Merge pull request #404 from sparc-request/kg-correct_sr_ssr_permissions

KG - Protocol Permissions Refactor (1.7.0)
sparc-request · May 26, 2016 · 980a83d · 980a83d
2 parents 952899a + 09fc9ea
commit 980a83d
Show file tree

Hide file tree

Showing 58 changed files with 1,110 additions and 1,076 deletions.
diff --git a/app/assets/javascripts/bootstrap-table.js b/app/assets/javascripts/bootstrap-table.js
@@ -457,7 +457,7 @@
                     this.options.paginationVAlign === 'top' || this.options.paginationVAlign === 'both' ?
                     '<div class="fixed-table-pagination" style="clear: both;"></div>' :
                     '',
-                '<div class="fixed-table-container protocol-management-and-financial-view">',
+                '<div class="fixed-table-container">',
                 '<div class="fixed-table-header"><table></table></div>',
                 '<div class="fixed-table-body">',
                     '<div class="fixed-table-loading">',

diff --git a/app/assets/javascripts/dashboard/protocols.js.coffee b/app/assets/javascripts/dashboard/protocols.js.coffee
@@ -21,10 +21,12 @@
 # Place all the behaviors and hooks related to the matching controller here.
 # All this logic will automatically be available in application.js.
 # You can use CoffeeScript in this file: http://jashkenas.github.com/coffee-script/
-
 $(document).ready ->
   Sparc.protocol =
     ready: ->
+      $('.service-requests-table').on 'all.bs.table', ->
+        $(this).find('.selectpicker').selectpicker() #Find descendant selectpickers
+
       $(document).on 'click', '.service-request-button', ->
         if $(this).data('permission')
           window.location = $(this).data('url')
@@ -55,6 +57,13 @@ $(document).ready ->
         $.ajax
           type: 'get'
           url: "/dashboard/protocols/#{protocol_id}/display_requests"
+          success: (data) ->
+            $('#modal_place').html(data.modal)
+            $('#modal_place').modal 'show'
+            $('.service-requests-table').bootstrapTable()
+            $('.service-requests-table').on 'all.bs.table', ->
+              $(this).find('.selectpicker').selectpicker()
+
 
       $(document).on 'click', '.protocol-archive-button', ->
         protocol_id = $(this).parents("tr").data('protocol-id')
@@ -113,21 +122,20 @@ $(document).ready ->
           method: 'get'
           url: "/dashboard/service_calendars/view_full_calendar.js?portal=true&protocol_id=#{protocol_id}"
 
-      $(document).on 'click', '.view-sub-service-request-button', ->
+      $(document).on 'click', '.view-service-request', ->
         id = $(this).data('sub-service-request-id')
         $.ajax
           method: 'GET'
           url: "/dashboard/sub_service_requests/#{id}.js"
 
-      $(document).on 'click', '.edit_service_request', ->
+      $(document).on 'click', '.edit-service-request', ->
         if $(this).data('permission')
           window.location = $(this).data('url')
 
       $(document).on 'click', '#add-services-button', ->
-        protocol_id = $(this).data('protocol-id')
-
         if $(this).data('permission')
-          window.location = "/?protocol_id=#{protocol_id}&from_portal=true"
+          protocol_id         = $(this).data('protocol-id')
+          window.location     = "/?protocol_id=#{protocol_id}&from_portal=true"
       # Protocol Show End
 
       # Protocol Edit Begin

diff --git a/app/assets/stylesheets/dashboard/protocol.css.scss b/app/assets/stylesheets/dashboard/protocol.css.scss
@@ -69,10 +69,35 @@ textarea {
 
 /* New/Edit Protocol Form End */
 
+/* Show Protocol Begin */
 .view-protocol-details-modal {
   width: 50% !important;
 }
 
+.export-consolidated-request {
+  display: inline-block;
+}
+
+.service-requests-table {
+  tr {
+    td:nth-child(4) {
+      .new-notification {
+        width: 100% !important;
+      }
+    }
+
+    td:nth-child(5) {
+      text-align: center !important;
+    }
+
+    .view-service-request, .edit-service-request {
+        margin: 5px 5px 5px 0px;
+    }
+  }
+}
+
+/* Show Protocol End*/
+
 .drop-underneath {
   margin-top: 20px;
 }
diff --git a/app/assets/stylesheets/proper/layout.css.sass b/app/assets/stylesheets/proper/layout.css.sass
@@ -167,7 +167,6 @@ button
       padding-left: 10px
 
