From ff95fcd8f254f22ca14b42a8a4956b8f143e3c68 Mon Sep 17 00:00:00 2001
From: Sebastian Serth <Sebastian.Serth@student.hpi.de>
Date: Wed, 4 Dec 2019 15:25:00 +0100
Subject: [PATCH] Allow all teachers of the same study group to edit their
 exercises

---
 app/policies/application_policy.rb | 13 +++++++++----
 app/policies/exercise_policy.rb    |  2 +-
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/app/policies/application_policy.rb b/app/policies/application_policy.rb
index 4e8ae44b..e81df385 100644
--- a/app/policies/application_policy.rb
+++ b/app/policies/application_policy.rb
@@ -26,11 +26,16 @@ class ApplicationPolicy
   private :no_one
 
   def everyone_in_study_group
-    study_group = @record.study_group
-    return false if study_group.blank?
+    if @record.respond_to? :study_group # e.g. submission
+      study_group = @record.study_group
+      return false if study_group.blank?
 
-    users_in_same_study_group = study_group.users
-    return false if users_in_same_study_group.blank?
+      users_in_same_study_group = study_group.users
+    else # e.g. exercise
+      study_groups = @record.user.study_groups
+      users_in_same_study_group = study_groups.collect{ |study_group|
+        study_group.users}.flatten
+    end
 
     users_in_same_study_group.include? @user
   end
diff --git a/app/policies/exercise_policy.rb b/app/policies/exercise_policy.rb
index ba30802d..41f735a0 100644
--- a/app/policies/exercise_policy.rb
+++ b/app/policies/exercise_policy.rb
@@ -8,7 +8,7 @@ class ExercisePolicy < AdminOrAuthorPolicy
   end
 
   [:clone?, :destroy?, :edit?, :update?].each do |action|
-    define_method(action) { admin? || author? }
+    define_method(action) { admin? || teacher_in_study_group || author? }
   end
 
   [:implement?, :working_times?, :intervention?, :search?, :submit?, :reload?].each do |action|