reject private ontologies for non admin users in groups controller

ontoportal-lirmm · Dec 18, 2024 · c6140cd · c6140cd
1 parent ce2c8d0
commit c6140cd
Showing 1 changed file with 14 additions and 2 deletions.
diff --git a/controllers/groups_controller.rb b/controllers/groups_controller.rb
@@ -13,16 +13,20 @@ class GroupsController < ApplicationController
     # Display all groups
     get do
       check_last_modified_collection(LinkedData::Models::Group)
-      groups = Group.where.include(Group.goo_attrs_to_load(includes_param)).to_a
+      groups = Group.where.include(*Group.goo_attrs_to_load(includes_param), ontologies: [:viewingRestriction]).to_a
+      # Private ontologies viewd only by admins of the portal
+      groups = reject_private_ontologies(groups) unless current_user.admin?
       reply groups
     end
 
     # Display a single group
     get '/:acronym' do
       check_last_modified_collection(LinkedData::Models::Group)
       acronym = params["acronym"]
-      g = Group.find(acronym).include(Group.goo_attrs_to_load(includes_param)).first
+      g = Group.find(acronym).include(*Group.goo_attrs_to_load(includes_param), ontologies: [:viewingRestriction]).first
       error 404, "Group #{acronym} not found" if g.nil?
+      # Private ontologies viewd only by admins of the portal
+      g = reject_private_ontologies([g]).first unless current_user.admin?
       reply 200, g
     end
 
@@ -81,5 +85,13 @@ def create_group
       end
       reply 201, group
     end
+
+    def reject_private_ontologies(groups)
+      groups.each do |group|
+        public_ontologies = group.ontologies.reject { |ontology| ontology.viewingRestriction == "private" }
+        group.instance_variable_set(:@ontologies, public_ontologies)
+      end
+    end
+
   end
 end