user_policy.rb 796 B

123456789101112131415161718192021222324252627282930313233343536373839
  1. # frozen_string_literal: true
  2. class UserPolicy < ApplicationPolicy
  3. def reset_password?
  4. role.can?(:manage_user_access) && role.overrides?(record.role)
  5. end
  6. def change_email?
  7. role.can?(:manage_user_access) && role.overrides?(record.role)
  8. end
  9. def disable_2fa?
  10. role.can?(:manage_user_access) && role.overrides?(record.role)
  11. end
  12. def change_role?
  13. role.can?(:manage_roles) && role.overrides?(record.role)
  14. end
  15. def confirm?
  16. role.can?(:manage_user_access) && !record.confirmed?
  17. end
  18. def enable?
  19. role.can?(:manage_users)
  20. end
  21. def approve?
  22. role.can?(:manage_users) && !record.approved?
  23. end
  24. def reject?
  25. role.can?(:manage_users) && !record.approved?
  26. end
  27. def disable?
  28. role.can?(:manage_users) && role.overrides?(record.role)
  29. end
  30. end