63 lines
1.3 KiB
Ruby
63 lines
1.3 KiB
Ruby
class RulePolicy < ApplicationPolicy
|
|
# NOTE: Up to Pundit v2.3.1, the inheritance was declared as
|
|
# `Scope < Scope` rather than `Scope < ApplicationPolicy::Scope`.
|
|
# In most cases the behavior will be identical, but if updating existing
|
|
# code, beware of possible changes to the ancestors:
|
|
# https://gist.github.com/Burgestrand/4b4bc22f31c8a95c425fc0e30d7ef1f5
|
|
|
|
def index?
|
|
true # Anyone can browse rules
|
|
end
|
|
|
|
def show?
|
|
true # Anyone can view rule details
|
|
end
|
|
|
|
def new?
|
|
current_user.present? # Must be authenticated to create rules
|
|
end
|
|
|
|
def create?
|
|
current_user.present? # Must be authenticated to create rules
|
|
end
|
|
|
|
def edit?
|
|
return false unless current_user.present?
|
|
return true if current_user.admin?
|
|
|
|
# Users can edit their own rules
|
|
record.user == current_user
|
|
end
|
|
|
|
def update?
|
|
return false unless current_user.present?
|
|
return true if current_user.admin?
|
|
|
|
# Users can update their own rules
|
|
record.user == current_user
|
|
end
|
|
|
|
def destroy?
|
|
return false unless current_user.present?
|
|
return true if current_user.admin?
|
|
|
|
# Users can delete their own rules
|
|
record.user == current_user
|
|
end
|
|
|
|
def enable?
|
|
update?
|
|
end
|
|
|
|
def disable?
|
|
update?
|
|
end
|
|
|
|
class Scope < ApplicationPolicy::Scope
|
|
def resolve
|
|
# All users can see all rules
|
|
scope.all
|
|
end
|
|
end
|
|
end
|