f439fc7371
Added check in poll card that allows setting the value of results_enabled flag. Access to stats/results now is controlled with abilities. Polls related to proposals will be accessible to the proposal author like they were administrators.
120 lines
3.6 KiB
Ruby
120 lines
3.6 KiB
Ruby
module Abilities
|
|
class Common
|
|
include CanCan::Ability
|
|
|
|
def initialize(user)
|
|
merge Abilities::Everyone.new(user)
|
|
|
|
can [:read, :update], User, id: user.id
|
|
|
|
can :read, Debate
|
|
can :update, Debate do |debate|
|
|
debate.editable_by?(user)
|
|
end
|
|
|
|
can :read, Proposal
|
|
can :update, Proposal do |proposal|
|
|
proposal.editable_by?(user)
|
|
end
|
|
can :publish, Proposal do |proposal|
|
|
proposal.draft? && proposal.author.id == user.id
|
|
end
|
|
can :dashboard, Proposal do |proposal|
|
|
proposal.author.id == user.id
|
|
end
|
|
can :manage_polls, Proposal do |proposal|
|
|
proposal.author.id == user.id
|
|
end
|
|
|
|
can :results, Poll do |poll|
|
|
poll.related&.author&.id == user.id
|
|
end
|
|
|
|
can [:retire_form, :retire], Proposal, author_id: user.id
|
|
|
|
can :read, Legislation::Proposal
|
|
cannot [:edit, :update], Legislation::Proposal do |proposal|
|
|
proposal.editable_by?(user)
|
|
end
|
|
can [:retire_form, :retire], Legislation::Proposal, author_id: user.id
|
|
|
|
can :create, Comment
|
|
can :create, Debate
|
|
can [:create, :created], Proposal
|
|
can :create, Legislation::Proposal
|
|
|
|
can :suggest, Debate
|
|
can :suggest, Proposal
|
|
can :suggest, Legislation::Proposal
|
|
can :suggest, ActsAsTaggableOn::Tag
|
|
|
|
can [:flag, :unflag], Comment
|
|
cannot [:flag, :unflag], Comment, user_id: user.id
|
|
|
|
can [:flag, :unflag], Debate
|
|
cannot [:flag, :unflag], Debate, author_id: user.id
|
|
|
|
can [:flag, :unflag], Proposal
|
|
cannot [:flag, :unflag], Proposal, author_id: user.id
|
|
|
|
can [:flag, :unflag], Legislation::Proposal
|
|
cannot [:flag, :unflag], Legislation::Proposal, author_id: user.id
|
|
|
|
can [:create, :destroy], Follow
|
|
|
|
can [:destroy], Document do |document|
|
|
document.documentable.try(:author_id) == user.id
|
|
end
|
|
|
|
can [:destroy], Image, imageable: { author_id: user.id }
|
|
|
|
can [:create, :destroy], DirectUpload
|
|
|
|
unless user.organization?
|
|
can :vote, Debate
|
|
can :vote, Comment
|
|
end
|
|
|
|
if user.level_two_or_three_verified?
|
|
can :vote, Proposal do |proposal|
|
|
proposal.published?
|
|
end
|
|
can :vote_featured, Proposal
|
|
can :vote, SpendingProposal
|
|
can :create, SpendingProposal
|
|
|
|
can :vote, Legislation::Proposal
|
|
can :vote_featured, Legislation::Proposal
|
|
can :create, Legislation::Answer
|
|
|
|
can :create, Budget::Investment, budget: { phase: "accepting" }
|
|
can :suggest, Budget::Investment, budget: { phase: "accepting" }
|
|
can :destroy, Budget::Investment, budget: { phase: ["accepting", "reviewing"] }, author_id: user.id
|
|
can :vote, Budget::Investment, budget: { phase: "selecting" }
|
|
|
|
can [:show, :create], Budget::Ballot, budget: { phase: "balloting" }
|
|
can [:create, :destroy], Budget::Ballot::Line, budget: { phase: "balloting" }
|
|
|
|
can :create, DirectMessage
|
|
can :show, DirectMessage, sender_id: user.id
|
|
can :answer, Poll do |poll|
|
|
poll.answerable_by?(user)
|
|
end
|
|
can :answer, Poll::Question do |question|
|
|
question.answerable_by?(user)
|
|
end
|
|
end
|
|
|
|
can [:create, :show], ProposalNotification, proposal: { author_id: user.id }
|
|
|
|
can :create, Annotation
|
|
can [:update, :destroy], Annotation, user_id: user.id
|
|
|
|
can [:create], Topic
|
|
can [:update, :destroy], Topic, author_id: user.id
|
|
|
|
can :disable_recommendations, [Debate, Proposal]
|
|
end
|
|
end
|
|
end
|