36 lines
847 B
Ruby
36 lines
847 B
Ruby
class ExercisePolicy < AdminOrAuthorPolicy
|
|
def author?
|
|
@user == @record.author
|
|
end
|
|
private :author?
|
|
|
|
def batch_update?
|
|
admin?
|
|
end
|
|
|
|
def show?
|
|
@user.internal_user?
|
|
end
|
|
|
|
[:clone?, :destroy?, :edit?, :statistics?, :update?].each do |action|
|
|
define_method(action) { admin? || author?}
|
|
end
|
|
|
|
[:implement?, :submit?, :reload?].each do |action|
|
|
define_method(action) { everyone }
|
|
end
|
|
|
|
class Scope < Scope
|
|
def resolve
|
|
if @user.admin?
|
|
@scope.all
|
|
elsif @user.internal_user?
|
|
#need to remove team query
|
|
@scope.where('user_id = ? OR public = TRUE OR (team_id IS NOT NULL AND team_id IN (SELECT t.id FROM teams t JOIN internal_users_teams iut ON t.id = iut.team_id WHERE iut.internal_user_id = ?))', @user.id, @user.id)
|
|
else
|
|
@scope.none
|
|
end
|
|
end
|
|
end
|
|
end
|