searchable: add framework for defining user search permissions.
Add a `visible_for_search` method to ApplicationPolicy that lets us define which fields a user is allowed to search for. For example, when a normal user searches for post flags by flagger name, they're only allowed to see their own flags, not flags by other users. But when a mod searches for flags by flagger name, they're allowed to see all flags, except for flags on their own uploads. This framework lets us define these rules in the `visible_for_search` method in the model's policy class, rather than as special cases in the `search` method of each model.
This commit is contained in:
evazion
4
app/policies/note_version_policy.rb
Normal file
4
app/policies/note_version_policy.rb
Normal file
@@ -0,0 +1,4 @@
|
||||
# frozen_string_literal: true
|
||||
|
||||
class NoteVersionPolicy < ApplicationPolicy
|
||||
end
|
||||
Reference in New Issue
Block a user