diff --git a/app/policies/answer_policy.rb b/app/policies/answer_policy.rb new file mode 100644 index 00000000..c012c920 --- /dev/null +++ b/app/policies/answer_policy.rb @@ -0,0 +1,14 @@ +# frozen_string_literal: true + +class AnswerPolicy + attr_reader :user, :answer + + def initialize(user, answer) + @user = user + @answer = answer + end + + def pin? = answer.user == user + + def unpin? = answer.user == user +end diff --git a/lib/use_case/answer/pin.rb b/lib/use_case/answer/pin.rb index 0e0d76d4..c790663c 100644 --- a/lib/use_case/answer/pin.rb +++ b/lib/use_case/answer/pin.rb @@ -7,7 +7,7 @@ module UseCase option :answer, type: Types.Instance(::Answer) def call - check_ownership! + authorize!(:pin, user, answer) check_unpinned! answer.pinned_at = Time.now.utc @@ -21,10 +21,6 @@ module UseCase private - def check_ownership! - raise ::Errors::NotAuthorized unless answer.user == user - end - def check_unpinned! raise ::Errors::BadRequest if answer.pinned_at.present? end diff --git a/lib/use_case/answer/unpin.rb b/lib/use_case/answer/unpin.rb index f9553b8d..8f12742e 100644 --- a/lib/use_case/answer/unpin.rb +++ b/lib/use_case/answer/unpin.rb @@ -7,7 +7,7 @@ module UseCase option :answer, type: Types.Instance(::Answer) def call - check_ownership! + authorize!(:unpin, user, answer) check_pinned! answer.pinned_at = nil @@ -21,10 +21,6 @@ module UseCase private - def check_ownership! - raise ::Errors::NotAuthorized unless answer.user == user - end - def check_pinned! raise ::Errors::BadRequest if answer.pinned_at.nil? end diff --git a/lib/use_case/base.rb b/lib/use_case/base.rb index e35585c2..7ff23bbf 100644 --- a/lib/use_case/base.rb +++ b/lib/use_case/base.rb @@ -9,5 +9,11 @@ module UseCase def self.call(...) = new(...).call def call = raise NotImplementedError + + private + + def authorize!(verb, user, record, error_class: Errors::NotAuthorized) + raise error_class unless Pundit.policy!(user, record).public_send("#{verb}?") + end end end