From 230085b964c45a9ae0c7ec6b9184d655680000c5 Mon Sep 17 00:00:00 2001
From: Alex Kotov <kotovalexarian@gmail.com>
Date: Sat, 14 Sep 2019 00:32:43 +0500
Subject: [PATCH] Allow usual users to download their private keys

---
 app/policies/private_key_policy.rb | 4 +++-
 app/primitives/private_key.rb      | 2 ++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/app/policies/private_key_policy.rb b/app/policies/private_key_policy.rb
index 904d01b..6f08910 100644
--- a/app/policies/private_key_policy.rb
+++ b/app/policies/private_key_policy.rb
@@ -2,7 +2,9 @@
 
 class PrivateKeyPolicy < ApplicationPolicy
   def show?
-    account&.superuser? &&
+    return false if account.nil?
+
+    (account.superuser? || account == record.account) &&
       record.exist? &&
       params[:private_key_pem_secret].present?
   end
diff --git a/app/primitives/private_key.rb b/app/primitives/private_key.rb
index 74e1d47..441cf05 100644
--- a/app/primitives/private_key.rb
+++ b/app/primitives/private_key.rb
@@ -3,6 +3,8 @@
 class PrivateKey
   attr_reader :asymmetric_key
 
+  delegate :account, to: :asymmetric_key
+
   def self.policy_class
     'PrivateKeyPolicy'
   end