diff options
author | Joachim Filip Ignacy Bartosik <jbartosik@gmail.com> | 2010-08-13 18:35:31 +0200 |
---|---|---|
committer | Joachim Filip Ignacy Bartosik <jbartosik@gmail.com> | 2010-08-14 13:51:08 +0200 |
commit | f879f9e6264b0ee3aaf150500a4ba37bedbfd332 (patch) | |
tree | 05040ce7180a1c133ec14c04296407e0485d1826 /app/models | |
parent | Document modules (diff) | |
download | recruiting-webapp-f879f9e6264b0ee3aaf150500a4ba37bedbfd332.tar.gz recruiting-webapp-f879f9e6264b0ee3aaf150500a4ba37bedbfd332.tar.bz2 recruiting-webapp-f879f9e6264b0ee3aaf150500a4ba37bedbfd332.zip |
Document modules
Permissions and RichTypes
Diffstat (limited to 'app/models')
-rw-r--r-- | app/models/answer.rb | 40 |
1 files changed, 27 insertions, 13 deletions
diff --git a/app/models/answer.rb b/app/models/answer.rb index c086bf4..6e31c4d 100644 --- a/app/models/answer.rb +++ b/app/models/answer.rb @@ -45,29 +45,42 @@ class Answer < ActiveRecord::Base after_create :notify_new_answer after_update :notify_changed_answer - multi_permission :update, :destroy do + def update_permitted? # It's fine to change correct, because it's ignored in non-email answers # and email answers have separate permissions - (owned? && !reference && !approved) || - (reference && acting_user.role.is_recruiter?) || - (only_changed?(:approved, :correct) && owner.mentor_is?(acting_user)) + return true if owned? && !reference && !approved + return true if reference && acting_user.role.is_recruiter? + return true if only_changed?(:approved, :correct) && owner.mentor_is?(acting_user) + + false + end + + def destroy_permitted? + return true if owned? && !reference + return true if reference && acting_user.role.is_recruiter? + + false end def create_permitted? - (owned_soft? && !reference)||(reference && acting_user.role.is_recruiter?) + return true if owned_soft? && !reference && !approved + return true if reference && acting_user.role.is_recruiter? + false end # Proper edit permissions can't be deduced, because we need to access value # of some fields to set them def edit_permitted?(field) - owned_soft? || - owner.mentor_is?(acting_user) || - (reference && acting_user.signed_up? && acting_user.role.is_recruiter?) + return true if owned_soft? + return true if owner.mentor_is?(acting_user) + return true if reference && acting_user.signed_up? && acting_user.role.is_recruiter? + false end def content_edit_permitted? - owned_soft? || - (reference && acting_user.signed_up? && acting_user.role.is_recruiter?) + return true if owned_soft? + return true if reference && acting_user.signed_up? && acting_user.role.is_recruiter? + false end def feedback_edit_permitted? @@ -83,9 +96,10 @@ class Answer < ActiveRecord::Base end def view_permitted?(field) - owned_soft? || - acting_user.role.is_recruiter? || - owner._?.mentor_is?(acting_user) + return true if owned_soft? + return true if acting_user.role.is_recruiter? + return true if owner.mentor_is?(acting_user) + false end # Returns hash containing updated answer attributes. |