Canaid::Permissions.register_for(Team) do
  # view projects, view protocols
  # leave team, view team users (ATWHO)
  # view samples, export samples
  # view repositories, view repository, export repository rows
  can :read_team do |user, team|
    user.is_member_of_team?(team)
  end

  # edit team name, edit team description
  can :update_team do |user, team|
    user.is_admin_of_team?(team)
  end

  # invite user to team, change user's role, remove user from team
  can :manage_team_users do |user, team|
    user.is_admin_of_team?(team)
  end

  # create project
  can :create_projects do |user, team|
    user.is_normal_user_or_admin_of_team?(team)
  end

  # create protocol in repository, import protocol to repository
  can :create_protocols_in_repository do |user, team|
    user.is_normal_user_or_admin_of_team?(team)
  end

  # create, import, edit, delete samples
  can :manage_samples do |user, team|
    user.is_normal_user_or_admin_of_team?(team)
  end

  # create custom field
  # create, update, delete sample type or sample group
  can :manage_sample_columns do |user, team|
    user.is_normal_user_or_admin_of_team?(team)
  end

  # create, copy repository
  can :create_repositories do |user, team|
    user.is_admin_of_team?(team)
  end

  # create, import, edit, delete repository records
  can :manage_repository_rows do |user, team|
    user.is_normal_user_or_admin_of_team?(team)
  end

  # create repository column
  can :create_repository_columns do |user, team|
    user.is_normal_user_or_admin_of_team?(team)
  end
end

Canaid::Permissions.register_for(Protocol) do
  # view protocol in repository, export protocol from repository
  # view step in protocol in repository, view or dowload step asset
  can :read_protocol_in_repository do |user, protocol|
    user.is_member_of_team?(protocol.team) &&
      (protocol.in_repository_public? ||
      protocol.in_repository_private? && user == protocol.added_by)
  end

  # edit protocol in repository,
  # create, edit, delete or reorder step in repository
  can :update_protocol_in_repository do |user, protocol|
    protocol.in_repository_active? &&
      can_update_protocol_type_in_repository?(user, protocol)
  end

  # toggle protocol visibility (public, private, archive, restore)
  can :update_protocol_type_in_repository do |user, protocol|
    user.is_normal_user_or_admin_of_team?(protocol.team) &&
      user == protocol.added_by
  end

  # clone protocol in repository
  can :clone_protocol_in_repository do |user, protocol|
    can_create_protocols_in_repository?(user, protocol.team) &&
      can_read_protocol_in_repository?(user, protocol)
  end
end

Canaid::Permissions.register_for(Sample) do
  # edit, delete specific sample
  can :update_or_delete_sample do |user, sample|
    can_manage_samples?(user, sample.team)
  end
end

Canaid::Permissions.register_for(CustomField) do
  # update, delete custom field
  can :update_or_delete_custom_field do |user, custom_field|
    can_manage_sample_columns?(user, custom_field.team)
  end
end

Canaid::Permissions.register_for(Repository) do
  # edit, destroy repository
  can :update_or_delete_repository do |user, repository|
    can_create_repositories?(user, repository.team)
  end
end

Canaid::Permissions.register_for(RepositoryRow) do
  # update, delete specific repository record
  can :update_or_delete_repository_row do |user, repository_row|
    can_manage_repository_rows?(user, repository_row.repository.team)
  end
end

Canaid::Permissions.register_for(RepositoryColumn) do
  # update, delete repository column
  can :update_or_delete_repository_column do |user, repository_column|
    can_create_repository_columns?(user, repository_column.repository.team)
  end
end