app/controllers/scrivito/workspaces_controller.rb in scrivito_sdk-1.0.0 vs app/controllers/scrivito/workspaces_controller.rb in scrivito_sdk-1.1.0.rc1

@@ -1,12 +1,23 @@
 module Scrivito
   class WorkspacesController < WebserviceController
-    around_action :authorize_workspace_create,          only: :create
-    around_action :authorize_current_workspace_read,    only: :show
-    around_action :authorize_current_workspace_write,   only: [:update, :destroy, :rebase]
-    around_action :authorize_current_workspace_publish, only: [:check, :publish]
+    def self.restrict_access_to(action_name, require_permission:)
+      around_action only: action_name do |_, block|
+        subject = params.has_key?(:id) ? current_workspace : :workspace
+        authorize_workspace_access(require_permission, subject, &block)
+      end
+    end
 
+    restrict_access_to :create,      require_permission: :create
+    restrict_access_to :show,        require_permission: :read
+    restrict_access_to :rename,      require_permission: :write
+    restrict_access_to :memberships, require_permission: :invite_to
+    restrict_access_to :destroy,     require_permission: :delete
+    restrict_access_to :rebase,      require_permission: :write
+    restrict_access_to :check,       require_permission: :publish
+    restrict_access_to :publish,     require_permission: :publish
+
     def index
       @workspaces = Workspace.all.select(&method(:can_user_read_workspace?))
       render :workspaces
     end
 
@@ -23,15 +34,20 @@
       handle_if_task(result) do
         @workspace_result = result
       end
     end
 
-    def update
-      current_workspace.update(workspace_params)
+    def rename
+      current_workspace.update(workspace_params.slice(:title))
       render_empty_json
     end
 
+    def memberships
+      current_workspace.update(workspace_params.slice(:memberships))
+      render_empty_json
+    end
+
     def destroy
       current_workspace.destroy
       render_empty_json
     end
 
@@ -63,40 +79,19 @@
     def current_workspace_backend_path(suffix)
       "/workspaces/#{current_workspace.id}#{suffix}"
     end
 
     def conditional_publish
-      task_unaware_request(:put, current_workspace_backend_path('/publish'), {
-        if_content_state_id_equals: current_workspace.content_state.content_state_id
-      })
+      task_unaware_request(:put, current_workspace_backend_path('/publish'),
+        if_content_state_id_equals: current_workspace.content_state_id)
     end
 
     def valid_publish_request?
       publish_checker.passing_certificates?(certificates_param)
     end
 
     def publish_checker
       Workspace::PublishChecker.new(current_workspace, scrivito_user)
-    end
-
-    def authorize_workspace_create(&block)
-      authorize_workspace_access(:create, :workspace, &block)
-    end
-
-    def authorize_current_workspace_read(&block)
-      authorize_current_workspace_access(:read, &block)
-    end
-
-    def authorize_current_workspace_write(&block)
-      authorize_current_workspace_access(:write, &block)
-    end
-
-    def authorize_current_workspace_publish(&block)
-      authorize_current_workspace_access(:publish, &block)
-    end
-
-    def authorize_current_workspace_access(verb, &block)
-      authorize_workspace_access(verb, current_workspace, &block)
     end
 
     def current_workspace
       @current_workspace ||= Workspace.find(params[:id])
     end