Class: Decidim::Blog::Permissions

Inherits:
DefaultPermissions
  • Object
show all
Defined in:
app/permissions/decidim/blog/permissions.rb

Instance Method Summary collapse

Instance Method Details

#admin_can_manage_postObject 



55
56
57
58
59
60
61
62
63
64
65
66
 
# File 'app/permissions/decidim/blog/permissions.rb', line 55

def admin_can_manage_post
  return false unless post&.author

  case post.author
  when Decidim::User
    post.author == user
  when Decidim::Organization
    space_admin?
  else
    false
  end
end

#can_create_postObject 



43
44
45
46
47
 
# File 'app/permissions/decidim/blog/permissions.rb', line 43

def can_create_post
  current_component&.participatory_space&.published? &&
    current_component&.published? &&
    (creation_enabled_for_participants? || initiative_authorship?)
end

#can_manage_postObject 



49
50
51
52
53
 
# File 'app/permissions/decidim/blog/permissions.rb', line 49

def can_manage_post
  return false unless post&.author

  can_create_post && admin_can_manage_post
end

#creation_enabled_for_participants?Boolean

Returns:

  • (Boolean) 


72
73
74
75
 
# File 'app/permissions/decidim/blog/permissions.rb', line 72

def creation_enabled_for_participants?
  component_settings&.creation_enabled_for_participants? &&
    current_component&.participatory_space&.can_participate?(user)
end

#current_componentObject 



39
40
41
 
# File 'app/permissions/decidim/blog/permissions.rb', line 39

def current_component
  @current_component ||= context.fetch(:current_component, nil)
end

#initiative_authorship?Boolean

Returns:

  • (Boolean) 


93
94
95
96
97
98
99
 
# File 'app/permissions/decidim/blog/permissions.rb', line 93

def initiative_authorship?
  return false unless user

  Decidim.module_installed?("initiatives") &&
    current_component&.participatory_space.is_a?(Decidim::Initiative) &&
    current_component&.participatory_space&.has_authorship?(user)
end

#permissionsObject 



6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
 
# File 'app/permissions/decidim/blog/permissions.rb', line 6

def permissions
  return permission_action unless permission_action.subject == :blogpost || permission_action.subject == :post

  if permission_action.scope == :public
    if permission_action.action.in?([:update, :destroy])
      toggle_allow(can_manage_post)
      return permission_action
    end

    if permission_action.action == :create
      toggle_allow(can_create_post)
      return permission_action
    end

    allow!
    return permission_action
  end

  return permission_action unless permission_action.scope == :admin

  if permission_action.action.in?([:update, :destroy])
    toggle_allow(admin_can_manage_post)
    return permission_action
  end

  allow!
  permission_action
end

#postObject 



35
36
37
 
# File 'app/permissions/decidim/blog/permissions.rb', line 35

def post
  @post ||= context.fetch(:blogpost, nil)
end

#space_admin?Boolean

Returns:

  • (Boolean) 


68
69
70
 
# File 'app/permissions/decidim/blog/permissions.rb', line 68

def space_admin?
  space_admins.include?(user)
end

#space_adminsObject 



77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
 
# File 'app/permissions/decidim/blog/permissions.rb', line 77

def space_admins
  participatory_space = current_component&.participatory_space

  return [] unless participatory_space

  @space_admins ||= begin
    space_admins = if participatory_space.respond_to?(:user_roles)
                     participatory_space.user_roles(:admin)&.collect(&:user)
                   else
                     []
                   end
    global_admins = current_component.organization.admins
    (global_admins + space_admins).uniq
  end
end