rosa-build/app/policies/project_policy.rb

class ProjectPolicy < ApplicationPolicy

  def index?
    !user.guest?
  end
  alias_method :remove_user?,               :index?
  alias_method :preview?,                   :index?

  def show?
    return true if record.public?
    return true if record.owner == user
    return true if record.owner.is_a?(Group) && user_group_ids.inclide?(record.owner_id)
    local_reader?
  end
  alias_method :read?,                      :show?
  alias_method :fork?,                      :show?
  alias_method :archive?,                   :show?
  alias_method :get_id?,                    :show?
  alias_method :refs_list?,                 :show?

  def create?
    return false if user.guest?
    !record.try(:owner) || owner_policy.write?
  end

  def update?
    owner? || local_admin?
  end
  alias_method :alias?,                     :update?
  alias_method :sections?,                  :update?
  alias_method :manage_collaborators?,      :update?
  alias_method :autocomplete_maintainers?,  :update?
  alias_method :add_member?,                :update?
  alias_method :remove_member?,             :update?
  alias_method :remove_members?,            :update?
  alias_method :update_member?,             :update?
  alias_method :members?,                   :update?
  alias_method :schedule?,                  :update?

  def destroy?
    owner? || record.owner.is_a?(Group) && record.owner.actors.exists?(actor_type: 'User', actor_id: user.id, role: 'admin')
  end

  def mass_import?
    user.platforms.main.find{ |p| local_admin?(p) }.present?
  end

  def run_mass_import?
    return false unless owner_policy.write?
    repo = Repository.find(record.add_to_repository_id)
    repo.platform.main? && PlatformPolicy.new(user, repo.platform).add_project?
  end

  # for grack
  def write?
    owner? || local_writer?
  end

  def possible_forks
    true
  end

  class Scope < Scope

    def membered
      policy = Pundit.policy!(user, :project)
      scope.where <<-SQL, { user_id: user.id, user_group_ids: policy.user_group_ids }
        (
          projects.owner_type = 'User'  AND projects.owner_id = :user_id
        ) OR (
          projects.owner_type = 'Group' AND projects.owner_id IN (:user_group_ids)
        ) OR (
          projects.id = ANY (
            ARRAY (
              SELECT target_id
              FROM relations
              INNER JOIN projects ON projects.id = relations.target_id
              WHERE relations.target_type = 'Project' AND
              (
                projects.owner_type = 'User' AND projects.owner_id != :user_id OR
                projects.owner_type = 'Group' AND projects.owner_id NOT IN (:user_group_ids)
              ) AND (
                relations.actor_type = 'User' AND relations.actor_id = :user_id OR
                relations.actor_type = 'Group' AND relations.actor_id IN (:user_group_ids)
              )
            )
          )
        )
      SQL
    end
  end

  private

  def owner_policy
    if record.owner.is_a?(User)
      UserPolicy.new(user, record.owner)
    else
      GroupPolicy.new(user, record.owner)
    end
  end

end
#465: added pundit gem, wip... 2015-03-12 22:43:13 +00:00			`class ProjectPolicy < ApplicationPolicy`

#465: updated views 2015-03-14 22:10:04 +00:00			`def index?`
#465: updated ProjectPolicy 2015-03-17 00:55:04 +00:00			`!user.guest?`
#465: updated views 2015-03-14 22:10:04 +00:00			`end`
#465: Added XxxPolicy classes for all models. 2015-03-18 22:02:38 +00:00			`alias_method :remove_user?, :index?`
			`alias_method :preview?, :index?`
#465: updated views 2015-03-14 22:10:04 +00:00
			`def show?`
#465: Added XxxPolicy classes for all models. 2015-03-18 22:02:38 +00:00			`return true if record.public?`
			`return true if record.owner == user`
			`return true if record.owner.is_a?(Group) && user_group_ids.inclide?(record.owner_id)`
			`local_reader?`
#465: updated views 2015-03-14 22:10:04 +00:00			`end`
#465: Added XxxPolicy classes for all models. 2015-03-18 22:02:38 +00:00			`alias_method :read?, :show?`
			`alias_method :fork?, :show?`
			`alias_method :archive?, :show?`
			`alias_method :get_id?, :show?`
			`alias_method :refs_list?, :show?`
#465: updated views 2015-03-14 22:10:04 +00:00
#465: updated ProjectPolicy 2015-03-17 00:55:04 +00:00			`def create?`
#465: Fixed specs for Api::V1::BuildListsController 2015-03-25 00:17:17 +00:00			`return false if user.guest?`
			`!record.try(:owner) \|\| owner_policy.write?`
#465: updated ProjectPolicy 2015-03-17 00:55:04 +00:00			`end`

