Contents

# Clients defined by this policy are ones for whom the user has access at the client level. This means that either
# they have a global role or that have a specific client role.
module G5Updatable
  class ClientPolicy < G5Authenticatable::BasePolicy
    class Scope < G5Authenticatable::BasePolicy::BaseScope

      def resolve
        return scope.all if has_global_role?
        client_with_roles
      end

      private

      def client_with_roles
        G5Updatable::Client
          .joins('INNER JOIN g5_authenticatable_roles as r ON r.resource_id = g5_updatable_clients.id')
          .joins('INNER JOIN g5_authenticatable_users_roles as ur ON r.id = ur.role_id')
          .where('r.resource_type = ? and ur.user_id = ?', G5Updatable::Client.name, user.id)
      end

    end

  end
end

Version data entries

4 entries across 4 versions & 1 rubygems

Version	Path
g5_authenticatable-0.9.1.pre.2	app/policies/g5_updatable/client_policy.rb
g5_authenticatable-0.8.1.pre	app/policies/g5_updatable/client_policy.rb
g5_authenticatable-0.8.0	app/policies/g5_updatable/client_policy.rb
g5_authenticatable-0.8.0.beta1	app/policies/g5_updatable/client_policy.rb