Permalink
Browse files

granting-write-access-to-others

It's not enough just to allow others to view your projects, you need to allow some people to make changes, too. The goal of this part of the tutorial is to add a "Contributor" checkbox next to each person in the side-bar.

Implementing this is left as an exercise for the reader. The steps are:

1. Add a boolean `contributor` field to the `ProjectMembership` model.
2. Modify the permissions of stories and tasks so that users with `contributor=true` on their project membership have update permission for the project.
3. Use the `<editor>` tag to create an ajax editor for the `contributor` field in the ProjectMembership card.

That's all the hints we're going to give you for this one -- good luck!

Ok, one more hint, here's some associations that might be handy in the Project model:

    has_many :contributor_memberships, :class_name => "ProjectMembership", :scope => :contributor
    has_many :contributors, :through => :contributor_memberships, :source => :user
{: .ruby}

And a helper method that might come in handy when implementing your permission methods:

    def accepts_changes_from?(user)
       user.administrator? || user == owner || user.in?(contributors)
    end
{: .ruby}
  • Loading branch information...
bryanlarsen authored and iox committed Jun 3, 2013
1 parent 5d52b7c commit 7d67986e8ba9e5cbd2b015e71f6de968a6f24179
View
@@ -19,14 +19,22 @@ class Project < ActiveRecord::Base
belongs_to :owner, :class_name => "User", :creator => true, :inverse_of => :projects
has_many :contributor_memberships, :class_name => "ProjectMembership", :scope => :contributor
has_many :contributors, :through => :contributor_memberships, :source => :user
# permission helper
def accepts_changes_from?(user)
user.administrator? || user == owner || user.in?(contributors)
end
# --- Permissions --- #
def create_permitted?
owner_is? acting_user
end
def update_permitted?
acting_user.administrator? || (owner_is?(acting_user) && !owner_changed?)
accepts_changes_from?(acting_user) && !owner_changed?
end
def destroy_permitted?
@@ -3,6 +3,7 @@ class ProjectMembership < ActiveRecord::Base
hobo_model # Don't put anything above this
fields do
contributor :boolean, :default => false
timestamps
end
attr_accessible
@@ -31,3 +31,12 @@
<field-list: fields="description, users"/>
</old-form>
</extend>
<extend tag="card" for="ProjectMembership">
<old-card merge>
<body:>
<span>Contributor?</span>
<editor:contributor/>
</body:>
</old-card>
</extend>
@@ -0,0 +1,9 @@
class ProjectContributors < ActiveRecord::Migration
def self.up
add_column :project_memberships, :contributor, :boolean, :default => false
end
def self.down
remove_column :project_memberships, :contributor
end
end
View
@@ -11,13 +11,14 @@
#
# It's strongly recommended to check this file into your version control system.
ActiveRecord::Schema.define(:version => 20130109030838) do
ActiveRecord::Schema.define(:version => 20130109032331) do
create_table "project_memberships", :force => true do |t|
t.datetime "created_at"
t.datetime "updated_at"
t.integer "project_id"
t.integer "user_id"
t.boolean "contributor", :default => false
end
add_index "project_memberships", ["project_id"], :name => "index_project_memberships_on_project_id"

0 comments on commit 7d67986

Please sign in to comment.