			`def update?`
#465: Added XxxPolicy classes for all models. 2015-03-18 22:02:38 +00:00			`owner? \|\| local_admin?`
#465: updated views 2015-03-14 22:10:04 +00:00			`end`
#465: Added XxxPolicy classes for all models. 2015-03-18 22:02:38 +00:00			`alias_method :alias?, :update?`
			`alias_method :sections?, :update?`
			`alias_method :manage_collaborators?, :update?`
			`alias_method :autocomplete_maintainers?, :update?`
			`alias_method :add_member?, :update?`
			`alias_method :remove_member?, :update?`
			`alias_method :remove_members?, :update?`
			`alias_method :update_member?, :update?`
			`alias_method :members?, :update?`
			`alias_method :schedule?, :update?`
#465: updated views 2015-03-14 22:10:04 +00:00
#465: updated ProjectPolicy 2015-03-17 00:55:04 +00:00			`def destroy?`
			`owner? \|\| record.owner.is_a?(Group) && record.owner.actors.exists?(actor_type: 'User', actor_id: user.id, role: 'admin')`
#465: updated views 2015-03-14 22:10:04 +00:00			`end`

#465: updated ProjectPolicy 2015-03-17 00:55:04 +00:00			`def mass_import?`
			`user.platforms.main.find{ \|p\| local_admin?(p) }.present?`
#465: updated views 2015-03-14 22:10:04 +00:00			`end`
#465: Updated some controllers, logic of polices 2015-03-17 22:33:16 +00:00
			`def run_mass_import?`
#465: Fixed specs for Api::V1::BuildListsController 2015-03-25 00:17:17 +00:00			`return false unless owner_policy.write?`
#465: Updated some controllers, logic of polices 2015-03-17 22:33:16 +00:00			`repo = Repository.find(record.add_to_repository_id)`
#465: Fixed specs for Api::V1::BuildListsController 2015-03-25 00:17:17 +00:00			`repo.platform.main? && PlatformPolicy.new(user, repo.platform).add_project?`
#465: Updated some controllers, logic of polices 2015-03-17 22:33:16 +00:00			`end`
#465: updated views 2015-03-14 22:10:04 +00:00
#465: updated ProjectPolicy 2015-03-17 00:55:04 +00:00			`# for grack`
			`def write?`
#465: Added XxxPolicy classes for all models. 2015-03-18 22:02:38 +00:00			`owner? \|\| local_writer?`
#465: updated ProjectPolicy 2015-03-17 00:55:04 +00:00			`end`

			`def possible_forks`
			`true`
#465: updated views 2015-03-14 22:10:04 +00:00			`end`

#465: Updated some controllers, logic of polices 2015-03-17 22:33:16 +00:00			`class Scope < Scope`

			`def membered`
			`policy = Pundit.policy!(user, :project)`
			`scope.where <<-SQL, { user_id: user.id, user_group_ids: policy.user_group_ids }`
			`(`
			`projects.owner_type = 'User' AND projects.owner_id = :user_id`
			`) OR (`
			`projects.owner_type = 'Group' AND projects.owner_id IN (:user_group_ids)`
			`) OR (`
			`projects.id = ANY (`
			`ARRAY (`
			`SELECT target_id`
			`FROM relations`
			`INNER JOIN projects ON projects.id = relations.target_id`
			`WHERE relations.target_type = 'Project' AND`
			`(`
			`projects.owner_type = 'User' AND projects.owner_id != :user_id OR`
			`projects.owner_type = 'Group' AND projects.owner_id NOT IN (:user_group_ids)`
			`) AND (`
			`relations.actor_type = 'User' AND relations.actor_id = :user_id OR`
			`relations.actor_type = 'Group' AND relations.actor_id IN (:user_group_ids)`
			`)`
			`)`
			`)`
			`)`
			`SQL`
			`end`
			`end`

#465: Fixed specs for Api::V1::BuildListsController 2015-03-25 00:17:17 +00:00			`private`

			`def owner_policy`
			`if record.owner.is_a?(User)`
			`UserPolicy.new(user, record.owner)`
			`else`
			`GroupPolicy.new(user, record.owner)`
			`end`
			`end`

#465: added pundit gem, wip... 2015-03-12 22:43:13 +00:00			`end`