Cleanup file ; see previous commit for annotations

rails-girls-summer-of-code · May 17, 2018 · f6da595 · f6da595
1 parent bfaeb99
commit f6da595
Show file tree

Hide file tree

Showing 4 changed files with 90 additions and 441 deletions.
diff --git a/app/controllers/conferences_controller.rb b/app/controllers/conferences_controller.rb
@@ -13,9 +13,7 @@ def show
   end
 
   def create
-    byebug
-    # page_to_redirect = current_user.admin? ? conferences_path : edit_team_path(current_student.current_team)
-    page_to_redirect =  conferences_path
+    page_to_redirect = current_user.admin? ? conferences_path : edit_team_path(current_student.current_team)
     @conference = build_conference
 
     respond_to do |format|

diff --git a/app/models/ability.rb b/app/models/ability.rb
@@ -9,8 +9,7 @@ def initialize(user)
     alias_action :create, :read, :update, :destroy, to: :crud
 
     # guest user
-    can :read, Activity # pro forma ; Activity has no authorisation restriction, except for kind: :mailing
-    can :read, [User, Team, Project, Conference]
+    can :read, [Activity, User, Team, Project, Conference]
 
     return unless signed_in?(user)
 
@@ -26,12 +25,6 @@ def initialize(user)
     can :resend_confirmation_instruction, User, id: user.id
     can :create, Project
     can [:join, :create], Team
-    # the validation is tested in spec/models/team_spec.rb:33
-    # Should this be in ability at all?
-    # can :crud, Team do |team|
-    #   team.new_record?
-    # end
-    #  => delete
     can :index, Mailing
     can :read, Mailing do |mailing|
       mailing.recipient? user
@@ -42,23 +35,15 @@ def initialize(user)
       on_team?(user, team)
     end
 
-    # Add / split restrictions for current season?
-
     # current_student
-    if user.current_student? # TODO is this the best check?
+    if user.current_student? # TODO is this a valid check?
       can :create, Team if user.teams.none?
       can :create, Conference
     end
 
     # supervisor
     if user.supervisor?
       can :read, :users_info
-      # explanation for this simpler declaration:
-      # The unconfirmed user ^ above had this declaration:
-      #   `can :read_email, User, hide_email: false`
-      # is defined for all users: all can read an email address that is not hidden
-      # Here, the hide_email attribute doesnt matter: a supervisor can read it anyway
-      # See specs added to check this behaviour
       can :read_email, User do |other_user|
         supervises?(other_user, user)
       end
@@ -77,8 +62,7 @@ def initialize(user)
       cannot :create, User # this only happens through GitHub
     end
 
-    ################# OLD FILE, # = moved to or rewritten above ############
-    # NOT everything moved yet #
+    ################# REMAININGS FROM OLD FILE, # = rewritten above ############
 
     # can :crud, Team do |team|
     #   user.admin? || signed_in?(user) && team.new_record? || on_team?(user, team)
@@ -99,7 +83,7 @@ def initialize(user)
     # cannot :create, Team do |team|
     #   on_team_for_season?(user, team.season) || !user.confirmed?
     # end
-    # todo join helpdesk team
+    # todo helpdesk team join
     can :join, Team do |team|
       team.helpdesk_team? and signed_in?(user) and user.confirmed? and not on_team?(user, team)
     end