glenux-contrib/metamaps--metamaps
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

make some things more explicit

Browse source
This commit is contained in:
Connor Turland 2016-10-17 01:15:18 -04:00
parent 77e17b005f
commit 24c4f7d631
5 changed files with 7 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
app/models/user.rb
View file

@ -66,6 +66,7 @@ class User < ApplicationRecord
end
def all_accessible_maps
#TODO: is there a way to keep this an ActiveRecord relation?
maps + shared_maps
end

2
app/policies/mapping_policy.rb
View file

@ -10,6 +10,8 @@ class MappingPolicy < ApplicationPolicy
permission = 'maps.permission IN (?)'
return scope.joins(:map).where(permission, visible) unless user
# if this is getting changed, the policy_scope for messages should also be changed
# as it is based entirely on the map to which it belongs
scope.joins(:map).where(permission, visible)
.or(scope.joins(:map).where('maps.id IN (?)', user.shared_maps.map(&:id)))
.or(scope.joins(:map).where('maps.user_id = ?', user.id))

2
app/policies/message_policy.rb
View file

@ -6,6 +6,8 @@ class MessagePolicy < ApplicationPolicy
permission = 'maps.permission IN (?)'
return scope.joins(:map).where(permission, visible) unless user
# if this is getting changed, the policy_scope for mappings should also be changed
# as it is based entirely on the map to which it belongs
scope.joins(:map).where(permission, visible)
.or(scope.joins(:map).where('maps.id IN (?)', user.shared_maps.map(&:id)))
.or(scope.joins(:map).where('maps.user_id = ?', user.id))

3
app/policies/synapse_policy.rb
View file

@ -3,11 +3,10 @@ class SynapsePolicy < ApplicationPolicy
class Scope < Scope
def resolve
visible = %w(public commons)
return scope.where(permission: visible) unless user
scope.where(permission: visible)
.or(scope.where(defer_to_map_id: user.all_accessible_maps.map(&:id)))
.or(scope.where.not(defer_to_map_id: nil).where(defer_to_map_id: user.all_accessible_maps.map(&:id)))
.or(scope.where(user_id: user.id))
end
end

2
app/policies/topic_policy.rb
View file

@ -6,7 +6,7 @@ class TopicPolicy < ApplicationPolicy
return scope.where(permission: visible) unless user
scope.where(permission: visible)
.or(scope.where(defer_to_map_id: user.all_accessible_maps.map(&:id)))
.or(scope.where.not(defer_to_map_id: nil).where(defer_to_map_id: user.all_accessible_maps.map(&:id)))
.or(scope.where(user_id: user.id))
end
end