Class: Hyrax::Collections::PermissionsService

Inherits:
Object
  • Object
show all
Defined in:
app/services/hyrax/collections/permissions_service.rb

Class Method Summary collapse

Class Method Details

.can_deposit_in_collection?(collection_id:, ability:) ⇒ Boolean

Note:

Several checks get the user's groups from the user's ability. The same values can be retrieved directly from a passed in ability.

Determine if the given user has permissions to deposit into the given collection

Parameters:

  • collection_id (String)

    id of the collection we are checking permissions on

  • ability (Ability)

    the ability coming from cancan ability check

Returns:

  • (Boolean)

    true if the user has permission to deposit into the collection


172
173
174
175
# File 'app/services/hyrax/collections/permissions_service.rb', line 172

def self.can_deposit_in_collection?(collection_id:, ability:)
  deposit_access_to_collection?(collection_id: collection_id, ability: ability) ||
    manage_access_to_collection?(collection_id: collection_id, ability: ability)
end

.can_manage_any_admin_set?(ability:) ⇒ Boolean

Note:

Several checks get the user's groups from the user's ability. The same values can be retrieved directly from a passed in ability.

Determine if the given user has permissions to manage at least one admin set

TODO: MOVE TO ABILITY

Parameters:

  • ability (Ability)

    the ability coming from cancan ability check

Returns:

  • (Boolean)

    true if the user has permission to manage at least one admin_set


160
161
162
# File 'app/services/hyrax/collections/permissions_service.rb', line 160

def self.can_manage_any_admin_set?(ability:)
  admin_set_ids_for_user(ability: ability, access: [Hyrax::PermissionTemplateAccess::MANAGE]).present?
end

.can_manage_any_collection?(ability:) ⇒ Boolean

Note:

Several checks get the user's groups from the user's ability. The same values can be retrieved directly from a passed in ability.

Determine if the given user has permissions to manage at least one collection

Parameters:

  • ability (Ability)

    the ability coming from cancan ability check

Returns:

  • (Boolean)

    true if the user has permission to manage at least one collection


147
148
149
# File 'app/services/hyrax/collections/permissions_service.rb', line 147

def self.can_manage_any_collection?(ability:)
  collection_ids_for_user(ability: ability, access: [Hyrax::PermissionTemplateAccess::MANAGE]).present?
end

.can_view_admin_show_for_any_admin_set?(ability:) ⇒ Boolean

Note:

Several checks get the user's groups from the user's ability. The same values can be retrieved directly from a passed in ability.

Determine if the given user has permissions to view the admin show page for at least one admin set

TODO: MOVE TO ABILITY

Parameters:

  • ability (Ability)

    the ability coming from cancan ability check

Returns:

  • (Boolean)

    true if the user has permission to view the admin show page for at least one admin_set


134
135
136
137
138
# File 'app/services/hyrax/collections/permissions_service.rb', line 134

def self.can_view_admin_show_for_any_admin_set?(ability:)
  admin_set_ids_for_user(ability: ability, access: [Hyrax::PermissionTemplateAccess::MANAGE,
                                                    Hyrax::PermissionTemplateAccess::DEPOSIT,
                                                    Hyrax::PermissionTemplateAccess::VIEW]).present?
end

.can_view_admin_show_for_any_collection?(ability:) ⇒ Boolean

Note:

Several checks get the user's groups from the user's ability. The same values can be retrieved directly from a passed in ability.

Determine if the given user has permissions to view the admin show page for at least one collection

Parameters:

  • ability (Ability)

    the ability coming from cancan ability check

Returns:

  • (Boolean)

    true if the user has permission to view the admin show page for at least one collection


120
121
122
123
124
# File 'app/services/hyrax/collections/permissions_service.rb', line 120

def self.can_view_admin_show_for_any_collection?(ability:)
  collection_ids_for_user(ability: ability, access: [Hyrax::PermissionTemplateAccess::MANAGE,
                                                     Hyrax::PermissionTemplateAccess::DEPOSIT,
                                                     Hyrax::PermissionTemplateAccess::VIEW]).present?
end

.can_view_admin_show_for_collection?(collection_id:, ability:) ⇒ Boolean

Note:

Several checks get the user's groups from the user's ability. The same values can be retrieved directly from a passed in ability.

