Fork: 0
opidor / dmpopidor
Transfer to URL with SHA Find file
Newer
Older
dmpopidor / app / policies / answer_policy.rb
@briley briley on 13 Apr 2017 468 bytes updates to locking mechanism because it ActiveRecord does not catch 2 creates DMPRoadmap/roadmap#241
Raw Blame History 
class AnswerPolicy < ApplicationPolicy
  attr_reader :user
  attr_reader :answer

  def initialize(user, answer)
    raise Pundit::NotAuthorizedError, "must be logged in" unless user
    @user = user
    @answer = answer
  end

  def update?
    # TODO: Remove the owner check after the Roles have been updated
    # is the plan editable by the user or the user is the owner of the plan
    @answer.plan.editable_by?(@user.id) || @user == @answer.plan.owner
  end

end