diff --git a/app/controllers/account/applications_controller.rb b/app/controllers/account/applications_controller.rb index 90786c9f9..c5684eb91 100644 --- a/app/controllers/account/applications_controller.rb +++ b/app/controllers/account/applications_controller.rb @@ -4,13 +4,13 @@ class Account::ApplicationsController < ApplicationController before_action :authenticate_user! def show - authorize :account_applications + authorize [:account, Doorkeeper::Application] redirect_to account_applications_path end def index - authorize :account_applications + authorize [:account, Doorkeeper::Application] @applications_with_signin = Doorkeeper::Application.can_signin(current_user) @applications_without_signin = Doorkeeper::Application.not_retired.without_signin_permission_for(current_user) diff --git a/app/controllers/account/permissions_controller.rb b/app/controllers/account/permissions_controller.rb index 10cffbc0e..6fa15035d 100644 --- a/app/controllers/account/permissions_controller.rb +++ b/app/controllers/account/permissions_controller.rb @@ -6,6 +6,6 @@ class Account::PermissionsController < ApplicationController def index @application = Doorkeeper::Application.not_retired.find(params[:application_id]) - authorize @application, :view_permissions?, policy_class: AccountApplicationsPolicy + authorize [:account, @application], :view_permissions? end end diff --git a/app/controllers/account/signin_permissions_controller.rb b/app/controllers/account/signin_permissions_controller.rb index 1b3da9922..590893e15 100644 --- a/app/controllers/account/signin_permissions_controller.rb +++ b/app/controllers/account/signin_permissions_controller.rb @@ -4,9 +4,10 @@ class Account::SigninPermissionsController < ApplicationController before_action :authenticate_user! def create - authorize :account_applications, :grant_signin_permission? - application = Doorkeeper::Application.not_retired.find(params[:application_id]) + + authorize [:account, application], :grant_signin_permission? + current_user.grant_application_signin_permission(application) redirect_to account_applications_path end @@ -14,13 +15,13 @@ def create def delete @application = Doorkeeper::Application.not_retired.find(params[:application_id]) - authorize @application, :remove_signin_permission?, policy_class: AccountApplicationsPolicy + authorize [:account, @application], :remove_signin_permission? end def destroy application = Doorkeeper::Application.not_retired.find(params[:application_id]) - authorize application, :remove_signin_permission?, policy_class: AccountApplicationsPolicy + authorize [:account, application], :remove_signin_permission? current_user.remove_application_signin_permission(application) redirect_to account_applications_path diff --git a/app/policies/account_applications_policy.rb b/app/policies/account/application_policy.rb similarity index 86% rename from app/policies/account_applications_policy.rb rename to app/policies/account/application_policy.rb index ea1f58eae..e0e140f33 100644 --- a/app/policies/account_applications_policy.rb +++ b/app/policies/account/application_policy.rb @@ -1,4 +1,4 @@ -class AccountApplicationsPolicy < BasePolicy +class Account::ApplicationPolicy < BasePolicy def index? current_user.govuk_admin? end diff --git a/test/policies/account_applications_policy_test.rb b/test/policies/account/application_policy_test.rb similarity index 98% rename from test/policies/account_applications_policy_test.rb rename to test/policies/account/application_policy_test.rb index 56a1bcca8..88c3de871 100644 --- a/test/policies/account_applications_policy_test.rb +++ b/test/policies/account/application_policy_test.rb @@ -1,7 +1,7 @@ require "test_helper" require "support/policy_helpers" -class AccountApplicationsPolicyTest < ActiveSupport::TestCase +class Account::ApplicationPolicyTest < ActiveSupport::TestCase include PolicyHelpers context "accessing index?" do