Class: Hyrax::CollectionTypes::PermissionsService
- Inherits:
-
Object
- Object
- Hyrax::CollectionTypes::PermissionsService
- Defined in:
- app/services/hyrax/collection_types/permissions_service.rb
Class Method Summary collapse
-
.can_create_admin_set_collection_type?(user: nil, ability: nil) ⇒ Boolean
Is the user a creator for admin sets collection types?.
-
.can_create_any_collection_type?(user: nil, ability: nil) ⇒ Boolean
Is the user a creator for any collection types?.
-
.can_create_collection_of_type?(collection_type:, user: nil, ability: nil) ⇒ Boolean
Get a list of collection types that a user can create.
-
.can_create_collection_types(user: nil, ability: nil) ⇒ Array<Hyrax::CollectionType>
Get a list of collection types that a user can create.
-
.collection_type_ids_for_user(roles:, user: nil, ability: nil) ⇒ Array<String>
Ids of collection types that a user can create or manage.
-
.collection_types_for_user(roles:, user: nil, ability: nil) ⇒ Array<Hyrax::CollectionType>
Instances of collection types that a user can create or manage.
-
.group_edit_grants_for_collection_of_type(collection_type: nil) ⇒ Array<String>
Get a list of group that should be added as group editors for a new collection of the specified collection type.
- .user_admin?(user, ability) ⇒ Boolean
-
.user_edit_grants_for_collection_of_type(collection_type: nil) ⇒ Array<String>
Get a list of users who should be added as user editors for a new collection of the specified collection type.
Class Method Details
.can_create_admin_set_collection_type?(user: nil, ability: nil) ⇒ Boolean
Several checks get the user’s groups from the user’s ability. The same values can be retrieved directly from a passed in ability. If calling from Abilities, pass the ability. If you try to get the ability from the user, you end up in an infinit loop.
Is the user a creator for admin sets collection types?
72 73 74 75 76 77 78 79 80 81 82 83 84 85 |
# File 'app/services/hyrax/collection_types/permissions_service.rb', line 72 def self.can_create_admin_set_collection_type?(user: nil, ability: nil) return false unless user.present? || ability.present? return true if user_admin?(user, ability) # both manage and create access can create collections of a type, so no need to include access in the query return true if Hyrax::CollectionTypeParticipant.joins(:hyrax_collection_type) .where(agent_type: Hyrax::CollectionTypeParticipant::USER_TYPE, agent_id: user_id(user, ability), hyrax_collection_types: { machine_id: Hyrax::CollectionType::ADMIN_SET_MACHINE_ID }).present? return true if Hyrax::CollectionTypeParticipant.joins(:hyrax_collection_type) .where(agent_type: Hyrax::CollectionTypeParticipant::GROUP_TYPE, agent_id: user_groups(user, ability), hyrax_collection_types: { machine_id: Hyrax::CollectionType::ADMIN_SET_MACHINE_ID }).present? false end |
.can_create_any_collection_type?(user: nil, ability: nil) ⇒ Boolean
Several checks get the user’s groups from the user’s ability. The same values can be retrieved directly from a passed in ability. If calling from Abilities, pass the ability. If you try to get the ability from the user, you end up in an infinit loop.
Is the user a creator for any collection types?
52 53 54 55 56 57 58 59 60 61 |
# File 'app/services/hyrax/collection_types/permissions_service.rb', line 52 def self.can_create_any_collection_type?(user: nil, ability: nil) return false unless user.present? || ability.present? return true if user_admin?(user, ability) # both manage and create access can create collections of a type, so no need to include access in the query return true if Hyrax::CollectionTypeParticipant.where(agent_type: Hyrax::CollectionTypeParticipant::USER_TYPE, agent_id: user_id(user, ability)).any? return true if Hyrax::CollectionTypeParticipant.where(agent_type: Hyrax::CollectionTypeParticipant::GROUP_TYPE, agent_id: user_groups(user, ability)).any? false end |
.can_create_collection_of_type?(collection_type:, user: nil, ability: nil) ⇒ Boolean
Several checks get the user’s groups from the user’s ability. The same values can be retrieved directly from a passed in ability. If calling from Abilities, pass the ability. If you try to get the ability from the user, you end up in an infinit loop.
Get a list of collection types that a user can create
110 111 112 113 |
# File 'app/services/hyrax/collection_types/permissions_service.rb', line 110 def self.can_create_collection_of_type?(collection_type:, user: nil, ability: nil) manage_access_for_collection_type?(user: user, ability: ability, collection_type: collection_type) || create_access_for_collection_type?(user: user, ability: ability, collection_type: collection_type) end |
.can_create_collection_types(user: nil, ability: nil) ⇒ Array<Hyrax::CollectionType>
Several checks get the user’s groups from the user’s ability. The same values can be retrieved directly from a passed in ability. If calling from Abilities, pass the ability. If you try to get the ability from the user, you end up in an infinit loop.
