metamaps--metamaps/app/policies/message_policy.rb

class MessagePolicy < ApplicationPolicy
  class Scope < Scope
    def resolve
      visible = ['public', 'commons']
      permission = 'maps.permission IN (?)'
      if user
        scope.joins(:maps).where(permission + ' OR maps.user_id = ?', visible, user.id)
      else
        scope.where(permission, visible)
      end 
    end
  end

  def show?
    resource_policy.show?
  end

  def create?
    record.resource.present? && resource_policy.update?
  end

  def update?
    record.user == user
  end

  def destroy?
    record.user == user || admin_override
  end

  # Helpers

  def resource_policy
    @resource_policy ||= Pundit.policy(user, record.resource)
  end

end
switch messages to use pundit 2016-03-23 23:29:26 +00:00			`class MessagePolicy < ApplicationPolicy`
			`class Scope < Scope`
			`def resolve`
			`visible = ['public', 'commons']`
			`permission = 'maps.permission IN (?)'`
			`if user`
			`scope.joins(:maps).where(permission + ' OR maps.user_id = ?', visible, user.id)`
			`else`
			`scope.where(permission, visible)`
			`end`
			`end`
			`end`

			`def show?`
			`resource_policy.show?`
			`end`

			`def create?`
			`record.resource.present? && resource_policy.update?`
			`end`

			`def update?`
			`record.user == user`
			`end`

			`def destroy?`
			`record.user == user \|\| admin_override`
			`end`

			`# Helpers`

			`def resource_policy`
			`@resource_policy \|\|= Pundit.policy(user, record.resource)`
			`end`

			`end`