dmpopidor/app/policies/annotation_policy.rb at dbfbac6ed1acede597779041c80b1840b7df63af

Fork: 0

opidor / dmpopidor

Find file

Newer

Older

dmpopidor / app / policies / annotation_policy.rb

briley on 23 May 2018 587 bytes Template Versioning

Raw Blame History

class AnnotationPolicy < ApplicationPolicy
  attr_reader :user, :annotation

  def initialize(user, annotation)
    raise Pundit::NotAuthorizedError, "must be logged in" unless user
    @user = user
    @annotation = annotation
  end

  def create?
    question = Question.find_by(id: @annotation.question_id)
    if question.present?
      return @user.can_modify_templates? && question.template.org_id == @user.org_id
    end
    return false
  end

  def update?
    @user.can_modify_templates? && annotation.template.org_id == @user.org_id
  end

  def destroy?
    update?
  end
end