class PlanPolicy < ApplicationPolicy
attr_reader :user
attr_reader :plan
def initialize(user, plan)
raise Pundit::NotAuthorizedError, _("must be logged in") unless user
raise Pundit::NotAuthorizedError, _("are not authorized to view that plan") unless plan || plan.publicly_visible?
@user = user
@plan = plan
end
def show?
@plan.readable_by?(@user.id) && Role.find_by(user_id: @user.id, plan_id: @plan.id).active
end
def share?
@plan.editable_by?(@user.id) && Role.find_by(user_id: @user.id, plan_id: @plan.id).active
end
def export?
@plan.readable_by?(@user.id) && Role.find_by(user_id: @user.id, plan_id: @plan.id).active
end
def download?
@plan.readable_by?(@user.id) && Role.find_by(user_id: @user.id, plan_id: @plan.id).active
end
def edit?
@plan.readable_by?(@user.id) && Role.find_by(user_id: @user.id, plan_id: @plan.id).active
end
def update?
@plan.editable_by?(@user.id) && Role.find_by(user_id: @user.id, plan_id: @plan.id).active
end
def destroy?
@plan.editable_by?(@user.id) && Role.find_by(user_id: @user.id, plan_id: @plan.id).active
end
def status?
@plan.readable_by?(@user.id) && Role.find_by(user_id: @user.id, plan_id: @plan.id).active
end
def duplicate?
@plan.editable_by?(@user.id) && Role.find_by(user_id: @user.id, plan_id: @plan.id).active
end
def visibility?
@plan.administerable_by?(@user.id) && Role.find_by(user_id: @user.id, plan_id: @plan.id).active
end
def set_test?
@plan.administerable_by?(@user.id)&& Role.find_by(user_id: @user.id, plan_id: @plan.id).active
end
def answer?
@plan.readable_by?(@user.id) && Role.find_by(user_id: @user.id, plan_id: @plan.id).active
end
def request_feedback?
@plan.administerable_by?(@user.id) && Role.find_by(user_id: @user.id, plan_id: @plan.id).active
end
def feedback_complete?
@plan.reviewable_by?(@user.id) && Role.find_by(user_id: @user.id, plan_id: @plan.id).active
end
end
briley