From 66f1d2ec0b8cb3387c9760707df614d25021ae92 Mon Sep 17 00:00:00 2001
From: Devin Howard <devin@callysto.com>
Date: Sat, 13 Feb 2016 17:28:09 +0800
Subject: [PATCH] install pundit

---
 Gemfile                                   |  2 +-
 Gemfile.lock                              |  5 ++-
 app/controllers/application_controller.rb |  1 +
 app/policies/application_policy.rb        | 53 +++++++++++++++++++++++
 4 files changed, 58 insertions(+), 3 deletions(-)
 create mode 100644 app/policies/application_policy.rb

diff --git a/Gemfile b/Gemfile
index 8379a7db..eec31832 100644
--- a/Gemfile
+++ b/Gemfile
@@ -6,7 +6,7 @@ gem 'rails', '4.2.4'
 gem 'devise'
 gem 'redis'
 gem 'pg'
-gem 'cancancan'
+gem 'pundit'
 gem 'formula'
 gem 'formtastic'
 gem 'json'
diff --git a/Gemfile.lock b/Gemfile.lock
index eb8edec5..2f10214a 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -56,7 +56,6 @@ GEM
     builder (3.2.2)
     byebug (5.0.0)
       columnize (= 0.9.0)
-    cancancan (1.13.1)
     climate_control (0.0.3)
       activesupport (>= 3.0)
     cocaine (0.5.7)
@@ -141,6 +140,8 @@ GEM
       pry (~> 0.10)
     pry-rails (0.3.4)
       pry (>= 0.9.10)
+    pundit (1.1.0)
+      activesupport (>= 3.0.0)
     quiet_assets (1.1.0)
       railties (>= 3.1, < 5.0)
     rack (1.6.4)
@@ -243,7 +244,6 @@ DEPENDENCIES
   best_in_place
   better_errors
   binding_of_caller
-  cancancan
   coffee-rails
   devise
   dotenv
@@ -260,6 +260,7 @@ DEPENDENCIES
   pg
   pry-byebug
   pry-rails
+  pundit
   quiet_assets
   rails (= 4.2.4)
   rails3-jquery-autocomplete
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 71d3d6ea..c380f96c 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,4 +1,5 @@
 class ApplicationController < ActionController::Base
+  include Pundit
   protect_from_forgery
 
   before_filter :get_invite_link
diff --git a/app/policies/application_policy.rb b/app/policies/application_policy.rb
new file mode 100644
index 00000000..2a0bbc52
--- /dev/null
+++ b/app/policies/application_policy.rb
@@ -0,0 +1,53 @@
+class ApplicationPolicy
+  attr_reader :user, :record
+
+  def initialize(user, record)
+    @user = user
+    @record = record
+  end
+
+  def index?
+    false
+  end
+
+  def show?
+    scope.where(:id => record.id).exists?
+  end
+
+  def create?
+    false
+  end
+
+  def new?
+    create?
+  end
+
+  def update?
+    false
+  end
+
+  def edit?
+    update?
+  end
+
+  def destroy?
+    false
+  end
+
+  def scope
+    Pundit.policy_scope!(user, record.class)
+  end
+
+  class Scope
+    attr_reader :user, :scope
+
+    def initialize(user, scope)
+      @user = user
+      @scope = scope
+    end
+
+    def resolve
+      scope
+    end
+  end
+end