rosa-build/app/policies/platform_policy.rb

156 lines
4.0 KiB
Ruby
Raw Normal View History

2015-03-12 22:43:13 +00:00
class PlatformPolicy < ApplicationPolicy
def index?
2015-03-19 23:45:15 +00:00
!user.guest?
2015-03-12 22:43:13 +00:00
end
def allowed?
true
end
2015-04-13 19:16:30 +01:00
alias_method :platforms_for_build?, :allowed?
2015-03-12 22:43:13 +00:00
def show?
return true if is_admin?
2015-03-12 22:43:13 +00:00
return true unless record.hidden?
return true if record.owner == user
owner? || local_reader? || user_platform_ids.include?(record.id)
end
alias_method :owned?, :show?
alias_method :read?, :show?
alias_method :related?, :show?
def members?
return true if is_admin?
return true unless record.hidden?
return true if record.owner == user
owner? || local_reader?
end
2015-03-12 22:43:13 +00:00
def create?
is_admin?
end
def update?
is_admin? || owner?
2015-03-12 22:43:13 +00:00
end
alias_method :change_visibility?, :update?
def destroy?
record.main? && ( is_admin? || owner? )
end
2015-03-12 22:43:13 +00:00
def local_admin_manage?
is_admin? || owner? || local_admin?
2015-03-12 22:43:13 +00:00
end
alias_method :add_project?, :local_admin_manage?
alias_method :remove_file?, :local_admin_manage?
2015-03-12 22:43:13 +00:00
def clone?
record.main? && is_admin?
end
alias_method :make_clone?, :clone?
def add_member?
record.main? && ( is_admin? || owner? || local_admin? )
end
alias_method :regenerate_metadata?, :add_member?
alias_method :remove_member?, :add_member?
alias_method :remove_members?, :add_member?
def clear?
record.personal? && ( is_admin? || owner? )
end
# Public: Get list of parameters that the user is allowed to alter.
#
# Returns Array
def permitted_attributes
%i(
admin_id
automatic_metadata_regeneration
default_branch
description
distrib_type
name
owner
parent_platform_id
platform_type
released
term
visibility
) + [
platform_arch_settings_attributes: %i(id arch_id platform_id default time_living)
]
end
2015-03-12 22:43:13 +00:00
class Scope < Scope
def related
2015-03-26 00:26:24 +00:00
scope.where <<-SQL, { user_id: policy.user.id, user_group_ids: policy.user_group_ids, platform_ids: related_platform_ids }
2015-03-12 22:43:13 +00:00
(
platforms.id IN (:platform_ids)
) OR (
platforms.owner_type = 'User' AND platforms.owner_id = :user_id
) OR (
platforms.owner_type = 'Group' AND platforms.owner_id IN (:user_group_ids)
2015-04-20 10:00:05 +01:00
) OR (
platforms.id = ANY (
ARRAY (
SELECT target_id
FROM relations
INNER JOIN platforms ON platforms.id = relations.target_id
WHERE relations.target_type = 'Platform' AND
(
platforms.owner_type = 'User' AND platforms.owner_id != :user_id
) AND (
relations.actor_type = 'User' AND relations.actor_id = :user_id
)
)
)
2015-03-12 22:43:13 +00:00
)
SQL
end
2015-03-26 00:26:24 +00:00
def show
scope.where <<-SQL, { user_id: policy.user.id, user_group_ids: policy.user_group_ids, platform_ids: related_platform_ids, visibility: Platform::VISIBILITY_OPEN }
(
platforms.visibility = :visibility
) OR (
platforms.id IN (:platform_ids)
) OR (
platforms.owner_type = 'User' AND platforms.owner_id = :user_id
) OR (
platforms.owner_type = 'Group' AND platforms.owner_id IN (:user_group_ids)
2015-04-20 10:00:05 +01:00
) OR (
platforms.id = ANY (
ARRAY (
SELECT target_id
FROM relations
INNER JOIN platforms ON platforms.id = relations.target_id
WHERE relations.target_type = 'Platform' AND
(
platforms.owner_type = 'User' AND platforms.owner_id != :user_id
) AND (
relations.actor_type = 'User' AND relations.actor_id = :user_id
)
)
)
2015-03-26 00:26:24 +00:00
)
SQL
end
2015-03-12 22:43:13 +00:00
protected
2015-03-26 00:26:24 +00:00
def policy
@policy ||= Pundit.policy!(user, :platform)
end
2015-03-12 22:43:13 +00:00
def related_platform_ids
2015-03-26 00:26:24 +00:00
Rails.cache.fetch(['PlatformPolicy::Scope#related_platform_ids', policy.user]) do
policy.user.repositories.pluck(:platform_id)
2015-03-12 22:43:13 +00:00
end
end
end
end