scinote-eln/scinote-web
1
1
Fork 0
mirror of https://github.com/scinote-eln/scinote-web.git synced 2025-10-06 03:46:39 +08:00
Code Issues Projects Releases Packages Wiki Activity

Add status implications checks to the permissions [SCI-4825]

Browse source
This commit is contained in:
Oleksii Kriuchykhin 2020-07-21 16:00:09 +02:00
parent 7fd004baa8
commit fa62b33a42
4 changed files with 26 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
app/models/my_module.rb
View file

@ -533,9 +533,9 @@ class MyModule < ApplicationRecord
end end
def assign_default_status_flow def assign_default_status_flow
return unless MyModuleFlow.global.any? return unless MyModuleStatusFlow.global.any?
self.my_module_status = MyModuleFlow.global.first.initial_status self.my_module_status = MyModuleStatusFlow.global.first.initial_status
end end
def check_status_conditions def check_status_conditions

1
app/models/my_module_status_implications/read_only.rb
View file

@ -5,6 +5,7 @@ module MyModuleStatusImplications
class ReadOnly < MyModuleStatusImplication class ReadOnly < MyModuleStatusImplication
def call(my_module) def call(my_module)
my_module.errors.add(:status_implication, 'Is read only') my_module.errors.add(:status_implication, 'Is read only')
false
end end
end end
end end

17
app/permissions/experiment.rb
View file

@ -25,7 +25,14 @@ Canaid::Permissions.register_for(Experiment) do
# module: create, copy, reposition, create/update/delete connection, # module: create, copy, reposition, create/update/delete connection,
# assign/reassign/unassign tags # assign/reassign/unassign tags
can :manage_experiment do |user, experiment| can :manage_experiment do |user, experiment|
user.is_user_or_higher_of_project?(experiment.project) user.is_user_or_higher_of_project?(experiment.project) &&
MyModule.joins(:experiment).where(experiment: experiment).all? do |my_module|
if my_module.my_module_status
my_module.my_module_status.my_module_status_implications.all? { |implication| implication.call(my_module) }
else
true
end
end
end end
# experiment: archive # experiment: archive
@ -56,6 +63,7 @@ end
Canaid::Permissions.register_for(MyModule) do Canaid::Permissions.register_for(MyModule) do
# Module, its experiment and its project must be active for all the specified # Module, its experiment and its project must be active for all the specified
# permissions # permissions
# Also checking status implications
%i(manage_module %i(manage_module
manage_users_in_module manage_users_in_module
assign_repository_rows_to_module assign_repository_rows_to_module
@ -68,7 +76,12 @@ Canaid::Permissions.register_for(MyModule) do
can perm do |_, my_module| can perm do |_, my_module|
my_module.active? && my_module.active? &&
my_module.experiment.active? && my_module.experiment.active? &&
my_module.experiment.project.active? my_module.experiment.project.active? &&
(if my_module.my_module_status
my_module.my_module_status&.my_module_status_implications&.all? { |implication| implication.call(my_module) }
else
true
end)
end end
end end

9
app/permissions/project.rb
View file

@ -37,7 +37,14 @@ Canaid::Permissions.register_for(Project) do
# project: update/delete, assign/reassign/unassign users # project: update/delete, assign/reassign/unassign users
can :manage_project do |user, project| can :manage_project do |user, project|
user.is_owner_of_project?(project) user.is_owner_of_project?(project) &&
MyModule.joins(experiment: :project).where(experiments: { project: project }).all? do |my_module|
if my_module.my_module_status
my_module.my_module_status.my_module_status_implications.all? { |implication| implication.call(my_module) }
else
true
end
end
end end
# project: archive # project: archive