a simple comment policy
This commit is contained in:
parent
43c77677f6
commit
d3a2870747
21
app/policies/quiz_comment_policy.rb
Normal file
21
app/policies/quiz_comment_policy.rb
Normal file
@ -0,0 +1,21 @@
|
||||
# frozen_string_literal: true
|
||||
class QuizCommentPolicy < ApplicationPolicy
|
||||
# Quiz Comment Policy
|
||||
#
|
||||
# Anyone with access to the results can comment
|
||||
# Only Comment owner can edit
|
||||
|
||||
def create?
|
||||
user.acts_as_reviewer?
|
||||
end
|
||||
|
||||
def update?
|
||||
user.acts_as_reviewer? && user.id == record.user_id
|
||||
end
|
||||
|
||||
class Scope < Scope
|
||||
def resolve
|
||||
true
|
||||
end
|
||||
end
|
||||
end
|
27
test/policies/quiz_comment_policy_test.rb
Normal file
27
test/policies/quiz_comment_policy_test.rb
Normal file
@ -0,0 +1,27 @@
|
||||
# frozen_string_literal: true
|
||||
require 'test_helper'
|
||||
|
||||
class QuizCommentPolicyTest < PolicyAssertions::Test
|
||||
test 'should require current_user' do
|
||||
assert_raise Pundit::NotAuthorizedError do
|
||||
QuizCommentPolicy.new(nil, User.first).create?
|
||||
end
|
||||
end
|
||||
|
||||
def test_create
|
||||
assert_permit users(:admin), QuizComment
|
||||
assert_permit users(:manager), QuizComment
|
||||
assert_permit users(:reviewer), QuizComment
|
||||
|
||||
refute_permit users(:recruiter), QuizComment
|
||||
end
|
||||
|
||||
def test_update
|
||||
assert_permit users(:reviewer2), quiz_comments(:com6)
|
||||
|
||||
refute_permit users(:reviewer), quiz_comments(:com6)
|
||||
refute_permit users(:manager), quiz_comments(:com6)
|
||||
refute_permit users(:admin), quiz_comments(:com6)
|
||||
refute_permit users(:recruiter), quiz_comments(:com6)
|
||||
end
|
||||
end
|
Loading…
x
Reference in New Issue
Block a user