Sha256: faacecfa0619548679506d91dc0260c402f3013d49b1b552e6c7f52bd560d4b4
Contents?: true
Size: 1.62 KB
Versions: 8
Compression:
Stored size: 1.62 KB
Contents
module Pageflow
class SitePolicy < ApplicationPolicy
class Scope < Scope
attr_reader :user, :scope
def initialize(user, scope)
@user = user
@scope = scope
end
def sites_allowed_for(accounts)
if user.admin?
scope.all
else
accounts_ids = accounts.try(:id) || accounts.try(:length) && accounts.map(&:id)
scope.joins(publisher_memberships_for_accounts(user, accounts_ids))
.where(membership_is_present)
end
end
private
def publisher_memberships_for_accounts(user, accounts_ids)
sanitize_sql_array(['LEFT OUTER JOIN pageflow_memberships ON ' \
'pageflow_memberships.user_id = :user_id AND ' \
'pageflow_sites.account_id IN (:accounts_ids) AND ' \
'pageflow_memberships.entity_id IN (:accounts_ids) AND ' \
'pageflow_memberships.entity_type = \'Pageflow::Account\' AND ' \
'pageflow_memberships.role IN (\'publisher\', \'manager\')',
user_id: user.id, accounts_ids: accounts_ids])
end
def membership_is_present
'pageflow_memberships.entity_id IS NOT NULL'
end
end
attr_reader :user
def initialize(user, site)
@user = user
@account_role_query = AccountRoleQuery.new(user, site.account)
end
def read?
@user.admin? ||
(@account_role_query.has_at_least_role?(:manager) &&
Pageflow.config.allow_multiaccount_users)
end
def update?
read?
end
end
end
Version data entries
8 entries across 8 versions & 1 rubygems