diff options
| author | cedricnjanga | 2017-07-06 17:38:47 +0200 |
|---|---|---|
| committer | cedricnjanga | 2017-07-06 17:38:47 +0200 |
| commit | 4bddbdb6a1eb52260b1fdaa78ebd9415582daafd (patch) | |
| tree | d85f906433876b05a35edfe093e3aa6b5b40956e /app | |
| parent | bf63449de6ac9624352af4c0319758da3c8d827e (diff) | |
| parent | 1ed7b4a1398fcc39c539de5e0b045e098e02e50f (diff) | |
| download | chouette-core-4bddbdb6a1eb52260b1fdaa78ebd9415582daafd.tar.bz2 | |
Merge branch 'master' of github.com:af83/stif-boiv
Diffstat (limited to 'app')
32 files changed, 225 insertions, 262 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 42b7c2a25..8fcaa3b1b 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -19,7 +19,7 @@ class ApplicationController < ActionController::Base end def pundit_user - UserContext.new(current_user, referential: self.try(:current_referential)) + UserContext.new(current_user, referential: @referential) end protected diff --git a/app/controllers/concerns/policy_checker.rb b/app/controllers/concerns/policy_checker.rb index 72c18c64f..c8a821cf7 100644 --- a/app/controllers/concerns/policy_checker.rb +++ b/app/controllers/concerns/policy_checker.rb @@ -2,11 +2,16 @@ module PolicyChecker extend ActiveSupport::Concern included do - before_action :check_policy, only: [:edit, :update, :destroy] + before_action :authorize_resource, except: [:create, :index, :new] + before_action :authorize_resource_class, only: [:create, :index, :new] end protected - def check_policy + def authorize_resource authorize resource end + + def authorize_resource_class + authorize resource_class + end end diff --git a/app/controllers/journey_patterns_collections_controller.rb b/app/controllers/journey_patterns_collections_controller.rb index 7b97e1408..837ac65e7 100644 --- a/app/controllers/journey_patterns_collections_controller.rb +++ b/app/controllers/journey_patterns_collections_controller.rb @@ -49,11 +49,10 @@ class JourneyPatternsCollectionsController < ChouetteController end def user_permissions - @perms = {}.tap do |perm| - ['journey_patterns.create', 'journey_patterns.edit', 'journey_patterns.destroy'].each do |name| - perm[name] = policy(:journey_pattern).send("#{name.split('.').last}?") - end - end.to_json + @perms = + %w{create destroy edit}.inject({}) do | permissions, action | + permissions.merge( "journey_patterns.#{action}" => policy.authorizes_action?(action) ) + end.to_json end def update diff --git a/app/controllers/line_footnotes_controller.rb b/app/controllers/line_footnotes_controller.rb index c42aa785b..6a9048392 100644 --- a/app/controllers/line_footnotes_controller.rb +++ b/app/controllers/line_footnotes_controller.rb @@ -34,7 +34,7 @@ class LineFootnotesController < BreadcrumbController private def resource @referential = Referential.find params[:referential_id] - @line = @referential.lines.find params[:line_id] + @line = @referential.lines.find params[:line_id] end def line_params diff --git a/app/controllers/referentials_controller.rb b/app/controllers/referentials_controller.rb index 1239d512f..31b953ace 100644 --- a/app/controllers/referentials_controller.rb +++ b/app/controllers/referentials_controller.rb @@ -1,7 +1,6 @@ class ReferentialsController < BreadcrumbController defaults :resource_class => Referential include PolicyChecker - before_action :check_policy, :only => [:edit, :update, :destroy, :archive, :unarchive] # overrides default respond_to :html respond_to :json, :only => :show diff --git a/app/controllers/time_tables_controller.rb b/app/controllers/time_tables_controller.rb index 6d2639981..0e0cade56 100644 --- a/app/controllers/time_tables_controller.rb +++ b/app/controllers/time_tables_controller.rb @@ -17,7 +17,6 @@ class TimeTablesController < ChouetteController @time_table = @time_table.decorate(context: { referential: @referential }) - build_breadcrumb :show end end diff --git a/app/controllers/vehicle_journeys_controller.rb b/app/controllers/vehicle_journeys_controller.rb index fe2e2137f..f7e2fcdc1 100644 --- a/app/controllers/vehicle_journeys_controller.rb +++ b/app/controllers/vehicle_journeys_controller.rb @@ -159,11 +159,10 @@ class VehicleJourneysController < ChouetteController end def user_permissions - @perms = {}.tap do |perm| - ['vehicle_journeys.create', 'vehicle_journeys.edit', 'vehicle_journeys.destroy'].each do |name| - perm[name] = policy(:vehicle_journey).send("#{name.split('.').last}?") - end - end.to_json + @perms = + %w{create destroy update}.inject({}) do | permissions, action | + permissions.merge( "vehicle_journeys.