handle not logged in scenarios

2016-03-13 02:41:32 +11:00 · 2016-03-13 02:41:32 +11:00 · b236f4c689
parent 7ff24fb3b6
commit b236f4c689
4 changed files with 25 additions and 6 deletions
--- a/app/policies/map_policy.rb
+++ b/app/policies/map_policy.rb
@ -1,10 +1,12 @@
 class MapPolicy < ApplicationPolicy
  class Scope < Scope
    def resolve
+      visible = ['public', 'commons']
+      permission = 'maps.permission IN (?)'
      if user
-        scope.where('maps.permission IN (?) OR maps.user_id = ?', ["public", "commons"], user.id)
+        scope.where(permission + ' OR maps.user_id = ?', visible, user.id)
      else
-        scope.where('maps.permission IN (?)', ["public", "commons"])
+        scope.where(permission, visible)
      end
    end
  end
--- a/app/policies/mapping_policy.rb
+++ b/app/policies/mapping_policy.rb
@ -5,8 +5,13 @@ class MappingPolicy < ApplicationPolicy
      # it would be nice if we could also base this on the mappable, but that
      # gets really complicated. Devin thinks it's OK to SHOW a mapping for
      # a private topic, since you can't see the private topic anyways
-      scope.joins(:maps).where('maps.permission IN (?) OR maps.user_id = ?',
-                                 ["public", "commons"], user.id)
+      visible = ['public', 'commons']
+      permission = 'maps.permission IN (?)'
+      if user
+        scope.joins(:maps).where(permission + ' OR maps.user_id = ?', visible, user.id)
+      else
+        scope.where(permission, visible)
+      end 
    end
  end

--- a/app/policies/synapse_policy.rb
+++ b/app/policies/synapse_policy.rb
@ -1,7 +1,13 @@
 class SynapsePolicy < ApplicationPolicy
  class Scope < Scope
    def resolve
-      scope.where('synapses.permission IN (?) OR synapses.user_id = ?', ["public", "commons"], user.id)
+      visible = ['public', 'commons']
+      permission = 'synapses.permission IN (?)'
+      if user
+        scope.where(permission + ' OR synapses.user_id = ?', visible, user.id)
+      else
+        scope.where(permission, visible)
+      end
    end
  end

--- a/app/policies/topic_policy.rb
+++ b/app/policies/topic_policy.rb
@ -1,7 +1,13 @@
 class TopicPolicy < ApplicationPolicy
  class Scope < Scope
    def resolve
-      scope.where('topics.permission IN (?) OR topics.user_id = ?', ["public", "commons"], user.id)
+      visible = ['public', 'commons']
+      permission = 'topics.permission IN (?)'
+      if user
+        scope.where(permission + ' OR topics.user_id = ?', visible, user.id)
+      else
+        scope.where(permission, visible)
+      end
    end
  end