metamaps--metamaps/app/policies/synapse_policy.rb
Connor Turland a133702be2 Some topics and synapses were hidden from users erroneously (#944)
* ensure topics and synapses have their permission match the map they're deferring to

* update permission of topics and synapses as map perm changes, when defer_to_map

* try enabling count threshold on rubocop

* remove unused mk_permission functions

* change *_count methods to use delegate to save lines in map.rb model

* rubocop topic.rb
2016-12-06 16:46:46 -05:00

67 lines
1.5 KiB
Ruby

# frozen_string_literal: true
class SynapsePolicy < ApplicationPolicy
class Scope < Scope
def resolve
return scope.where(permission: %w(public commons)) unless user
scope.where(permission: %w(public commons))
.or(scope.where(defer_to_map_id: user.all_accessible_maps.map(&:id)))
.or(scope.where(user_id: user.id))
end
end
def index?
true # really only for the API. should be policy scoped!
end
def create?
if record.try(:topic1) && record.try(:topic2)
topic1_show? && topic2_show? && user.present?
else
# allows us to use policy(Synapse).create?
user.present?
end
end
def show?
topic1_show? && topic2_show? && synapse_show?
end
def update?
if !user.present?
false
elsif record.defer_to_map.present?
map_policy.update?
else
record.permission == 'commons' || record.user == user
end
end
def destroy?
record.user == user || admin_override
end
# Helpers
def map_policy
@map_policy ||= Pundit.policy(user, record.defer_to_map)
end
def topic1_show?
@topic1_policy ||= Pundit.policy(user, record.topic1)
@topic1_policy&.show?
end
def topic2_show?
@topic2_policy ||= Pundit.policy(user, record.topic2)
@topic2_policy&.show?
end
def synapse_show?
if record.defer_to_map.present?
map_policy&.show?
else
record.permission == 'commons' || record.permission == 'public' || record.user == user
end
end
end