   #title
-    margin-top: 8px
     background: white url("/assets/banner.png") no-repeat
     height: 136px
     padding: 23px 0 0 23px

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -102,6 +102,7 @@ def authorization_error msg, ref
     error += "<br />If you believe this is in error please contact, #{I18n.t 'error_contact'}, and provide the following information:"
     error += "<br /> Reference #: "
     error += ref
+
     render partial: 'service_requests/authorization_error', locals: { error: error }
   end
 

diff --git a/app/controllers/dashboard/associated_users_controller.rb b/app/controllers/dashboard/associated_users_controller.rb
@@ -20,16 +20,17 @@
 
 class Dashboard::AssociatedUsersController < Dashboard::BaseController
   layout nil
-
   respond_to :html, :json, :js
+
   before_filter :find_protocol_role,        only: [:edit, :destroy]
-  before_filter :find_protocol,             only: [:index, :new, :create, :edit, :update]
+  before_filter :find_protocol,             only: [:index, :new, :create, :edit, :update, :destroy]
+  before_filter :find_admin_for_protocol,   only: [:index, :update]
   before_filter :protocol_authorizer_view,  only: [:index]
-  before_filter :protocol_authorizer_edit,  only: [:new, :create, :edit, :update]
+  before_filter :protocol_authorizer_edit,  only: [:new, :create, :edit, :update, :destroy]
 
   def index
     @protocol_roles     = @protocol.project_roles
-    @permission_to_edit = @authorization.can_edit? || @admin
+    @permission_to_edit = @authorization.can_edit?
 
     respond_to do |format|
       format.json
@@ -88,12 +89,12 @@ def update
       @current_user_updated = params[:project_role][:identity_id].to_i == @user.id
 
       if @current_user_updated
-        @protocol_type        = @protocol.type
-        protocol_role         = updater.protocol_role
-        @permission_to_edit   = protocol_role.can_edit? || @admin
+        @protocol_type            = @protocol.type
+        protocol_role             = updater.protocol_role
+        @permission_to_edit       = protocol_role.can_edit?
 
         #If the user sets themselves to member and they're not an admin, go to dashboard
-        @return_to_dashboard  = protocol_role.project_rights == 'none' && !@permission_to_edit
+        @return_to_dashboard = !protocol_role.can_view? && !@admin
       end
 
       flash.now[:success] = 'Authorized User Updated!'
@@ -107,16 +108,25 @@ def update
   end
 
   def destroy
-    protocol           = @protocol_role.protocol
-    epic_access        = @protocol_role.epic_access
-    project_role_clone = @protocol_role.clone
+    @protocol           = @protocol_role.protocol
+    epic_access         = @protocol_role.epic_access
+    protocol_role_clone = @protocol_role.clone
 
     @protocol_role.destroy
+
+    if @current_user_destroyed  = protocol_role_clone.identity_id == @user.id
+      @protocol_type            = @protocol.type
+      @permission_to_edit       = false
+      @admin                    = Protocol.for_admin(@user.id).include?(@protocol)
+
+      #If the user sets themselves to member and they're not an admin, go to dashboard
+      @return_to_dashboard = !@admin
+    end
 
     flash.now[:alert] = 'Authorized User Removed!'
 
-    if USE_EPIC && protocol.selected_for_epic && epic_access && !QUEUE_EPIC
-      Notifier.notify_primary_pi_for_epic_user_removal(protocol, project_role_clone).deliver
+    if USE_EPIC && @protocol.selected_for_epic && epic_access && !QUEUE_EPIC
+      Notifier.notify_primary_pi_for_epic_user_removal(@protocol, protocol_role_clone).deliver
     end
 
     respond_to do |format|
@@ -135,6 +145,7 @@ def search_identities
   end
 
 private
+
   def find_protocol_role
     @protocol_role = ProjectRole.find(params[:id])
   end

diff --git a/app/controllers/dashboard/base_controller.rb b/app/controllers/dashboard/base_controller.rb
@@ -44,8 +44,8 @@ def clean_errors(errors)
 
   def protocol_authorizer_view
     @authorization  = ProtocolAuthorizer.new(@protocol, @user)
-    @admin          = !@user.authorized_admin_organizations.empty?
 
