Sha256: 84a8d7b0705b73faf503cae78b3a61398228480ae9294468a133fdf44597e279
Contents?: true
Size: 1.72 KB
Versions: 5
Compression:
Stored size: 1.72 KB
Contents
# frozen_string_literal: true
module Decidim
module Consultations
class Permissions < Decidim::DefaultPermissions
def permissions
allowed_public_anonymous_action?
return permission_action unless user
allowed_public_action?
return Decidim::Consultations::Admin::Permissions.new(user, permission_action, context).permissions if permission_action.scope == :admin
permission_action
end
private
def question
@question ||= context.fetch(:question, nil)
end
def consultation
@consultation ||= context.fetch(:consultation, nil)
end
def authorized?(permission_action, resource: nil)
return unless resource || question
ActionAuthorizer.new(user, permission_action, question, resource).authorize.ok?
end
def allowed_public_anonymous_action?
return unless permission_action.action == :read
return unless permission_action.scope == :public
case permission_action.subject
when :consultation_list
allow!
when :consultation
toggle_allow(consultation.published? || user&.admin?)
when :question
toggle_allow(question.published? || user&.admin?)
end
end
def allowed_public_action?
return unless permission_action.scope == :public
return unless permission_action.subject == :question
# check if question has been limited by admins first
return unless authorized? :vote
case permission_action.action
when :vote
toggle_allow(question.can_be_voted_by?(user))
when :unvote
toggle_allow(question.can_be_unvoted_by?(user))
end
end
end
end
end
Version data entries
5 entries across 5 versions & 1 rubygems