pundit: fixing up topics and synapses

This commit is contained in:
Connor Turland 2016-03-12 11:10:30 +11:00
parent 09a7b336bf
commit bef21341c6
6 changed files with 25 additions and 14 deletions

View file

@ -10,7 +10,7 @@ class SynapsesController < ApplicationController
# GET /synapses/1.json
def show
@synapse = Synapse.find(params[:id])
authorize! @synapse
authorize @synapse
render json: @synapse
end
@ -20,7 +20,7 @@ class SynapsesController < ApplicationController
def create
@synapse = Synapse.new(synapse_params)
@synapse.desc = "" if @synapse.desc.nil?
authorize! @synapse
authorize @synapse
respond_to do |format|
if @synapse.save
@ -36,7 +36,7 @@ class SynapsesController < ApplicationController
def update
@synapse = Synapse.find(params[:id])
@synapse.desc = "" if @synapse.desc.nil?
authorize! @synapse
authorize @synapse
respond_to do |format|
if @synapse.update_attributes(synapse_params)
@ -50,7 +50,7 @@ class SynapsesController < ApplicationController
# DELETE synapses/:id
def destroy
@synapse = Synapse.find(params[:id])
authorize! @synapse
authorize @synapse
@synapse.delete
respond_to do |format|

View file

@ -20,12 +20,12 @@ class TopicsController < ApplicationController
# GET topics/:id
def show
@topic = Topic.find(params[:id])
authorize! @topic
authorize @topic
respond_to do |format|
format.html {
@alltopics = ([@topic] + policy_scope(@topic.relatives))
@allsynapses = policy_scope(@topic.synapses)
@alltopics = ([@topic] + policy_scope(Topic.relatives(@topic.id)))
@allsynapses = policy_scope(Synapse.for_topic(@topic.id))
@allcreators = @alltopics.map(&:user).uniq
@allcreators += @allsynapses.map(&:user).uniq
@ -39,7 +39,7 @@ class TopicsController < ApplicationController
# GET topics/:id/network
def network
@topic = Topic.find(params[:id])
authorize! @topic
authorize @topic
@alltopics = [@topic] + policy_scope(@topic.relatives)
@allsynapses = policy_scope(@topic.synapses)
@ -83,7 +83,7 @@ class TopicsController < ApplicationController
# GET topics/:id/relatives
def relatives
@topic = Topic.find(params[:id])
authorize! @topic
authorize @topic
topicsAlreadyHas = params[:network] ? params[:network].split(',').map(&:to_i) : []
@ -117,7 +117,7 @@ class TopicsController < ApplicationController
# POST /topics.json
def create
@topic = Topic.new(topic_params)
authorize! @topic
authorize @topic
respond_to do |format|
if @topic.save
@ -132,7 +132,7 @@ class TopicsController < ApplicationController
# PUT /topics/1.json
def update
@topic = Topic.find(params[:id])
authorize! @topic
authorize @topic
respond_to do |format|
if @topic.update_attributes(topic_params)
@ -146,7 +146,7 @@ class TopicsController < ApplicationController
# DELETE topics/:id
def destroy
@topic = Topic.find(params[:id])
authorize! @topic
authorize @topic
@topic.delete
respond_to do |format|

View file

@ -16,6 +16,10 @@ class Synapse < ActiveRecord::Base
validates :category, inclusion: { in: ['from-to', 'both'], allow_nil: true }
scope :for_topic, ->(topic_id = nil) {
where("node1_id = ? OR node2_id = ?", topic_id, topic_id)
}
# :nocov:
def user_name
user.name

View file

@ -41,6 +41,13 @@ class Topic < ActiveRecord::Base
belongs_to :metacode
scope :relatives, ->(topic_id = nil) {
includes(:synapses1)
.includes(:synapses2)
.where('synapses.node1_id = ? OR synapses.node2_id = ?', topic_id, topic_id)
.references(:synapses)
}
def user_name
user.name
end

View file

@ -1,7 +1,7 @@
class SynapsePolicy < ApplicationPolicy
class Scope < Scope
def resolve
scope.where('permission IN (?) OR user_id = ?', ["public", "commons"], user.id)
scope.where('synapses.permission IN (?) OR synapses.user_id = ?', ["public", "commons"], user.id)
end
end

View file

@ -1,7 +1,7 @@
class TopicPolicy < ApplicationPolicy
class Scope < Scope
def resolve
scope.where('permission IN (?) OR user_id = ?', ["public", "commons"], user.id)
scope.where('topics.permission IN (?) OR topics.user_id = ?', ["public", "commons"], user.id)
end
end