+    # Admins should be able to view too
     unless @authorization.can_view? || @admin
       @protocol = nil
       render partial: 'service_requests/authorization_error', locals: { error: 'You are not allowed to access this protocol.' }
@@ -54,7 +54,6 @@ def protocol_authorizer_view
 
   def protocol_authorizer_edit
     @authorization  = ProtocolAuthorizer.new(@protocol, @user)
-    @admin          = !@user.authorized_admin_organizations.empty?
 
     unless @authorization.can_edit? || @admin
       @protocol = nil
@@ -67,4 +66,8 @@ def establish_breadcrumber
       session[:breadcrumbs] = Dashboard::Breadcrumber.new
     end
   end
+
+  def find_admin_for_protocol
+    @admin = Protocol.for_admin(@user).include?(@protocol)
+  end
 end
diff --git a/app/controllers/dashboard/protocol_filters_controller.rb b/app/controllers/dashboard/protocol_filters_controller.rb
@@ -31,6 +31,7 @@ def create
     else
       flash[:alert] = 'Search Failed to Save.'
     end
+
     @protocol_filters = ProtocolFilter.latest_for_user(@user.id, 5)
   end
 end
diff --git a/app/controllers/dashboard/protocols_controller.rb b/app/controllers/dashboard/protocols_controller.rb
@@ -22,9 +22,10 @@ class Dashboard::ProtocolsController < Dashboard::BaseController
 
   respond_to :html, :json, :xlsx
 
-  before_filter :find_protocol, only: [:show, :edit, :update, :update_protocol_type, :display_requests, :archive, :view_full_calendar, :view_details]
-  before_filter :protocol_authorizer_view, only: [:show, :view_full_calendar, :display_requests]
-  before_filter :protocol_authorizer_edit, only: [:edit, :update, :update_protocol_type]
+  before_filter :find_protocol,             only: [:show, :edit, :update, :update_protocol_type, :display_requests, :archive, :view_full_calendar, :view_details]
+  before_filter :find_admin_for_protocol,   only: [:show, :edit, :update, :update_protocol_type, :display_requests]
+  before_filter :protocol_authorizer_view,  only: [:show, :view_full_calendar, :display_requests]
+  before_filter :protocol_authorizer_edit,  only: [:edit, :update, :update_protocol_type]
 
   def index
     admin_orgs   = @user.authorized_admin_organizations
@@ -34,9 +35,9 @@ def index
 
     # if we are an admin we want to default to admin organizations
     if @admin
-      default_filter_params[:for_admin] = @user.id
+      default_filter_params[:for_admin]       = @user.id.to_s
     else
-      default_filter_params[:for_identity_id] = @user.id
+      default_filter_params[:for_identity_id] = @user.id.to_s
     end
 
     @filterrific =
@@ -64,22 +65,18 @@ def show
       format.js   { render }
       format.html {
         session[:breadcrumbs].clear.add_crumbs(protocol_id: @protocol.id)
-        admin               = !@user.authorized_admin_organizations.empty?
-        @permission_to_edit = @authorization.can_edit? || admin
+        @permission_to_edit = @authorization.present? ? @authorization.can_edit? : false
         @protocol_type      = @protocol.type.capitalize
-        @service_requests   = @protocol.service_requests
         render
       }
       format.xlsx { render }
     end
   end
 
   def new
-    admin_orgs = @user.authorized_admin_organizations
-    @admin =  !admin_orgs.empty?
-    @protocol_type = params[:protocol_type]
-    @protocol = @protocol_type.capitalize.constantize.new
-    @protocol.requester_id = current_user.id
+    @protocol_type          = params[:protocol_type]
+    @protocol               = @protocol_type.capitalize.constantize.new
+    @protocol.requester_id  = current_user.id
     @protocol.populate_for_edit
     session[:protocol_type] = params[:protocol_type]
   end
@@ -108,7 +105,6 @@ def create
   end
 
