Sha256: cc1c1d4a325cef291f4a22efdc20150a18ad96b2dbe7ca11c7a4ab04c181c820
Contents?: true
Size: 1.77 KB
Versions: 34
Compression:
Stored size: 1.77 KB
Contents
# frozen_string_literal: true
module Decidim
module Consultations
class Permissions < Decidim::DefaultPermissions
def permissions
allowed_public_anonymous_action?
return permission_action unless user
allowed_public_action?
return Decidim::Consultations::Admin::Permissions.new(user, permission_action, context).permissions if permission_action.scope == :admin
permission_action
end
private
def question
@question ||= context.fetch(:question, nil)
end
def consultation
@consultation ||= context.fetch(:consultation, nil)
end
def authorized?(permission_action, resource: nil)
return unless resource || question
ActionAuthorizer.new(user, permission_action, question, resource).authorize.ok?
end
def allowed_public_anonymous_action?
return unless permission_action.action == :read
return unless permission_action.scope == :public
case permission_action.subject
when :consultation_list
allow!
when :consultation
toggle_allow(consultation.published? || user&.admin?)
when :question
toggle_allow(question.published? || user&.admin?)
when :participatory_space
allow!
end
end
def allowed_public_action?
return unless permission_action.scope == :public
return unless permission_action.subject == :question
# check if question has been limited by admins first
return unless authorized? :vote
case permission_action.action
when :vote
toggle_allow(question.can_be_voted_by?(user))
when :unvote
toggle_allow(question.can_be_unvoted_by?(user))
end
end
end
end
end
Version data entries
34 entries across 34 versions & 1 rubygems