From 6f5258cbb7bd5ed145dba95d2d1c594f41fbbe85 Mon Sep 17 00:00:00 2001
From: Connor Turland <connorturland@gmail.com>
Date: Mon, 14 Mar 2016 08:19:26 +1100
Subject: [PATCH] needed a policy for tokens

---
 app/policies/token_policy.rb        | 24 ++++++++++++++++++++++++
 app/serializers/token_serializer.rb |  2 --
 2 files changed, 24 insertions(+), 2 deletions(-)
 create mode 100644 app/policies/token_policy.rb

diff --git a/app/policies/token_policy.rb b/app/policies/token_policy.rb
new file mode 100644
index 00000000..393d2441
--- /dev/null
+++ b/app/policies/token_policy.rb
@@ -0,0 +1,24 @@
+class TokenPolicy < ApplicationPolicy
+  class Scope < Scope
+    def resolve
+      if user
+        scope.where('tokens.user_id = ?', user.id)
+      else
+        where(:id => nil).where("id IS NOT ?", nil) # to just return none
+      end
+    end
+  end
+
+  def create?
+    user.present?   
+  end
+
+  def my_tokens?
+    user.present?
+  end
+
+  def destroy?
+    user.present? && record.user == user
+  end
+
+end
diff --git a/app/serializers/token_serializer.rb b/app/serializers/token_serializer.rb
index 8eed535a..7abcc3df 100644
--- a/app/serializers/token_serializer.rb
+++ b/app/serializers/token_serializer.rb
@@ -1,9 +1,7 @@
 class TokenSerializer < ActiveModel::Serializer
-  embed :ids, include: true
   attributes :id,
              :token,
              :description,
-             :user_id,
              :created_at,
              :updated_at