protocols
.where(
protocol_type: REPOSITORY_TYPES, team: { team_user_assignments: { user_id: user, user_role_id: owner_role } }
)
.or(protocols.with_granted_permissions(user, ProtocolPermissions::READ)).distinct
end end
def self.filter_by_teams(teams = []) def self.filter_by_teams(teams = [])

3
app/permissions/team.rb
View file

@ -101,7 +101,8 @@ Canaid::Permissions.register_for(Protocol) do
end end
can :manage_protocol_users do |user, protocol| can :manage_protocol_users do |user, protocol|
protocol.permission_granted?(user, ProtocolPermissions::USERS_MANAGE) protocol.permission_granted?(user, ProtocolPermissions::USERS_MANAGE) ||
protocol.team.permission_granted?(user, TeamPermissions::MANAGE)
end end
# protocol in repository: restore # protocol in repository: restore