diff --git a/app/policies/application_policy.rb b/app/policies/application_policy.rb index de9b7ba..c0664f3 100644 --- a/app/policies/application_policy.rb +++ b/app/policies/application_policy.rb @@ -13,7 +13,7 @@ end def show? - scope.where(:id => record.id).exists? + scope.where(id: record.id).exists? end def create? diff --git a/app/policies/dmptemplate_policy.rb b/app/policies/dmptemplate_policy.rb index c2dbe91..3524c40 100644 --- a/app/policies/dmptemplate_policy.rb +++ b/app/policies/dmptemplate_policy.rb @@ -1,10 +1,10 @@ -class DmptemplatePolicy < ApplicationPolicy - attr_reader :user, :dmptemplate +class TemplatePolicy < ApplicationPolicy + attr_reader :user, :template - def initialize(user, dmptemplate) + def initialize(user, template) raise Pundit::NotAuthorizedError, "must be logged in" unless user @user = user - @dmptemplate = dmptemplate + @template = template end def admin_index? @@ -12,11 +12,11 @@ end def admin_template? - user.can_modify_templates? #&& (dmptemplate.organisation_id == user.organisation_id) + user.can_modify_templates? && (template.org_id == user.org_id) end def admin_update? - user.can_modify_templates? #&& (dmptemplate.organisation_id == user.organisation_id) + user.can_modify_templates? && (template.org_id == user.org_id) end def admin_new? @@ -24,100 +24,100 @@ end def admin_create? - user.can_modify_templates? #&& (dmptemplate.organisation_id == user.organisation_id) + user.can_modify_templates? && (template.org_id == user.org_id) end def admin_destroy? - user.can_modify_templates? #&& (dmptemplate.organisation_id == user.organisation_id) + user.can_modify_templates? && (template.org_id == user.org_id) end def admin_phase? - user.can_modify_templates? #&& (dmptemplate.organisation_id == user.organisation_id) + user.can_modify_templates? && (template.org_id == user.org_id) end def admin_previewphase? - user.can_modify_templates? #&& (dmptemplate.organisation_id == user.organisation_id) + user.can_modify_templates? && (template.org_id == user.org_id) end def admin_addphase? - user.can_modify_templates? #&& (dmptemplate.organisation_id == user.organisation_id) + user.can_modify_templates? && (template.org_id == user.org_id) end def admin_createphase? - user.can_modify_templates? #&& (dmptemplate.organisation_id == user.organisation_id) + user.can_modify_templates? && (template.org_id == user.org_id) end def admin_updatephase? - user.can_modify_templates? #&& (dmptemplate.organisation_id == user.organisation_id) + user.can_modify_templates? && (template.org_id == user.org_id) end def admin_destroyphase? - user.can_modify_templates? #&& (dmptemplate.organisation_id == user.organisation_id) + user.can_modify_templates? && (template.org_id == user.org_id) end def admin_updateversion? - user.can_modify_templates? #&& (dmptemplate.organisation_id == user.organisation_id) + user.can_modify_templates? && (template.org_id == user.org_id) end def admin_cloneversion? - user.can_modify_templates? #&& (dmptemplate.organisation_id == user.organisation_id) + user.can_modify_templates? && (template.org_id == user.org_id) end def admin_destroyversion? - user.can_modify_templates? #&& (dmptemplate.organisation_id == user.organisation_id) + user.can_modify_templates? && (template.org_id == user.org_id) end def admin_createsection? - user.can_modify_templates? #&& (dmptemplate.organisation_id == user.organisation_id) + user.can_modify_templates? && (template.org_id == user.org_id) end def admin_updatesection? - user.can_modify_templates? #&& (dmptemplate.organisation_id == user.organisation_id) + user.can_modify_templates? && (template.org_id == user.org_id) end def admin_destroysection? - user.can_modify_templates? #&& (dmptemplate.organisation_id == user.organisation_id) + user.can_modify_templates? && (template.org_id == user.org_id) end def admin_createquestion? - user.can_modify_templates? #&& (dmptemplate.organisation_id == user.organisation_id) + user.can_modify_templates? && (template.org_id == user.org_id) end def admin_updatequestion? - user.can_modify_templates? #&& (dmptemplate.organisation_id == user.organisation_id) + user.can_modify_templates? && (template.org_id == user.org_id) end def admin_destroyquestion? - user.can_modify_templates? #&& (dmptemplate.organisation_id == user.organisation_id) + user.can_modify_templates? && (template.org_id == user.org_id) end def admin_createsuggestedanswer? - user.can_modify_templates? #&& (dmptemplate.organisation_id == user.organisation_id) + user.can_modify_templates? && (template.org_id == user.org_id) end def admin_updatesuggestedanswer? - user.can_modify_templates? #&& (dmptemplate.organisation_id == user.organisation_id) + user.can_modify_templates? && (template.org_id == user.org_id) end def admin_destroysuggestedanswer? - user.can_modify_templates? #&& (dmptemplate.organisation_id == user.organisation_id) + user.can_modify_templates? && (template.org_id == user.org_id) end def admin_createguidance? - user.can_modify_templates? #&& (dmptemplate.organisation_id == user.organisation_id) + user.can_modify_templates? && (template.org_id == user.org_id) end def admin_updateguidance? - user.can_modify_templates? #&& (dmptemplate.organisation_id == user.organisation_id) + user.can_modify_templates? && (template.org_id == user.org_id) end def admin_destroyguidance? - user.can_modify_templates? #&& (dmptemplate.organisation_id == user.organisation_id) + user.can_modify_templates? && (template.org_id == user.org_id) end class Scope < Scope def resolve - scope.where(organisation_id: user.organisation_id) + scope.where(org_id: user.org_id) end end