Skip to content

Commit

Permalink
Removed authorization methods from member.rb that are no longer requi…
Browse files Browse the repository at this point in the history
…red. Removed commented out code from policies
  • Loading branch information
deepsidhu85 committed Dec 13, 2024
1 parent 1620f68 commit a51b153
Show file tree
Hide file tree
Showing 9 changed files with 8 additions and 262 deletions.
137 changes: 0 additions & 137 deletions app/models/member.rb
Original file line number Diff line number Diff line change
Expand Up @@ -38,10 +38,6 @@ class Member < ApplicationRecord # rubocop:disable Metrics/ClassLength
}

class << self
DEFAULT_CAN_OPTIONS = {
include_group_links: true
}.freeze

def access_levels(member)
case member.access_level
when AccessLevel::OWNER
Expand All @@ -64,121 +60,10 @@ def effective_access_level(namespace, user, include_group_links = true) # ruboco
access_level.nil? ? AccessLevel::NO_ACCESS : access_level
end

def can_modify?(user, object_namespace, include_group_links = true) # rubocop:disable Style/OptionalBooleanParameter
Member::AccessLevel.manageable.include?(
effective_access_level(object_namespace, user, include_group_links)
)
end

def can_create?(user, object_namespace)
Member::AccessLevel.manageable.include?(
effective_access_level(object_namespace, user)
)
end

def can_view?(user, object_namespace, **options)
options = DEFAULT_CAN_OPTIONS.merge(options)
effective_access_level = effective_access_level(object_namespace, user, options[:include_group_links])
if effective_access_level == Member::AccessLevel::UPLOADER &&
!Current.token&.active?
return false
end

effective_access_level > Member::AccessLevel::NO_ACCESS
end

def can_destroy?(user, object_namespace)
namespace_owners_include_user?(user, object_namespace)
end

def can_transfer?(user, object_namespace)
namespace_owners_include_user?(user, object_namespace)
end

def can_transfer_into_namespace?(user, object_namespace, include_group_links = true) # rubocop:disable Style/OptionalBooleanParameter
Member::AccessLevel.manageable.include?(
effective_access_level(object_namespace, user, include_group_links)
)
end

def can_transfer_sample?(user, object_namespace)
Member::AccessLevel.manageable.include?(
effective_access_level(object_namespace, user, false)
)
end

def can_transfer_sample_to_project?(user, object_namespace, include_group_links = true) # rubocop:disable Style/OptionalBooleanParameter
can_transfer_into_namespace?(user, object_namespace, include_group_links)
end

def can_clone_sample?(user, object_namespace, include_group_links = true) # rubocop:disable Style/OptionalBooleanParameter
Member::AccessLevel.manageable.include?(
effective_access_level(object_namespace, user, include_group_links)
)
end

def can_clone_sample_to_project?(user, object_namespace, include_group_links = true) # rubocop:disable Style/OptionalBooleanParameter
Member::AccessLevel.manageable.include?(
effective_access_level(object_namespace, user, include_group_links)
)
end

def can_export_data?(user, object_namespace)
effective_access_level(object_namespace, user) >= Member::AccessLevel::ANALYST
end

def can_link_namespace_to_group?(user, object_namespace)
can_modify?(user, object_namespace)
end

def can_unlink_namespace_from_group?(user, object_namespace)
can_modify?(user, object_namespace)
end

def can_update_namespace_with_group_link?(user, object_namespace)
can_modify?(user, object_namespace)
end

def can_view_workflows?(user, object_namespace)
effective_access_level(object_namespace, user) >= Member::AccessLevel::ANALYST
end

def can_submit_workflow?(user, object_namespace)
effective_access_level(object_namespace, user) >= Member::AccessLevel::ANALYST
end

def namespace_owners_include_user?(user, namespace)
effective_access_level(namespace, user) == Member::AccessLevel::OWNER
end

def user_has_namespace_maintainer_access?(user, namespace, include_group_links = true) # rubocop:disable Style/OptionalBooleanParameter
effective_access_level(namespace, user, include_group_links) == Member::AccessLevel::MAINTAINER
end

def can_create_export?(user, object_namespace)
effective_access_level(object_namespace, user) >= Member::AccessLevel::ANALYST
end

def can_create_sample?(user, object_namespace)
effective_access_level = effective_access_level(object_namespace, user)

return true if (effective_access_level == Member::AccessLevel::UPLOADER) && Current.token&.active?

Member::AccessLevel.manageable.include?(
effective_access_level
)
end

def can_modify_sample?(user, object_namespace)
effective_access_level = effective_access_level(object_namespace, user)

return true if (effective_access_level == Member::AccessLevel::UPLOADER) && Current.token&.active?

Member::AccessLevel.manageable.include?(
effective_access_level
)
end

def access_level_in_namespace_group_links(user, namespace)
effective_namespace_group_link = NamespaceGroupLink.for_namespace_and_ancestors(namespace)
.where(group: user.groups.self_and_descendants)
Expand Down Expand Up @@ -216,28 +101,6 @@ def manager_emails(namespace, locale, access_level = Member::AccessLevel.managea
manager_emails
end

def can_view_attachments?(user, object_namespace, include_group_links = true) # rubocop:disable Style/OptionalBooleanParameter
effective_access_level(object_namespace, user, include_group_links) >= Member::AccessLevel::ANALYST
end

def can_create_attachment?(user, object_namespace, include_group_links = true) # rubocop:disable Style/OptionalBooleanParameter
effective_access_level = effective_access_level(object_namespace, user, include_group_links)
return true if (effective_access_level == Member::AccessLevel::UPLOADER) && Current.token&.active?

Member::AccessLevel.manageable.include?(
effective_access_level
)
end

def can_destroy_attachment?(user, object_namespace, include_group_links = true) # rubocop:disable Style/OptionalBooleanParameter
effective_access_level = effective_access_level(object_namespace, user, include_group_links)
return true if (effective_access_level == Member::AccessLevel::UPLOADER) && Current.token&.active?

Member::AccessLevel.manageable.include?(
effective_access_level
)
end

def ransackable_attributes(_auth_object = nil)
%w[access_level created_at expires_at]
end
Expand Down
Loading

0 comments on commit a51b153

Please sign in to comment.