aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoachim Filip Ignacy Bartosik <jbartosik@gmail.com>2010-08-13 18:35:31 +0200
committerJoachim Filip Ignacy Bartosik <jbartosik@gmail.com>2010-08-14 13:51:08 +0200
commitf879f9e6264b0ee3aaf150500a4ba37bedbfd332 (patch)
tree05040ce7180a1c133ec14c04296407e0485d1826 /app/models
parentDocument modules (diff)
downloadrecruiting-webapp-f879f9e6264b0ee3aaf150500a4ba37bedbfd332.tar.gz
recruiting-webapp-f879f9e6264b0ee3aaf150500a4ba37bedbfd332.tar.bz2
recruiting-webapp-f879f9e6264b0ee3aaf150500a4ba37bedbfd332.zip
Document modules
Permissions and RichTypes
Diffstat (limited to 'app/models')
-rw-r--r--app/models/answer.rb40
1 files changed, 27 insertions, 13 deletions
diff --git a/app/models/answer.rb b/app/models/answer.rb
index c086bf4..6e31c4d 100644
--- a/app/models/answer.rb
+++ b/app/models/answer.rb
@@ -45,29 +45,42 @@ class Answer < ActiveRecord::Base
after_create :notify_new_answer
after_update :notify_changed_answer
- multi_permission :update, :destroy do
+ def update_permitted?
# It's fine to change correct, because it's ignored in non-email answers
# and email answers have separate permissions
- (owned? && !reference && !approved) ||
- (reference && acting_user.role.is_recruiter?) ||
- (only_changed?(:approved, :correct) && owner.mentor_is?(acting_user))
+ return true if owned? && !reference && !approved
+ return true if reference && acting_user.role.is_recruiter?
+ return true if only_changed?(:approved, :correct) && owner.mentor_is?(acting_user)
+
+ false
+ end
+
+ def destroy_permitted?
+ return true if owned? && !reference
+ return true if reference && acting_user.role.is_recruiter?
+
+ false
end
def create_permitted?
- (owned_soft? && !reference)||(reference && acting_user.role.is_recruiter?)
+ return true if owned_soft? && !reference && !approved
+ return true if reference && acting_user.role.is_recruiter?
+ false
end
# Proper edit permissions can't be deduced, because we need to access value
# of some fields to set them
def edit_permitted?(field)
- owned_soft? ||
- owner.mentor_is?(acting_user) ||
- (reference && acting_user.signed_up? && acting_user.role.is_recruiter?)
+ return true if owned_soft?
+ return true if owner.mentor_is?(acting_user)
+ return true if reference && acting_user.signed_up? && acting_user.role.is_recruiter?
+ false
end
def content_edit_permitted?
- owned_soft? ||
- (reference && acting_user.signed_up? && acting_user.role.is_recruiter?)
+ return true if owned_soft?
+ return true if reference && acting_user.signed_up? && acting_user.role.is_recruiter?
+ false
end
def feedback_edit_permitted?
@@ -83,9 +96,10 @@ class Answer < ActiveRecord::Base
end
def view_permitted?(field)
- owned_soft? ||
- acting_user.role.is_recruiter? ||
- owner._?.mentor_is?(acting_user)
+ return true if owned_soft?
+ return true if acting_user.role.is_recruiter?
+ return true if owner.mentor_is?(acting_user)
+ false
end
# Returns hash containing updated answer attributes.