Voting authorization

[fisx]

A student with roles [Student "7a", Moderator] currently has voting permission in class "7b". This should not be.

In other words: voting must be restricted to the idea spaces a student is member in. We haven't implemented that because students didn't have access to any idea spaces except the ones they had voting rights. Now that some students have moderator role as well, this no longer holds.

I tried to changes this in Access.hs:

     | CanLike
-    | CanVote
+    | CanVote ClassName
     | CanComment

[...]

 phaseVotingCap :: Idea -> Role -> [Capability]
 phaseVotingCap _i = \case
-    Student    _clss -> [CanVote]
+    Student    clss  -> [CanVote clss]
     ClassGuest _clss -> []

But that breaks Enum and Bounded instances and rules out using Capability as kind.

Related question: should we allow comment votes for all students, or just students in a particular idea space?

[fisx]

conclusion from phone call (as a diff on Access.hs):

@@ -172,7 +172,7 @@ thereIsAGod nope = if isThere then [minBound..] else nope
 capabilities :: CapCtx -> [Capability]
 capabilities (CapCtx u ms mp mi mc mup mdt)
     | not . checkSpace ms $ rs ^. each . roleScope = []
-    | otherwise = mconcat . mconcat $
+    | otherwise = afterthought . mconcat . mconcat $
     [ userCapabilities <$> rs
     , [ ideaCapabilities (u ^. _Id) r i p    | r <- rs, i <- l mi, p <- l mp ]
     , [ commentCapabilities (u ^. _Id) r c p | r <- rs, c <- l mc, p <- l mp ]
@@ -184,6 +184,11 @@ capabilities (CapCtx u ms mp mi mc mup mdt)
     rs = u ^.. userRoles
     l  = maybeToList

+    -- Remove 'CanVote' *iff* the user has 'Moderator', but no membership of the
+    -- e'SchoolClass' from 'CapCtx'.
+    afterthought :: [Capability] -> [Capability]
+    afterthought = _
+

[np]

Does this extra check only applies to CanVote, after a review of the capabilities this seems to apply to CanLike as well.

[fisx]

correct, CanLike needs to behave the same way as CanVote with respect to this issue.

[fisx]

Fixed in #1017.