#{action}" => policy.authorizes_action?(action) ) + end.to_json end private diff --git a/app/decorators/company_decorator.rb b/app/decorators/company_decorator.rb index 51c1f3c61..030952483 100644 --- a/app/decorators/company_decorator.rb +++ b/app/decorators/company_decorator.rb @@ -19,6 +19,8 @@ class CompanyDecorator < Draper::Decorator links = [] if h.policy(Chouette::Company).create? + require 'pry' + binding.pry links << Link.new( content: h.t('companies.actions.new'), href: h.new_line_referential_company_path(context[:line_referential]) diff --git a/app/helpers/newapplication_helper.rb b/app/helpers/newapplication_helper.rb index edcad76c3..ac57997d1 100644 --- a/app/helpers/newapplication_helper.rb +++ b/app/helpers/newapplication_helper.rb @@ -155,7 +155,10 @@ module NewapplicationHelper content_tag :li, link_to(t("actions.#{action}"), polymorph_url, method: :put) end else - content_tag :li, link_to(t("actions.#{action}"), polymorph_url) + permission = "#{action}?" + if !policy(item).respond_to?(permission) || policy(item).public_send(permission) + content_tag :li, link_to(t("actions.#{action}"), polymorph_url) + end end end.join.html_safe end diff --git a/app/helpers/table_builder_helper/custom_links.rb b/app/helpers/table_builder_helper/custom_links.rb index 39cffd2cd..4e385b266 100644 --- a/app/helpers/table_builder_helper/custom_links.rb +++ b/app/helpers/table_builder_helper/custom_links.rb @@ -8,14 +8,16 @@ module TableBuilderHelper unarchive: :put } - def initialize(obj, user_context, actions) - @obj = obj + attr_reader :actions, :object, :user_context + + def initialize(object, user_context, actions) + @object = object @user_context = user_context - @actions = actions + @actions = actions end def links - actions_after_policy_check.map do |action| + authorized_actions.map do |action| Link.new( content: I18n.t("actions.#{action}"), href: polymorphic_url(action), @@ -32,8 +34,8 @@ module TableBuilderHelper end polymorph_url += URL.polymorphic_url_parts( - @obj, - @user_context.context[:referential] + object, + user_context.context[:referential] ) end @@ -41,40 +43,14 @@ module TableBuilderHelper ACTIONS_TO_HTTP_METHODS[action] end - def actions_after_policy_check - @actions.select do |action| - # Has policy and can destroy - (action == :delete && - Pundit.policy(@user_context, @obj).present? && - Pundit.policy(@user_context, @obj).destroy?) || - - # Doesn't have policy - (action == :delete && - !Pundit.policy(@user_context, @obj).present?) || - - # Has policy and can update - (action == :edit && - Pundit.policy(@user_context, @obj).present? && - Pundit.policy(@user_context, @obj).update?) || - - # Doesn't have policy - (action == :edit && - !Pundit.policy(@user_context, @obj).present?) || - - # Object isn't archived - (action == :archive && !@obj.archived?) || - - # Object is archived - (action == :unarchive && @obj.archived?) || - - action_is_allowed_regardless_of_policy(action) - end + def authorized_actions + actions.select(&policy.method(:authorizes_action?)) end private - def action_is_allowed_regardless_of_policy(action) - ![:delete, :edit, :archive, :unarchive].include?(action) + def policy + @__policy__ ||= Pundit.policy(user_context, object) end end end diff --git a/app/models/chouette/access_point.rb b/app/models/chouette/access_point.rb index 3cae07b8e..da1f9524a 100644 --- a/app/models/chouette/access_point.rb +++ b/app/models/chouette/access_point.rb @@ -1,4 +1,3 @@ - require 'geokit' require 'geo_ruby' diff --git a/app/models/chouette/stop_point.rb b/app/models/chouette/stop_point.rb index e0f947487..3dbf6be0d 100644 --- a/app/models/chouette/stop_point.rb +++ b/app/models/chouette/stop_point.rb @@ -1,5 +1,10 @@ module Chouette class StopPoint < TridentActiveRecord + + def self.policy_class + RoutePolicy + end + include ForBoardingEnumerations include ForAlightingEnumerations diff --git a/app/models/user.rb b/app/models/user.rb index 4ba05b164..1d9e435d5 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -28,10 +28,21 @@ class User < ActiveRecord::Base end after_destroy :check_destroy_organisation - @@edit_offer_permissions = ['routes.create', 'routes.edit', 'routes.destroy', 'journey_patterns.create', 'journey_patterns.edit', 'journey_patterns.destroy', - 'vehicle_journeys.create', 'vehicle_journeys.edit', 'vehicle_journeys.destroy', 'time_tables.create', 'time_tables.edit', 'time_tables.destroy', - 'footnotes.edit', 'footnotes.create', 'footnotes.destroy', 'routing_constraint_zones.create', 'routing_constraint_zones.edit', - 'routing_constraint_zones.destroy', 'referentials.create', 'referentials.edit', 'referentials.destroy', 'boiv:edit-offer'] + def self.destructive_permissions_for(models) + models.product( %w{create destroy update} ).map{ |model_action| model_action.join('.') } + end + + @@edit_offer_permissions = + destructive_permissions_for( %w[ + footnotes + journey_patterns + referentials + routes + routing_constraint_zones + time_tables + vehicle_journeys + ]) << 'boiv:edit-offer' + mattr_reader :edit_offer_permissions def self.all_permissions @@ -44,8 +55,6 @@ class User < ActiveRecord::Base self.name = extra[:full_name] self.email = extra[:email] self.organisation = Organisation.sync_update extra[:organisation_code], extra[:organisation_name], extra[:functional_scope] - # TODO: Discuss the following behavior in the light of how the portal's permissions will evolve - # boiv:edit-offer does not imply boiv:read-offer, which needs to be provided specifically for any connection rights self.permissions = extra[:permissions].include?('boiv:edit-offer') ? @@edit_offer_permissions : [] end @@ -74,8 +83,6 @@ class User < ActiveRecord::Base user.locked_at = el['locked_at'] user.organisation = Organisation.sync_update el['organization_code'], el['organization_name'], el['functional_scope'] user.synced_at = Time.now - # TODO: Discuss the following behavior in the light of how the portal's permissions will evolve - # boiv:edit-offer does not imply boiv:read-offer, which needs to be provided specifically for any connection rights user.permissions = el['permissions'].include?('boiv:edit-offer') ? @@edit_offer_permissions : [] user.save end diff --git a/app/policies/acces_point_policy.rb b/app/policies/acces_point_policy.rb deleted file mode 100644 index 08af5981a..000000000 --- a/app/policies/acces_point_policy.rb +++ /dev/null @@ -1,22 +0,0 @@ -class AccessPointPolicy < BoivPolicy - class Scope < Scope - def resolve - scope - end - end - - def create? - user.has_permission?('access_points.create') # organisation match via referential is checked in the view - end - - def edit? - organisation_match? && user.has_permission?('access_points.edit') - end - - def destroy? - organisation_match? && user.has_permission?('access_points.destroy') - end - - def update? ; edit? end - def new? ; create? end -end diff --git a/app/policies/access_link_policy.rb b/app/policies/access_link_policy.rb index 654739d06..1f1147f60 100644 --- a/app/policies/access_link_policy.rb +++ b/app/policies/access_link_policy.rb @@ -1,4 +1,4 @@ -class AccessLinkPolicy < BoivPolicy +class AccessLinkPolicy < ApplicationPolicy class Scope < Scope def resolve scope @@ -6,17 +6,14 @@ class AccessLinkPolicy < BoivPolicy end def create? - user.has_permission?('access_links.create') # organisation match via referential is checked in the view + !archived? && organisation_match? && user.has_permission?('access_links.create') end - def edit? - organisation_match? && user.has_permission?('access_links.edit') + def update? + !archived? && organisation_match? && user.has_permission?