Get a list of collection types that a user can create
96 97 98 |
# File 'app/services/hyrax/collection_types/permissions_service.rb', line 96 def self.can_create_collection_types(user: nil, ability: nil) collection_types_for_user(user: user, ability: ability, roles: [Hyrax::CollectionTypeParticipant::MANAGE_ACCESS, Hyrax::CollectionTypeParticipant::CREATE_ACCESS]) end |
.collection_type_ids_for_user(roles:, user: nil, ability: nil) ⇒ Array<String>
Several checks get the user’s groups from the user’s ability. The same values can be retrieved directly from a passed in ability. If calling from Abilities, pass the ability. If you try to get the ability from the user, you end up in an infinit loop.
Ids of collection types that a user can create or manage
14 15 16 17 18 19 20 21 22 23 24 25 |
# File 'app/services/hyrax/collection_types/permissions_service.rb', line 14 def self.collection_type_ids_for_user(roles:, user: nil, ability: nil) return false unless user.present? || ability.present? return Hyrax::CollectionType.all.pluck('DISTINCT id') if user_admin?(user, ability) Hyrax::CollectionTypeParticipant.where(agent_type: Hyrax::CollectionTypeParticipant::USER_TYPE, agent_id: user_id(user, ability), access: roles) .or( Hyrax::CollectionTypeParticipant.where(agent_type: Hyrax::CollectionTypeParticipant::GROUP_TYPE, agent_id: user_groups(user, ability), access: roles) ).pluck('DISTINCT hyrax_collection_type_id') end |
.collection_types_for_user(roles:, user: nil, ability: nil) ⇒ Array<Hyrax::CollectionType>
Several checks get the user’s groups from the user’s ability. The same values can be retrieved directly from a passed in ability. If calling from Abilities, pass the ability. If you try to get the ability from the user, you end up in an infinit loop.
Instances of collection types that a user can create or manage
37 38 39 40 41 |
# File 'app/services/hyrax/collection_types/permissions_service.rb', line 37 def self.collection_types_for_user(roles:, user: nil, ability: nil) return false unless user.present? || ability.present? return Hyrax::CollectionType.all if user_admin?(user, ability) Hyrax::CollectionType.where(id: collection_type_ids_for_user(user: user, roles: roles, ability: ability)) end |
.group_edit_grants_for_collection_of_type(collection_type: nil) ⇒ Array<String>
Several checks get the user’s groups from the user’s ability. The same values can be retrieved directly from a passed in ability. If calling from Abilities, pass the ability. If you try to get the ability from the user, you end up in an infinit loop.
Get a list of group that should be added as group editors for a new collection of the specified collection type
204 205 206 207 208 209 210 |
# File 'app/services/hyrax/collection_types/permissions_service.rb', line 204 def self.group_edit_grants_for_collection_of_type(collection_type: nil) return [] unless collection_type groups = Hyrax::CollectionTypeParticipant.joins(:hyrax_collection_type).where(hyrax_collection_type_id: collection_type.id, agent_type: Hyrax::CollectionTypeParticipant::GROUP_TYPE, access: Hyrax::CollectionTypeParticipant::MANAGE_ACCESS).pluck('DISTINCT agent_id') groups | ['admin'] end |
.user_admin?(user, ability) ⇒ Boolean
219 220 221 222 223 |
# File 'app/services/hyrax/collection_types/permissions_service.rb', line 219 def self.user_admin?(user, ability) # if called from abilities class, use ability instead of user; otherwise, you end up in an infinite loop return ability.admin? if ability.present? user.ability.admin? end |
.user_edit_grants_for_collection_of_type(collection_type: nil) ⇒ Array<String>
Several checks get the user’s groups from the user’s ability. The same values can be retrieved directly from a passed in ability. If calling from Abilities, pass the ability. If you try to get the ability from the user, you end up in an infinit loop.
Get a list of users who should be added as user editors for a new collection of the specified collection type
189 190 191 192 193 194 |
# File 'app/services/hyrax/collection_types/permissions_service.rb', line 189 def self.user_edit_grants_for_collection_of_type(collection_type: nil) return [] unless collection_type Hyrax::CollectionTypeParticipant.joins(:hyrax_collection_type).where(hyrax_collection_type_id: collection_type.id, agent_type: Hyrax::CollectionTypeParticipant::USER_TYPE, access: Hyrax::CollectionTypeParticipant::MANAGE_ACCESS).pluck('DISTINCT agent_id') end |