Implement exceptions so global admins can access Largo everywhere

References #86 References biigle/core#331
biigle · Mar 19, 2021 · 3fd350e · 3fd350e
1 parent fa48e44
commit 3fd350e
Show file tree

Hide file tree

Showing 5 changed files with 21 additions and 6 deletions.
diff --git a/src/Http/Controllers/Views/Projects/LargoController.php b/src/Http/Controllers/Views/Projects/LargoController.php
@@ -4,6 +4,7 @@
 
 use Biigle\Http\Controllers\Views\Controller;
 use Biigle\Project;
+use Illuminate\Http\Request;
 use Illuminate\Http\Response;
 use Storage;
 
@@ -12,13 +13,16 @@ class LargoController extends Controller
     /**
      * Show the Largo view for a project.
      *
+     * @param Request $request
      * @param int $id Project ID
      * @return \Illuminate\Http\Response
      */
-    public function index($id)
+    public function index(Request $request, $id)
     {
         $project = Project::findOrFail($id);
-        $this->authorize('edit-in', $project);
+        if (!$request->user()->can('sudo')) {
+            $this->authorize('edit-in', $project);
+        }
 
         if (!$project->volumes()->exists()) {
             abort(Response::HTTP_NOT_FOUND);

diff --git a/src/Http/Controllers/Views/Volumes/LargoController.php b/src/Http/Controllers/Views/Volumes/LargoController.php
@@ -23,7 +23,9 @@ class LargoController extends Controller
     public function index(Request $request, $id)
     {
         $volume = Volume::findOrFail($id);
-        $this->authorize('edit-in', $volume);
+        if (!$request->user()->can('sudo')) {
+            $this->authorize('edit-in', $volume);
+        }
 
         if ($request->user()->can('sudo')) {
             // Global admins have no restrictions.

diff --git a/src/resources/views/projectsShowTabs.blade.php b/src/resources/views/projectsShowTabs.blade.php
@@ -1,4 +1,4 @@
-@if ($user->can('edit-in', $project) && $project->volumes()->exists())
+@if (($user->can('edit-in', $project) || $user->can('sudo')) && $project->volumes()->exists())
     <li role="presentation">
         <a href="{{route('projectsLargo', $project->id)}}" title="Perform Largo re-evaluation of annotations for this project"><i class="fa fa-check-square"></i> Largo</a>
     </li>

diff --git a/src/resources/views/volumesSidebar.blade.php b/src/resources/views/volumesSidebar.blade.php
@@ -1,3 +1,3 @@
-@can ('edit-in', $volume)
+@canany (['edit-in', 'sudo'], $volume)
     <sidebar-tab name="largo" icon="check-square" title="Perform Largo re-evaluation of annotations for this volume" href="{{ route('largo', $volume->id) }}"></sidebar-tab>
-@endcan
+@endcanany
diff --git a/tests/Http/Controllers/Views/LargoControllerTest.php b/tests/Http/Controllers/Views/LargoControllerTest.php
@@ -18,6 +18,9 @@ public function testIndexImageVolume()
 
         $this->beEditor();
         $this->get("volumes/{$id}/largo")->assertStatus(200);
+
+        $this->beGlobalAdmin();
+        $this->get("volumes/{$id}/largo")->assertStatus(200);
     }
 
     public function testIndexVideoVolume()
@@ -30,6 +33,9 @@ public function testIndexVideoVolume()
 
         $this->beEditor();
         $this->get("volumes/{$id}/largo")->assertStatus(200);
+
+        $this->beGlobalAdmin();
+        $this->get("volumes/{$id}/largo")->assertStatus(200);
     }
 
     public function testIndexProject()
@@ -48,5 +54,8 @@ public function testIndexProject()
         $volume->media_type_id = MediaType::videoId();
         $volume->save();
         $this->get("projects/{$id}/largo")->assertStatus(200);
+
+        $this->beGlobalAdmin();
+        $this->get("projects/{$id}/largo")->assertStatus(200);
     }
 }