2016-09-24 03:00:46 +00:00
|
|
|
# frozen_string_literal: true
|
2016-02-28 05:28:28 +00:00
|
|
|
class MapPolicy < ApplicationPolicy
|
|
|
|
class Scope < Scope
|
|
|
|
def resolve
|
2016-07-26 00:14:23 +00:00
|
|
|
visible = %w(public commons)
|
2016-09-24 04:27:34 +00:00
|
|
|
return scope.where(permission: visible) unless user
|
|
|
|
|
|
|
|
scope.where(permission: visible)
|
|
|
|
.or(scope.where(id: user.shared_maps.map(&:id)))
|
|
|
|
.or(scope.where(user_id: user.id))
|
2016-02-28 05:28:28 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-09-21 17:22:40 +00:00
|
|
|
def index?
|
|
|
|
true
|
2016-02-28 05:28:28 +00:00
|
|
|
end
|
|
|
|
|
2016-09-21 17:22:40 +00:00
|
|
|
def show?
|
2016-12-13 03:28:10 +00:00
|
|
|
record.permission.in?(%w(commons public)) ||
|
2016-09-24 04:27:34 +00:00
|
|
|
record.collaborators.include?(user) ||
|
|
|
|
record.user == user
|
2016-02-28 05:28:28 +00:00
|
|
|
end
|
|
|
|
|
2016-09-21 17:22:40 +00:00
|
|
|
def create?
|
2016-02-28 09:24:00 +00:00
|
|
|
user.present?
|
2016-02-28 05:28:28 +00:00
|
|
|
end
|
|
|
|
|
2016-09-21 17:22:40 +00:00
|
|
|
def update?
|
2016-09-24 04:27:34 +00:00
|
|
|
return false unless user.present?
|
|
|
|
record.permission == 'commons' ||
|
|
|
|
record.collaborators.include?(user) ||
|
|
|
|
record.user == user
|
2016-02-28 05:28:28 +00:00
|
|
|
end
|
|
|
|
|
2016-09-21 17:22:40 +00:00
|
|
|
def destroy?
|
|
|
|
record.user == user || admin_override
|
2016-02-28 05:28:28 +00:00
|
|
|
end
|
|
|
|
|
2016-09-21 17:22:40 +00:00
|
|
|
def access?
|
2016-10-17 00:22:00 +00:00
|
|
|
# this is for the map creator to bulk change who can access the map
|
2016-09-21 17:22:40 +00:00
|
|
|
user.present? && record.user == user
|
2016-03-26 07:21:55 +00:00
|
|
|
end
|
|
|
|
|
2016-10-17 00:22:00 +00:00
|
|
|
def request_access?
|
|
|
|
# this is to access the page where you can request access to a map
|
|
|
|
user.present?
|
|
|
|
end
|
|
|
|
|
|
|
|
def access_request?
|
|
|
|
# this is to actually request access
|
|
|
|
user.present?
|
|
|
|
end
|
|
|
|
|
|
|
|
def approve_access?
|
|
|
|
record.user == user
|
|
|
|
end
|
|
|
|
|
|
|
|
def deny_access?
|
|
|
|
approve_access?
|
|
|
|
end
|
|
|
|
|
|
|
|
def approve_access_post?
|
|
|
|
approve_access?
|
|
|
|
end
|
|
|
|
|
|
|
|
def deny_access_post?
|
|
|
|
approve_access?
|
|
|
|
end
|
|
|
|
|
2016-02-28 05:28:28 +00:00
|
|
|
def contains?
|
|
|
|
show?
|
|
|
|
end
|
|
|
|
|
2016-09-21 17:22:40 +00:00
|
|
|
def events?
|
|
|
|
show?
|
2016-02-28 05:28:28 +00:00
|
|
|
end
|
|
|
|
|
2016-09-21 17:22:40 +00:00
|
|
|
def export?
|
|
|
|
show?
|
2016-04-24 15:50:35 +00:00
|
|
|
end
|
|
|
|
|
2016-08-31 20:58:49 +00:00
|
|
|
def star?
|
|
|
|
unstar?
|
|
|
|
end
|
|
|
|
|
|
|
|
def unstar?
|
|
|
|
user.present?
|
|
|
|
end
|
2016-02-28 05:28:28 +00:00
|
|
|
end
|