Space-specific sources

app/assets/stylesheets/application.scss

@@ -18,7 +18,32 @@
 @import "font-awesome-sprockets";
 @import "font-awesome";
 @import "mixins/mixins";
-@import "*";
+
+// Local
+@import "about";
+@import "account";
+@import "activities";
+@import "autocomplete";
+@import "bootstrap-tweaks";
+@import "collaborations";
+@import "collection";
+@import "curators";
+@import "events";
+@import "external-resources";
+@import "footer";
+@import "forms";
+@import "headers";
+@import "helpers";
+@import "home";
+@import "icons";
+@import "learning-paths";
+@import "masonry";
+@import "nodes";
+@import "showcase";
+@import "toggle";
+@import "workflows";
+
+// Vendor
 @import "cytoscape-panzoom";
 @import "jquery.simplecolorpicker";
 @import "eonasdan-bootstrap-datetimepicker";
@@ -1049,6 +1074,24 @@ td.day .calendar-text {
   }
 }
 
+.theme-selector {
+  display: flex;
+  gap: 10px;
+}
+
+.theme-select-option {
+  flex-grow: 1;
+  label {
+    border: 5px solid;
+    padding: 10px 20px;
+    border-radius: 5px;
+    display: block;
+
+    hr {
+      border-width: 10px;
+    }
+  }
+}
 .btn-oidc-only {
   font-size: 36px;
   padding: 4px;

app/assets/stylesheets/learning-paths.scss

@@ -38,7 +38,7 @@
   }
 }
 
-.learning-path-item {
+.block-item {
   text-align: center;
   border-image-slice: 80;
   border-image-width: 80px;

app/controllers/collections_controller.rb

@@ -114,7 +114,7 @@ def destroy
     @collection.create_activity :destroy, owner: current_user
     @collection.destroy
     respond_to do |format|
-      format.html { redirect_to collections_url, notice: 'Collection was successfully destroyed.' }
+      format.html { redirect_to collections_path, notice: 'Collection was successfully destroyed.' }
       format.json { head :no_content }
     end
   end

app/controllers/content_providers_controller.rb

@@ -86,7 +86,7 @@ def destroy
     @content_provider.create_activity :destroy, owner: current_user
     @content_provider.destroy
     respond_to do |format|
-      format.html { redirect_to content_providers_url, notice: 'Content Provider was successfully destroyed.' }
+      format.html { redirect_to content_providers_path, notice: 'Content Provider was successfully destroyed.' }
       format.json { head :no_content }
     end
   end

app/controllers/events_controller.rb

@@ -187,7 +187,7 @@ def destroy
     @event.create_activity :destroy, owner: current_user
     @event.destroy
     respond_to do |format|
-      format.html { redirect_to events_url, notice: 'Event was successfully destroyed.' }
+      format.html { redirect_to events_path, notice: 'Event was successfully destroyed.' }
       format.json { head :no_content }
     end
   end

app/controllers/learning_path_topics_controller.rb

@@ -68,7 +68,7 @@ def destroy
     @learning_path_topic.create_activity :destroy, owner: current_user
     @learning_path_topic.destroy
     respond_to do |format|
-      format.html { redirect_to learning_path_topics_url, notice: 'Topic was successfully destroyed.' }
+      format.html { redirect_to learning_path_topics_path, notice: 'Topic was successfully destroyed.' }
       # format.json { head :no_content }
     end
   end

app/controllers/learning_paths_controller.rb

@@ -85,7 +85,7 @@ def destroy
     @learning_path.create_activity :destroy, owner: current_user
     @learning_path.destroy
     respond_to do |format|
-      format.html { redirect_to learning_paths_url, notice: 'Learning path was successfully destroyed.' }
+      format.html { redirect_to learning_paths_path, notice: 'Learning path was successfully destroyed.' }
       format.json { head :no_content }
     end
   end

app/controllers/materials_controller.rb

@@ -132,7 +132,7 @@ def destroy
     @material.create_activity :destroy, owner: current_user
     @material.destroy
     respond_to do |format|
-      format.html { redirect_to materials_url, notice: 'Material was successfully destroyed.' }
+      format.html { redirect_to materials_path, notice: 'Material was successfully destroyed.' }
       format.json { head :no_content }
     end
   end

app/controllers/nodes_controller.rb

@@ -79,7 +79,7 @@ def destroy
     @node.create_activity :destroy, owner: current_user
     @node.destroy
     respond_to do |format|
-      format.html { redirect_to nodes_url, notice: 'Node was successfully destroyed.' }
+      format.html { redirect_to nodes_path, notice: 'Node was successfully destroyed.' }
       format.json { head :no_content }
     end
   end

app/controllers/sources_controller.rb

@@ -24,7 +24,7 @@ def show
 
   # GET /sources/new
   def new
-    authorize Source
+    authorize @content_provider, :create_source?
     @source = @content_provider.sources.build
   end
 
