skill-assessment-app/app/policies/quiz_policy.rb

32 lines
696 B
Ruby
Raw Normal View History

2016-09-20 17:19:11 -05:00
# frozen_string_literal: true
class QuizPolicy < ApplicationPolicy
# Quiz Access Policy
#
# Only Admins and Managers can create or update a quiz (and its questions)
# Reviewers can view any quiz they are linked to
# Recruiters can only list quiz names (for candidate assignments)
def view?
return true if user.admin? || user.manager?
user.quizzes.include? record
end
def create?
user.manager? || user.admin?
end
def update?
user.manager? || user.admin?
end
class Scope < Scope
def resolve
if user.reviewer?
scope.joins(:reviewers).where('reviewer_to_quizzes.user_id = ?', user.id)
else
scope
end
end
end
end