2015-03-12 22:43:13 +00:00
|
|
|
class ProjectPolicy < ApplicationPolicy
|
|
|
|
|
2015-03-14 22:10:04 +00:00
|
|
|
def index?
|
2015-03-17 00:55:04 +00:00
|
|
|
!user.guest?
|
2015-03-14 22:10:04 +00:00
|
|
|
end
|
2015-04-03 22:16:02 +01:00
|
|
|
alias_method :autocomplete_project?, :index?
|
2015-03-18 22:02:38 +00:00
|
|
|
alias_method :remove_user?, :index?
|
|
|
|
alias_method :preview?, :index?
|
2015-03-14 22:10:04 +00:00
|
|
|
|
|
|
|
def show?
|
2015-03-26 23:36:30 +00:00
|
|
|
return true if is_admin?
|
2015-03-18 22:02:38 +00:00
|
|
|
return true if record.public?
|
|
|
|
return true if record.owner == user
|
2015-03-31 02:08:50 +01:00
|
|
|
return true if record.owner.is_a?(Group) && user_group_ids.include?(record.owner_id)
|
2015-03-18 22:02:38 +00:00
|
|
|
local_reader?
|
2015-03-14 22:10:04 +00:00
|
|
|
end
|
2015-12-15 06:27:57 +00:00
|
|
|
|
|
|
|
alias_method :commit?, :show?
|
2015-03-18 22:02:38 +00:00
|
|
|
alias_method :read?, :show?
|
|
|
|
alias_method :archive?, :show?
|
|
|
|
alias_method :get_id?, :show?
|
|
|
|
alias_method :refs_list?, :show?
|
2015-03-14 22:10:04 +00:00
|
|
|
|
2015-04-18 21:55:34 +01:00
|
|
|
def fork?
|
|
|
|
!user.guest? && show?
|
|
|
|
end
|
|
|
|
|
2015-03-17 00:55:04 +00:00
|
|
|
def create?
|
2015-03-25 00:17:17 +00:00
|
|
|
return false if user.guest?
|
2015-04-09 00:06:55 +01:00
|
|
|
return true if is_admin?
|
2015-04-14 21:26:50 +01:00
|
|
|
record.is_a?(Symbol) || owner_policy.write?
|
2015-03-17 00:55:04 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def update?
|
2015-04-09 00:06:55 +01:00
|
|
|
return false if user.guest?
|
2015-03-26 23:36:30 +00:00
|
|
|
is_admin? || owner? || local_admin?
|
2015-03-14 22:10:04 +00:00
|
|
|
end
|
2015-04-13 21:28:52 +01:00
|
|
|
alias_method :add_member?, :update?
|
2015-03-18 22:02:38 +00:00
|
|
|
alias_method :alias?, :update?
|
|
|
|
alias_method :autocomplete_maintainers?, :update?
|
2015-04-13 21:28:52 +01:00
|
|
|
alias_method :manage_collaborators?, :update?
|
|
|
|
alias_method :members?, :update?
|
2015-03-18 22:02:38 +00:00
|
|
|
alias_method :remove_member?, :update?
|
|
|
|
alias_method :remove_members?, :update?
|
|
|
|
alias_method :schedule?, :update?
|
2015-04-13 21:28:52 +01:00
|
|
|
alias_method :sections?, :update?
|
|
|
|
alias_method :update_member?, :update?
|
2015-03-14 22:10:04 +00:00
|
|
|
|
2015-03-17 00:55:04 +00:00
|
|
|
def destroy?
|
2015-04-09 00:06:55 +01:00
|
|
|
return false if user.guest?
|
2015-03-26 23:36:30 +00:00
|
|
|
is_admin? || owner? || record.owner.is_a?(Group) && record.owner.actors.exists?(actor_type: 'User', actor_id: user.id, role: 'admin')
|
2015-03-14 22:10:04 +00:00
|
|
|
end
|
|
|
|
|
2015-03-17 00:55:04 +00:00
|
|
|
def mass_import?
|
2015-04-09 00:06:55 +01:00
|
|
|
return false if user.guest?
|
2015-03-26 23:36:30 +00:00
|
|
|
is_admin? || user.platforms.main.find{ |p| local_admin?(p) }.present?
|
2015-03-14 22:10:04 +00:00
|
|
|
end
|
2015-03-17 22:33:16 +00:00
|
|
|
|
2015-12-16 18:36:38 +00:00
|
|
|
alias_method :mass_create?, :mass_import?
|
|
|
|
|
2015-03-17 22:33:16 +00:00
|
|
|
def run_mass_import?
|
2015-03-26 23:36:30 +00:00
|
|
|
return true if is_admin?
|
2015-03-25 00:17:17 +00:00
|
|
|
return false unless owner_policy.write?
|
2015-03-17 22:33:16 +00:00
|
|
|
repo = Repository.find(record.add_to_repository_id)
|
2015-03-25 00:17:17 +00:00
|
|
|
repo.platform.main? && PlatformPolicy.new(user, repo.platform).add_project?
|
2015-03-17 22:33:16 +00:00
|
|
|
end
|
2015-03-14 22:10:04 +00:00
|
|
|
|
2015-12-16 18:36:38 +00:00
|
|
|
alias_method :run_mass_create?, :run_mass_import?
|
|
|
|
|
2015-03-17 00:55:04 +00:00
|
|
|
# for grack
|
|
|
|
def write?
