From 38fe78d164649067c4a73041eb4fd59652de7852 Mon Sep 17 00:00:00 2001
From: Israel Barreto Sant'Anna <ibsa14@inf.ufpr.br>
Date: Wed, 8 Feb 2017 12:29:07 -0200
Subject: [PATCH] Fix same_user error in publisher policy

Signed-off-by: Israel Barreto Sant'Anna <ibsa14@inf.ufpr.br>
---
 app/controllers/concerns/publisher_controller.rb |  2 +-
 app/policies/publisher_policy.rb                 | 10 +++++++++-
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/app/controllers/concerns/publisher_controller.rb b/app/controllers/concerns/publisher_controller.rb
index 6e02bf295..c0d2acf15 100644
--- a/app/controllers/concerns/publisher_controller.rb
+++ b/app/controllers/concerns/publisher_controller.rb
@@ -17,7 +17,7 @@ module PublisherController
   end
 
   def show_all_collections
-    render json: ::UserPolicy::Scope.new(current_user,Collection).resolve.where(owner: @publisher)
+    render json: ::UserPolicy::Scope.new(current_user, @publisher, Collection).resolve.where(owner: @publisher)
   end
 
   def show_liked_learning_objects
diff --git a/app/policies/publisher_policy.rb b/app/policies/publisher_policy.rb
index 0eee77811..1da55efa6 100644
--- a/app/policies/publisher_policy.rb
+++ b/app/policies/publisher_policy.rb
@@ -1,10 +1,18 @@
 module PublisherPolicy
 
   class Scope < ApplicationPolicy::Scope
+    attr_reader :user, :record, :scope
+
+    def initialize(user, record, scope)
+      @user = user
+      @record = user
+      @scope = scope
+    end
+
     def resolve
       if user.nil?
         scope.where(privacy: 'public')
-      elsif user.is_admin? || same_user?
+      elsif user.is_admin? || record == user
         scope.all
       else
         scope.where(privacy: 'public')
-- 
GitLab