@@ -36,9 +36,10 @@ def edit
   # POST /sources
   # POST /sources.json
   def create
-    authorize Source
+    authorize @content_provider, :create_source?
     @source = @content_provider.sources.build(source_params)
     @source.user = current_user
+    @source.space = current_space
 
     respond_to do |format|
       if @source.save
@@ -145,13 +146,12 @@ def set_source
   def set_content_provider
     @content_provider = @source.content_provider if @source
     @content_provider ||= ContentProvider.friendly.find(params[:content_provider_id])
-    authorize @content_provider, :manage?
   end
 
   # Never trust parameters from the scary internet, only allow the white list through.
   def source_params
     permitted = [:url, :method, :token, :default_language, :enabled]
-    permitted << :approval_status if policy(Source).approve?
+    permitted << :approval_status if policy(@source || Source).approve?
     permitted << :content_provider_id if policy(Source).index?
 
     params.require(:source).permit(permitted)

app/controllers/spaces_controller.rb

@@ -65,7 +65,7 @@ def destroy
     @space.create_activity :destroy, owner: current_user
     @space.destroy
     respond_to do |format|
-      format.html { redirect_to spaces_url, notice: 'Space was successfully deleted.' }
+      format.html { redirect_to spaces_path, notice: 'Space was successfully deleted.' }
     end
   end
 

app/controllers/workflows_controller.rb

@@ -87,7 +87,7 @@ def destroy
     @workflow.create_activity :destroy, owner: current_user
     @workflow.destroy
     respond_to do |format|
-      format.html { redirect_to workflows_url, notice: 'Workflow was successfully destroyed.' }
+      format.html { redirect_to workflows_path, notice: 'Workflow was successfully destroyed.' }
       format.json { head :no_content }
     end
   end

app/mailers/curation_mailer.rb

@@ -17,7 +17,8 @@ def source_requires_approval(source, user)
     @user = user
     @source = source
     subject = "#{TeSS::Config.site['title_short']} source \"#{@source.title}\" requires approval"
-    mail(subject:, to: User.with_role('admin').map(&:email)) do |format|
+    space = @source.space || Space.default
+    mail(subject:, to: space.administrators.map(&:email)) do |format|
       format.html
       format.text
     end

app/models/default_space.rb

@@ -56,4 +56,8 @@ def learning_path_topics
   def default?
     true
   end
+
+  def administrators
+    User.with_role('admin')
+  end
 end

app/models/source.rb

@@ -2,6 +2,7 @@ class Source < ApplicationRecord
   include LogParameterChanges
   include HasTestJob
   include HasAssociatedNodes
+  include InSpace
 
   APPROVAL_STATUS = {
     0 => :not_approved,

app/models/user.rb

@@ -381,6 +381,10 @@ def has_space_role?(space, role)
     space_roles.where(key: role, space: space).any?
   end
 
+  def has_role_in_any_space?(role)
+    space_roles.where(key: role).any?
+  end
+
   protected
 
   def reassign_resources(new_owner = User.get_default_user)

app/policies/application_policy.rb

@@ -16,6 +16,8 @@ def initialize(context, record)
     @user = context.user
     @request = context.request
     @record = record
+    @space = nil
+    @space = record.space if record.respond_to?(:space)
   end
 
   def index?
@@ -24,14 +26,10 @@ def index?
 
   def show?
     true
-    # scope.where(:id => record.id).exists?
   end
 
   def create?
-    # Only admin, scraper_user or curator roles can create
-    #@user.has_role?(:admin) or @user.has_role?(:scraper_user) or @user.has_role?(:curator)
-    # Any registered user user can create
-    @user && !@user.role.blank?
+    @user
   end
 
   def new?
@@ -52,19 +50,11 @@ def destroy?
 
