From ccc245149439e290c2ceb5883edea06f22e68b28 Mon Sep 17 00:00:00 2001
From: mlorb <mlorber@biosistemika.com>
Date: Mon, 4 Dec 2017 16:45:23 +0100
Subject: [PATCH] refactor create sample permissions

---
 app/controllers/samples_controller.rb | 6 +++---
 app/controllers/teams_controller.rb   | 2 +-
 app/helpers/permission_helper.rb      | 6 +++---
 app/permissions/team.rb               | 7 ++++++-
 app/views/shared/_samples.html.erb    | 2 +-
 5 files changed, 14 insertions(+), 9 deletions(-)

diff --git a/app/controllers/samples_controller.rb b/app/controllers/samples_controller.rb
index 915385b8f..e8daf5a2a 100644
--- a/app/controllers/samples_controller.rb
+++ b/app/controllers/samples_controller.rb
@@ -12,7 +12,7 @@ class SamplesController < ApplicationController
   def new
     respond_to do |format|
       format.html
-      if can_create_samples(@team)
+      if can_create_sample?(@team)
         groups = @team.sample_groups.map do |g|
           { id: g.id, name: sanitize_input(g.name), color: g.color }
         end
@@ -43,7 +43,7 @@ class SamplesController < ApplicationController
     };
 
     respond_to do |format|
-      if can_create_samples(@team)
+      if can_create_sample?(@team)
         if params[:sample]
           # Sample name
           if params[:sample][:name]
@@ -319,7 +319,7 @@ class SamplesController < ApplicationController
   end
 
   def check_create_permissions
-    unless can_create_samples(@team)
+    unless can_create_sample?(@team)
       render_403
     end
   end
diff --git a/app/controllers/teams_controller.rb b/app/controllers/teams_controller.rb
index 982b34d11..15343216f 100644
--- a/app/controllers/teams_controller.rb
+++ b/app/controllers/teams_controller.rb
@@ -249,7 +249,7 @@ class TeamsController < ApplicationController
   end
 
   def check_create_sample_permissions
-    unless can_create_samples(@team)
+    unless can_create_sample?(@team)
       render_403
     end
   end
diff --git a/app/helpers/permission_helper.rb b/app/helpers/permission_helper.rb
index 9dd1d7c3a..665e5d1ca 100644
--- a/app/helpers/permission_helper.rb
+++ b/app/helpers/permission_helper.rb
@@ -629,9 +629,9 @@ module PermissionHelper
 
   # ---- SAMPLE PERMISSIONS ----
 
-  def can_create_samples(team)
-    is_normal_user_or_admin_of_team(team)
-  end
+  # def can_create_samples(team)
+  #   is_normal_user_or_admin_of_team(team)
+  # end
 
   def can_view_samples(team)
     is_member_of_team(team)
diff --git a/app/permissions/team.rb b/app/permissions/team.rb
index 96ba15902..9dcd9fc38 100644
--- a/app/permissions/team.rb
+++ b/app/permissions/team.rb
@@ -1,5 +1,5 @@
 Canaid::Permissions.register_for(Team) do
-  # view projects
+  # view projects, view protocols
   can :read_team do |user, team|
     user.is_member_of_team?(team)
   end
@@ -18,6 +18,11 @@ Canaid::Permissions.register_for(Team) do
   can :create_protocol do |user, team|
     user.is_normal_user_or_admin_of_team?(team)
   end
+
+  # create sample, import sample
+  can :create_sample do |user, team|
+    user.is_normal_user_or_admin_of_team?(team)
+  end
 end
 
 Canaid::Permissions.register_for(UserTeam) do
diff --git a/app/views/shared/_samples.html.erb b/app/views/shared/_samples.html.erb
index 21ca4e2d9..d835e6bf1 100644
--- a/app/views/shared/_samples.html.erb
+++ b/app/views/shared/_samples.html.erb
@@ -21,7 +21,7 @@
     data-module-id="<%= @my_module.id %>"
   <% end %>>
 
-  <% if can_create_samples(@team) %>
+  <% if can_create_sample?(@team) %>
     <button type="button" class="btn btn-default editAdd" id="addSample" onclick="onClickAddSample()">
       <span class="glyphicon glyphicon-plus"></span>
       <span class="hidden-xs"><%= t("samples.add_new_sample") %></span>