|
2015-04-09 00:06:55 +01:00
|
|
|
return false if user.guest?
|
2015-03-26 23:36:30 +00:00
|
|
|
is_admin? || owner? || local_writer?
|
2015-03-17 00:55:04 +00:00
|
|
|
end
|
|
|
|
|
2015-04-22 12:38:28 +01:00
|
|
|
def possible_forks?
|
2015-03-17 00:55:04 +00:00
|
|
|
true
|
2015-03-14 22:10:04 +00:00
|
|
|
end
|
|
|
|
|
2015-05-19 21:59:34 +01:00
|
|
|
# Public: Get list of parameters that the user is allowed to alter.
|
|
|
|
#
|
|
|
|
# Returns Array
|
|
|
|
def permitted_attributes
|
|
|
|
%i(
|
|
|
|
add_to_repository_id
|
2015-12-12 18:19:02 +00:00
|
|
|
github_organization
|
2015-05-19 21:59:34 +01:00
|
|
|
architecture_dependent
|
|
|
|
autostart_status
|
|
|
|
default_branch
|
|
|
|
is_package
|
|
|
|
maintainer_id
|
|
|
|
mass_import
|
|
|
|
name
|
|
|
|
publish_i686_into_x86_64
|
|
|
|
srpm
|
|
|
|
srpms_list
|
|
|
|
url
|
|
|
|
visibility
|
|
|
|
)
|
|
|
|
end
|
|
|
|
|
2015-03-17 22:33:16 +00:00
|
|
|
class Scope < Scope
|
|
|
|
|
|
|
|
def membered
|
2015-03-26 00:26:24 +00:00
|
|
|
scope.where <<-SQL, { user_id: policy.user.id, user_group_ids: policy.user_group_ids }
|
2015-03-17 22:33:16 +00:00
|
|
|
(
|
|
|
|
projects.owner_type = 'User' AND projects.owner_id = :user_id
|
|
|
|
) OR (
|
|
|
|
projects.owner_type = 'Group' AND projects.owner_id IN (:user_group_ids)
|
|
|
|
) OR (
|
|
|
|
projects.id = ANY (
|
|
|
|
ARRAY (
|
|
|
|
SELECT target_id
|
|
|
|
FROM relations
|
|
|
|
INNER JOIN projects ON projects.id = relations.target_id
|
|
|
|
WHERE relations.target_type = 'Project' AND
|
|
|
|
(
|
|
|
|
projects.owner_type = 'User' AND projects.owner_id != :user_id OR
|
|
|
|
projects.owner_type = 'Group' AND projects.owner_id NOT IN (:user_group_ids)
|
|
|
|
) AND (
|
|
|
|
relations.actor_type = 'User' AND relations.actor_id = :user_id OR
|
|
|
|
relations.actor_type = 'Group' AND relations.actor_id IN (:user_group_ids)
|
|
|
|
)
|
|
|
|
)
|
|
|
|
)
|
|
|
|
)
|
|
|
|
SQL
|
|
|
|
end
|
2015-03-26 00:26:24 +00:00
|
|
|
|
|
|
|
def read
|
|
|
|
scope.where <<-SQL, { user_id: policy.user.id, user_group_ids: policy.user_group_ids }
|
|
|
|
(
|
|
|
|
projects.visibility = 'open'
|
|
|
|
) OR (
|
|
|
|
projects.owner_type = 'User' AND projects.owner_id = :user_id
|
|
|
|
) OR (
|
|
|
|
projects.owner_type = 'Group' AND projects.owner_id IN (:user_group_ids)
|
|
|
|
) OR (
|
|
|
|
projects.id = ANY (
|
|
|
|
ARRAY (
|
|
|
|
SELECT target_id
|
|
|
|
FROM relations
|
|
|
|
INNER JOIN projects ON projects.id = relations.target_id
|
|
|
|
WHERE relations.target_type = 'Project' AND
|
|
|
|
(
|
|
|
|
projects.owner_type = 'User' AND projects.owner_id != :user_id OR
|
|
|
|
projects.owner_type = 'Group' AND projects.owner_id NOT IN (:user_group_ids)
|
|
|
|
) AND (
|
|
|
|
relations.actor_type = 'User' AND relations.actor_id = :user_id OR
|
|
|
|
relations.actor_type = 'Group' AND relations.actor_id IN (:user_group_ids)
|
|
|
|
)
|
|
|
|
)
|
|
|
|
)
|
|
|
|
)
|
|
|
|
SQL
|
|
|
|
end
|
2015-04-01 22:34:14 +01:00
|
|
|
alias_method :show, :read
|
2015-03-26 00:26:24 +00:00
|
|
|
|
|
|
|
protected
|
|
|
|
|
|
|
|
def policy
|
|
|
|
@policy ||= Pundit.policy!(user, :project)
|
|
|
|
end
|
2015-03-17 22:33:16 +00:00
|
|
|
end
|
|
|
|
|
2015-03-25 00:17:17 +00:00
|
|
|
private
|
|
|
|
|
|
|
|
def owner_policy
|
|
|
|
if record.owner.is_a?(User)
|
|
|
|
UserPolicy.new(user, record.owner)
|
|
|
|
else
|
|
|
|
GroupPolicy.new(user, record.owner)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2015-03-12 22:43:13 +00:00
|
|
|
end
|