From 3fd350e6f2a739d972eac192fcf255edcad693e4 Mon Sep 17 00:00:00 2001 From: Martin Zurowietz Date: Fri, 19 Mar 2021 15:29:01 +0100 Subject: [PATCH] Implement exceptions so global admins can access Largo everywhere References #86 References biigle/core#331 --- src/Http/Controllers/Views/Projects/LargoController.php | 8 ++++++-- src/Http/Controllers/Views/Volumes/LargoController.php | 4 +++- src/resources/views/projectsShowTabs.blade.php | 2 +- src/resources/views/volumesSidebar.blade.php | 4 ++-- tests/Http/Controllers/Views/LargoControllerTest.php | 9 +++++++++ 5 files changed, 21 insertions(+), 6 deletions(-) diff --git a/src/Http/Controllers/Views/Projects/LargoController.php b/src/Http/Controllers/Views/Projects/LargoController.php index a11c85a2..9d31e612 100644 --- a/src/Http/Controllers/Views/Projects/LargoController.php +++ b/src/Http/Controllers/Views/Projects/LargoController.php @@ -4,6 +4,7 @@ use Biigle\Http\Controllers\Views\Controller; use Biigle\Project; +use Illuminate\Http\Request; use Illuminate\Http\Response; use Storage; @@ -12,13 +13,16 @@ class LargoController extends Controller /** * Show the Largo view for a project. * + * @param Request $request * @param int $id Project ID * @return \Illuminate\Http\Response */ - public function index($id) + public function index(Request $request, $id) { $project = Project::findOrFail($id); - $this->authorize('edit-in', $project); + if (!$request->user()->can('sudo')) { + $this->authorize('edit-in', $project); + } if (!$project->volumes()->exists()) { abort(Response::HTTP_NOT_FOUND); diff --git a/src/Http/Controllers/Views/Volumes/LargoController.php b/src/Http/Controllers/Views/Volumes/LargoController.php index de37d93b..84e45bcf 100644 --- a/src/Http/Controllers/Views/Volumes/LargoController.php +++ b/src/Http/Controllers/Views/Volumes/LargoController.php @@ -23,7 +23,9 @@ class LargoController extends Controller public function index(Request $request, $id) { $volume = Volume::findOrFail($id); - $this->authorize('edit-in', $volume); + if (!$request->user()->can('sudo')) { + $this->authorize('edit-in', $volume); + } if ($request->user()->can('sudo')) { // Global admins have no restrictions. diff --git a/src/resources/views/projectsShowTabs.blade.php b/src/resources/views/projectsShowTabs.blade.php index bec5fbcc..6690ebfc 100644 --- a/src/resources/views/projectsShowTabs.blade.php +++ b/src/resources/views/projectsShowTabs.blade.php @@ -1,4 +1,4 @@ -@if ($user->can('edit-in', $project) && $project->volumes()->exists()) +@if (($user->can('edit-in', $project) || $user->can('sudo')) && $project->volumes()->exists())
  • Largo
    • diff --git a/src/resources/views/volumesSidebar.blade.php b/src/resources/views/volumesSidebar.blade.php index a21b9cdf..d55afeaa 100644 --- a/src/resources/views/volumesSidebar.blade.php +++ b/src/resources/views/volumesSidebar.blade.php @@ -1,3 +1,3 @@ -@can ('edit-in', $volume) +@canany (['edit-in', 'sudo'], $volume) -@endcan +@endcanany diff --git a/tests/Http/Controllers/Views/LargoControllerTest.php b/tests/Http/Controllers/Views/LargoControllerTest.php index b942d26c..8ffed8d5 100644 --- a/tests/Http/Controllers/Views/LargoControllerTest.php +++ b/tests/Http/Controllers/Views/LargoControllerTest.php @@ -18,6 +18,9 @@ public function testIndexImageVolume() $this->beEditor(); $this->get("volumes/{$id}/largo")->assertStatus(200); + + $this->beGlobalAdmin(); + $this->get("volumes/{$id}/largo")->assertStatus(200); } public function testIndexVideoVolume() @@ -30,6 +33,9 @@ public function testIndexVideoVolume() $this->beEditor(); $this->get("volumes/{$id}/largo")->assertStatus(200); + + $this->beGlobalAdmin(); + $this->get("volumes/{$id}/largo")->assertStatus(200); } public function testIndexProject() @@ -48,5 +54,8 @@ public function testIndexProject() $volume->media_type_id = MediaType::videoId(); $volume->save(); $this->get("projects/{$id}/largo")->assertStatus(200); + + $this->beGlobalAdmin(); + $this->get("projects/{$id}/largo")->assertStatus(200); } }