Determine if the given user has permissions to view the admin show page for the collection

Parameters:

  • collection_id (String)

    id of the collection we are checking permissions on

  • ability (Ability)

    the ability coming from cancan ability check

Returns:

  • (Boolean)

    true if the user has permission to view the admin show page for the collection


185
186
187
188
189
190
191
# File 'app/services/hyrax/collections/permissions_service.rb', line 185

def self.can_view_admin_show_for_collection?(collection_id:, ability:)
  exclude_groups = [::Ability.registered_group_name,
                    ::Ability.public_group_name]
  manage_access_to_collection?(collection_id: collection_id, ability: ability) ||
    deposit_access_to_collection?(collection_id: collection_id, ability: ability, exclude_groups: exclude_groups) ||
    view_access_to_collection?(collection_id: collection_id, ability: ability, exclude_groups: exclude_groups)
end

.collection_ids_for_deposit(ability:) ⇒ Array<String>

Note:

Several checks get the user's groups from the user's ability. The same values can be retrieved directly from a passed in ability.

IDs of collections into which a user can deposit.

Parameters:

  • ability (Ability)

    the ability coming from cancan ability check

Returns:

  • (Array<String>)

    IDs of collections into which the user can deposit


96
97
98
# File 'app/services/hyrax/collections/permissions_service.rb', line 96

def self.collection_ids_for_deposit(ability:)
  source_ids_for_deposit(ability: ability, source_type: 'collection')
end

.collection_ids_for_user(access:, ability:) ⇒ Array<String>

Note:

Several checks get the user's groups from the user's ability. The same values can be retrieved directly from a passed in ability.

IDs of collections a user can access based on participant roles.

Parameters:

  • access (Array<String>)

    one or more types of access (e.g. Hyrax::PermissionTemplateAccess::MANAGE, Hyrax::PermissionTemplateAccess::DEPOSIT, Hyrax::PermissionTemplateAccess::VIEW)

  • ability (Ability)

    the ability coming from cancan ability check

Returns:

  • (Array<String>)

    IDs of collections for which the user has specified roles


58
59
60
# File 'app/services/hyrax/collections/permissions_service.rb', line 58

def self.collection_ids_for_user(access:, ability:)
  source_ids_for_user(access: access, ability: ability, source_type: 'collection')
end

.collection_ids_for_view(ability:) ⇒ Array<String>

Note:

Several checks get the user's groups from the user's ability. The same values can be retrieved directly from a passed in ability.

IDs of collections which the user can view.

Parameters:

  • ability (Ability)

    the ability coming from cancan ability check

Returns:

  • (Array<String>)

    IDs of collections into which the user can view


107
108
109
110
111
# File 'app/services/hyrax/collections/permissions_service.rb', line 107

def self.collection_ids_for_view(ability:)
  collection_ids_for_user(ability: ability, access: [Hyrax::PermissionTemplateAccess::MANAGE,
                                                     Hyrax::PermissionTemplateAccess::DEPOSIT,
                                                     Hyrax::PermissionTemplateAccess::VIEW])
end

.source_ids_for_deposit(ability:, source_type: nil, exclude_groups: []) ⇒ Array<String>

Note:

Several checks get the user's groups from the user's ability. The same values can be retrieved directly from a passed in ability.

IDs of collections and/or admin_sets into which a user can deposit.

Parameters:

  • ability (Ability)

    the ability coming from cancan ability check

  • source_type (String) (defaults to: nil)

    'collection', 'admin_set', or nil to get all types

  • exclude_groups (Array<String>) (defaults to: [])

    name of groups to exclude from the results

Returns:

  • (Array<String>)

    IDs of collections and/or admin_sets into which the user can deposit


71
72
73
74
# File 'app/services/hyrax/collections/permissions_service.rb', line 71

def self.source_ids_for_deposit(ability:, source_type: nil, exclude_groups: [])
  access = [Hyrax::PermissionTemplateAccess::MANAGE, Hyrax::PermissionTemplateAccess::DEPOSIT]
  source_ids_for_user(access: access, ability: ability, source_type: source_type, exclude_groups: exclude_groups)
end

.source_ids_for_manage(ability:, source_type: nil) ⇒ Array<String>

Note:

Several checks get the user's groups from the user's ability. The same values can be retrieved directly from a passed in ability.

IDs of collections and/or admin_sets that a user can manage.

Parameters:

  • ability (Ability)

    the ability coming from cancan ability check

  • source_type (String) (defaults to: nil)

    'collection', 'admin_set', or nil to get all types

Returns:

  • (Array<String>)

    IDs of collections and/or admin_sets that the user can manage


84
85
86
87
# File 'app/services/hyrax/collections/permissions_service.rb', line 84

def self.source_ids_for_manage(ability:, source_type: nil)
  access = [Hyrax::PermissionTemplateAccess::MANAGE, Hyrax::PermissionTemplateAccess::MANAGE]
  source_ids_for_user(access: access, ability: ability, source_type: source_type)
end