('access_links.update') end def destroy? - organisation_match? && user.has_permission?('access_links.destroy') + !archived? && organisation_match? && user.has_permission?('access_links.destroy') end - - def update? ; edit? end - def new? ; create? end end diff --git a/app/policies/access_point_policy.rb b/app/policies/access_point_policy.rb new file mode 100644 index 000000000..41436e77c --- /dev/null +++ b/app/policies/access_point_policy.rb @@ -0,0 +1,19 @@ +class AccessPointPolicy < ApplicationPolicy + class Scope < Scope + def resolve + scope + end + end + + def create? + !archived? && organisation_match? && user.has_permission?('access_points.create') + end + + def update? + !archived? && organisation_match? && user.has_permission?('access_points.update') + end + + def destroy? + !archived? && organisation_match? && user.has_permission?('access_points.destroy') + end +end diff --git a/app/policies/application_policy.rb b/app/policies/application_policy.rb index a863404ae..dbe4542e7 100644 --- a/app/policies/application_policy.rb +++ b/app/policies/application_policy.rb @@ -1,70 +1,107 @@ class ApplicationPolicy - attr_reader :user, :record + attr_reader :current_referential, :record, :user def initialize(user_context, record) - @user = user_context.user - @referential = user_context.context[:referential] - @record = record + @user = user_context.user + @current_referential = user_context.context[:referential] + @record = record end - def archived? - !!referential.try(:archived_at) + # HMMM: Maybe one can tie index? to show? again by replacing record.class as follows: + # Class === record ? record : record.class + def scope + Pundit.policy_scope!(user, record.class) end - def referential - @referential ||= record_referential + # Make authorization by action easier + def delete? + destroy? end - def record_referential - record.referential if record.respond_to?(:referential) + def authorizes_action?(action) + public_send("#{action}?") + rescue NoMethodError + false + end + + + # + # Tied permissions + # ---------------- + + # Tie edit? and update? together, #edit?, do not override #edit?, + # unless you want to break this tie on purpose + def edit? + update? + end + + # Tie new? and create? together, do not override #new?, + # unless you want to break this tie on purpose + def new? + create? end + + # + # Permissions for undestructive actions + # ------------------------------------- + def index? - false + true end def show? scope.where(:id => record.id).exists? end + + # + # Permissions for destructive actions + # ----------------------------------- + def create? false end - def new? - create? + def destroy? + false end def update? false end - def edit? - update? - end - - def destroy? - false - end - def scope - Pundit.policy_scope!(user, record.class) - end + # + # Custom Permissions + # ------------------ - def boiv_read_offer? - organisation_match? && user.has_permission?('boiv:read-offer') + def archived? + return @is_archived if instance_variable_defined?(:@is_archived) + @is_archived = is_archived end def organisation_match? - user.organisation == organisation + user.organisation_id == organisation_id end - def organisation + def organisation_id # When sending permission to react UI, we don't have access to record object for edit & destroy.. actions - organisation = record.is_a?(Symbol) ? nil : record.try(:organisation) - organisation or referential.try :organisation + referential.try(:organisation_id) || record.try(:organisation_id) + end + + + # + # Helpers + # ------- + + def referential + @referential ||= current_referential || record_referential end + def record_referential + record.referential if record.respond_to?(:referential) + end class Scope attr_reader :user, :scope @@ -77,4 +114,14 @@ class ApplicationPolicy scope end end + + private + def is_archived + !!case referential + when Referential + referential.archived_at + else + current_referential.try(:archived_at) + end + end end diff --git a/app/policies/boiv_policy.rb b/app/policies/boiv_policy.rb deleted file mode 100644 index 444006aa4..000000000 --- a/app/policies/boiv_policy.rb +++ /dev/null @@ -1,15 +0,0 @@ -class BoivPolicy < ApplicationPolicy - - - def boiv_read_offer? - organisation_match? && user.has_permission?