metamaps--metamaps/app/policies/map_policy.rb

class MapPolicy < ApplicationPolicy
  class Scope < Scope
    def resolve
      visible = ['public', 'commons']
      permission = 'maps.permission IN (?)'
      if user
        scope.where(permission + ' OR maps.user_id = ?', visible, user.id)
      else
        scope.where(permission, visible)
      end
    end
  end

  def activemaps?
    user.blank? # redirect to root url if authenticated for some reason
  end

  def featuredmaps?
    true
  end

  def mymaps?
    user.present?
  end

  def usermaps?
    true
  end

  def show?
    record.permission == 'commons' || record.permission == 'public' || record.user == user
  end

  def contains?
    show?
  end

  def create?
    user.present?
  end

  def update?
    user.present? && (record.permission == 'commons' || record.user == user)
  end

  def screenshot?
    update?
  end

  def destroy?
    record.user == user || admin_override
  end
end
map policy 2016-02-28 05:28:28 +00:00			`class MapPolicy < ApplicationPolicy`
			`class Scope < Scope`
			`def resolve`
handle not logged in scenarios 2016-03-12 15:41:32 +00:00			`visible = ['public', 'commons']`
			`permission = 'maps.permission IN (?)'`
pundit: sometimes no user 2016-03-12 15:27:05 +00:00			`if user`
handle not logged in scenarios 2016-03-12 15:41:32 +00:00			`scope.where(permission + ' OR maps.user_id = ?', visible, user.id)`
pundit: sometimes no user 2016-03-12 15:27:05 +00:00			`else`
handle not logged in scenarios 2016-03-12 15:41:32 +00:00			`scope.where(permission, visible)`
pundit: sometimes no user 2016-03-12 15:27:05 +00:00			`end`
map policy 2016-02-28 05:28:28 +00:00			`end`
			`end`

			`def activemaps?`
@ symbols unneeded 2016-02-28 09:24:00 +00:00			`user.blank? # redirect to root url if authenticated for some reason`
map policy 2016-02-28 05:28:28 +00:00			`end`

			`def featuredmaps?`
			`true`
			`end`

			`def mymaps?`
@ symbols unneeded 2016-02-28 09:24:00 +00:00			`user.present?`
map policy 2016-02-28 05:28:28 +00:00			`end`

			`def usermaps?`
			`true`
			`end`

			`def show?`
@ symbols unneeded 2016-02-28 09:24:00 +00:00			`record.permission == 'commons' \|\| record.permission == 'public' \|\| record.user == user`
map policy 2016-02-28 05:28:28 +00:00			`end`

			`def contains?`
			`show?`
			`end`

			`def create?`
@ symbols unneeded 2016-02-28 09:24:00 +00:00			`user.present?`
map policy 2016-02-28 05:28:28 +00:00			`end`

			`def update?`
@ symbols unneeded 2016-02-28 09:24:00 +00:00			`user.present? && (record.permission == 'commons' \|\| record.user == user)`
map policy 2016-02-28 05:28:28 +00:00			`end`

			`def screenshot?`
			`update?`
			`end`

			`def destroy?`
consistent permissions 2016-03-11 13:32:18 +00:00			`record.user == user \|\| admin_override`
map policy 2016-02-28 05:28:28 +00:00			`end`
			`end`