end
end
+ class AlreadyLockedError < StandardError
+ def http_status
+ 403
+ end
+ end
+
class UnauthorizedError < StandardError
def http_status
401
textonly_operator = !operator.match(/[<=>]/)
self.columns.select do |col|
case col.type
- when :string, :text
+ when :string
true
+ when :text
+ if operator == 'ilike'
+ false
+ else
+ true
+ end
when :datetime, :integer, :boolean
!textonly_operator
else
unless (owner_uuid == current_user.uuid or
current_user.is_admin or
(current_user.groups_i_can(:manage) & [uuid, owner_uuid]).any?)
- if current_user.groups_i_can(:write).index(uuid)
+ if ((current_user.groups_i_can(:write) + [current_user.uuid]) &
+ [uuid, owner_uuid]).any?
return [owner_uuid, current_user.uuid]
else
return [owner_uuid]
attributes
end
- def has_permission? perm_type, target_uuid
- Link.where(link_class: "permission",
- name: perm_type,
- tail_uuid: uuid,
- head_uuid: target_uuid).any?
- end
-
protected
def ensure_ownership_path_leads_to_user
log = Log.new(event_type: event_type).fill_object(self)
yield log
log.save!
- connection.execute "NOTIFY logs, '#{log.id}'"
log_start_state
end