From c63090da8c9b03fd729f2ef25840d58dd6c6be20 Mon Sep 17 00:00:00 2001 From: artoscinote <85488244+artoscinote@users.noreply.github.com> Date: Thu, 14 Oct 2021 13:13:29 +0200 Subject: [PATCH] Fixed scopes and added permission checks to quick create services [SCI-6135] (#3584) --- .../dashboard/quick_start_controller.rb | 7 +++++-- app/models/concerns/assignable.rb | 2 +- app/models/experiment.rb | 2 +- app/services/create_experiment_service.rb | 21 ++++++++----------- app/services/create_my_module_service.rb | 17 +++++++-------- app/services/create_project_service.rb | 20 +++++++----------- 6 files changed, 31 insertions(+), 38 deletions(-) diff --git a/app/controllers/dashboard/quick_start_controller.rb b/app/controllers/dashboard/quick_start_controller.rb index d60e1b0c1..d90b1fd21 100644 --- a/app/controllers/dashboard/quick_start_controller.rb +++ b/app/controllers/dashboard/quick_start_controller.rb @@ -57,11 +57,14 @@ module Dashboard end def load_project - @project = current_team.projects.find_by(id: params.dig(:project, :id)) + @project = current_team.projects.managable_by_user(current_user).find_by(id: params.dig(:project, :id)) end def load_experiment - @experiment = @project.experiments.find_by(id: params.dig(:experiment, :id)) if @project + return unless @project + + @experiment = + @project.experiments.managable_by_user(current_user).find_by(id: params.dig(:experiment, :id)) end def check_task_create_permissions diff --git a/app/models/concerns/assignable.rb b/app/models/concerns/assignable.rb index 5b28fb37f..233e14822 100644 --- a/app/models/concerns/assignable.rb +++ b/app/models/concerns/assignable.rb @@ -22,7 +22,7 @@ module Assignable .where('? = ANY(user_roles.permissions)', "::#{self.class.to_s.split('::').first}Permissions".constantize::MANAGE) } - after_create_commit do + after_create do UserAssignment.create!( user: created_by, assignable: self, diff --git a/app/models/experiment.rb b/app/models/experiment.rb index 81b116858..e8a8c8337 100644 --- a/app/models/experiment.rb +++ b/app/models/experiment.rb @@ -4,7 +4,7 @@ class Experiment < ApplicationRecord ID_PREFIX = 'EX' include PrefixedIdModel - SEARCHABLE_ATTRIBUTES = [:name, :description, PREFIXED_ID_SQL].freeze + SEARCHABLE_ATTRIBUTES = ['experiments.name', 'experiments.description', PREFIXED_ID_SQL].freeze include ArchivableModel include SearchableModel diff --git a/app/services/create_experiment_service.rb b/app/services/create_experiment_service.rb index c2d1e4d29..18cf6f8cc 100644 --- a/app/services/create_experiment_service.rb +++ b/app/services/create_experiment_service.rb @@ -1,6 +1,8 @@ # frozen_string_literal: true class CreateExperimentService + include Canaid::Helpers::PermissionsHelper + def initialize(user, team, params) @params = params @user = user @@ -8,26 +10,21 @@ class CreateExperimentService end def call - new_experiment = nil ActiveRecord::Base.transaction do - unless @params[:project].class == Project + unless @params[:project].instance_of?(Project) @params[:project] = CreateProjectService.new(@user, @team, @params[:project]).call end - unless @params[:project]&.errors&.empty? - new_experiment = @params[:project] - raise ActiveRecord::Rollback - end + + raise ActiveRecord::Rollback unless @params[:project]&.valid? && + can_create_project_experiments?(@user, @params[:project]) @params[:created_by] = @user @params[:last_modified_by] = @user - @experiment = @params[:project].experiments.new(@params) - - create_experiment_activity if @experiment.save - - new_experiment = @experiment + @experiment = @params[:project].experiments.create!(@params) + create_experiment_activity end - new_experiment + @experiment end private diff --git a/app/services/create_my_module_service.rb b/app/services/create_my_module_service.rb index e4e202f33..e1b2d58dc 100644 --- a/app/services/create_my_module_service.rb +++ b/app/services/create_my_module_service.rb @@ -1,6 +1,8 @@ # frozen_string_literal: true class CreateMyModuleService + include Canaid::Helpers::PermissionsHelper + def initialize(user, team, params) @params = params @my_module_params = params[:my_module] || {} @@ -9,16 +11,14 @@ class CreateMyModuleService end def call - new_my_module = nil ActiveRecord::Base.transaction do - unless @params[:experiment].class == Experiment + unless @params[:experiment].instance_of?(Experiment) @params[:experiment][:project] = @params[:project] @params[:experiment] = CreateExperimentService.new(@user, @team, @params[:experiment]).call end - unless @params[:experiment]&.errors&.empty? - new_my_module = @params[:experiment] - raise ActiveRecord::Rollback - end + + raise ActiveRecord::Rollback unless @params[:experiment]&.valid? && + can_manage_experiment_tasks?(@user, @params[:experiment]) @my_module_params[:x] ||= 0 @my_module_params[:y] ||= 0 @@ -36,10 +36,9 @@ class CreateMyModuleService create_my_module_activity @my_module.assign_user(@user) - - new_my_module = @my_module end - new_my_module + + @my_module end private diff --git a/app/services/create_project_service.rb b/app/services/create_project_service.rb index 75c4fd762..c0b6b54b0 100644 --- a/app/services/create_project_service.rb +++ b/app/services/create_project_service.rb @@ -1,6 +1,8 @@ # frozen_string_literal: true class CreateProjectService + include Canaid::Helpers::PermissionsHelper + def initialize(user, team, params) @params = params @user = user @@ -8,24 +10,16 @@ class CreateProjectService end def call - new_project = nil + return unless can_create_projects?(@user, @team) + ActiveRecord::Base.transaction do @params[:created_by] = @user @params[:last_modified_by] = @user - @project = @team.projects.new(@params) - - if @project.save - @project.user_projects.create!(role: :owner, user: @user) - create_project_activity - new_project = @project - else - new_project = @project - raise ActiveRecord::Rollback - - end + @project = @team.projects.create!(@params) + create_project_activity end - new_project + @project end private