2016-02-13 09:28:21 +00:00
|
|
|
class SynapsePolicy < ApplicationPolicy
|
|
|
|
|
class Scope < Scope
|
|
|
|
|
def resolve
|
2016-03-12 15:41:32 +00:00
|
|
|
visible = ['public', 'commons']
|
|
|
|
|
permission = 'synapses.permission IN (?)'
|
|
|
|
|
if user
|
|
|
|
|
scope.where(permission + ' OR synapses.user_id = ?', visible, user.id)
|
|
|
|
|
else
|
|
|
|
|
scope.where(permission, visible)
|
|
|
|
|
end
|
2016-02-13 09:28:21 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def create?
|
2016-02-28 09:24:00 +00:00
|
|
|
user.present?
|
2016-03-12 00:35:03 +00:00
|
|
|
# todo add validation against whether you can see both topics
|
2016-02-13 09:28:21 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def show?
|
2016-03-11 13:32:18 +00:00
|
|
|
record.permission == 'commons' || record.permission == 'public' || record.user == user
|
2016-02-13 09:28:21 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def update?
|
2016-03-11 13:32:18 +00:00
|
|
|
user.present? && (record.permission == 'commons' || record.user == user)
|
2016-02-13 09:28:21 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def destroy?
|
2016-03-11 13:32:18 +00:00
|
|
|
record.user == user || admin_override
|
2016-02-13 09:28:21 +00:00
|
|
|
end
|
|
|
|
|
end
|
