Adapts the CommentsController to the new permissions system

2015-08-10 15:40:23 +02:00
parent ce27a6f2ea
commit 84d848df7e
3 changed files with 19 additions and 12 deletions
--- a/app/controllers/comments_controller.rb
+++ b/app/controllers/comments_controller.rb
@@ -1,12 +1,11 @@
 class CommentsController < ApplicationController
-  before_action :authenticate_user!
-  before_action :set_debate, :set_parent, only: :create
+  before_action :build_comment, only: :create
+  load_and_authorize_resource
  respond_to :html, :js

  def create
-    @comment = Comment.build(@debate, current_user, params[:comment][:body])
    @comment.save!
-    @comment.move_to_child_of(@parent) if reply?
+    @comment.move_to_child_of(parent) if reply?

    Mailer.comment(@comment).deliver_now if email_on_debate_comment?
    Mailer.reply(@comment).deliver_now if email_on_comment_reply?
@@ -15,7 +14,6 @@ class CommentsController < ApplicationController
  end

  def vote
-    @comment = Comment.find(params[:id])
    @comment.vote_by(voter: current_user, vote: params[:value])
    respond_with @comment
  end
@@ -25,16 +23,20 @@ class CommentsController < ApplicationController
      params.require(:comments).permit(:commentable_type, :commentable_id, :body)
    end

-    def set_debate
-      @debate = Debate.find(params[:debate_id])
+    def build_comment
+      @comment = Comment.build(debate, current_user, params[:comment][:body])
    end

-    def set_parent
-      @parent = Comment.find_parent(params[:comment])
+    def debate
+      @debate ||= Debate.find(params[:debate_id])
+    end
+
+    def parent
+      @parent ||= Comment.find_parent(params[:comment])
    end

    def reply?
-      @parent.class == Comment
+      parent.class == Comment
    end

    def email_on_debate_comment?
@@ -42,6 +44,6 @@ class CommentsController < ApplicationController
    end

    def email_on_comment_reply?
-      reply? && @parent.author.email_on_comment_reply?
+      reply? && parent.author.email_on_comment_reply?
    end
 end
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -13,6 +13,8 @@ class Ability
        debate.editable_by?(user)
      end

+      can [:create, :vote], Comment
+
      if user.moderator? or user.administrator?

      elsif user.administrator?
--- a/spec/models/ability_spec.rb
+++ b/spec/models/ability_spec.rb
@@ -24,6 +24,9 @@ describe Ability do
    it { should be_able_to(:show, user) }
    it { should be_able_to(:edit, user) }

+    it { should be_able_to(:create, Comment) }
+    it { should be_able_to(:vote, Comment) }
+
    describe "other users" do
      let(:other_user) { create(:user) }
      it { should_not be_able_to(:show, other_user) }