From 4e777262232ccf4c4d9c9b604743ec0937acf89f Mon Sep 17 00:00:00 2001
From: Marcela Ribeiro de Oliveira <mro15@inf.ufpr.br>
Date: Thu, 1 Feb 2018 09:35:47 -0200
Subject: [PATCH] add policy_scope in contacts index

---
 app/controllers/v1/contacts_controller.rb | 12 ++++++++----
 app/policies/contact_policy.rb            |  8 ++++++++
 2 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/app/controllers/v1/contacts_controller.rb b/app/controllers/v1/contacts_controller.rb
index ac00e1c6..d2994e47 100644
--- a/app/controllers/v1/contacts_controller.rb
+++ b/app/controllers/v1/contacts_controller.rb
@@ -22,13 +22,13 @@ class V1::ContactsController < ApplicationController
 
   before_action :authenticate_user!, except: [:create]
   before_action :set_contact, only: [:show, :update, :destroy]
-  before_action :authorize!, except: [:index, :create]
+	before_action :set_new_contact, only: :index
+  before_action :authorize!, except: [:create]
 
   # GET v1/contacts
   def index
-    authorize :contact, :index?
-    contacts = paginate Contact
-    render json: contacts
+    contacts = paginate policy_scope(Contact)
+		render json: contacts
   end
 
   # GET v1/contacts/1
@@ -78,4 +78,8 @@ class V1::ContactsController < ApplicationController
     def authorize!
       authorize @contact
     end
+
+		def set_new_contact
+			@contact ||= Contact.new
+		end
 end
diff --git a/app/policies/contact_policy.rb b/app/policies/contact_policy.rb
index feabd104..5c7afa25 100644
--- a/app/policies/contact_policy.rb
+++ b/app/policies/contact_policy.rb
@@ -18,6 +18,14 @@
 # along with portalmec.  If not, see <http://www.gnu.org/licenses/>.
 
 class ContactPolicy < ApplicationPolicy
+  class Scope < Scope
+    def resolve
+			if user_can_edit?
+      	scope.all
+			end
+    end
+  end
+
   def index?
     record if user_can_edit?
   end
-- 
GitLab