('boiv:read-offer') - end - - def index? - boiv_read_offer? - end - - def show? - boiv_read_offer? - end -end diff --git a/app/policies/calendar_policy.rb b/app/policies/calendar_policy.rb index 9d6b09a9b..d3c715d70 100644 --- a/app/policies/calendar_policy.rb +++ b/app/policies/calendar_policy.rb @@ -1,27 +1,22 @@ -class CalendarPolicy < BoivPolicy +class CalendarPolicy < ApplicationPolicy class Scope < Scope def resolve scope end end - def show? - organisation_match? || record.shared + def create? + !archived? && organisation_match? && user.has_permission?('calendars.create') + end + def destroy? + !archived? && organisation_match? && user.has_permission?('calendars.destroy') + end + def update? + !archived? && organisation_match? && user.has_permission?('calendars.update') end - - def new? ; modify? end - def create? ; new? end - - def edit? ; modify? end - def update? ; edit? end - - def destroy? ; modify? end def share? user.organisation.name == 'STIF' # FIXME end - def modify? - organisation_match? - end end diff --git a/app/policies/company_policy.rb b/app/policies/company_policy.rb index 95d607f3d..6106798be 100644 --- a/app/policies/company_policy.rb +++ b/app/policies/company_policy.rb @@ -1,15 +1,7 @@ -class CompanyPolicy < BoivPolicy +class CompanyPolicy < ApplicationPolicy class Scope < Scope def resolve scope end end - - def create? - false - end - def update? ; create? end - def new? ; create? end - def edit? ; create? end - def destroy? ; create? end end diff --git a/app/policies/connection_link_policy.rb b/app/policies/connection_link_policy.rb index 21414efb9..240c2a804 100644 --- a/app/policies/connection_link_policy.rb +++ b/app/policies/connection_link_policy.rb @@ -1,4 +1,4 @@ -class ConnectionLinkPolicy < BoivPolicy +class ConnectionLinkPolicy < ApplicationPolicy class Scope < Scope def resolve scope @@ -6,17 +6,14 @@ class ConnectionLinkPolicy < BoivPolicy end def create? - user.has_permission?('connection_links.create') # organisation match via referential is checked in the view - end - - def edit? - organisation_match? && user.has_permission?('connection_links.edit') + !archived? && organisation_match? && user.has_permission?('connection_links.create') end def destroy? - organisation_match? && user.has_permission?('connection_links.destroy') + !archived? && organisation_match? && user.has_permission?('connection_links.destroy') end - def update? ; edit? end - def new? ; create? end + def update? + !archived? && organisation_match? && user.has_permission?('connection_links.update') + end end diff --git a/app/policies/group_of_line_policy.rb b/app/policies/group_of_line_policy.rb index 86d522545..03e94449d 100644 --- a/app/policies/group_of_line_policy.rb +++ b/app/policies/group_of_line_policy.rb @@ -1,15 +1,7 @@ -class GroupOfLinePolicy < BoivPolicy +class GroupOfLinePolicy < ApplicationPolicy class Scope < Scope def resolve scope end end - - def create? - false - end - def update? ; create? end - def new? ; create? end - def edit? ; create? end - def destroy? ; create? end end diff --git a/app/policies/journey_pattern_policy.rb b/app/policies/journey_pattern_policy.rb index 01ce2cbbb..507a364b6 100644 --- a/app/policies/journey_pattern_policy.rb +++ b/app/policies/journey_pattern_policy.rb @@ -1,4 +1,4 @@ -class JourneyPatternPolicy < BoivPolicy +class JourneyPatternPolicy < ApplicationPolicy class Scope < Scope def resolve @@ -7,19 +7,15 @@ class JourneyPatternPolicy < BoivPolicy end def create? - # organisation match via referential is checked in the view - user.has_permission?('journey_patterns.create') - end - - def edit? - organisation_match? && user.has_permission?('journey_patterns.edit') + !archived? && organisation_match? && user.has_permission?