mirror of
https://github.com/astuto/astuto.git
synced 2025-12-16 03:37:56 +01:00
21 lines
440 B
Ruby
21 lines
440 B
Ruby
class PostPolicy < ApplicationPolicy
|
|
def permitted_attributes_for_create
|
|
[:title, :description, :board_id]
|
|
end
|
|
|
|
def permitted_attributes_for_update
|
|
if user.moderator?
|
|
[:title, :description, :board_id, :post_status_id, :approval_status]
|
|
else
|
|
[:title, :description]
|
|
end
|
|
end
|
|
|
|
def update?
|
|
user == record.user or user.moderator?
|
|
end
|
|
|
|
def destroy?
|
|
user == record.user or user.moderator?
|
|
end
|
|
end |