mirror of
https://github.com/scinote-eln/scinote-web.git
synced 2025-02-11 17:36:13 +08:00
refactor update sample permission
This commit is contained in:
parent
f801ed8eb6
commit
b09377cd8d
3 changed files with 13 additions and 6 deletions
app
|
@ -167,7 +167,7 @@ class SamplesController < ApplicationController
|
|||
|
||||
respond_to do |format|
|
||||
if sample
|
||||
if can_edit_sample(sample)
|
||||
if can_update_sample?(sample)
|
||||
if params[:sample]
|
||||
if params[:sample][:name]
|
||||
sample.name = params[:sample][:name]
|
||||
|
@ -325,7 +325,7 @@ class SamplesController < ApplicationController
|
|||
end
|
||||
|
||||
def check_edit_permissions
|
||||
unless can_edit_sample(@sample)
|
||||
unless can_update_sample?(@sample)
|
||||
render_403
|
||||
end
|
||||
end
|
||||
|
|
|
@ -638,10 +638,10 @@ module PermissionHelper
|
|||
|
||||
# Only person who created the sample
|
||||
# or team admin can edit it
|
||||
def can_edit_sample(sample)
|
||||
is_admin_of_team(sample.team) or
|
||||
sample.user == current_user
|
||||
end
|
||||
# def can_edit_sample(sample)
|
||||
# is_admin_of_team(sample.team) or
|
||||
# sample.user == current_user
|
||||
# end
|
||||
|
||||
# Only person who created sample can delete it
|
||||
def can_delete_sample(sample)
|
||||
|
|
|
@ -60,3 +60,10 @@ Canaid::Permissions.register_for(Protocol) do
|
|||
can_read_protocol_in_repository?(user, protocol)
|
||||
end
|
||||
end
|
||||
|
||||
Canaid::Permissions.register_for(Sample) do
|
||||
# edit sample
|
||||
can :update_sample do |user, sample|
|
||||
user.is_admin_of_team?(sample.team) || user == sample.user
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in a new issue