2016-09-24 03:00:46 +00:00
|
|
|
# frozen_string_literal: true
|
2016-02-13 09:28:21 +00:00
|
|
|
class SynapsePolicy < ApplicationPolicy
|
|
|
|
class Scope < Scope
|
|
|
|
def resolve
|
2016-12-06 21:46:46 +00:00
|
|
|
return scope.where(permission: %w(public commons)) unless user
|
2016-09-24 04:27:34 +00:00
|
|
|
|
2016-12-06 21:46:46 +00:00
|
|
|
scope.where(permission: %w(public commons))
|
|
|
|
.or(scope.where(defer_to_map_id: user.all_accessible_maps.map(&:id)))
|
2016-09-24 04:27:34 +00:00
|
|
|
.or(scope.where(user_id: user.id))
|
2016-02-13 09:28:21 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-09-21 17:22:40 +00:00
|
|
|
def index?
|
|
|
|
true # really only for the API. should be policy scoped!
|
|
|
|
end
|
|
|
|
|
2016-02-13 09:28:21 +00:00
|
|
|
def create?
|
2016-10-28 03:03:59 +00:00
|
|
|
if record.try(:topic1) && record.try(:topic2)
|
|
|
|
topic1_show? && topic2_show? && user.present?
|
|
|
|
else
|
|
|
|
# allows us to use policy(Synapse).create?
|
|
|
|
user.present?
|
|
|
|
end
|
2016-02-13 09:28:21 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def show?
|
2016-10-28 03:03:59 +00:00
|
|
|
topic1_show? && topic2_show? && synapse_show?
|
2016-02-13 09:28:21 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def update?
|
2016-07-26 00:14:23 +00:00
|
|
|
if !user.present?
|
2016-04-24 15:50:35 +00:00
|
|
|
false
|
|
|
|
elsif record.defer_to_map.present?
|
2016-07-26 00:14:23 +00:00
|
|
|
map_policy.update?
|
|
|
|
else
|
2016-04-24 15:50:35 +00:00
|
|
|
record.permission == 'commons' || record.user == user
|
|
|
|
end
|
2016-02-13 09:28:21 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def destroy?
|
2016-03-11 13:32:18 +00:00
|
|
|
record.user == user || admin_override
|
2016-02-13 09:28:21 +00:00
|
|
|
end
|
2016-04-24 15:50:35 +00:00
|
|
|
|
|
|
|
# Helpers
|
2016-10-28 03:03:59 +00:00
|
|
|
|
2016-04-24 15:50:35 +00:00
|
|
|
def map_policy
|
|
|
|
@map_policy ||= Pundit.policy(user, record.defer_to_map)
|
|
|
|
end
|
2016-10-28 03:03:59 +00:00
|
|
|
|
|
|
|
def topic1_show?
|
|
|
|
@topic1_policy ||= Pundit.policy(user, record.topic1)
|
|
|
|
@topic1_policy&.show?
|
|
|
|
end
|
|
|
|
|
|
|
|
def topic2_show?
|
|
|
|
@topic2_policy ||= Pundit.policy(user, record.topic2)
|
|
|
|
@topic2_policy&.show?
|
|
|
|
end
|
|
|
|
|
|
|
|
def synapse_show?
|
|
|
|
if record.defer_to_map.present?
|
|
|
|
map_policy&.show?
|
|
|
|
else
|
|
|
|
record.permission == 'commons' || record.permission == 'public' || record.user == user
|
|
|
|
end
|
|
|
|
end
|
2016-02-13 09:28:21 +00:00
|
|
|
end
|