   def edit
-    @admin               = !@user.authorized_admin_organizations.empty?
     @protocol_type      = @protocol.type
     protocol_role       = @protocol.project_roles.find_by(identity_id: @user.id)
     @permission_to_edit = protocol_role.nil? ? false : protocol_role.can_edit?
@@ -127,14 +123,11 @@ def edit
   end
 
   def update
-    attrs         = params[:protocol]
-
-    attrs[:start_date] = Time.strptime(attrs[:start_date], "%m-%d-%Y") if attrs[:start_date]
-    attrs[:end_date] =   Time.strptime(attrs[:end_date],   "%m-%d-%Y") if attrs[:end_date]
-
-    @admin        = !@user.authorized_admin_organizations.empty?
-    protocol_role = @protocol.project_roles.find_by(identity_id: @user.id)
-
+    attrs               = params[:protocol]
+    attrs[:start_date]  = Time.strptime(attrs[:start_date], "%m-%d-%Y") if attrs[:start_date]
+    attrs[:end_date]    = Time.strptime(attrs[:end_date],   "%m-%d-%Y") if attrs[:end_date]
+    protocol_role       = @protocol.project_roles.find_by(identity_id: @user.id)
+
     # admin is not able to activate study_type_question_group
     if @admin && protocol_role.nil? && @protocol.update_attributes(attrs)
       flash[:success] = "#{@protocol.type} Updated!"
@@ -152,7 +145,6 @@ def update
 
   def update_protocol_type
     # Using update_attribute here is intentional, type is a protected attribute
-    @admin              = !@user.authorized_admin_organizations.empty?
     protocol_role       = @protocol.project_roles.find_by(identity_id: @user.id)
     @permission_to_edit = protocol_role.nil? ? false : protocol_role.can_edit?
     @protocol_type      = params[:type]
@@ -177,31 +169,37 @@ def archive
   end
 
   def view_full_calendar
-    @service_request = @protocol.any_service_requests_to_display?
+    @service_request  = @protocol.any_service_requests_to_display?
+    arm_id            = params[:arm_id] if params[:arm_id]
+    page              = params[:page] if params[:page]
+
+    session[:service_calendar_pages]          = params[:pages] if params[:pages]
+    session[:service_calendar_pages][arm_id]  = page if page && arm_id
 
-    arm_id = params[:arm_id] if params[:arm_id]
-    page = params[:page] if params[:page]
-    session[:service_calendar_pages] = params[:pages] if params[:pages]
-    session[:service_calendar_pages][arm_id] = page if page && arm_id
-    @tab = 'calendar'
+    @tab    = 'calendar'
     @portal = params[:portal]
+
     if @service_request
       @pages = {}
       @protocol.arms.each do |arm|
-        new_page = (session[:service_calendar_pages].nil?) ? 1 : session[:service_calendar_pages][arm.id.to_s].to_i
-        @pages[arm.id] = @service_request.set_visit_page(new_page, arm)
+        new_page        = (session[:service_calendar_pages].nil?) ? 1 : session[:service_calendar_pages][arm.id.to_s].to_i
+        @pages[arm.id]  = @service_request.set_visit_page(new_page, arm)
       end
     end
+
     @merged = true
     respond_to do |format|
       format.js
     end
   end
 
   def display_requests
-    @protocol_role = @protocol.project_roles.find_by(identity_id: @user.id)
+    @protocol_role      = @protocol.project_roles.find_by(identity_id: @user.id)
+    @permission_to_edit = @protocol_role.present? ? @protocol_role.can_edit? : false
+    modal               = render_to_string(partial: 'dashboard/protocols/requests_modal', locals: { protocol: @protocol, user: @user, permission_to_edit: @permission_to_edit })
 
-    @permission_to_edit = @protocol_role.present? ? @protocol_role.can_edit? : Protocol.for_admin(@user.id).include?(@protocol)
+    data = { modal: modal }
+    render json: data
   end
 
   def view_details
@@ -216,12 +214,8 @@ def find_protocol
     @protocol = Protocol.find(params[:id])
   end
 
-  def admin?
-    !@user.authorized_admin_organizations.empty?
-  end
-
   def conditionally_activate_protocol
-    if admin?
+    if @admin
       if @protocol_type == "Study" && @protocol.virgin_project?
         @protocol.activate
       end