diff --git a/app/controllers/client_api/permissions_controller.rb b/app/controllers/client_api/permissions_controller.rb index ecb13fd7a..78a56384c 100644 --- a/app/controllers/client_api/permissions_controller.rb +++ b/app/controllers/client_api/permissions_controller.rb @@ -1,16 +1,57 @@ module ClientApi class PermissionsController < ApplicationController + before_action :generate_permissions_object, only: :state + def state respond_to do |format| format.json do - render json: { - can_update_team?: false, - can_read_team?: true - }, status: :ok + render json: @permissions, status: :ok end end end + + private + + def generate_permissions_object + sanitize_permissions! + @permissions = {} + if @resource + @required_permissions.collect do |permission| + @permissions.merge!("#{permission}?" => @holder.eval(permission, + current_user, + @resource)) + end + else + @required_permissions.collect do |permission| + @permissions.merge!( + "#{permission}?" => @holder.eval_generic(permission, current_user) + ) + end + end + end + + def sanitize_permissions! + @required_permissions = params.fetch(:parsePermission) do + :permissions_array_missing + end + @holder = Canaid::PermissionsHolder.instance + @required_permissions.each do |permission| + next if @holder.has_permission?(permission) + # this error should happen only in development + raise ArgumentError, "Method #{permission} has no related " \ + "permission registered." + end + # sanitize resource, this error should happen only in development + raise ArgumentError, + "Resource #{@resource} does not exists" unless resource_valid? + end + + def resource_valid? + @resource = params[:resource] + return true unless @resource + return true if Object.const_get(@resource.classify) + rescue NameError + return false + end end end -# holder = Canaid::PermissionsHolder.instance -# https://github.com/biosistemika/canaid/blob/master/lib/canaid/helpers/permissions_helper.rb diff --git a/app/javascript/src/scenes/SettingsPage/scenes/profile/components/MyProfile.jsx b/app/javascript/src/scenes/SettingsPage/scenes/profile/components/MyProfile.jsx index 638d1e21a..41d601603 100644 --- a/app/javascript/src/scenes/SettingsPage/scenes/profile/components/MyProfile.jsx +++ b/app/javascript/src/scenes/SettingsPage/scenes/profile/components/MyProfile.jsx @@ -49,7 +49,6 @@ class MyProfile extends Component { } render() { - console.log(this.props.permissions); return (