scinote-eln/scinote-web
1
1
Fork 0
mirror of https://github.com/scinote-eln/scinote-web.git synced 2025-10-04 02:45:53 +08:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #7963 from artoscinote/ma_SCI_11181

Browse source 
Further fix team viewer location permissions [SCI-11181]
This commit is contained in:
Martin Artnik 2024-10-14 12:03:26 +02:00 committed by GitHub
commit b0f41eb14b
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 18 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
app/controllers/storage_location_repository_rows_controller.rb
View file

@ -6,7 +6,7 @@ class StorageLocationRepositoryRowsController < ApplicationController
before_action :load_storage_location before_action :load_storage_location
before_action :load_repository_row, only: %i(create update destroy move) before_action :load_repository_row, only: %i(create update destroy move)
before_action :check_read_permissions, except: %i(create actions_toolbar) before_action :check_read_permissions, except: %i(create actions_toolbar)
before_action :check_manage_permissions, only: %i(create update destroy) before_action :check_manage_permissions, only: %i(create update destroy move)
def index def index
storage_location_repository_row = Lists::StorageLocationRepositoryRowsService.new( storage_location_repository_row = Lists::StorageLocationRepositoryRowsService.new(
@ -134,7 +134,7 @@ class StorageLocationRepositoryRowsController < ApplicationController
end end
def check_manage_permissions def check_manage_permissions
render_403 unless can_create_storage_location_repository_rows?(@storage_location) render_403 unless can_manage_storage_location_repository_rows?(@storage_location)
end end
def log_activity(type_of, message_items = {}) def log_activity(type_of, message_items = {})

5
app/controllers/storage_locations_controller.rb
View file

@ -10,6 +10,7 @@ class StorageLocationsController < ApplicationController
before_action :check_storage_locations_enabled, except: :unassign_rows before_action :check_storage_locations_enabled, except: :unassign_rows
before_action :load_storage_location, only: %i(update destroy duplicate move show available_positions unassign_rows export_container import_container) before_action :load_storage_location, only: %i(update destroy duplicate move show available_positions unassign_rows export_container import_container)
before_action :check_read_permissions, except: %i(index create tree actions_toolbar import_container unassign_rows) before_action :check_read_permissions, except: %i(index create tree actions_toolbar import_container unassign_rows)
before_action :check_manage_repository_rows_permissions, only: %i(import_container unassign_rows)
before_action :check_create_permissions, only: :create before_action :check_create_permissions, only: :create
before_action :check_manage_permissions, only: %i(update destroy duplicate move) before_action :check_manage_permissions, only: %i(update destroy duplicate move)
before_action :set_breadcrumbs_items, only: %i(index show) before_action :set_breadcrumbs_items, only: %i(index show)
@ -230,6 +231,10 @@ class StorageLocationsController < ApplicationController
render_403 unless can_manage_storage_location?(@storage_location) render_403 unless can_manage_storage_location?(@storage_location)
end end
def check_manage_repository_rows_permissions
render_403 unless can_manage_storage_location_repository_rows?(@storage_location)
end
def set_breadcrumbs_items def set_breadcrumbs_items
@breadcrumbs_items = [] @breadcrumbs_items = []

16
app/javascript/vue/storage_locations/container.vue
View file

@ -181,15 +181,15 @@ export default {
type: 'emit', type: 'emit',
buttonStyle: 'btn btn-primary' buttonStyle: 'btn btn-primary'
}); });
}
left.push({ left.push({
name: 'import', name: 'import',
icon: 'sn-icon sn-icon-import', icon: 'sn-icon sn-icon-import',
label: this.i18n.t('storage_locations.show.import_modal.import_button'), label: this.i18n.t('storage_locations.show.import_modal.import_button'),
type: 'emit', type: 'emit',
buttonStyle: 'btn btn-light' buttonStyle: 'btn btn-light'
}); });
}
return { return {
left, left,

4
app/services/toolbars/storage_location_repository_rows_service.rb
View file

@ -27,7 +27,7 @@ module Toolbars
private private
def unassign_action def unassign_action
return unless can_read_storage_location?(@storage_location) return unless can_manage_storage_location_repository_rows?(@storage_location)
{ {
name: 'unassign', name: 'unassign',
@ -39,7 +39,7 @@ module Toolbars
end end
def move_action def move_action
return unless @single && can_read_storage_location?(@storage_location) return unless @single && can_manage_storage_location_repository_rows?(@storage_location)
{ {
name: 'move', name: 'move',

2
app/views/storage_locations/show.html.erb
View file

@ -14,7 +14,7 @@
ref="container" ref="container"
actions-url="<%= actions_toolbar_storage_location_storage_location_repository_rows_path(@storage_location) %>" actions-url="<%= actions_toolbar_storage_location_storage_location_repository_rows_path(@storage_location) %>"
data-source="<%= storage_location_storage_location_repository_rows_path(@storage_location) %>" data-source="<%= storage_location_storage_location_repository_rows_path(@storage_location) %>"
:can-manage="<%= can_create_storage_location_repository_rows?(@storage_location) %>" :can-manage="<%= can_manage_storage_location_repository_rows?(@storage_location) %>"
:with-grid="<%= @storage_location.with_grid? %>" :with-grid="<%= @storage_location.with_grid? %>"
:grid-size="<%= @storage_location.grid_size.to_json %>" :grid-size="<%= @storage_location.grid_size.to_json %>"
:container-id="<%= @storage_location.id %>" :container-id="<%= @storage_location.id %>"