   # "manage" isn't actually an action, but the "destroy?" and "update?" policies delegate to this method.
   def manage?
-    @user && @user.is_admin?
-  end
-
-  def request_is_api?(request)
-    return false if request.nil?
-    return ((request.post? or request.put? or request.patch?) and request.format.json?)
+    @user&.is_admin?
   end
 
   def curators_and_admin
-    @user && (
-      @user.has_role?(:curator) ||
-        @user.has_role?(:admin) ||
-        @user.has_role?(:scraper_user))
+    user_has_role?(:curator, :admin, :scraper_user)
   end
 
   def scope
@@ -84,4 +74,22 @@ def resolve
     end
   end
 
+  private
+
+  def request_is_api?
+    !!@request && ((@request.post? || @request.put? || @request.patch?) && @request.format.json?)
+  end
+
+  def scraper?
+    request_is_api? && @user&.has_role?(:scraper_user)
+  end
+
+  # Check if the user has any of the given roles.
+  # If we're in a space, also check they have any of those roles in the context of the space.
+  def user_has_role?(*roles)
+    return false if @user.nil?
+    roles.any? { |r| @user.has_role?(r) } ||
+      (@space && roles.any? { |r| @user.has_space_role?(@space, r) })
+  end
+
 end

app/policies/content_provider_policy.rb

@@ -1,3 +1,6 @@
 class ContentProviderPolicy < ScrapedResourcePolicy
-
+  def create_source?
+    (TeSS::Config.feature['user_source_creation'] && manage?) ||
+      user_has_role?(:admin, :curator)
+  end
 end

app/policies/learning_path_policy.rb

@@ -9,7 +9,7 @@ def update?
   end
 
   def manage?
-    curators_and_admin || @user&.has_role?(:learning_path_curator)
+    curators_and_admin || user_has_role?(:learning_path_curator)
   end
 
   def create?

app/policies/learning_path_topic_policy.rb

@@ -5,7 +5,7 @@ def update?
   end
 
   def manage?
-    curators_and_admin || @user&.has_role?(:learning_path_curator)
+    curators_and_admin || user_has_role?(:learning_path_curator)
   end
 
   def create?

app/policies/node_policy.rb

@@ -2,26 +2,11 @@ class NodePolicy < ApplicationPolicy
 
   def create?
     # Only admin, scraper_user, curator or node_curator roles can create
-    @user && (@user.has_role?(:admin) || @user.has_role?(:scraper_user) || @user.has_role?(:curator) || @user.has_role?(:node_curator))
+    user_has_role?(:admin, :curator, :node_curator) || scraper?
   end
 
   def manage?
-    return false unless @user
-    return true if @user.is_admin?
-
-    if request_is_api?(@request) #is this an API action - allow scraper_user roles only
-      if @user.has_role?(:scraper_user) #and @user.is_owner?(@record) # check ownership
-        return true
-      else
-        return false
-      end
-    end
-
-    if @user.has_role?(:curator) || @user.has_role?(:node_curator) || @user.is_owner?(@record)
-      return true
-    else
-      return false
-    end
+    user_has_role?(:admin, :curator, :node_curator) || scraper? || @user&.is_owner?(@record)
   end
 
 end

app/policies/resource_policy.rb

@@ -10,7 +10,7 @@ def create?
   end
 
   def manage?
-    super || (@user && (@user.is_owner?(@record) || (request_is_api?(@request) && @user.has_role?(:scraper_user))))
+    super || (@user&.is_owner?(@record) || scraper?)
   end
 
 end

app/policies/scraped_resource_policy.rb

@@ -3,7 +3,7 @@
 class ScrapedResourcePolicy < ResourcePolicy
 
   def manage?
-    super || (@user && @user.is_curator?) || is_content_provider_editor?
+    super || (@user&.is_curator?) || is_content_provider_editor?
   end
 
   private

app/policies/source_policy.rb

@@ -13,15 +13,11 @@ def index?
   end
 
   def create?
-    if TeSS::Config.feature['user_source_creation']
-      super
-    else
-      administration?
-    end
+    administration?
   end
 
   def approve?
-    @user && @user.has_role?(:admin)
+    user_has_role?(:admin)
   end
 
   def request_approval?