mapping policy
This commit is contained in:
Devin Howard
parent
d8cc588efb
commit
615eaf580e
1 changed files with 31 additions and 0 deletions
31
app/policies/mapping_policy.rb
Normal file
31
app/policies/mapping_policy.rb
Normal file
|
|
@ -0,0 +1,31 @@
|
||||||
|
class MappingPolicy < ApplicationPolicy
|
||||||
|
class Scope < Scope
|
||||||
|
def resolve
|
||||||
|
# TODO base this on the map policy
|
||||||
|
# it would be nice if we could also base this on the mappable, but that
|
||||||
|
# gets really complicated. Devin thinks it's OK to SHOW a mapping for
|
||||||
|
# a private topic, since you can't see the private topic anyways
|
||||||
|
scope.joins(:maps).where('maps.permission IN ("public", "commons") OR user_id = ?', user.id)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def show?
|
||||||
|
map = policy(record.map, user)
|
||||||
|
mappable = policy(record.mappable, user)
|
||||||
|
map.show? && mappable.show?
|
||||||
|
end
|
||||||
|
|
||||||
|
def create?
|
||||||
|
map = policy(record.map, user)
|
||||||
|
map.edit?
|
||||||
|
end
|
||||||
|
|
||||||
|
def update?
|
||||||
|
map = policy(record.map, user)
|
||||||
|
map.update?
|
||||||
|
end
|
||||||
|
|
||||||
|
def destroy?
|
||||||
|
record.user == user || admin_override
|
||||||
|
end
|
||||||
|
end
|
||||||
Loading…
Reference in a new issue