metamaps--metamaps/app/policies/synapse_policy.rb

class SynapsePolicy < ApplicationPolicy
  class Scope < Scope
    def resolve
      scope.where('synapses.permission IN (?) OR synapses.user_id = ?', ["public", "commons"], user.id)
    end
  end

  def create?
    user.present?
    # todo add validation against whether you can see both topics
  end

  def show?
    record.permission == 'commons' || record.permission == 'public' || record.user == user
  end

  def update?
    user.present? && (record.permission == 'commons' || record.user == user)
  end

  def destroy?
    record.user == user || admin_override
  end
end
synapse policy 2016-02-13 09:28:21 +00:00			`class SynapsePolicy < ApplicationPolicy`
			`class Scope < Scope`
			`def resolve`
pundit: fixing up topics and synapses 2016-03-12 00:10:30 +00:00			`scope.where('synapses.permission IN (?) OR synapses.user_id = ?', ["public", "commons"], user.id)`
synapse policy 2016-02-13 09:28:21 +00:00			`end`
			`end`

			`def create?`
@ symbols unneeded 2016-02-28 09:24:00 +00:00			`user.present?`
pundit: now updating maps actually works 2016-03-12 00:35:03 +00:00			`# todo add validation against whether you can see both topics`
synapse policy 2016-02-13 09:28:21 +00:00			`end`

			`def show?`
consistent permissions 2016-03-11 13:32:18 +00:00			`record.permission == 'commons' \|\| record.permission == 'public' \|\| record.user == user`
synapse policy 2016-02-13 09:28:21 +00:00			`end`

			`def update?`
consistent permissions 2016-03-11 13:32:18 +00:00			`user.present? && (record.permission == 'commons' \|\| record.user == user)`
synapse policy 2016-02-13 09:28:21 +00:00			`end`

			`def destroy?`
consistent permissions 2016-03-11 13:32:18 +00:00			`record.user == user \|\| admin_override`
synapse policy 2016-02-13 09:28:21 +00:00			`end`
			`end`