7d4da81272
* install rubocop * 1961 automatic rubocop fixes * update rubocop.yml to ignore half of the remaining cops * rubocop lint warnings * random other warnings fixed
46 lines
1 KiB
Ruby
46 lines
1 KiB
Ruby
class SynapsePolicy < ApplicationPolicy
|
|
class Scope < Scope
|
|
def resolve
|
|
visible = %w(public commons)
|
|
permission = 'synapses.permission IN (?)'
|
|
if user
|
|
scope.where(permission + ' OR synapses.defer_to_map_id IN (?) OR synapses.user_id = ?', visible, user.shared_maps.map(&:id), user.id)
|
|
else
|
|
scope.where(permission, visible)
|
|
end
|
|
end
|
|
end
|
|
|
|
def create?
|
|
user.present?
|
|
# TODO: add validation against whether you can see both topics
|
|
end
|
|
|
|
def show?
|
|
if record.defer_to_map.present?
|
|
map_policy.show?
|
|
else
|
|
record.permission == 'commons' || record.permission == 'public' || record.user == user
|
|
end
|
|
end
|
|
|
|
def update?
|
|
if !user.present?
|
|
false
|
|
elsif record.defer_to_map.present?
|
|
map_policy.update?
|
|
else
|
|
record.permission == 'commons' || record.user == user
|
|
end
|
|
end
|
|
|
|
def destroy?
|
|
record.user == user || admin_override
|
|
end
|
|
|
|
# Helpers
|
|
def map_policy
|
|
@map_policy ||= Pundit.policy(user, record.defer_to_map)
|
|
end
|
|
end
|