63 lines
1.5 KiB
Ruby
63 lines
1.5 KiB
Ruby
class NetworkRangePolicy < ApplicationPolicy
|
|
# NOTE: Up to Pundit v2.3.1, the inheritance was declared as
|
|
# `Scope < Scope` rather than `Scope < ApplicationPolicy::Scope`.
|
|
# In most cases the behavior will be identical, but if updating existing
|
|
# code, beware of possible changes to the ancestors:
|
|
# https://gist.github.com/Burgestrand/4b4bc22f31c8a95c425fc0e30d7ef1f5
|
|
|
|
def index?
|
|
true # Anyone can browse network ranges
|
|
end
|
|
|
|
def show?
|
|
true # Anyone can view network range details
|
|
end
|
|
|
|
def lookup?
|
|
true # Anyone can lookup IP addresses
|
|
end
|
|
|
|
def new?
|
|
current_user.present? # Must be authenticated to create network ranges
|
|
end
|
|
|
|
def create?
|
|
current_user.present? # Must be authenticated to create network ranges
|
|
end
|
|
|
|
def edit?
|
|
return false unless current_user.present?
|
|
return true if current_user.admin?
|
|
|
|
# Users can edit their own network ranges
|
|
record.user == current_user
|
|
end
|
|
|
|
def update?
|
|
return false unless current_user.present?
|
|
return true if current_user.admin?
|
|
|
|
# Users can update their own network ranges
|
|
record.user == current_user
|
|
end
|
|
|
|
def destroy?
|
|
return false unless current_user.present?
|
|
return true if current_user.admin?
|
|
|
|
# Users can delete their own network ranges
|
|
record.user == current_user
|
|
end
|
|
|
|
def enrich?
|
|
update? # Same permissions as update
|
|
end
|
|
|
|
class Scope < ApplicationPolicy::Scope
|
|
def resolve
|
|
# All users can see all network ranges
|
|
scope.all
|
|
end
|
|
end
|
|
end
|