trabajo-afectivo/app/policies/controllers/form_controller_policy.rb

class Controllers::FormControllerPolicy < Controllers::ApplicationControllerPolicy

  def configuration?
    authorized?
  end

  def submit?
    authorized?
  end

  def test?
    record.params[:test] && user&.permissions?('admin.channel_formular')
  end

  private

  def authorized?
    test? || enabled?
  end

  def user_required?
    false
  end

  def enabled?
    Setting.get('form_ticket_create')
  end
end
Refactoring: Replaced home-rolled authorization logic in Controllers with Pundit. 2020-03-19 09:39:51 +00:00			`class Controllers::FormControllerPolicy < Controllers::ApplicationControllerPolicy`

			`def configuration?`
			`authorized?`
			`end`

			`def submit?`
			`authorized?`
			`end`

			`def test?`
			`record.params[:test] && user&.permissions?('admin.channel_formular')`
			`end`

			`private`

			`def authorized?`
			`test? \|\| enabled?`
			`end`

			`def user_required?`
			`false`
			`end`

			`def enabled?`
			`Setting.get('form_ticket_create')`
			`end`
			`end`