('journey_patterns.create') end def destroy? - organisation_match? && user.has_permission?('journey_patterns.destroy') + !archived? && organisation_match? && user.has_permission?('journey_patterns.destroy') end - def update? ; edit? end - def new? ; create? end + def update? + !archived? && organisation_match? && user.has_permission?('journey_patterns.update') + end end diff --git a/app/policies/line_policy.rb b/app/policies/line_policy.rb index b829040af..acb0d79e7 100644 --- a/app/policies/line_policy.rb +++ b/app/policies/line_policy.rb @@ -1,4 +1,4 @@ -class LinePolicy < BoivPolicy +class LinePolicy < ApplicationPolicy class Scope < Scope def resolve @@ -6,24 +6,16 @@ class LinePolicy < BoivPolicy end end - def create? - false - end - def update? ; false end - def new? ; create? end - def edit? ; false end - def destroy? ; create? end - def create_footnote? - !archived? && user.has_permission?('footnotes.create') + !archived? && organisation_match? && user.has_permission?('footnotes.create') end def edit_footnote? - !archived? && user.has_permission?('footnotes.edit') + !archived? && organisation_match? && user.has_permission?('footnotes.update') end def destroy_footnote? - !archived? && user.has_permission?('footnotes.destroy') + !archived? && organisation_match? && user.has_permission?('footnotes.destroy') end def update_footnote? ; edit_footnote? end diff --git a/app/policies/network_policy.rb b/app/policies/network_policy.rb index 4c1ea1090..9f86451a5 100644 --- a/app/policies/network_policy.rb +++ b/app/policies/network_policy.rb @@ -1,15 +1,7 @@ -class NetworkPolicy < BoivPolicy +class NetworkPolicy < ApplicationPolicy class Scope < Scope def resolve scope end end - - def create? - false - end - def update? ; create? end - def new? ; create? end - def edit? ; create? end - def destroy? ; create? end end diff --git a/app/policies/referential_policy.rb b/app/policies/referential_policy.rb index e531c6c19..bf970c2b8 100644 --- a/app/policies/referential_policy.rb +++ b/app/policies/referential_policy.rb @@ -1,4 +1,4 @@ -class ReferentialPolicy < BoivPolicy +class ReferentialPolicy < ApplicationPolicy class Scope < Scope def resolve scope @@ -9,20 +9,26 @@ class ReferentialPolicy < BoivPolicy user.has_permission?('referentials.create') end - def edit? - organisation_match? && user.has_permission?('referentials.edit') + def destroy? + !archived? && organisation_match? && user.has_permission?('referentials.destroy') end - def destroy? - organisation_match? && user.has_permission?('referentials.destroy') + def update? + !archived? && organisation_match? && user.has_permission?('referentials.update') + end + + + + def clone? + !archived? && organisation_match? && create? end def archive? - edit? + record.archived_at.nil? && user.has_permission?('referentials.update') end - def clone? - organisation_match? && create? + def unarchive? + !record.archived_at.nil? && user.has_permission?('referentials.update') end def common_lines? @@ -30,9 +36,6 @@ class ReferentialPolicy < BoivPolicy true end - def unarchive? ; archive? end - def update? ; edit? end - def new? ; create? end end diff --git a/app/policies/route_policy.rb b/app/policies/route_policy.rb index ca9b02164..786b0acf4 100644 --- a/app/policies/route_policy.rb +++ b/app/policies/route_policy.rb @@ -1,4 +1,4 @@ -class RoutePolicy < BoivPolicy +class RoutePolicy < ApplicationPolicy class Scope < Scope def resolve scope @@ -6,17 +6,14 @@ class RoutePolicy < BoivPolicy end def create? - !archived? && user.has_permission?('routes.create') # organisation match via referential is checked in the view - end - - def edit? - !archived? && organisation_match? && user.has_permission?('routes.edit') + !archived? && organisation_match? && user.has_permission?('routes.create') end def destroy? !archived? && organisation_match? && user.has_permission?('routes.destroy') end - def update? ; edit? end - def new? ; create? end + def update? + !archived? && organisation_match? && user.has_permission?