From b0fc97a549a57ae828f12bbb323d0023fd088767 Mon Sep 17 00:00:00 2001 From: Martin Artnik Date: Wed, 22 Feb 2023 15:37:39 +0100 Subject: [PATCH 1/6] Fix assignable for top level assignables [SCI-7978] --- app/models/concerns/assignable.rb | 8 ++++++-- config/initializers/extends.rb | 2 ++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/app/models/concerns/assignable.rb b/app/models/concerns/assignable.rb index a85797ecc..54fc2c390 100644 --- a/app/models/concerns/assignable.rb +++ b/app/models/concerns/assignable.rb @@ -54,12 +54,16 @@ module Assignable end end + def top_level_assignable? + self.class.name.in?(Extends::TOP_LEVEL_ASSIGNABLES) + end + private def create_users_assignments return if skip_user_assignments - role = if is_a?(Project) || is_a?(Team) + role = if top_level_assignable? UserRole.find_predefined_owner_role else permission_parent.user_assignments.find_by(user: created_by).user_role @@ -68,7 +72,7 @@ module Assignable UserAssignment.create!( user: created_by, assignable: self, - assigned: is_a?(Project) ? :manually : :automatically, + assigned: top_level_assignable? ? :manually : :automatically, user_role: role ) diff --git a/config/initializers/extends.rb b/config/initializers/extends.rb index f1c7c8866..57a76f7de 100644 --- a/config/initializers/extends.rb +++ b/config/initializers/extends.rb @@ -458,6 +458,8 @@ class Extends label_repository: [*216..219] } + TOP_LEVEL_ASSIGNABLES = %w(Project Team Protocol Repository).freeze + SHARED_INVENTORIES_PERMISSION_LEVELS = { not_shared: 0, shared_read: 1, From c24b0fa5ab5a15be1721b53995c96e862d470dd7 Mon Sep 17 00:00:00 2001 From: Martin Artnik Date: Thu, 23 Feb 2023 14:57:38 +0100 Subject: [PATCH 2/6] Refactor access modals [SCI-7978] --- .../experiments_controller.rb | 8 ++--- .../my_modules_controller.rb | 14 +++----- .../access_permissions/projects_controller.rb | 4 ++- .../protocols_controller.rb | 5 ++- app/models/protocol.rb | 3 +- .../experiments/table_view_service.rb | 9 +++--- .../experiments/edit.json.jbuilder | 9 +++--- .../experiment_member.json.jbuilder | 4 +-- .../experiments/modals/_edit_modal.html.erb | 28 ---------------- .../experiments/show.json.jbuilder | 6 ++-- .../modals/_edit_modal.html.erb | 32 +++++++++++++++++++ .../modals/_show_modal.html.erb | 13 ++++---- .../my_modules/edit.json.jbuilder | 9 +++--- .../my_modules/modals/_edit_modal.html.erb | 28 ---------------- .../my_modules/modals/_show_modal.html.erb | 21 ------------ .../my_modules/my_module_member.json.jbuilder | 6 ++-- .../my_modules/show.json.jbuilder | 8 ++--- .../_default_public_user_role_form.html.erb | 14 ++++---- .../partials/_member_field.html.erb | 8 ++--- .../partials/_new_assignments_form.html.erb | 6 ++-- .../partials/_user_assignment.html.erb | 2 +- .../projects/edit.json.jbuilder | 9 +++--- .../projects/modals/_edit_modal.html.erb | 30 ----------------- .../projects/modals/_show_modal.html.erb | 19 ----------- .../projects/new.json.jbuilder | 4 +-- .../projects/project_member.json.jbuilder | 2 +- .../projects/show.json.jbuilder | 9 +++--- ...ate_default_public_user_role.json.jbuilder | 2 +- .../protocols/edit.json.jbuilder | 8 +++-- .../protocols/modals/_edit_modal.html.erb | 29 ----------------- .../protocols/modals/_show_modal.html.erb | 18 ----------- .../protocols/new.json.jbuilder | 4 +-- .../protocols/protocol_member.json.jbuilder | 2 +- .../edit/_my_module_dropdown_menu.html.erb | 2 +- .../experiments/_dropdown_actions.html.erb | 4 +-- .../experiments/_table_row_actions.html.erb | 4 +-- .../_module_header_details_popover.html.erb | 4 +-- .../_experiment_actions_dropdown.html.erb | 4 +-- config/routes.rb | 12 ++++--- 39 files changed, 131 insertions(+), 272 deletions(-) delete mode 100644 app/views/access_permissions/experiments/modals/_edit_modal.html.erb create mode 100644 app/views/access_permissions/modals/_edit_modal.html.erb rename app/views/access_permissions/{experiments => }/modals/_show_modal.html.erb (50%) delete mode 100644 app/views/access_permissions/my_modules/modals/_edit_modal.html.erb delete mode 100644 app/views/access_permissions/my_modules/modals/_show_modal.html.erb delete mode 100644 app/views/access_permissions/projects/modals/_edit_modal.html.erb delete mode 100644 app/views/access_permissions/projects/modals/_show_modal.html.erb delete mode 100644 app/views/access_permissions/protocols/modals/_edit_modal.html.erb delete mode 100644 app/views/access_permissions/protocols/modals/_show_modal.html.erb diff --git a/app/controllers/access_permissions/experiments_controller.rb b/app/controllers/access_permissions/experiments_controller.rb index b18b128c0..3b902c20b 100644 --- a/app/controllers/access_permissions/experiments_controller.rb +++ b/app/controllers/access_permissions/experiments_controller.rb @@ -2,8 +2,8 @@ module AccessPermissions class ExperimentsController < ApplicationController - before_action :set_project before_action :set_experiment + before_action :set_project before_action :check_read_permissions, only: %i(show) before_action :check_manage_permissions, only: %i(edit update) @@ -59,13 +59,11 @@ module AccessPermissions end def set_project - @project = current_team.projects.find_by(id: params[:project_id]) - - render_404 unless @project + @project = @experiment.project end def set_experiment - @experiment = @project.experiments.includes(user_assignments: %i(user user_role)).find_by(id: params[:id]) + @experiment = Experiment.includes(user_assignments: %i(user user_role)).find_by(id: params[:id]) render_404 unless @experiment end diff --git a/app/controllers/access_permissions/my_modules_controller.rb b/app/controllers/access_permissions/my_modules_controller.rb index 783533355..1bed4d660 100644 --- a/app/controllers/access_permissions/my_modules_controller.rb +++ b/app/controllers/access_permissions/my_modules_controller.rb @@ -2,9 +2,9 @@ module AccessPermissions class MyModulesController < ApplicationController - before_action :set_project - before_action :set_experiment before_action :set_my_module + before_action :set_experiment + before_action :set_project before_action :check_read_permissions, only: %i(show) before_action :check_manage_permissions, only: %i(edit update) @@ -53,19 +53,15 @@ module AccessPermissions end def set_project - @project = current_team.projects.find_by(id: params[:project_id]) - - render_404 unless @project + @project = @experiment.project end def set_experiment - @experiment = @project.experiments.find_by(id: params[:experiment_id]) - - render_404 unless @experiment + @experiment = @my_module.experiment end def set_my_module - @my_module = @experiment.my_modules.includes(user_assignments: %i(user user_role)).find_by(id: params[:id]) + @my_module = MyModule.includes(user_assignments: %i(user user_role)).find_by(id: params[:id]) render_404 unless @my_module end diff --git a/app/controllers/access_permissions/projects_controller.rb b/app/controllers/access_permissions/projects_controller.rb index 54a2da719..dba2ff7f0 100644 --- a/app/controllers/access_permissions/projects_controller.rb +++ b/app/controllers/access_permissions/projects_controller.rb @@ -49,6 +49,7 @@ module AccessPermissions def create ActiveRecord::Base.transaction do + created_count = 0 permitted_create_params[:resource_members].each do |_k, user_assignment_params| next unless user_assignment_params[:assign] == '1' @@ -65,11 +66,12 @@ module AccessPermissions ) log_activity(:assign_user_to_project, user_assignment) + created_count += 1 propagate_job(user_assignment) end respond_to do |format| - @message = t('access_permissions.create.success', count: @project.user_assignments.count) + @message = t('access_permissions.create.success', count: created_count) format.json { render :edit } end rescue ActiveRecord::RecordInvalid diff --git a/app/controllers/access_permissions/protocols_controller.rb b/app/controllers/access_permissions/protocols_controller.rb index 2c2684115..2e0ed820c 100644 --- a/app/controllers/access_permissions/protocols_controller.rb +++ b/app/controllers/access_permissions/protocols_controller.rb @@ -47,19 +47,22 @@ module AccessPermissions def create ActiveRecord::Base.transaction do + created_count = 0 permitted_create_params[:resource_members].each do |_k, user_assignment_params| next unless user_assignment_params[:assign] == '1' user_assignment = UserAssignment.new(user_assignment_params) user_assignment.assignable = @protocol + user_assignment.assigned = :manually user_assignment.team = current_team user_assignment.assigned_by = current_user user_assignment.save! + created_count += 1 log_activity(:protocol_template_access_granted, user_assignment) end respond_to do |format| - @message = t('access_permissions.create.success', count: @protocol.user_assignments.count) + @message = t('access_permissions.create.success', count: created_count) format.json { render :edit } end rescue ActiveRecord::RecordInvalid diff --git a/app/models/protocol.rb b/app/models/protocol.rb index 90399f05f..619643cad 100644 --- a/app/models/protocol.rb +++ b/app/models/protocol.rb @@ -40,7 +40,8 @@ class Protocol < ApplicationRecord validate :prevent_update, on: :update, if: lambda { - in_repository_published? && !protocol_type_changed?(from: 'in_repository_draft') && !archived_changed? + changes.keys != %w(default_public_user_role_id) && # skip check if only public role changed + in_repository_published? && !protocol_type_changed?