diff --git a/app/models/guidance.rb b/app/models/guidance.rb index 3b15e2a..a041679 100644 --- a/app/models/guidance.rb +++ b/app/models/guidance.rb @@ -91,7 +91,7 @@ unless guidance.nil? unless guidance.guidance_group.nil? - # guidances are viewable if they are owned by any of the user's organisations + # guidances are viewable if they are owned by the user's org if guidance.guidance_group.org == user.org viewable = true end @@ -99,14 +99,14 @@ if Org.managing_orgs.include?(guidance.guidance_group.org) viewable = true end - + # guidance groups are viewable if they are owned by a funder if Org.funders.include?(guidance.guidance_group.org) viewable = true end end end - + return viewable end @@ -122,20 +122,13 @@ def self.all_viewable(user) managing_groups = Org.managing_orgs.collect{|o| o.guidance_groups} # find all groups owned by a Funder organisation - funder_groups = [] - funders = Org.funders - funders.each do |funder| - funder_groups += funder.guidance_groups - end + funder_groups = Org.funders.collect{|org| org.guidance_groups} # find all groups owned by any of the user's organisations organisation_groups = user.org.guidance_groups - + # find all guidances belonging to any of the viewable groups - all_viewable_guidances = [] all_viewable_groups = managing_groups + funder_groups + organisation_groups - all_viewable_groups.flatten.each do |group| - all_viewable_guidances += group.guidances - end + all_viewable_guidances = all_viewable_groups.flatten.collect{|group| group.guidances} # pass the list of viewable guidances to the view return all_viewable_guidances end diff --git a/app/models/perm.rb b/app/models/perm.rb index e53909e..0db316b 100644 --- a/app/models/perm.rb +++ b/app/models/perm.rb @@ -10,12 +10,14 @@ validates :name, presence: true, uniqueness: true - ADD_ORGS = Perm.where(name: 'add_organisations').first.freeze - CHANGE_AFFILIATION = Perm.where(name: 'change_org_affiliation').first.freeze - GRANT_PERMISSIONS = Perm.where(name: 'grant_permissions').first.freeze - MODIFY_TEMPLATES = Perm.where(name: 'modify_templates').first.freeze - MODIFY_GUIDANCE = Perm.where(name: 'modify_guidance').first.freeze - USE_API = Perm.where(name: 'use_api').first.freeze - CHANGE_ORG_DETAILS = Perm.where(name: 'change_org_details').first.freeze - GRANT_API = Perm.where(name: 'grant_api_to_orgs').first.freeze + ## + # Constant perms + ADD_ORGS = Perm.where(name: 'add_organisations').first.freeze + CHANGE_AFFILIATION = Perm.where(name: 'change_org_affiliation').first.freeze + GRANT_PERMISSIONS = Perm.where(name: 'grant_permissions').first.freeze + MODIFY_TEMPLATES = Perm.where(name: 'modify_templates').first.freeze + MODIFY_GUIDANCE = Perm.where(name: 'modify_guidance').first.freeze + USE_API = Perm.where(name: 'use_api').first.freeze + CHANGE_ORG_DETAILS = Perm.where(name: 'change_org_details').first.freeze + GRANT_API = Perm.where(name: 'grant_api_to_orgs').first.freeze end diff --git a/app/models/token_permission_type.rb b/app/models/token_permission_type.rb index 71f8186..27b138e 100644 --- a/app/models/token_permission_type.rb +++ b/app/models/token_permission_type.rb @@ -14,11 +14,12 @@ # Validators validates :token_type, presence: true, uniqueness: true - - # EVALUATE CLASS AND INSTANCE METHODS BELOW - # - # What do they do? do they do it efficiently, and do we need them? - + ## + # Constant Token Permission Types + GUIDANCES = TokenPermissionType.where(name: 'guidances').first.freeze + PLANS = TokenPermissionType.where(name: 'plans').first.freeze + TEMPLATES = TokenPermissionType.where(name: 'templates').first.freeze + STATISTICS = TokenPermissionType.where(name: 'statistics').first.freeze ##