mirror of
https://github.com/astuto/astuto.git
synced 2025-12-16 11:47:56 +01:00
25 lines
376 B
Ruby
25 lines
376 B
Ruby
class UserPolicy < ApplicationPolicy
|
|
def permitted_attributes_for_update
|
|
if user.admin?
|
|
[:role, :status]
|
|
elsif user.moderator?
|
|
[:status]
|
|
else
|
|
[]
|
|
end
|
|
end
|
|
|
|
def index?
|
|
user.power_user?
|
|
end
|
|
|
|
def update?
|
|
if user.admin?
|
|
record.id != user.id
|
|
elsif user.moderator?
|
|
record.user?
|
|
else
|
|
false
|
|
end
|
|
end
|
|
end |