Content can be read if the any of the submissions can be read. Closes #…

…78.
concerto · May 3, 2012 · 666c92d · 666c92d
1 parent f546fa6
commit 666c92d
Show file tree

Hide file tree

Showing 2 changed files with 38 additions and 5 deletions.
diff --git a/app/models/ability.rb b/app/models/ability.rb
@@ -15,8 +15,14 @@ def initialize(accessor)
     # the ability to 'read' a feed implies that
     # you can browse it's contents as well
     can :read, Feed, :is_viewable => true
-    #TODO Content permissions per #78
-    can :read, Content if true
+
+    ## Content
+    # Content approved on public feeds is publcally accessible.
+    can :read, Content, :submissions => {:feed => {:is_viewable => true}, :moderation_flag => true}
+    # If any of the submissions can be read the content can be read too.
+    can :read, Content do |content|
+      content.submissions.any?{|s| can?(:read, s)}
+    end
 
     ## Fields
     # Anything can read fields and positions.
@@ -107,10 +113,9 @@ def user_abilities(user)
     can [:read, :update], Submission do |submission|
       submission.feed.group.leaders.include?(user)
     end
-    # Approved submissions can be read if their feed is public of the user is a member
-    # of the feeds group.
+    # Approved submissions can be read if they can read the feed.
     can :read, Submission do |s|
-      s.moderation_flag && (s.feed.is_viewable || s.feed.group.users.include?(user))
+      s.moderation_flag && can?(:read, s.feed)
     end
 
     ## Feeds

diff --git a/test/unit/abilities/shared/content_test.rb b/test/unit/abilities/shared/content_test.rb
@@ -0,0 +1,28 @@
+require 'test_helper'
+
+class SharedContentAbilityTest < ActiveSupport::TestCase
+  def setup
+    @content = contents(:old_ticker)
+    @bad_content = contents(:sample_ticker)
+    @user = User.new
+    @screen = Screen.new
+  end
+
+  test "anyone can read content approved on 1 feed" do
+    # Deny the content on 1 feed
+    @content.submissions.create(:feed => feeds(:sleepy_announcements), :moderation_flag => false)
+
+    [@user, @screen].each do |thing|
+      ability = Ability.new(thing)
+      assert ability.can?(:read, @content), "Failure with #{thing}."
+    end
+  end
+
+  test "no one can read unapproved content" do
+    [@screen, @user, @screen].each do |thing|
+      ability = Ability.new(thing)
+      assert ability.cannot?(:read, @bad_content), "Failure with #{thing}."
+    end
+  end
+end
+