2017-11-11 20:23:33 +01:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
class UserPolicy < ApplicationPolicy
|
|
|
|
def reset_password?
|
|
|
|
staff? && !record.staff?
|
|
|
|
end
|
|
|
|
|
2018-04-10 09:16:06 +02:00
|
|
|
def change_email?
|
|
|
|
staff? && !record.staff?
|
|
|
|
end
|
|
|
|
|
2017-11-11 20:23:33 +01:00
|
|
|
def disable_2fa?
|
|
|
|
admin? && !record.staff?
|
|
|
|
end
|
|
|
|
|
2021-07-08 05:31:28 +02:00
|
|
|
def disable_sign_in_token_auth?
|
|
|
|
staff?
|
|
|
|
end
|
|
|
|
|
|
|
|
def enable_sign_in_token_auth?
|
|
|
|
staff?
|
|
|
|
end
|
|
|
|
|
2017-11-11 20:23:33 +01:00
|
|
|
def confirm?
|
|
|
|
staff? && !record.confirmed?
|
|
|
|
end
|
|
|
|
|
|
|
|
def enable?
|
2018-08-23 23:26:29 +02:00
|
|
|
staff?
|
2017-11-11 20:23:33 +01:00
|
|
|
end
|
|
|
|
|
2019-03-14 05:28:30 +01:00
|
|
|
def approve?
|
|
|
|
staff? && !record.approved?
|
|
|
|
end
|
|
|
|
|
|
|
|
def reject?
|
|
|
|
staff? && !record.approved?
|
|
|
|
end
|
|
|
|
|
2017-11-11 20:23:33 +01:00
|
|
|
def disable?
|
2018-08-23 23:26:29 +02:00
|
|
|
staff? && !record.admin?
|
2017-11-11 20:23:33 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
def promote?
|
2022-03-06 22:51:40 +01:00
|
|
|
admin? && promotable?
|
2017-11-11 20:23:33 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
def demote?
|
|
|
|
admin? && !record.admin? && demoteable?
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
2022-03-06 22:51:40 +01:00
|
|
|
def promotable?
|
2019-03-14 05:28:30 +01:00
|
|
|
record.approved? && (!record.staff? || !record.admin?)
|
2017-11-11 20:23:33 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
def demoteable?
|
|
|
|
record.staff?
|
|
|
|
end
|
|
|
|
end
|