(from: 'in_repository_draft') && !archived_changed? } with_options if: :in_module? do diff --git a/app/services/experiments/table_view_service.rb b/app/services/experiments/table_view_service.rb index 3dba492e1..c147e0cce 100644 --- a/app/services/experiments/table_view_service.rb +++ b/app/services/experiments/table_view_service.rb @@ -68,7 +68,6 @@ module Experiments end experiment = my_module.experiment - project = experiment.project result.push({ id: my_module.id, columns: prepared_my_module, @@ -81,7 +80,7 @@ module Experiments provisioning_status: my_module.provisioning_status == 'in_progress' && provisioning_status_my_module_url(my_module), - access: access_url(project, experiment, my_module) + access: access_url(my_module) } }) end @@ -93,11 +92,11 @@ module Experiments private - def access_url(project, experiment, my_module) + def access_url(my_module) if can_manage_my_module_users?(@user, my_module) - edit_access_permissions_project_experiment_my_module_path(project, experiment, my_module) + edit_access_permissions_my_module_path(my_module) else - access_permissions_project_experiment_my_module_path(project, experiment, my_module) + access_permissions_my_module_path(my_module) end end diff --git a/app/views/access_permissions/experiments/edit.json.jbuilder b/app/views/access_permissions/experiments/edit.json.jbuilder index ca2068eed..2bef57ca5 100644 --- a/app/views/access_permissions/experiments/edit.json.jbuilder +++ b/app/views/access_permissions/experiments/edit.json.jbuilder @@ -1,13 +1,12 @@ # frozen_string_literal: true json.modal controller.render_to_string( - partial: 'access_permissions/experiments/modals/edit_modal', + partial: 'access_permissions/modals/edit_modal', formats: [:html], locals: { - experiment: @experiment, - project: @project, - users: @project.manually_assigned_users, - project_path: project_path(@project) + assignable: @experiment, + top_level_assignable: @project, + manually_assigned_users: @project.manually_assigned_users }, layout: false ) diff --git a/app/views/access_permissions/experiments/experiment_member.json.jbuilder b/app/views/access_permissions/experiments/experiment_member.json.jbuilder index 6656bd2ab..65f20cbb6 100644 --- a/app/views/access_permissions/experiments/experiment_member.json.jbuilder +++ b/app/views/access_permissions/experiments/experiment_member.json.jbuilder @@ -5,9 +5,9 @@ json.form controller.render_to_string( formats: [:html], locals: { user: @user_assignment.user, - object: @experiment, + assignable: @experiment, with_inherit: true, - update_path: access_permissions_project_experiment_path(@project, @experiment) + update_path: access_permissions_experiment_path(@experiment) }, layout: false ) diff --git a/app/views/access_permissions/experiments/modals/_edit_modal.html.erb b/app/views/access_permissions/experiments/modals/_edit_modal.html.erb deleted file mode 100644 index 07ea17bf9..000000000 --- a/app/views/access_permissions/experiments/modals/_edit_modal.html.erb +++ /dev/null @@ -1,28 +0,0 @@ -<% # frozen_string_literal: true %> - - diff --git a/app/views/access_permissions/experiments/show.json.jbuilder b/app/views/access_permissions/experiments/show.json.jbuilder index 16db4eabd..d662c4eed 100644 --- a/app/views/access_permissions/experiments/show.json.jbuilder +++ b/app/views/access_permissions/experiments/show.json.jbuilder @@ -4,9 +4,9 @@ json.modal controller.render_to_string( partial: 'access_permissions/experiments/modals/show_modal', formats: [:html], locals: { - experiment: @experiment, - users: @project.manually_assigned_users, - project_path: project_path(@project) + assignable: @experiment, + top_level_assignable: @project, + manually_assigned_users: @project.manually_assigned_users }, layout: false ) diff --git a/app/views/access_permissions/modals/_edit_modal.html.erb b/app/views/access_permissions/modals/_edit_modal.html.erb new file mode 100644 index 000000000..242759a82 --- /dev/null +++ b/app/views/access_permissions/modals/_edit_modal.html.erb @@ -0,0 +1,32 @@ +<% # frozen_string_literal: true %> + + diff --git a/app/views/access_permissions/experiments/modals/_show_modal.html.erb b/app/views/access_permissions/modals/_show_modal.html.erb similarity index 50% rename from app/views/access_permissions/experiments/modals/_show_modal.html.erb rename to app/views/access_permissions/modals/_show_modal.html.erb index 1d1b93386..648e0cee9 100644 --- a/app/views/access_permissions/experiments/modals/_show_modal.html.erb +++ b/app/views/access_permissions/modals/_show_modal.html.erb @@ -1,19 +1,18 @@ <% # frozen_string_literal: true %> -