Modified: trunk/app/controllers/application_controller.rb (3185 => 3186)
--- trunk/app/controllers/application_controller.rb 2012-11-12 22:52:26 UTC (rev 3185)
+++ trunk/app/controllers/application_controller.rb 2012-11-12 22:53:11 UTC (rev 3186)
@@ -685,7 +685,7 @@
objects = collection.find(
:all,
:select => "#{filter_id_column} AS filter_id, #{filter_label_column} AS filter_label, #{count_expr} AS filter_count",
- :joins => merge_joins(joins, pivot_options, :auth_type => opts[:auth_type], :auth_id => opts[:auth_id]),
+ :joins => merge_joins(joins, pivot_options, collection.permission_conditions, :auth_type => opts[:auth_type], :auth_id => opts[:auth_id]),
:conditions => conditions,
:group => "#{filter_id_column}",
:limit => limit,
@@ -797,14 +797,17 @@
end
end
- def merge_joins(joins, pivot_options, opts = {})
+ def merge_joins(joins, pivot_options, permission_conditions, opts = {})
if joins.length.zero?
nil
else
joins.uniq.map do |j|
text = pivot_options["joins"][j].clone
- text.gsub!(/RESULT_TYPE/, opts[:auth_type])
- text.gsub!(/RESULT_ID/, opts[:auth_id])
+ text.gsub!(/RESULT_TYPE/, opts[:auth_type])
+ text.gsub!(/RESULT_ID/, opts[:auth_id])
+ text.gsub!(/VIEW_CONDITIONS/, permission_conditions[:view_conditions])
+ text.gsub!(/DOWNLOAD_CONDITIONS/, permission_conditions[:download_conditions])
+ text.gsub!(/EDIT_CONDITIONS/, permission_conditions[:edit_conditions])
text
end.join(" ")
end
@@ -904,7 +907,7 @@
results = collection.find(
:all,
:page => { :size => params["num"] ? params["num"].to_i : nil, :current => params["page"] },
- :joins => merge_joins(joins, pivot_options, :auth_type => auth_type, :auth_id => auth_id),
+ :joins => merge_joins(joins, pivot_options, collection.permission_conditions, :auth_type => auth_type, :auth_id => auth_id),
:conditions => conditions.length.zero? ? nil : conditions.join(" AND "),
:group => "#{group_by} #{having_clause}",
:order => order_options["order"])
Modified: trunk/config/default_settings.yml (3185 => 3186)
--- trunk/config/default_settings.yml 2012-11-12 22:52:26 UTC (rev 3185)
+++ trunk/config/default_settings.yml 2012-11-12 22:53:11 UTC (rev 3186)
@@ -532,7 +532,7 @@
joins:
- workflow_processors: INNER JOIN workflow_processors ON RESULT_TYPE = 'Workflow' AND workflow_processors.workflow_id = RESULT_ID
+ workflow_processors: INNER JOIN workflow_processors ON RESULT_TYPE = 'Workflow' AND workflow_processors.workflow_id = RESULT_ID AND DOWNLOAD_CONDITIONS = 1
taggings: LEFT OUTER JOIN taggings ON RESULT_TYPE = taggings.taggable_type AND RESULT_ID = taggings.taggable_id
services: INNER JOIN services ON RESULT_TYPE = 'Service' AND RESULT_ID = services.id
curation_events: INNER JOIN curation_events ON curation_events.object_type = RESULT_TYPE AND curation_events.object_id = RESULT_ID
Modified: trunk/lib/authorization.rb (3185 => 3186)
--- trunk/lib/authorization.rb 2012-11-12 22:52:26 UTC (rev 3185)
+++ trunk/lib/authorization.rb 2012-11-12 22:53:11 UTC (rev 3186)
@@ -429,9 +429,14 @@
select_parts << "#{model.table_name}.*" if include_permissions
if include_permissions || permissions_only
- select_parts << "BIT_OR(#{view_conditions(user_id, friends, networks)}) AS view_permission"
- select_parts << "BIT_OR(#{download_conditions(user_id, friends, networks)}) AS download_permission"
- select_parts << "BIT_OR(#{edit_conditions(user_id, friends, networks)}) AS edit_permission"
+
+ view_conditions = view_conditions(user_id, friends, networks)
+ download_conditions = download_conditions(user_id, friends, networks)
+ edit_conditions = edit_conditions(user_id, friends, networks)
+
+ select_parts << "BIT_OR(#{view_conditions}) AS view_permission"
+ select_parts << "BIT_OR(#{download_conditions}) AS download_permission"
+ select_parts << "BIT_OR(#{edit_conditions}) AS edit_permission"
end
opts[:select] = select_parts.join(", ") unless select_parts.empty?
@@ -439,7 +444,23 @@
opts[:group] ||= 'contributions.contributable_type, contributions.contributable_id'
opts[:joins] = joins
- model.scoped(opts)
+ scope = model.scoped(opts) do
+ def permission_conditions
+ @permission_conditions
+ end
+
+ def permission_conditions=(permission_conditions)
+ @permission_conditions = permission_conditions
+ end
+ end
+
+ scope.permission_conditions = {
+ :view_conditions => view_conditions,
+ :download_conditions => download_conditions,
+ :edit_conditions => edit_conditions
+ }
+
+ scope
end
end