admins: avoid problems with empty roles or environment on resources

Rodrigo Souto
1 parent ede53a92
Showing 3 changed files with 15 additions and 9 deletions Show diff stats
app/models/environment.rb
app/models/person.rb
app/models/profile.rb
@@ -86,7 +86,9 @@ class Environment &lt; ActiveRecord::Base
   end
  
   def admins
-    Person.members_of(self).all(:conditions => ['role_assignments.role_id = ?', Environment::Roles.admin(self).id])
+    admin_role = Environment::Roles.admin(self)
+    return [] if admin_role.blank?
+    Person.members_of(self).all(:conditions => ['role_assignments.role_id = ?', admin_role.id])
   end
  
   # returns the available features for a Environment, in the form of a
@@ -33,16 +33,17 @@ class Person &lt; Profile
     { :select => 'DISTINCT profiles.*', :conditions => ['"profiles"."id" NOT IN (SELECT DISTINCT profiles.id FROM "profiles" INNER JOIN "friendships" ON "friendships"."person_id" = "profiles"."id" WHERE "friendships"."friend_id" IN (%s))' % resources.map(&:id)] }
   }
  
-  def has_permission_with_admin?(permission, profile)
-    return true if profile.admins.include?(self) || profile.environment.admins.include?(self)
-    has_permission_without_admin?(permission, profile)
+  def has_permission_with_admin?(permission, resource)
+    return true if resource.blank? || resource.admins.include?(self)
+    return true if resource.kind_of?(Profile) && resource.environment.admins.include?(self)
+    has_permission_without_admin?(permission, resource)
   end
   alias_method_chain :has_permission?, :admin
  
-  def has_permission_with_plugins?(permission, profile)
-    permissions = [has_permission_without_plugins?(permission, profile)]
+  def has_permission_with_plugins?(permission, resource)
+    permissions = [has_permission_without_plugins?(permission, resource)]
     permissions += plugins.map do |plugin|
-      plugin.has_permission?(self, permission, profile)
+      plugin.has_permission?(self, permission, resource)
     end
     permissions.include?(true)
   end
@@ -795,7 +795,10 @@ private :generate_url, :url_options
   end
  
   def admins
-    self.members_by_role(Profile::Roles.admin(environment.id))
+    return [] if environment.blank?
+    admin_role = Profile::Roles.admin(environment.id)
+    return [] if admin_role.blank?
+    self.members_by_role(admin_role)
   end
  
   def enable_contact?
@@ -803,7 +806,7 @@ private :generate_url, :url_options
   end
  
   include Noosfero::Plugin::HotSpot
-  
+
   def folder_types
     types = Article.folder_types
     plugins.dispatch(:content_types).each {|type|
...	...	@@ -86,7 +86,9 @@ class Environment < ActiveRecord::Base
86	86	end
87	87
88	88	def admins
89		- Person.members_of(self).all(:conditions => ['role_assignments.role_id = ?', Environment::Roles.admin(self).id])
	89	+ admin_role = Environment::Roles.admin(self)
	90	+ return [] if admin_role.blank?
	91	+ Person.members_of(self).all(:conditions => ['role_assignments.role_id = ?', admin_role.id])
90	92	end
91	93
92	94	# returns the available features for a Environment, in the form of a
...	...
...	...	@@ -33,16 +33,17 @@ class Person < Profile
33	33	{ :select => 'DISTINCT profiles.*', :conditions => ['"profiles"."id" NOT IN (SELECT DISTINCT profiles.id FROM "profiles" INNER JOIN "friendships" ON "friendships"."person_id" = "profiles"."id" WHERE "friendships"."friend_id" IN (%s))' % resources.map(&:id)] }
34	34	}
35	35
36		- def has_permission_with_admin?(permission, profile)
37		- return true if profile.admins.include?(self) \|\| profile.environment.admins.include?(self)
38		- has_permission_without_admin?(permission, profile)
	36	+ def has_permission_with_admin?(permission, resource)
	37	+ return true if resource.blank? \|\| resource.admins.include?(self)
	38	+ return true if resource.kind_of?(Profile) && resource.environment.admins.include?(self)
	39	+ has_permission_without_admin?(permission, resource)
39	40	end
40	41	alias_method_chain :has_permission?, :admin
41	42
42		- def has_permission_with_plugins?(permission, profile)
43		- permissions = [has_permission_without_plugins?(permission, profile)]
	43	+ def has_permission_with_plugins?(permission, resource)
	44	+ permissions = [has_permission_without_plugins?(permission, resource)]
44	45	permissions += plugins.map do \|plugin\|
45		- plugin.has_permission?(self, permission, profile)
	46	+ plugin.has_permission?(self, permission, resource)
46	47	end
47	48	permissions.include?(true)
48	49	end
...	...
...	...	@@ -795,7 +795,10 @@ private :generate_url, :url_options
795	795	end
796	796
797	797	def admins
798		- self.members_by_role(Profile::Roles.admin(environment.id))
	798	+ return [] if environment.blank?
	799	+ admin_role = Profile::Roles.admin(environment.id)
	800	+ return [] if admin_role.blank?
	801	+ self.members_by_role(admin_role)
799	802	end
800	803
801	804	def enable_contact?
...	...	@@ -803,7 +806,7 @@ private :generate_url, :url_options
803	806	end
804	807
805	808	include Noosfero::Plugin::HotSpot
806		-
	809	+
807	810	def folder_types
808	811	types = Article.folder_types
809	812	plugins.dispatch(:content_types).each {\|type\|
...	...