#465: updated RepositoryPolicy

This commit is contained in:
Vokhmin Alexey V 2015-03-18 02:06:03 +03:00
parent 5c7608ee4e
commit de442480da
6 changed files with 59 additions and 9 deletions

View File

@ -1,11 +1,10 @@
class AdvisoriesController < ApplicationController
before_action :authenticate_user!
skip_before_action :authenticate_user! if APP_CONFIG['anonymous_access']
load_resource find_by: :advisory_id
authorize_resource
def index
@advisories = @advisories.includes(:platforms).search(params[:q]).uniq
authorize :advisories
@advisories = Advisory.includes(:platforms).search(params[:q]).uniq
@advisories_count = @advisories.count
@advisories = @advisories.paginate(page: current_page, per_page: Advisory.per_page)
respond_to do |format|
@ -16,10 +15,12 @@ class AdvisoriesController < ApplicationController
end
def show
authorize @advisory = Advisory.find_by(advisory_id: params[:id])
@packages_info = @advisory.fetch_packages_info
end
def search
authorize :advisories, :index?
@advisory = Advisory.by_update_type(params[:bl_type]).search_by_id(params[:query]).first
if @advisory.nil?
render nothing: true, status: 404

View File

@ -1,2 +1,11 @@
class Platforms::BaseController < ApplicationController
before_action :load_platform
protected
def load_platform
return unless params[:platform_id]
authorize @platform = Platform.find_cached(params[:platform_id]), :show?
end
end

View File

@ -3,7 +3,6 @@ class Platforms::PlatformsController < Platforms::BaseController
before_action :authenticate_user!
skip_before_action :authenticate_user!, only: [:advisories, :members, :show] if APP_CONFIG['anonymous_access']
# load_and_authorize_resource
def index
respond_to do |format|

View File

@ -7,11 +7,14 @@ class Platforms::RepositoriesController < Platforms::BaseController
before_action :authenticate_user!
skip_before_action :authenticate_user!, only: [:index, :show, :projects_list] if APP_CONFIG['anonymous_access']
load_and_authorize_resource :platform
load_and_authorize_resource :repository, through: :platform, shallow: true
# load_and_authorize_resource :platform
# load_and_authorize_resource :repository, through: :platform, shallow: true
before_action :set_members, only: [:edit, :update]
before_action :load_repository
before_action -> { @repository = @platform.repositories.find(params[:id]) if params[:id] }
def index
@repositories = @platform.repositories
@repositories = Repository.custom_sort(@repositories).paginate(page: current_page)
end
@ -170,6 +173,10 @@ class Platforms::RepositoriesController < Platforms::BaseController
protected
def load_repository
@repository = @platform.repositories.find(params[:id]) if params[:id]
end
def set_members
@members = @repository.members.order('name')
end

View File

@ -0,0 +1,35 @@
class RepositoryPolicy < ApplicationPolicy
def update?
local_admin?(record.platform)
end
def reader?
local_reader?(record.platform)
end
def write?
local_writer?(record.platform)
end
def update?
local_admin?(record.platform)
end
alias_method :manage_members?, :update?
alias_method :remove_members?, :update?
alias_method :add_member?, :update?
def add_project?
local_admin?(record.platform) || is_member_of_repository?
end
alias_method :remove_project?, :add_project?
private
def is_member_of_repository?
Rails.cache.fetch(['RepositoryPolicy#is_member_of_repository?', record, user]) do
record.members.exists?(id: user.id)
end
end
end

View File

@ -25,11 +25,10 @@
.row
hr
h3= t("layout.projects.list_header")
- if policy(@repository).add_project?
- if policy(@repository).update?
a.btn.btn-primary href=add_project_platform_repository_path(@platform, @repository)
= t('layout.projects.add')
| &nbsp;
- if policy(@repository).remove_project?
a.btn.btn-primary href=remove_project_platform_repository_path(@platform, @repository)
= t('layout.repositories.mass_delete')
.row