metamaps--metamaps/app/policies/map_policy.rb
Connor Turland 8c51108a0c enable shared private and public maps (#530)
* enable shared private and public maps

* change the list

* yeehaw add collaborators

* I believe this fixes the error connor brought up

* when topic or synapse is no longer on a map, don't defer

* needs to be before?

* just do it in the controller

* make recommendation they sign in and retry

* better email

* config for mailer previews

* improve wording

* shouldn't have included that

* switch to green

* don't execute if there's no map

* wasn't including the right people in some circumstances

* Finish breaking out JS files (#551)

* metamaps.Realtime refactor

* Metamaps.Util

* Metamaps.Visualize

* Metamaps.SynapseCard

* Metamaps.TopicCard

* Metamaps.Create.js

* Remove erb extension from Metamaps.Map.js

* Metmaps.Account and Metamaps.GlobalUI remove extension

* Metamaps.JIT no more erb extension

* move Backbone.init; standard-format on Metamaps.js.erb

* factor out canvas support check function

* some llittle template bugs

* remove featured from signed in explore maps bar

* don't let it overflow off the page
2016-04-24 11:50:35 -04:00

67 lines
1.2 KiB
Ruby

class MapPolicy < ApplicationPolicy
class Scope < Scope
def resolve
visible = ['public', 'commons']
permission = 'maps.permission IN (?)'
if user
shared_maps = user.shared_maps.map(&:id)
scope.where(permission + ' OR maps.id IN (?) OR maps.user_id = ?', visible, shared_maps, user.id)
else
scope.where(permission, visible)
end
end
end
def activemaps?
user.blank? # redirect to root url if authenticated for some reason
end
def featuredmaps?
true
end
def mymaps?
user.present?
end
def usermaps?
true
end
def show?
record.permission == 'commons' || record.permission == 'public' || record.collaborators.include?(user) || record.user == user
end
def export?
show?
end
def events?
show?
end
def contains?
show?
end
def create?
user.present?
end
def update?
user.present? && (record.permission == 'commons' || record.collaborators.include?(user) || record.user == user)
end
def access?
# note that this is to edit access
user.present? && record.user == user
end
def screenshot?
update?
end
def destroy?
record.user == user || admin_override
end
end