So, I'm trying to use a pearl. I'm just trying to figure out how to have an index for users and administrators. I want to do all the results for the administrator and only related messages for the user. I searched googled and searched on github, but I had no luck. What do I need to include in my policy and controller?
source
class PostsPolicy attr_reader :current_user, :model def initialize(current_user, model) @current_user = current_user @post = model end def index? @current_user.admin? end end
controller
class PostsController < ApplicationController before_filter :load_user before_filter :authenticate_user! after_action :verify_authorized def index @posts = Post.order('title').page(params[:page]).per(25) authorize User end private def load_user @user = User.find_by_id(params[:user_id]) end end
second update
class PostsPolicy class Scope attr_reader :user, :scope def initialize(user, scope) @user = user @scope = scope end def resolve if user.admin? scope.all else scope.where(user: user) end end end end
controller
class PostsController < ApplicationController before_filter :load_user before_filter :authenticate_user! after_action :verify_authorized def index @posts = policy_scope(Post).order('title').page(params[:page]).per(25) authorize User end private def load_user @user = User.find_by_id(params[:user_id]) end end
third update
class PostPolicy class Scope attr_reader :user, :scope def initialize(user, scope) @user = user @scope = scope end def resolve if user.admin? scope.all else scope.where(user: user) end end end def index? user.admin? || user.posts.count > 0 end end
controller
class PostsController < ApplicationController before_filter :load_user before_filter :authenticate_user! after_action :verify_authorized def index @posts = policy_scope(Post).order('title').page(params[:page]).per(25) authorize User end private def load_user @user = User.find_by_id(params[:user_id]) end end
** final update with working code **
class PostPolicy attr_reader :user, :model def initialize(user, model) @user = user @post = model end class Scope attr_reader :user, :scope def initialize(user, scope) @user = user @scope = scope end def resolve if user.admin? scope.all else scope.where(user: user) end end end def index? user.admin? || user.posts.count end end
controller
class PostsController < ApplicationController before_filter :load_user before_filter :authenticate_user! after_action :verify_authorized def index @posts = policy_scope(Post).order('title').page(params[:page]).per(25) authorize Post end private def load_user @user = User.find_by_id(params[:user_id]) end end