('routes.update') + end end diff --git a/app/policies/routing_constraint_zone_policy.rb b/app/policies/routing_constraint_zone_policy.rb index da311bc03..3cfcf46ff 100644 --- a/app/policies/routing_constraint_zone_policy.rb +++ b/app/policies/routing_constraint_zone_policy.rb @@ -1,4 +1,4 @@ -class RoutingConstraintZonePolicy < BoivPolicy +class RoutingConstraintZonePolicy < ApplicationPolicy class Scope < Scope def resolve scope @@ -6,17 +6,14 @@ class RoutingConstraintZonePolicy < BoivPolicy end def create? - !archived? && user.has_permission?('routing_constraint_zones.create') # organisation match via referential is checked in the view - end - - def edit? - !archived? && organisation_match? && user.has_permission?('routing_constraint_zones.edit') + !archived? && organisation_match? && user.has_permission?('routing_constraint_zones.create') end def destroy? !archived? && organisation_match? && user.has_permission?('routing_constraint_zones.destroy') end - def update? ; edit? end - def new? ; create? end + def update? + !archived? && organisation_match? && user.has_permission?('routing_constraint_zones.update') + end end diff --git a/app/policies/stop_area_policy.rb b/app/policies/stop_area_policy.rb index 79b7178ce..de8ecda8d 100644 --- a/app/policies/stop_area_policy.rb +++ b/app/policies/stop_area_policy.rb @@ -1,15 +1,7 @@ -class StopAreaPolicy < BoivPolicy +class StopAreaPolicy < ApplicationPolicy class Scope < Scope def resolve scope end end - - def create? - false - end - def update? ; create? end - def new? ; create? end - def edit? ; create? end - def destroy? ; create? end end diff --git a/app/policies/time_table_policy.rb b/app/policies/time_table_policy.rb index e915ede6a..c9f3a3ec6 100644 --- a/app/policies/time_table_policy.rb +++ b/app/policies/time_table_policy.rb @@ -1,4 +1,4 @@ -class TimeTablePolicy < BoivPolicy +class TimeTablePolicy < ApplicationPolicy class Scope < Scope def resolve @@ -7,21 +7,22 @@ class TimeTablePolicy < BoivPolicy end def create? - !archived? && user.has_permission?('time_tables.create') # organisation match via referential is checked in the view - end - - def edit? - !archived? && organisation_match? && user.has_permission?('time_tables.edit') + !archived? && organisation_match? && user.has_permission?('time_tables.create') end def destroy? !archived? && organisation_match? && user.has_permission?('time_tables.destroy') end + def update? + !archived? && organisation_match? && user.has_permission?('time_tables.update') + end + + def actualize? + !archived? && organisation_match? && edit? + end + def duplicate? !archived? && organisation_match? && create? end - - def update? ; edit? end - def new? ; create? end end diff --git a/app/policies/vehicle_journey_policy.rb b/app/policies/vehicle_journey_policy.rb index de6dd7088..24040455f 100644 --- a/app/policies/vehicle_journey_policy.rb +++ b/app/policies/vehicle_journey_policy.rb @@ -1,4 +1,4 @@ -class VehicleJourneyPolicy < BoivPolicy +class VehicleJourneyPolicy < ApplicationPolicy class Scope < Scope def resolve scope @@ -6,17 +6,14 @@ class VehicleJourneyPolicy < BoivPolicy end def create? - user.has_permission?('vehicle_journeys.create') # organisation match via referential is checked in the view - end - - def edit? - organisation_match? && user.has_permission?('vehicle_journeys.edit') + !archived? && organisation_match? && user.has_permission?('vehicle_journeys.create') end def destroy? - organisation_match? && user.has_permission?('vehicle_journeys.destroy') + !archived? && organisation_match? && user.has_permission?('vehicle_journeys.destroy') end - def update? ; edit? end - def new? ; create? end + def update? + !archived? && organisation_match? && user.has_permission?('vehicle_journeys.update') + end end diff --git a/app/views/time_tables/show.html.slim b/app/views/time_tables/show.html.slim index f596fd480..36b79cc25 100644 --- a/app/views/time_tables/show.html.slim +++ b/app/views/time_tables/show.html.slim @@ -1,6 +1,7 @@ - require 'calendar_helper' / PageHeader + = pageheader 'map-marker', @time_table.comment, '', |