optimize permission checks for groups in SearchHelper
fixes CNVS-11231 Change-Id: Ic48d019e43add3498535d3fde84d3dfebc0e734f Reviewed-on: https://gerrit.instructure.com/31048 Reviewed-by: Nick Cloward <ncloward@instructure.com> Tested-by: Jenkins <jenkins@instructure.com> Product-Review: Cody Cutrer <cody@instructure.com> QA-Review: Cody Cutrer <cody@instructure.com>
This commit is contained in:
Cody Cutrer
parent
ea11f07655
commit
4c02840494
|
|
@ -66,7 +66,10 @@ module SearchHelper
|
|||
end
|
||||
|
||||
add_groups = lambda do |groups|
|
||||
Group.send(:preload_associations, groups, :group_category)
|
||||
Group.send(:preload_associations, groups, :group_memberships, conditions: { group_memberships: { user_id: @current_user }})
|
||||
groups.each do |group|
|
||||
group.can_participate = true
|
||||
contexts[:groups][group.id] = {
|
||||
:id => group.id,
|
||||
:name => group.name,
|
||||
|
|
|
|||
|
|
@ -25,6 +25,9 @@ class Group < ActiveRecord::Base
|
|||
validates_presence_of :context_id, :context_type, :account_id, :root_account_id, :workflow_state
|
||||
validates_allowed_transitions :is_public, false => true
|
||||
|
||||
# use to skip queries in can_participate?, called by policy block
|
||||
attr_accessor :can_participate
|
||||
|
||||
has_many :group_memberships, :dependent => :destroy, :conditions => ['group_memberships.workflow_state != ?', 'deleted']
|
||||
has_many :users, :through => :group_memberships, :conditions => ['users.workflow_state != ?', 'deleted']
|
||||
has_many :participating_group_memberships, :class_name => "GroupMembership", :conditions => ['group_memberships.workflow_state = ?', 'accepted']
|
||||
|
|
@ -136,11 +139,18 @@ class Group < ActiveRecord::Base
|
|||
|
||||
def has_member?(user)
|
||||
return nil unless user.present?
|
||||
self.shard.activate { self.participating_group_memberships.find_by_user_id(user.id) }
|
||||
if self.group_memberships.loaded?
|
||||
return self.group_memberships.to_a.find { |gm| gm.accepted? && gm.user_id == user.id }
|
||||
else
|
||||
self.shard.activate { self.participating_group_memberships.find_by_user_id(user.id) }
|
||||
end
|
||||
end
|
||||
|
||||
def has_moderator?(user)
|
||||
return nil unless user.present?
|
||||
if self.group_memberships.loaded?
|
||||
return self.group_memberships.to_a.find { |gm| gm.accepted? && gm.user_id == user.id && gm.moderator }
|
||||
end
|
||||
self.shard.activate { self.participating_group_memberships.moderators.find_by_user_id(user.id) }
|
||||
end
|
||||
|
||||
|
|
@ -433,12 +443,13 @@ class Group < ActiveRecord::Base
|
|||
|
||||
# Helper needed by several permissions, use grants_right?(user, :participate)
|
||||
def can_participate?(user)
|
||||
return true if can_participate
|
||||
return false unless user.present? && self.context.present?
|
||||
return true if self.group_category.try(:communities?)
|
||||
if self.context.is_a?(Course)
|
||||
return self.context.enrollments.not_fake.where(:user_id => user.id).first.present?
|
||||
return self.context.enrollments.not_fake.except(:includes).where(:user_id => user.id).exists?
|
||||
elsif self.context.is_a?(Account)
|
||||
return self.context.user_account_associations.where(:user_id => user.id).first.present?
|
||||
return self.context.user_account_associations.where(:user_id => user.id).exists?
|
||||
end
|
||||
return false
|
||||
end
|
||||
|
|
|
|||
Loading…
Reference in New Issue