needed a policy for tokens

2016-03-14 08:19:26 +11:00 · 2016-03-14 08:19:26 +11:00 · 6f5258cbb7
commit 6f5258cbb7
parent b40fedda1a
2 changed files with 24 additions and 2 deletions
--- a/app/policies/token_policy.rb
+++ b/app/policies/token_policy.rb
@ -0,0 +1,24 @@
+class TokenPolicy < ApplicationPolicy
+  class Scope < Scope
+    def resolve
+      if user
+        scope.where('tokens.user_id = ?', user.id)
+      else
+        where(:id => nil).where("id IS NOT ?", nil) # to just return none
+      end
+    end
+  end
+
+  def create?
+    user.present?   
+  end
+
+  def my_tokens?
+    user.present?
+  end
+
+  def destroy?
+    user.present? && record.user == user
+  end
+
+end
--- a/app/serializers/token_serializer.rb
+++ b/app/serializers/token_serializer.rb
@ -1,9 +1,7 @@
 class TokenSerializer < ActiveModel::Serializer
-  embed :ids, include: true
  attributes :id,
             :token,
             :description,
-             :user_id,
             :created_at,
             :updated_at