metamaps--metamaps/app/policies/synapse_policy.rb
2016-03-12 11:35:03 +11:00

24 lines
577 B
Ruby

class SynapsePolicy < ApplicationPolicy
class Scope < Scope
def resolve
scope.where('synapses.permission IN (?) OR synapses.user_id = ?', ["public", "commons"], user.id)
end
end
def create?
user.present?
# todo add validation against whether you can see both topics
end
def show?
record.permission == 'commons' || record.permission == 'public' || record.user == user
end
def update?
user.present? && (record.permission == 'commons' || record.user == user)
end
def destroy?
record.user == user || admin_override
end
end