Merge branch 'authz' of https://github.com/rubyforgood/openstreetmap-website into...

[rails.git] / app / models / capability.rb

diff --git a/app/models/capability.rb b/app/models/capability.rb
index 17468750331de66846a696472c8436f3dd740bad..db2d7171170745acda1dc9898411473b8808ef53 100644 (file)
--- a/app/models/capability.rb
+++ b/app/models/capability.rb
@@ -5,15 +5,17 @@ class Capability
 
   def initialize(user, token)
     if user
-      can [:read, :read_one], UserPreference if has_capability?(token, :allow_read_prefs)
-      can [:update, :update_one, :delete_one], UserPreference if has_capability?(token, :allow_write_prefs)
+      can [:read, :read_one], UserPreference if capability?(token, :allow_read_prefs)
+      can [:update, :update_one, :delete_one], UserPreference if capability?(token, :allow_write_prefs)
 
     end
   end
 
+  private
+
   # If a user provides no tokens, they've authenticated via a non-oauth method
   # and permission to access to all capabilities is assumed.
-  def has_capability?(token, cap)
+  def capability?(token, cap)
     token.nil? || token.read_attribute(cap)
   end
 end