RubygemsResearch

Sha256: 01a0b96e9338af83a9ccb4677fe70ace98f71cc6879acd1df68fb772e51a41d4

Contents?: true

Size: 850 Bytes

Versions: 2

Compression:

Stored size: 850 Bytes

class UserPolicy < KojacBasePolicy

	def is_self?
		user.id == record.id
	end

	def query_ring
		user.ring
	end

	def write?
	  return user.ring <= ADMIN_RING if @record==User
	  raise "Bad record given" unless record.is_a? User
	  return ((user.ring <= SYSADMIN_RING) || is_self? || (
		  (user.ring <= record.ring) && (
				(user.ring <= ADMIN_RING) && (!user.owner_id || (record.owner_id == user.owner_id))
			)
	  ))
  end

	def permitted_attributes(aAbility=nil)
		case aAbility
			when :write
				return [] unless write?
			when :read
				return [] unless read?
		end

		result = super(aAbility)

		if is_self? && user.ring <= USER_RING
			case aAbility
				when :write
					result = (result | (User::PUBLIC_FIELDS + User::PRIVATE_FIELDS)).sort
				when :read
					result = (result | (User::PRIVATE_FIELDS)).sort
			end
		end
		result
	end

end

Version data entries

2 entries across 2 versions & 1 rubygems

Version	Path
kojac-0.12.0	spec/demo/app/policies/user_policy.rb
kojac-0.11.0	spec/demo/app/policies/user_policy.rb