a simple comment policy
This commit is contained in:
parent
43c77677f6
commit
d3a2870747
21
app/policies/quiz_comment_policy.rb
Normal file
21
app/policies/quiz_comment_policy.rb
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
# frozen_string_literal: true
|
||||||
|
class QuizCommentPolicy < ApplicationPolicy
|
||||||
|
# Quiz Comment Policy
|
||||||
|
#
|
||||||
|
# Anyone with access to the results can comment
|
||||||
|
# Only Comment owner can edit
|
||||||
|
|
||||||
|
def create?
|
||||||
|
user.acts_as_reviewer?
|
||||||
|
end
|
||||||
|
|
||||||
|
def update?
|
||||||
|
user.acts_as_reviewer? && user.id == record.user_id
|
||||||
|
end
|
||||||
|
|
||||||
|
class Scope < Scope
|
||||||
|
def resolve
|
||||||
|
true
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
27
test/policies/quiz_comment_policy_test.rb
Normal file
27
test/policies/quiz_comment_policy_test.rb
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
# frozen_string_literal: true
|
||||||
|
require 'test_helper'
|
||||||
|
|
||||||
|
class QuizCommentPolicyTest < PolicyAssertions::Test
|
||||||
|
test 'should require current_user' do
|
||||||
|
assert_raise Pundit::NotAuthorizedError do
|
||||||
|
QuizCommentPolicy.new(nil, User.first).create?
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_create
|
||||||
|
assert_permit users(:admin), QuizComment
|
||||||
|
assert_permit users(:manager), QuizComment
|
||||||
|
assert_permit users(:reviewer), QuizComment
|
||||||
|
|
||||||
|
refute_permit users(:recruiter), QuizComment
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_update
|
||||||
|
assert_permit users(:reviewer2), quiz_comments(:com6)
|
||||||
|
|
||||||
|
refute_permit users(:reviewer), quiz_comments(:com6)
|
||||||
|
refute_permit users(:manager), quiz_comments(:com6)
|
||||||
|
refute_permit users(:admin), quiz_comments(:com6)
|
||||||
|
refute_permit users(:recruiter), quiz_comments(:com6)
|
||||||
|
end
|
||||||
|
end
|
Loading…
Reference in New Issue
Block a user