-
Notifications
You must be signed in to change notification settings - Fork 104
/
person_layer_writables.rb
50 lines (42 loc) · 1.27 KB
/
person_layer_writables.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
# Copyright (c) 2012-2015, Pfadibewegung Schweiz. This file is part of
# hitobito_pbs and licensed under the Affero General Public License version 3
# or later. See the COPYING file at the top-level directory or at
# https://github.com/hitobito/hitobito_pbs.
#
# Fetches people for which the user has write access via layer permissions.
class PersonLayerWritables < GroupBasedFetchables
self.same_group_permissions = []
self.above_group_permissions = []
self.same_layer_permissions = [:layer_and_below_full, :layer_full]
self.above_layer_permissions = [:layer_and_below_full]
def initialize(user)
super(user)
can :index, Person, accessible_people { |_| true }
end
private
def accessible_people
if user.root?
Person.only_public_data
else
accessible_people_scope
end
end
def accessible_people_scope
conditions = writable_conditions
if conditions.present?
Person.only_public_data.
joins(roles: :group).
where(groups: { deleted_at: nil }).
where(conditions.to_a).
distinct
else
Person.none
end
end
def writable_conditions
OrCondition.new.tap do |condition|
append_group_conditions(condition)
see_invisible_from_above_condition(condition)
end
end
end