diff options
author | http://jneen.net/ <jneen@jneen.net> | 2017-04-06 14:06:42 -0700 |
---|---|---|
committer | http://jneen.net/ <jneen@jneen.net> | 2017-06-27 12:44:37 -0700 |
commit | 37c401433b76170f0150d70865f1f4584db01fa8 (patch) | |
tree | 2da7a4c072b863e0cb927993d8d39e7029d720e4 /app/policies/personal_snippet_policy.rb | |
parent | e5aad75a2673b2e4465d311cbd27970d5c81d5f7 (diff) | |
download | gitlab-ce-37c401433b76170f0150d70865f1f4584db01fa8.tar.gz |
convert all the policies to DeclarativePolicy
Diffstat (limited to 'app/policies/personal_snippet_policy.rb')
-rw-r--r-- | app/policies/personal_snippet_policy.rb | 41 |
1 files changed, 21 insertions, 20 deletions
diff --git a/app/policies/personal_snippet_policy.rb b/app/policies/personal_snippet_policy.rb index e1e5336da8c..cac0530b9f7 100644 --- a/app/policies/personal_snippet_policy.rb +++ b/app/policies/personal_snippet_policy.rb @@ -1,27 +1,28 @@ class PersonalSnippetPolicy < BasePolicy - def rules - can! :read_personal_snippet if @subject.public? - return unless @user + condition(:public_snippet, scope: :subject) { @subject.public? } + condition(:is_author) { @user && @subject.author == @user } + condition(:internal_snippet, scope: :subject) { @subject.internal? } - if @subject.public? - can! :comment_personal_snippet - end + rule { public_snippet }.policy do + enable :read_personal_snippet + enable :comment_personal_snippet + end - if @subject.author == @user - can! :read_personal_snippet - can! :update_personal_snippet - can! :destroy_personal_snippet - can! :admin_personal_snippet - can! :comment_personal_snippet - end + rule { is_author }.policy do + enable :read_personal_snippet + enable :update_personal_snippet + enable :destroy_personal_snippet + enable :admin_personal_snippet + enable :comment_personal_snippet + end - unless @user.external? - can! :create_personal_snippet - end + rule { ~anonymous }.enable :create_personal_snippet + rule { external_user }.prevent :create_personal_snippet - if @subject.internal? && !@user.external? - can! :read_personal_snippet - can! :comment_personal_snippet - end + rule { internal_snippet & ~external_user }.policy do + enable :read_personal_snippet + enable :comment_personal_snippet end + + rule { anonymous }.prevent :comment_personal_snippet end |