scinote-eln/scinote-web
1
1
Fork 0
mirror of https://github.com/scinote-eln/scinote-web.git synced 2024-11-11 10:06:53 +08:00
Code Issues Projects Releases Packages Wiki Activity
scinote-web/app/services/smart_annotations/permission_eval.rb
Mojca Lorber 3c1f28ec06 fix smart annotation permission check
2019-08-09 14:13:03 +02:00

45 lines
1.4 KiB
Ruby
Raw Blame History

# frozen_string_literal: true
module SmartAnnotations
class PermissionEval
class << self
include Canaid::Helpers::PermissionsHelper
def check(user, team, type, object)
__send__("validate_#{type}_permissions", user, team, object)
end
private
def validate_prj_permissions(user, team, object)
object.team.id == team.id && can_read_project?(user, object)
end
def validate_exp_permissions(user, team, object)
object.project.team.id == team.id && can_read_experiment?(user, object)
end
def validate_tsk_permissions(user, team, object)
object.experiment.project.team.id == team.id &&
can_read_experiment?(user, object.experiment)
end
def validate_rep_item_permissions(user, team, object)
if object.repository
return (object.repository.team.id == team.id ||
object.repository.team_repositories.where(team_id: team.id).any?) &&
can_read_repository?(user, object.repository)
end
# handles discarded repositories
repository = Repository.with_discarded.find_by_id(object.repository_id)
# evaluate to false if repository not found
return false unless repository
(repository.team.id == team.id ||
repository.team_repositories.where(team_id: team.id).any?) &&
can_read_repository?(user, repository)
end
end
end
end
Reference in a new issue View git blame Copy permalink