metamaps--metamaps/app/policies/synapse_policy.rb
Connor Turland 8c51108a0c enable shared private and public maps (#530)
* enable shared private and public maps

* change the list

* yeehaw add collaborators

* I believe this fixes the error connor brought up

* when topic or synapse is no longer on a map, don't defer

* needs to be before?

* just do it in the controller

* make recommendation they sign in and retry

* better email

* config for mailer previews

* improve wording

* shouldn't have included that

* switch to green

* don't execute if there's no map

* wasn't including the right people in some circumstances

* Finish breaking out JS files (#551)

* metamaps.Realtime refactor

* Metamaps.Util

* Metamaps.Visualize

* Metamaps.SynapseCard

* Metamaps.TopicCard

* Metamaps.Create.js

* Remove erb extension from Metamaps.Map.js

* Metmaps.Account and Metamaps.GlobalUI remove extension

* Metamaps.JIT no more erb extension

* move Backbone.init; standard-format on Metamaps.js.erb

* factor out canvas support check function

* some llittle template bugs

* remove featured from signed in explore maps bar

* don't let it overflow off the page
2016-04-24 11:50:35 -04:00

45 lines
1 KiB
Ruby

class SynapsePolicy < ApplicationPolicy
class Scope < Scope
def resolve
visible = ['public', 'commons']
permission = 'synapses.permission IN (?)'
if user
scope.where(permission + ' OR synapses.defer_to_map_id IN (?) OR synapses.user_id = ?', visible, user.shared_maps.map(&:id), user.id)
else
scope.where(permission, visible)
end
end
end
def create?
user.present?
# todo add validation against whether you can see both topics
end
def show?
if record.defer_to_map.present?
map_policy.show?
else
record.permission == 'commons' || record.permission == 'public' || record.user == user
end
end
def update?
if not user.present?
false
elsif record.defer_to_map.present?
map_policy.update?
else
record.permission == 'commons' || record.user == user
end
end
def destroy?
record.user == user || admin_override
end
# Helpers
def map_policy
@map_policy ||= Pundit.policy(user, record.defer_to_map)
end
end