handle not logged in scenarios
This commit is contained in:
Connor Turland
parent
7ff24fb3b6
commit
b236f4c689
4 changed files with 25 additions and 6 deletions
|
|
@ -1,10 +1,12 @@
|
||||||
class MapPolicy < ApplicationPolicy
|
class MapPolicy < ApplicationPolicy
|
||||||
class Scope < Scope
|
class Scope < Scope
|
||||||
def resolve
|
def resolve
|
||||||
|
visible = ['public', 'commons']
|
||||||
|
permission = 'maps.permission IN (?)'
|
||||||
if user
|
if user
|
||||||
scope.where('maps.permission IN (?) OR maps.user_id = ?', ["public", "commons"], user.id)
|
scope.where(permission + ' OR maps.user_id = ?', visible, user.id)
|
||||||
else
|
else
|
||||||
scope.where('maps.permission IN (?)', ["public", "commons"])
|
scope.where(permission, visible)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
||||||
|
|
@ -5,8 +5,13 @@ class MappingPolicy < ApplicationPolicy
|
||||||
# it would be nice if we could also base this on the mappable, but that
|
# it would be nice if we could also base this on the mappable, but that
|
||||||
# gets really complicated. Devin thinks it's OK to SHOW a mapping for
|
# gets really complicated. Devin thinks it's OK to SHOW a mapping for
|
||||||
# a private topic, since you can't see the private topic anyways
|
# a private topic, since you can't see the private topic anyways
|
||||||
scope.joins(:maps).where('maps.permission IN (?) OR maps.user_id = ?',
|
visible = ['public', 'commons']
|
||||||
["public", "commons"], user.id)
|
permission = 'maps.permission IN (?)'
|
||||||
|
if user
|
||||||
|
scope.joins(:maps).where(permission + ' OR maps.user_id = ?', visible, user.id)
|
||||||
|
else
|
||||||
|
scope.where(permission, visible)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,13 @@
|
||||||
class SynapsePolicy < ApplicationPolicy
|
class SynapsePolicy < ApplicationPolicy
|
||||||
class Scope < Scope
|
class Scope < Scope
|
||||||
def resolve
|
def resolve
|
||||||
scope.where('synapses.permission IN (?) OR synapses.user_id = ?', ["public", "commons"], user.id)
|
visible = ['public', 'commons']
|
||||||
|
permission = 'synapses.permission IN (?)'
|
||||||
|
if user
|
||||||
|
scope.where(permission + ' OR synapses.user_id = ?', visible, user.id)
|
||||||
|
else
|
||||||
|
scope.where(permission, visible)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,13 @@
|
||||||
class TopicPolicy < ApplicationPolicy
|
class TopicPolicy < ApplicationPolicy
|
||||||
class Scope < Scope
|
class Scope < Scope
|
||||||
def resolve
|
def resolve
|
||||||
scope.where('topics.permission IN (?) OR topics.user_id = ?', ["public", "commons"], user.id)
|
visible = ['public', 'commons']
|
||||||
|
permission = 'topics.permission IN (?)'
|
||||||
|
if user
|
||||||
|
scope.where(permission + ' OR topics.user_id = ?', visible, user.id)
|
||||||
|
else
|
||||||
|
scope.where(permission, visible)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue