Home Explore Help
Sign In
Tranyi
/
blazer
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Added non-editable queries

Andrew Kane 8 years ago
parent
283105a0b7
commit
89c8ff79b1
3 changed files with 14 additions and 8 deletions
Split View Show Diff Stats
  1. 7 4
      app/controllers/blazer/queries_controller.rb
  2. 6 3
      app/models/blazer/query.rb
  3. 1 1
      app/views/blazer/queries/show.html.erb

+ 7 - 4
app/controllers/blazer/queries_controller.rb
View File 

@@ -157,7 +157,10 @@ module Blazer
 
         @query = Blazer::Query.new
 
         @query.creator = blazer_user if @query.respond_to?(:creator)
 
       end
 
-      if @query.update(query_params)
 
+      unless @query.editable?(blazer_user)
 
+        @query.errors.add(:base, "Sorry, permission denied")
 
+      end
 
+      if @query.errors.empty? && @query.update(query_params)
 
         redirect_to query_path(@query, variable_params)
 
       else
 
         render :edit
 
@@ -165,7 +168,7 @@ module Blazer
 
     end
 
 
     def destroy
 
-      @query.destroy
 
+      @query.destroy if @query.editable?(blazer_user)
 
       redirect_to root_url
 
     end
 
 
@@ -180,13 +183,13 @@ module Blazer
 
       @my_queries =
 
         if blazer_user
 
           recent_query_ids = Blazer::Audit.where(user_id: blazer_user.id).where("query_id IS NOT NULL").order("created_at desc").limit(100).pluck(:query_id).uniq.first(20)
 
-          queries = Blazer::Query.where(id: recent_query_ids).index_by(&:id)
 
+          queries = Blazer::Query.where("name <> ''").where(id: recent_query_ids).index_by(&:id)
 
           recent_query_ids.map { |query_id| queries[query_id] }.compact
 
         else
 
           []
 
         end
 
 
-      @queries = Blazer::Query.order(:name)
 
+      @queries = Blazer::Query.where("name <> ''").order(:name)
 
       @queries = @queries.where("id NOT IN (?)", @my_queries.map(&:id)) if @my_queries.any?
 
       @queries = @queries.includes(:creator) if Blazer.user_class
 
       @queries = @queries.limit(limit) if limit

+ 6 - 3
app/models/blazer/query.rb
View File 

@@ -6,15 +6,18 @@ module Blazer
 
     has_many :dashboards, through: :dashboard_queries
 
     has_many :audits
 
 
-    validates :name, presence: true
 
     validates :statement, presence: true
 
 
     def to_param
 
-      [id, name.gsub("'", "").parameterize].join("-")
 
+      [id, name].compact.join("-").gsub("'", "").parameterize
 
     end
 
 
     def friendly_name
 
-      name.gsub(/\[.+\]/, "").strip
 
+      name.to_s.gsub(/\[.+\]/, "").strip
 
+    end
 
+
 
+    def editable?(user)
 
+      (name.present? && name.first != "*") || user == creator
 
     end
 
   end
 
 end

+ 1 - 1
app/views/blazer/queries/show.html.erb
View File 

@@ -24,7 +24,7 @@
 
         </h3>
 
       </div>
 
       <div class="col-sm-3 text-right">
 
-        <%= link_to "Edit", edit_query_path(@query, variable_params), class: "btn btn-default" %>
 
+        <%= link_to "Edit", edit_query_path(@query, variable_params), class: "btn btn-default", disabled: !@query.editable?(blazer_user) %>
 
         <%= link_to "Fork", new_query_path(variable_params.merge(fork_query_id: @query.id, data_source: @query.data_source, name: @query.name)), class: "btn btn-info" %>
 
 
         <% if !@error && @success %>