Use attr readers instead of instance variables in policy classes

Complements commit 2cbe3e8 ("Stop
duplicating ApplicationPolicy#initialize in the subclasses").

src/api/app/policies/announcement_policy.rb

@@ -1,6 +1,6 @@
 class AnnouncementPolicy < ApplicationPolicy
   def index?
-    @user.is_admin?
+    user.is_admin?
   end
 
   def show?

src/api/app/policies/attrib_namespace_policy.rb

@@ -1,6 +1,6 @@
 class AttribNamespacePolicy < ApplicationPolicy
   def create?
-    @user.is_admin? || access_to_namespace?
+    user.is_admin? || access_to_namespace?
   end
 
   def update?
@@ -14,8 +14,8 @@ def destroy?
   private
 
   def access_to_namespace?
-    @record.attrib_namespace_modifiable_bies.any? do |rule|
-      rule.user == @user || @user.is_in_group?(rule.group)
+    record.attrib_namespace_modifiable_bies.any? do |rule|
+      rule.user == user || user.is_in_group?(rule.group)
     end
   end
 end

src/api/app/policies/attrib_policy.rb

@@ -1,17 +1,17 @@
 class AttribPolicy < ApplicationPolicy
   def create?
     # Admins can write everything
-    return true if @user.is_admin?
+    return true if user.is_admin?
 
-    if @record.attrib_type.nil? || @record.attrib_type.attrib_type_modifiable_bies.empty?
+    if record.attrib_type.nil? || record.attrib_type.attrib_type_modifiable_bies.empty?
       # No specific rules set for the attribute, check if the user can modify the container
-      @record.container.can_be_modified_by?(@user)
+      record.container.can_be_modified_by?(user)
     else
       # check for type modifiable_by rules
-      @record.attrib_type.attrib_type_modifiable_bies.any? do |rule|
-        rule.user == @user ||
-          @user.is_in_group?(rule.group) ||
-          (rule.try(:role) && @user.has_local_role?(rule.role, @record.container))
+      record.attrib_type.attrib_type_modifiable_bies.any? do |rule|
+        rule.user == user ||
+          user.is_in_group?(rule.group) ||
+          (rule.try(:role) && user.has_local_role?(rule.role, record.container))
       end
     end
   end

src/api/app/policies/attrib_type_policy.rb

@@ -1,6 +1,6 @@
 class AttribTypePolicy < ApplicationPolicy
   def create?
-    @user.is_admin? || access_to_type? || access_to_namespace?
+    user.is_admin? || access_to_type? || access_to_namespace?
   end
 
   def update?
@@ -14,14 +14,14 @@ def destroy?
   private
 
   def access_to_type?
-    @record.attrib_type_modifiable_bies.any? do |rule|
-      rule.user == @user || @user.is_in_group?(rule.group)
+    record.attrib_type_modifiable_bies.any? do |rule|
+      rule.user == user || user.is_in_group?(rule.group)
     end
   end
 
   def access_to_namespace?
-    @record.attrib_namespace.attrib_namespace_modifiable_bies.any? do |rule|
-      rule.user == @user || @user.is_in_group?(rule.group)
+    record.attrib_namespace.attrib_namespace_modifiable_bies.any? do |rule|
+      rule.user == user || user.is_in_group?(rule.group)
     end
   end
 end

src/api/app/policies/bs_request_policy.rb

@@ -1,8 +1,8 @@
 class BsRequestPolicy < ApplicationPolicy
   def create?
     # new request should not have an id (BsRequest#number)
-    return false if @record.number
+    return false if record.number
     # dont let user set approver other than himself unless he is admin
-    ![nil, @user.login].include?(@record.approver) && !@user.is_admin? ? false : true
+    ![nil, user.login].include?(record.approver) && !user.is_admin? ? false : true
   end
 end

src/api/app/policies/download_repository_policy.rb

@@ -1,13 +1,13 @@
 class DownloadRepositoryPolicy < ApplicationPolicy
   def create?
-    @user.is_admin?
+    user.is_admin?
   end
 
   def update?
-    @user.is_admin?
+    user.is_admin?
   end
 
   def destroy?
-    @user.is_admin?
+    user.is_admin?
   end
 end

src/api/app/policies/group_policy.rb

@@ -5,11 +5,11 @@ def index?
 
   def create?
     # Only admins can create new groups atm
-    @user.is_admin?
+    user.is_admin?
   end
 
   def update?
-    @user.is_admin? || @record.group_maintainers.where(user: @user).exists?
+    user.is_admin? || record.group_maintainers.where(user: user).exists?
   end
 
   def destroy?

src/api/app/policies/package_policy.rb

@@ -2,28 +2,28 @@ class PackagePolicy < ApplicationPolicy
   def branch?
     # same as Package.check_source_access!
     if source_access? || project_source_access?
-      return false unless @user.can_source_access?(@record)
+      return false unless user.can_source_access?(record)
     end
     true
   end
 
   def update?
-    @user.can_modify?(@record)
+    user.can_modify?(record)
   end
 
   def destroy?
-    @user.can_modify?(@record)
+    user.can_modify?(record)
   end
 
   def save_meta_update?
     update? && !source_access?
   end
 
   def project_source_access?
-    @record.project.disabled_for?('sourceaccess', nil, nil)
+    record.project.disabled_for?('sourceaccess', nil, nil)
   end
 
   def source_access?
-    @record.disabled_for?('sourceaccess', nil, nil)
+    record.disabled_for?('sourceaccess', nil, nil)
   end
 end

src/api/app/policies/project_policy.rb

@@ -4,16 +4,16 @@ def initialize(user, record)
   end
 
   def create?
-    return false unless @user
-    @user.can_create_project?(@record.name)
+    return false unless user
+    user.can_create_project?(record.name)
   end
 
   def update?
-    return false unless @user
+    return false unless user
     return false unless local_project_and_allowed_to_create_package_in?
     # The ordering is important because of the lock status check
-    return true if @user.is_admin?
-    return false unless @user.can_modify?(@record, true)
+    return true if user.is_admin?
+    return false unless user.can_modify?(record, true)
     # Regular users are not allowed to modify projects with remote references
     no_remote_instance_defined_and_has_not_remote_repositories?
   end
@@ -31,22 +31,22 @@ def show?
   end
 
   def unlock?
-    return false unless @user
-    @user.can_modify?(@record, true)
+    return false unless user
+    user.can_modify?(record, true)
   end
 
   private
 
   def no_remote_instance_defined_and_has_not_remote_repositories?
-    !@record.defines_remote_instance? && !@record.has_remote_repositories?
+    !record.defines_remote_instance? && !record.has_remote_repositories?
   end
 
   def local?
-    @record.is_a?(Project)
+    record.is_a?(Project)
   end
 
   def can_create_package_in?
-    @user.can_create_package_in?(@record)
+    user.can_create_package_in?(record)
   end
 
   def local_project_and_allowed_to_create_package_in?

src/api/app/policies/repository_policy.rb

@@ -8,7 +8,7 @@ def create?
   end
 
   def update?
-    ProjectPolicy.new(@user, @record.project).update?
+    ProjectPolicy.new(user, record.project).update?
   end
 
   def destroy?