mirror of
https://github.com/scinote-eln/scinote-web.git
synced 2024-12-26 01:35:34 +08:00
Fixed scopes and added permission checks to quick create services [SCI-6135] (#3584)
This commit is contained in:
parent
4a4c344a3a
commit
c63090da8c
6 changed files with 31 additions and 38 deletions
|
@ -57,11 +57,14 @@ module Dashboard
|
|||
end
|
||||
|
||||
def load_project
|
||||
@project = current_team.projects.find_by(id: params.dig(:project, :id))
|
||||
@project = current_team.projects.managable_by_user(current_user).find_by(id: params.dig(:project, :id))
|
||||
end
|
||||
|
||||
def load_experiment
|
||||
@experiment = @project.experiments.find_by(id: params.dig(:experiment, :id)) if @project
|
||||
return unless @project
|
||||
|
||||
@experiment =
|
||||
@project.experiments.managable_by_user(current_user).find_by(id: params.dig(:experiment, :id))
|
||||
end
|
||||
|
||||
def check_task_create_permissions
|
||||
|
|
|
@ -22,7 +22,7 @@ module Assignable
|
|||
.where('? = ANY(user_roles.permissions)', "::#{self.class.to_s.split('::').first}Permissions".constantize::MANAGE)
|
||||
}
|
||||
|
||||
after_create_commit do
|
||||
after_create do
|
||||
UserAssignment.create!(
|
||||
user: created_by,
|
||||
assignable: self,
|
||||
|
|
|
@ -4,7 +4,7 @@ class Experiment < ApplicationRecord
|
|||
ID_PREFIX = 'EX'
|
||||
|
||||
include PrefixedIdModel
|
||||
SEARCHABLE_ATTRIBUTES = [:name, :description, PREFIXED_ID_SQL].freeze
|
||||
SEARCHABLE_ATTRIBUTES = ['experiments.name', 'experiments.description', PREFIXED_ID_SQL].freeze
|
||||
|
||||
include ArchivableModel
|
||||
include SearchableModel
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class CreateExperimentService
|
||||
include Canaid::Helpers::PermissionsHelper
|
||||
|
||||
def initialize(user, team, params)
|
||||
@params = params
|
||||
@user = user
|
||||
|
@ -8,26 +10,21 @@ class CreateExperimentService
|
|||
end
|
||||
|
||||
def call
|
||||
new_experiment = nil
|
||||
ActiveRecord::Base.transaction do
|
||||
unless @params[:project].class == Project
|
||||
unless @params[:project].instance_of?(Project)
|
||||
@params[:project] = CreateProjectService.new(@user, @team, @params[:project]).call
|
||||
end
|
||||
unless @params[:project]&.errors&.empty?
|
||||
new_experiment = @params[:project]
|
||||
raise ActiveRecord::Rollback
|
||||
end
|
||||
|
||||
raise ActiveRecord::Rollback unless @params[:project]&.valid? &&
|
||||
can_create_project_experiments?(@user, @params[:project])
|
||||
|
||||
@params[:created_by] = @user
|
||||
@params[:last_modified_by] = @user
|
||||
|
||||
@experiment = @params[:project].experiments.new(@params)
|
||||
|
||||
create_experiment_activity if @experiment.save
|
||||
|
||||
new_experiment = @experiment
|
||||
@experiment = @params[:project].experiments.create!(@params)
|
||||
create_experiment_activity
|
||||
end
|
||||
new_experiment
|
||||
@experiment
|
||||
end
|
||||
|
||||
private
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class CreateMyModuleService
|
||||
include Canaid::Helpers::PermissionsHelper
|
||||
|
||||
def initialize(user, team, params)
|
||||
@params = params
|
||||
@my_module_params = params[:my_module] || {}
|
||||
|
@ -9,16 +11,14 @@ class CreateMyModuleService
|
|||
end
|
||||
|
||||
def call
|
||||
new_my_module = nil
|
||||
ActiveRecord::Base.transaction do
|
||||
unless @params[:experiment].class == Experiment
|
||||
unless @params[:experiment].instance_of?(Experiment)
|
||||
@params[:experiment][:project] = @params[:project]
|
||||
@params[:experiment] = CreateExperimentService.new(@user, @team, @params[:experiment]).call
|
||||
end
|
||||
unless @params[:experiment]&.errors&.empty?
|
||||
new_my_module = @params[:experiment]
|
||||
raise ActiveRecord::Rollback
|
||||
end
|
||||
|
||||
raise ActiveRecord::Rollback unless @params[:experiment]&.valid? &&
|
||||
can_manage_experiment_tasks?(@user, @params[:experiment])
|
||||
|
||||
@my_module_params[:x] ||= 0
|
||||
@my_module_params[:y] ||= 0
|
||||
|
@ -36,10 +36,9 @@ class CreateMyModuleService
|
|||
create_my_module_activity
|
||||
|
||||
@my_module.assign_user(@user)
|
||||
|
||||
new_my_module = @my_module
|
||||
end
|
||||
new_my_module
|
||||
|
||||
@my_module
|
||||
end
|
||||
|
||||
private
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class CreateProjectService
|
||||
include Canaid::Helpers::PermissionsHelper
|
||||
|
||||
def initialize(user, team, params)
|
||||
@params = params
|
||||
@user = user
|
||||
|
@ -8,24 +10,16 @@ class CreateProjectService
|
|||
end
|
||||
|
||||
def call
|
||||
new_project = nil
|
||||
return unless can_create_projects?(@user, @team)
|
||||
|
||||
ActiveRecord::Base.transaction do
|
||||
@params[:created_by] = @user
|
||||
@params[:last_modified_by] = @user
|
||||
|
||||
@project = @team.projects.new(@params)
|
||||
|
||||
if @project.save
|
||||
@project.user_projects.create!(role: :owner, user: @user)
|
||||
create_project_activity
|
||||
new_project = @project
|
||||
else
|
||||
new_project = @project
|
||||
raise ActiveRecord::Rollback
|
||||
|
||||
end
|
||||
@project = @team.projects.create!(@params)
|
||||
create_project_activity
|
||||
end
|
||||
new_project
|
||||
@project
|
||||
end
|
||||
|
||||
private
|
||||
|
|
Loading…
Reference in a new issue