Commit 49d58492 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Wiki abilities

parent bdc42488
class WikisController < ApplicationController class WikisController < ApplicationController
before_filter :project before_filter :project
before_filter :add_project_abilities before_filter :add_project_abilities
before_filter :authorize_read_wiki!
before_filter :authorize_write_wiki!, :except => [:show, :destroy]
before_filter :authorize_admin_wiki!, :only => :destroy
layout "project" layout "project"
def show def show
...@@ -48,4 +51,18 @@ class WikisController < ApplicationController ...@@ -48,4 +51,18 @@ class WikisController < ApplicationController
format.html { redirect_to project_wiki_path(@project, :index), notice: "Page was successfully deleted" } format.html { redirect_to project_wiki_path(@project, :index), notice: "Page was successfully deleted" }
end end
end end
protected
def authorize_read_wiki!
can?(current_user, :read_wiki, @project)
end
def authorize_write_wiki!
can?(current_user, :write_wiki, @project)
end
def authorize_admin_wiki!
can?(current_user, :admin_wiki, @project)
end
end end
...@@ -15,21 +15,26 @@ class Ability ...@@ -15,21 +15,26 @@ class Ability
rules << [ rules << [
:read_project, :read_project,
:read_wiki,
:read_issue, :read_issue,
:read_snippet, :read_snippet,
:read_team_member, :read_team_member,
:read_merge_request, :read_merge_request,
:read_note :read_note,
] if project.allow_read_for?(user)
rules << [
:write_project, :write_project,
:write_issue, :write_issue,
:write_snippet, :write_snippet,
:write_merge_request, :write_merge_request,
:write_note, :write_note
] if project.guest_access_for?(user)
rules << [
:download_code,
] if project.report_access_for?(user)
rules << [
:write_wiki :write_wiki
] if project.allow_write_for?(user) ] if project.dev_access_for?(user)
rules << [ rules << [
:modify_issue, :modify_issue,
...@@ -40,18 +45,16 @@ class Ability ...@@ -40,18 +45,16 @@ class Ability
:admin_snippet, :admin_snippet,
:admin_team_member, :admin_team_member,
:admin_merge_request, :admin_merge_request,
:admin_note :admin_note,
] if project.allow_admin_for?(user) :admin_wiki
] if project.master_access_for?(user)
rules << [
:download_code,
] if project.allow_pull_for?(user)
rules.flatten rules.flatten
end end
class << self class << self
[:issue, :note, :snippet, :merge_request, :wiki].each do |name| [:issue, :note, :snippet, :merge_request].each do |name|
define_method "#{name}_abilities" do |user, subject| define_method "#{name}_abilities" do |user, subject|
if subject.author == user if subject.author == user
[ [
......
...@@ -233,16 +233,20 @@ class Project < ActiveRecord::Base ...@@ -233,16 +233,20 @@ class Project < ActiveRecord::Base
!users_projects.where(:user_id => user.id).empty? !users_projects.where(:user_id => user.id).empty?
end end
def allow_write_for?(user) def guest_access_for?(user)
!users_projects.where(:user_id => user.id).empty? !users_projects.where(:user_id => user.id).empty?
end end
def allow_admin_for?(user) def report_access_for?(user)
!users_projects.where(:user_id => user.id, :project_access => [UsersProject::MASTER]).empty? || owner_id == user.id !users_projects.where(:user_id => user.id, :project_access => [UsersProject::REPORTER, UsersProject::DEVELOPER, UsersProject::MASTER]).empty?
end end
def allow_pull_for?(user) def dev_access_for?(user)
!users_projects.where(:user_id => user.id, :project_access => [UsersProject::REPORTER, UsersProject::DEVELOPER, UsersProject::MASTER]).empty? !users_projects.where(:user_id => user.id, :project_access => [UsersProject::DEVELOPER, UsersProject::MASTER]).empty?
end
def master_access_for?(user)
!users_projects.where(:user_id => user.id, :project_access => [UsersProject::MASTER]).empty? || owner_id == user.id
end end
def root_ref def root_ref
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment