ontohub/lib/ssh_access.rb

	ssh_access.rb revision 30133bbb904d252a7be85061953691d3f41f15af
class SshAccess

  PERMISSIONS = %w{
    read
    write
  }

  PERMISSION_MAP = {
    everyone: %w{read},
    permission: {
      all: %w{write},
      owner: [],
      editor: []
    }
  }

  class << self

    def determine_permission(requested_permission, permission)
      if PERMISSION_MAP[:everyone].include?(requested_permission)
        return true
      elsif permission
        return true if PERMISSION_MAP[:permission][:all].
          include?(requested_permission)

        role = permission.role.to_sym
        allowed_permissions = PERMISSION_MAP[:permission][role]
        return allowed_permissions.include?(requested_permission)
      else
        return false
      end
    end

    def extract_permission_params(params, repository)
      key_field = params[:key_id].sub("key-", "")
      requested_permission = params[:permission]
      user = User.joins(:keys).
        where(keys: {id: key_field}).first
      permission = nil
      if user
        permission = user.permissions.
          where(item_id: repository.id,
                item_type: repository.class).first
      end
      return [requested_permission, permission]
    end

  end

end