5374: in collection show page, hide checkboxes for anonymous user view.
[arvados.git] / apps / workbench / app / views / application / _show_sharing.html.erb
1 <%
2    uuid_map = {}
3    if @share_links
4      [User, Group].each do |type|
5        type
6          .filter([['uuid','in',@share_links.collect(&:tail_uuid)]])
7          .each do |o|
8          uuid_map[o.uuid] = o
9        end
10      end
11    end
12    perm_name_desc_map = {}
13    perm_desc_name_map = {}
14    perms_json = []
15    ['Read', 'Write', 'Manage'].each do |link_desc|
16      link_name = "can_#{link_desc.downcase}"
17      perm_name_desc_map[link_name] = link_desc
18      perm_desc_name_map[link_desc] = link_name
19      perms_json << {value: link_name, text: link_desc}
20    end
21    perms_json = perms_json.to_json
22    choose_filters = {
23      "groups" => [["group_class", "=", "role"]],
24    }
25    if not Rails.configuration.anonymous_user_token
26      # It would be ideal to filter out the anonymous group by UUID,
27      # but that's not readily doable.  Workbench can't generate the
28      # UUID for a != filter, because it can't introspect the API
29      # server's UUID prefix.  And we can't say "uuid not like
30      # %-anonymouspublic", because the API server doesn't support a
31      # "not like" filter.
32      choose_filters["groups"] << ["name", "!=", "Anonymous users"]
33    end
34    choose_filters.default = []
35    owner_icon = fa_icon_class_for_uuid(@object.owner_uuid)
36    if owner_icon == "fa-users"
37      owner_icon = "fa-folder"
38      owner_type = "parent project"
39    else
40      owner_type = "owning user"
41    end
42
43    sharing_path = url_for(:controller => params['controller'], :action => 'share_with')
44 %>
45
46 <div class="pull-right">
47   <% ["users", "groups"].each do |share_class| %>
48
49   <%= link_to(send("choose_#{share_class}_path",
50       title: "Share with #{share_class}",
51       by_project: false,
52       preview_pane: false,
53       multiple: true,
54       filters: choose_filters[share_class].to_json,
55       action_method: 'post',
56       action_href: sharing_path,
57       action_name: 'Add',
58       action_data: {selection_param: 'uuids[]', success: 'tab-refresh'}.to_json),
59       class: "btn btn-primary btn-sm", remote: true) do %>
60   <i class="fa fa-fw fa-plus"></i> Share with <%= share_class %>&hellip;
61   <% end %>
62
63   <% end %>
64 </div>
65
66 <p>Permissions for this <%=@object.class_for_display.downcase%> are inherited from the <%= owner_type %>
67   <i class="fa fa-fw <%= owner_icon %>"></i>
68   <%= link_to_if_arvados_object @object.owner_uuid, friendly_name: true %>.
69 </p>
70
71 <table id="object_sharing" class="topalign table" style="clear: both; margin-top: 1em;">
72   <tr>
73     <th>User/Group Name</th>
74     <th>Email Address</th>
75     <th colspan="2"><%=@object.class_for_display%> Access</th>
76   </tr>
77
78   <% @share_links.andand.each do |link|
79        shared_with = uuid_map[link.tail_uuid]
80        if shared_with.nil?
81          link_name = link.tail_uuid
82        elsif shared_with.respond_to?(:full_name)
83          link_name = shared_with.full_name
84        else
85          link_name = shared_with.name
86        end
87        if shared_with && shared_with.respond_to?(:email)
88          email = shared_with.email
89        end
90   %>
91   <tr data-object-uuid="<%= link.uuid %>">
92     <td>
93       <i class="fa fa-fw <%= fa_icon_class_for_uuid(link.tail_uuid) %>"></i>
94       <%= link_to_if_arvados_object(link.tail_uuid, link_text: link_name) %>
95     </td>
96     <td>
97       <%= email %>
98     </td>
99     <td><%= link_to perm_name_desc_map[link.name], '#', {
100       "data-emptytext" => "Read",
101       "data-placement" => "bottom",
102       "data-type" => "select",
103       "data-url" => url_for(action: "update", id: link.uuid, controller: "links", merge: true),
104       "data-title" => "Set #{link_name}'s access level",
105       "data-name" => "[name]",
106       "data-pk" => {id: link.tail_uuid, key: "link"}.to_json,
107       "data-value" => link.name,
108       "data-clear" => false,
109       "data-source" => perms_json,
110       "data-tpl" => "<select id=\"share_change_level\"></select>",
111       "class" => "editable form-control",
112       } %>
113     </td>
114     <td>
115       <%= link_to(
116           {action: 'destroy', id: link.uuid, controller: "links"},
117           {title: 'Revoke', class: 'btn btn-default btn-nodecorate', method: :delete,
118            data: {confirm: "Revoke #{link_name}'s access to this #{@object.class_for_display.downcase}?",
119                   remote: true}}) do %>
120       <i class="fa fa-fw fa-trash-o"></i>
121       <% end %>
122     </td>
123   </tr>
124   <% end %>
125 </table>