Revision 825e3990
Added by Dominic Cleal about 9 years ago
app/models/concerns/authorizable.rb | ||
---|---|---|
end
|
||
}
|
||
|
||
def self.authorized(permission = nil, resource = nil)
|
||
self.authorized_as(User.current, permission, resource)
|
||
end
|
||
# joins to another class, on which the authorization is applied
|
||
#
|
||
# permission can be nil (therefore we use Proc instead of lambda)
|
||
#
|
||
# e.g.
|
||
# Report.joins_authorized_as(user, Host, :view_hosts)
|
||
# Host.joins_authorized_as(user, Domain, :view_domains)
|
||
#
|
||
# Or you may simply use authorized for User.current
|
||
#
|
||
scope :joins_authorized_as, Proc.new { |user, resource, permission|
|
||
if user.nil?
|
||
self.where('1=0')
|
||
elsif user.admin?
|
||
self.scoped
|
||
else
|
||
Authorizer.new(user).find_collection(resource, :permission => permission, :joined_on => self)
|
||
end
|
||
}
|
||
|
||
def authorized?(permission)
|
||
return false if User.current.nil?
|
||
... | ... | |
def allows_location_filtering?
|
||
allows_taxonomy_filtering?(:location_id)
|
||
end
|
||
|
||
def authorized(permission = nil, resource = nil)
|
||
authorized_as(User.current, permission, resource)
|
||
end
|
||
|
||
def joins_authorized(resource, permission = nil)
|
||
joins_authorized_as(User.current, resource, permission)
|
||
end
|
||
end
|
||
end
|
Also available in: Unified diff
fixes #8817 - look up reports with all joins from host scoped_search
This changes the optimisation in d50c799 which caused errors for users with
host filters referencing tables other than hosts.
When retrieving all reports joined with authorised hosts, the nested joins need
to be passed into AR via .joins on the main scope (reports) rather than what
happened with scoped_search, which only specifies the joins on the inner scope.
In that case, they're ignored and not included in the table list.
Retrieving the conditionals and tables from scoped_search directly allows us to
build up a more correct authorisation AR query with joins.
(cherry picked from commit 54592c2f126680db8980f3909ad085124c5983d1)
Conflicts:
app/models/report.rb