Allow approvers to read and edit Etds and FileSets

This ensures approvers can read (download) and edit Works and FileSets. Since there's not an explicit "approving" group that we can use to set ACLs for these works, we need to set the `can` permissions explictly. Whenever `can_review_submissions?` is `true`, we let users read and edit a work, as well as forcing `test_download` to `true`. Connected to #1206, #1216.
curationexperts · Aug 3, 2018 · ac39e3f · ac39e3f
1 parent b326772
commit ac39e3f
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/app/models/ability.rb b/app/models/ability.rb
@@ -5,12 +5,17 @@ class Ability
 
   # Define any customized permissions here.
   def custom_permissions
+    can [:read, :edit], String if can_review_submissions?
     return unless admin?
     can [:create, :show, :add_user, :remove_user, :index, :edit, :update, :destroy], Role
     can [:destroy], ActiveFedora::Base
     can [:read], Schools::School
   end
 
+  def test_download(id)
+    super || can_review_submissions?
+  end
+
   def ipe_permissions
     can :create, InProgressEtd if registered_user?
     can :update, InProgressEtd, user_ppid: current_user.ppid