vote/veto processing

app/controllers/admin/vote_controller.rb

@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+module Admin
+  class VoteController < AdminController
+    def up
+      authorize ReviewerVote
+      @candidate = Candidate.find_by(test_hash: params[:test_hash])
+      current_user.cast_yea_on(@candidate)
+
+      results = {
+        message: "Vote tallied!",
+        upCount: @candidate.votes.yea.count,
+        downCount: @candidate.votes.nay.count
+      }
+      render json: results.to_json
+    end
+
+    def down
+      authorize ReviewerVote
+      @candidate = Candidate.find_by(test_hash: params[:test_hash])
+      current_user.cast_nay_on(@candidate)
+
+      results = {
+        message: "Vote tallied!",
+        upCount: @candidate.votes.yea.count,
+        downCount: @candidate.votes.nay.count
+      }
+      render json: results.to_json
+    end
+
+    def approve
+      authorize ReviewerVote
+      @candidate = Candidate.find_by(test_hash: params[:test_hash])
+      current_user.approve_candidate(@candidate)
+
+      results = { message: "Interview requested!" }
+      render json: results.to_json
+    end
+
+    def decline
+      authorize ReviewerVote
+      @candidate = Candidate.find_by(test_hash: params[:test_hash])
+      current_user.decline_candidate(@candidate)
+
+      results = { message: "Interview declined." }
+      render json: results.to_json
+    end
+  end
+end

app/models/user.rb

@@ -16,6 +16,35 @@ class User < ApplicationRecord
     save
   end
 
+  # Voting
+  def cast_yea_on candidate
+    vote = votes.find_or_create_by(candidate_id: candidate.to_i)
+    vote.vote = :yea
+    vote.save
+  end
+
+  def cast_nay_on candidate
+    vote = votes.find_or_create_by(candidate_id: candidate.to_i)
+    vote.vote = :nay
+    vote.save
+  end
+
+  def approve_candidate candidate
+    candidate = Candidate.find(candidate.to_i)
+
+    vote = votes.find_or_create_by(candidate_id: candidate.to_i)
+    vote.veto = :approved
+    candidate.update_attribute(:review_status, :approved) if vote.save
+  end
+
+  def decline_candidate candidate
+    candidate = Candidate.find(candidate.to_i)
+
+    vote = votes.find_or_create_by(candidate_id: candidate.to_i)
+    vote.veto = :rejected
+    candidate.update_attribute(:review_status, :declined) if vote.save
+  end
+
   # Roles
   def admin?
     'admin' == role

app/policies/reviewer_vote_policy.rb

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+class ReviewerVotePolicy < ApplicationPolicy
+  # Voting Policy
+  #
+  # Only Reviewers, Managers, and Admins, can cast a vote on a quiz result
+  #
+  # Reviewers can vote any quiz they are linked to
+  # Only Managers, and Admins, can veto a quiz result
+
+  def up?
+    # return true if user.acts_as_admin?
+    # user.quizzes.include? record.candidate.quiz
+    true
+  end
+
+  def down?
+    # return true if user.acts_as_manager?
+    # user.quizzes.include? record
+    true
+  end
+
+  def approve?
+    user.acts_as_manager?
+  end
+
+  def decline?
+    user.acts_as_manager?
+  end
+
+  class Scope < Scope
+    def resolve
+      return ReviewerVote.none if user.recruiter?
+
+      if user.reviewer?
+        scope.where(user_id: user.id)
+      else
+        scope
+      end
+    end
+  end
+end