dmpopidor/app/policies/comment_policy.rb at a31b226b76f7d6f8ff4823856d8985b44755d9ea

Fork: 0

opidor / dmpopidor

Find file

Newer

Older

dmpopidor / app / policies / comment_policy.rb

xsrust on 16 Sep 2016 462 bytes moved authorization logic from comments controller to policy file. Additionally removed unused crud methods

Raw Blame History

class CommentPolicy < ApplicationPolicy
  attr_reader :user
  attr_reader :comment

  def initialize(user, comment)
    raise Pundit::NotAuthorizedError, "must be logged in" unless user
    @user = user
    @comment = comment
  end

  def create?
    Plan.find(@comment.plan_id).readable_by(@user.id)
  end

  def update?
    Plan.find(@comment.plan_id).readable_by(@user.id)
  end

  def archive?
    Plan.find(@comment.plan_id).readable_by(@user.id)
  end

end