Refs: #3478@1h; adapted table builder spex

4 files changed, 22 insertions, 19 deletions

diff --git a/app/decorators/company_decorator.rb b/app/decorators/company_decorator.rb
index 51c1f3c61..030952483 100644
--- a/app/decorators/company_decorator.rb
+++ b/app/decorators/company_decorator.rb
@@ -19,6 +19,8 @@ class CompanyDecorator < Draper::Decorator
     links = []
 
     if h.policy(Chouette::Company).create?
+      require 'pry'
+      binding.pry
       links << Link.new(
         content: h.t('companies.actions.new'),
         href: h.new_line_referential_company_path(context[:line_referential])
diff --git a/app/helpers/table_builder_helper/custom_links.rb b/app/helpers/table_builder_helper/custom_links.rb
index e185bf77b..6f2234948 100644
--- a/app/helpers/table_builder_helper/custom_links.rb
+++ b/app/helpers/table_builder_helper/custom_links.rb
@@ -48,24 +48,19 @@ module TableBuilderHelper
         #       This puts the responsability where it belongs to and allows
         #       for easy and fast unit testing of the BL, always a goos sign.
 
+        # N.B. Does not have policy shall not apply in the future anymore
+
         # Has policy and can destroy
+        # Doesn't have policy or is autorized
         (action == :delete &&
-            Pundit.policy(@user_context, @obj).present? &&
+            !Pundit.policy(@user_context, @obj).present? ||
             Pundit.policy(@user_context, @obj).destroy?) ||
 
-          # Doesn't have policy
-          (action == :delete &&
-            !Pundit.policy(@user_context, @obj).present?) ||
-
-          # Has policy and can update
+          # Doesn't have policy or is autorized
           (action == :edit &&
-            Pundit.policy(@user_context, @obj).present? &&
+            !Pundit.policy(@user_context, @obj).present? ||
             Pundit.policy(@user_context, @obj).update?) ||
 
-          # Doesn't have policy
-          (action == :edit &&
-            !Pundit.policy(@user_context, @obj).present?) ||
-
           # Object isn't archived
           (action == :archive && !@obj.archived?) ||
 
@@ -74,7 +69,7 @@ module TableBuilderHelper
 
           !Pundit.policy(@user_context, @obj).respond_to?("#{action}?") ||
           Pundit.policy(@user_context, @obj).public_send("#{action}?") ||
-            
+
 
           action_is_allowed_regardless_of_policy(action)
       end
diff --git a/app/policies/application_policy.rb b/app/policies/application_policy.rb
index e2c0acd8e..532004296 100644
--- a/app/policies/application_policy.rb
+++ b/app/policies/application_policy.rb
@@ -1,6 +1,13 @@
 class ApplicationPolicy
   attr_reader :current_referential, :record, :user
 
+  # Make authorization by action easier
+  def delete?
+    destroy?
+  end
+
+
+
   def initialize(user_context, record)
     @user                = user_context.user
     @current_referential = user_context.context[:referential]
diff --git a/app/policies/company_policy.rb b/app/policies/company_policy.rb
index 95d607f3d..2983c6acc 100644
--- a/app/policies/company_policy.rb
+++ b/app/policies/company_policy.rb
@@ -5,11 +5,10 @@ class CompanyPolicy < BoivPolicy
     end
   end
 
-  def create?
-    false
-  end
-  def update?  ; create? end
-  def new?     ; create? end
-  def edit?    ; create? end
-  def destroy? ; create? end
+  def create?;   false end
+  def destroy?;  false end
+  def edit?;     false end
+  def new?;      false end
+  def show?;     true end
+  def update?;   false end
 end