dmpopidor/app/policies/phase_policy.rb at 0fcbb22a802bb42e96c00c6898de094b8eb7a335

Fork: 0

opidor / dmpopidor

Find file

Newer

Older

dmpopidor / app / policies / phase_policy.rb

xsrust on 19 May 2017 976 bytes updated syntax to allow read-only view of a plan. \n app/views/phases/_answer_form_ro.html.erb probably needs a bigger re-write as the logic is horrendus and it renders the whole thing as a form...but it's not a form because it's read only and it checks to see if it's read only a bunch of times within it. but here's the quick and dirty making it work

Raw Blame History

class PhasePolicy < ApplicationPolicy
  attr_reader :user, :phase

  def initialize(user, phase)
    raise Pundit::NotAuthorizedError, "must be logged in" unless user
    @user = user
    @phase = phase
  end

  ##
  # Org-admin side
  # Users can modify phases if:
  #  - They can modify templates
  #  - The template which they are modifying belongs to their org

  def admin_show?
    user.can_modify_templates?  && (phase.template.org_id == user.org_id)
  end

  def admin_preview?
    user.can_modify_templates?  &&  (phase.template.org_id == user.org_id)
  end

  def admin_update?
    user.can_modify_templates?  &&  (phase.template.org_id == user.org_id)
  end

  def admin_add?
    user.can_modify_templates?  && (phase.template.org_id == user.org_id)
  end

  def admin_create?
    user.can_modify_templates?  &&  (phase.template.org_id == user.org_id)
  end

  def admin_destroy?
    user.can_modify_templates?  &&  (phase.template.org_id == user.org_id)
  end

end