diff --git a/app/controllers/roles_controller.rb b/app/controllers/roles_controller.rb index c88c8c4..dc04b8e 100644 --- a/app/controllers/roles_controller.rb +++ b/app/controllers/roles_controller.rb @@ -9,7 +9,7 @@ authorize @role access_level = params[:role][:access_level].to_i - set_access_level(access_level) + @role.set_access_level(access_level) message = '' if params[:user].present? if @role.plan.owner.present? && @role.plan.owner.email == params[:user] @@ -50,7 +50,7 @@ @role = Role.find(params[:id]) authorize @role access_level = params[:role][:access_level].to_i - set_access_level(access_level) + @role.set_access_level(access_level) if @role.update_attributes(role_params) UserMailer.permissions_change_notification(@role, current_user).deliver_now render json: {code: 1, msg: "Successfully changed the permissions for #{@role.user.email}. They have been notified via email."} @@ -93,23 +93,4 @@ def role_params params.require(:role).permit(:plan_id) end - - def set_access_level(access_level) - if access_level >= 1 - @role.commenter = true - else - @role.commenter = false - end - if access_level >= 2 - @role.editor = true - else - @role.editor = false - end - if access_level >= 3 - @role.administrator = true - else - @role.administrator = false - end - end - end \ No newline at end of file diff --git a/app/models/role.rb b/app/models/role.rb index 7ccdde4..b7cdf28 100644 --- a/app/models/role.rb +++ b/app/models/role.rb @@ -41,8 +41,29 @@ return 1 end end + + # Sets access_level according to bit fields defined in the column access + # TODO refactor according to the hash defined above (e.g. 1 key is :creator, 2 key is :administrator, etc) + def set_access_level(access_level) + if access_level >= 1 + self.commenter = true + else + self.commenter = false + end + if access_level >= 2 + self.editor = true + else + self.editor = false + end + if access_level >= 3 + self.administrator = true + else + self.administrator = false + end + end + # Returns a hash of hashes where each key represents an access level (e.g. see access_level method to understand the integers) - # This method becomes useful for generatic template messages (e.g. permissions change notification mailer) + # This method becomes useful for generating template messages (e.g. permissions change notification mailer) def self.access_level_messages { 5 => { diff --git a/app/policies/role_policy.rb b/app/policies/role_policy.rb index 4406615..8570ba1 100644 --- a/app/policies/role_policy.rb +++ b/app/policies/role_policy.rb @@ -17,7 +17,7 @@ end def destroy? - @role.plan.owned_by?(@user.id) + @role.plan.administerable_by?(@user.id) end def deactivate? diff --git a/app/views/plans/_share_form.html.erb b/app/views/plans/_share_form.html.erb index 4998bf2..dd2f6c0 100644 --- a/app/views/plans/_share_form.html.erb +++ b/app/views/plans/_share_form.html.erb @@ -19,14 +19,16 @@

<%= _('Manage collaborators')%>

<%= _('Invite specific people to read, edit, or administer your plan. Invitees will receive an email notification that they have access to this plan.') %>

- +<%= administerable = @plan.administerable_by?(current_user) %> <% if @plan.roles.any? then %> - + <% if administerable %> + + <% end %> @@ -35,24 +37,26 @@ - + + <% end %> <% end %> diff --git a/lib/assets/javascripts/application.js b/lib/assets/javascripts/application.js index 8be3644..851a422 100644 --- a/lib/assets/javascripts/application.js +++ b/lib/assets/javascripts/application.js @@ -27,6 +27,7 @@ import './views/plans/index'; import './views/plans/new'; import './views/plans/share'; +import './views/roles/edit'; import './views/sections/edit'; import './views/sections/index'; import './views/sections/new'; diff --git a/lib/assets/javascripts/views/plans/share.js b/lib/assets/javascripts/views/plans/share.js index 6b10b8b..b061775 100644 --- a/lib/assets/javascripts/views/plans/share.js +++ b/lib/assets/javascripts/views/plans/share.js @@ -29,16 +29,4 @@ } }); }); - - $('.change_plan_role select').change((e) => { - request(e.target).done((data) => { - if (data.code === 1 && data.msg && data.msg !== '') { - notifier.renderNotice(data.msg); - } else { - notifier.renderAlert(data.msg); - } - }, () => { - // TODO adequate error handling for network error - }); - }); }); diff --git a/lib/assets/javascripts/views/roles/edit.js b/lib/assets/javascripts/views/roles/edit.js new file mode 100644 index 0000000..2ff79d3 --- /dev/null +++ b/lib/assets/javascripts/views/roles/edit.js @@ -0,0 +1,19 @@ +import { renderNotice, renderAlert } from '../../utils/notificationHelper'; +import { isString, isObject } from '../../utils/isType'; + +$(() => { + $('form.edit_role select').on('change', (e) => { + $(e.target).closest('form').submit(); + }); + $('form.edit_role').on('ajax:success', (e, data) => { + if (isObject(data) && isString(data.msg)) { + renderNotice(data.msg); + } + }); + $('form.edit_role').on('ajax:error', (e, xhr) => { + const error = xhr.responseJSON; + if (isObject(error) && isString(error)) { + renderAlert(error.msg); + } + }); +});
<%= _('Email address')%> <%= _('Permissions')%><%= _('Actions') %><%= _('Actions') %>
<%= role.user.name %> <% if role.creator? %> - <%= 'Owner' %> - <% elsif !role.creator? && role.user == current_user %> - <%= display_role(role) %> - <% elsif !role.creator? && role.user != current_user %> - - <%= form_for role, url: {controller: :roles, action: :update, id: role.id }, html: {method: :put} do |f| %> -
- <%= f.hidden_field :id %> - <%= f.select :access_level, {"#{_('Co-owner')}": 3, "#{_('Editor')}": 2, "#{_('Read only')}": 1}, {}, {id: "#{role.id}-can-edit", class: "toggle-existing-user-access has-tooltip", 'data-toggle': "tooltip", 'title': _('Editors can contribute to plans. Co-owners have additional rights to edit plan details and control access.') } %> -
+ <%= _('Owner') %> + <% else %> + <% if administerable && role.user != current_user %> + <%= form_for role, url: { controller: :roles, action: :update, id: role.id }, remote: true, html: { method: :put } do |f| %> +
+ <%= f.hidden_field :id %> + <%= f.select :access_level, {"#{_('Co-owner')}": 3, "#{_('Editor')}": 2, "#{_('Read only')}": 1}, {}, {id: "#{role.id}-can-edit", class: "toggle-existing-user-access has-tooltip", 'data-toggle': "tooltip", 'title': _('Editors can contribute to plans. Co-owners have additional rights to edit plan details and control access.') } %> +
+ <% end %> + <% else %> + <%= display_role(role) %> + <% end %> + <% end %> + <% if administerable %> + 		+ <% unless role.creator? || role.user == current_user then %> + <%= link_to _('Remove'), role, method: :delete, data: { confirm: _('Are you sure?') }, :class => "a-orange" %> <% end %> - <% end %> - - <% unless role.creator? || role.user == current_user then %> - <%= link_to _('Remove'), role, method: :delete, data: { confirm: _('Are you sure?') }, :class => "a-orange" %> - <% end %> -