myexperiment-hackers
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[myexperiment-hackers] [3186] trunk: added ability to specify permission

From: noreply
Subject: [myexperiment-hackers] [3186] trunk: added ability to specify permissions in pivots
Date: Mon, 12 Nov 2012 22:53:11 +0000 (UTC)
Revision
3186
Author
dgc
Date
2012-11-12 22:53:11 +0000 (Mon, 12 Nov 2012)

Log Message

added ability to specify permissions in pivots

Modified Paths

Diff

Modified: trunk/app/controllers/application_controller.rb (3185 => 3186)


--- trunk/app/controllers/application_controller.rb	2012-11-12 22:52:26 UTC (rev 3185)
+++ trunk/app/controllers/application_controller.rb	2012-11-12 22:53:11 UTC (rev 3186)
@@ -685,7 +685,7 @@
       objects = collection.find(
           :all,
           :select => "#{filter_id_column} AS filter_id, #{filter_label_column} AS filter_label, #{count_expr} AS filter_count",
-          :joins => merge_joins(joins, pivot_options, :auth_type => opts[:auth_type], :auth_id => opts[:auth_id]),
+          :joins => merge_joins(joins, pivot_options, collection.permission_conditions, :auth_type => opts[:auth_type], :auth_id => opts[:auth_id]),
           :conditions => conditions,
           :group => "#{filter_id_column}",
           :limit => limit,
@@ -797,14 +797,17 @@
       end
     end
 
-    def merge_joins(joins, pivot_options, opts = {})
+    def merge_joins(joins, pivot_options, permission_conditions, opts = {})
       if joins.length.zero?
         nil
       else
         joins.uniq.map do |j|
           text = pivot_options["joins"][j].clone
-          text.gsub!(/RESULT_TYPE/, opts[:auth_type])
-          text.gsub!(/RESULT_ID/,   opts[:auth_id])
+          text.gsub!(/RESULT_TYPE/,         opts[:auth_type])
+          text.gsub!(/RESULT_ID/,           opts[:auth_id])
+          text.gsub!(/VIEW_CONDITIONS/,     permission_conditions[:view_conditions])
+          text.gsub!(/DOWNLOAD_CONDITIONS/, permission_conditions[:download_conditions])
+          text.gsub!(/EDIT_CONDITIONS/,     permission_conditions[:edit_conditions])
           text
         end.join(" ")
       end
@@ -904,7 +907,7 @@
     results = collection.find(
         :all,
         :page => { :size => params["num"] ? params["num"].to_i : nil, :current => params["page"] },
-        :joins => merge_joins(joins, pivot_options, :auth_type => auth_type, :auth_id => auth_id),
+        :joins => merge_joins(joins, pivot_options, collection.permission_conditions, :auth_type => auth_type, :auth_id => auth_id),
         :conditions => conditions.length.zero? ? nil : conditions.join(" AND "),
         :group => "#{group_by} #{having_clause}",
         :order => order_options["order"])

Modified: trunk/config/default_settings.yml (3185 => 3186)


--- trunk/config/default_settings.yml	2012-11-12 22:52:26 UTC (rev 3185)
+++ trunk/config/default_settings.yml	2012-11-12 22:53:11 UTC (rev 3186)
@@ -532,7 +532,7 @@
 
   joins:
 
-    workflow_processors: INNER JOIN workflow_processors ON RESULT_TYPE = 'Workflow' AND workflow_processors.workflow_id = RESULT_ID
+    workflow_processors: INNER JOIN workflow_processors ON RESULT_TYPE = 'Workflow' AND workflow_processors.workflow_id = RESULT_ID AND DOWNLOAD_CONDITIONS = 1
     taggings: LEFT OUTER JOIN taggings ON RESULT_TYPE = taggings.taggable_type AND RESULT_ID = taggings.taggable_id
     services: INNER JOIN services ON RESULT_TYPE = 'Service' AND RESULT_ID = services.id
     curation_events: INNER JOIN curation_events ON curation_events.object_type = RESULT_TYPE AND curation_events.object_id = RESULT_ID

Modified: trunk/lib/authorization.rb (3185 => 3186)


--- trunk/lib/authorization.rb	2012-11-12 22:52:26 UTC (rev 3185)
+++ trunk/lib/authorization.rb	2012-11-12 22:53:11 UTC (rev 3186)
@@ -429,9 +429,14 @@
     select_parts << "#{model.table_name}.*" if include_permissions
 
     if include_permissions || permissions_only
-      select_parts << "BIT_OR(#{view_conditions(user_id, friends, networks)})     AS view_permission"
-      select_parts << "BIT_OR(#{download_conditions(user_id, friends, networks)}) AS download_permission"
-      select_parts << "BIT_OR(#{edit_conditions(user_id, friends, networks)})     AS edit_permission"
+
+      view_conditions     = view_conditions(user_id, friends, networks)
+      download_conditions = download_conditions(user_id, friends, networks)
+      edit_conditions     = edit_conditions(user_id, friends, networks)
+
+      select_parts << "BIT_OR(#{view_conditions})     AS view_permission"
+      select_parts << "BIT_OR(#{download_conditions}) AS download_permission"
+      select_parts << "BIT_OR(#{edit_conditions})     AS edit_permission"
     end
 
     opts[:select] = select_parts.join(", ") unless select_parts.empty?
@@ -439,7 +444,23 @@
     opts[:group] ||= 'contributions.contributable_type, contributions.contributable_id'
     opts[:joins] = joins
 
-    model.scoped(opts)
+    scope = model.scoped(opts) do
+      def permission_conditions
+        @permission_conditions
+      end
+
+      def permission_conditions=(permission_conditions)
+        @permission_conditions = permission_conditions
+      end
+    end
+
+    scope.permission_conditions = {
+      :view_conditions     => view_conditions,
+      :download_conditions => download_conditions,
+      :edit_conditions     => edit_conditions
+    }
+
+    scope
   end
 end
reply via email to
[Prev in Thread] Current Thread [Next in Thread]