Noosfero/noosfero

View on GitHub
app/concerns/entitlement/accessible_to.rb

Summary

Maintainability
A
35 mins
Test Coverage
module Entitlement::AccessibleTo
  def self.included(base)
    base.class_eval do
      scope :accessible_to, lambda { |user|
        # Visitors
        if user.nil?
          conditions = where("#{table_name}.access = #{Entitlement::Levels.levels[:visitors]}")
              end

        # Environment administrators can access anything
        if !user.nil? && !user.environment.admins.include?(user)

          # This score_table is in the following format:
          #
          # | id | score |
          # | 1  |  10   |
          # | 5  |  10   |
          # | 8  |  25   |
          #
          # The score is the greatest access level the user accessing the object has
          # based on his relations with it. Objects with access requirements lower or
          # equal to level "users" are not included in this view for performance
          # reasons.
          #
          # Conditions for the object to be accessible are:
          #   * The object's owner is the user OR
          #   * The object has an access requirement lower or equal to level "users" OR
          #   * The user has an access level higher than the object requires.
          conditions = joins("left join #{score_table(user)}")
                       .where("
            #{profile_id_column} = #{user.id} OR
            #{table_name}.access <= #{Entitlement::Levels.levels[:users]} OR
            #{table_name}.access <= score")

              end
        conditions
      }
    end
  end
end