Commit c2dd4239 authored by http://jneen.net/'s avatar http://jneen.net/

short-circuit if there is no policy, and add :read_project check

parent 488e8e79
......@@ -76,10 +76,13 @@ class NotificationRecipient
end
def has_access?
DeclarativePolicy.subject_scope do
return false unless user.can?(:receive_notifications)
return false if @project && !user.can?(:read_project, @project)
return true unless @read_ability
return true unless DeclarativePolicy.has_policy?(@target)
DeclarativePolicy.subject_scope do
user.can?(@read_ability, @target)
end
end
......
......@@ -308,11 +308,7 @@ module NotificationRecipientService
end
def read_ability
@read_ability ||=
case target
when Commit then nil
else :"read_#{target.class.model_name.name.underscore}"
end
@read_ability ||= :"read_#{target.class.model_name.name.underscore}"
end
def subject
......
......@@ -28,7 +28,12 @@ module DeclarativePolicy
subject = find_delegate(subject)
class_for_class(subject.class)
class_for_class(subject.class) \
or raise "no policy for #{subject.class.name}"
end
def has_policy?(subject)
!class_for_class(subject.class).nil?
end
private
......@@ -51,9 +56,7 @@ module DeclarativePolicy
end
end
policy_class = subject_class.instance_variable_get(CLASS_CACHE_IVAR)
raise "no policy for #{subject.class.name}" if policy_class.nil?
policy_class
subject_class.instance_variable_get(CLASS_CACHE_IVAR)
end
def compute_class_for_class(subject_class)
......@@ -71,6 +74,8 @@ module DeclarativePolicy
nil
end
end
nil
end
def find_delegate(subject)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment