2022-01-01 13:38:12 +00:00
|
|
|
# Copyright (C) 2012-2022 Zammad Foundation, https://zammad-foundation.org/
|
2021-06-01 12:20:20 +00:00
|
|
|
|
2020-03-19 09:39:51 +00:00
|
|
|
class Controllers::SettingsControllerPolicy < Controllers::ApplicationControllerPolicy
|
|
|
|
default_permit!('admin.*')
|
|
|
|
|
|
|
|
def show?
|
|
|
|
user.permissions!('admin.*')
|
|
|
|
authorized_for_setting?(:show?)
|
|
|
|
end
|
|
|
|
|
|
|
|
def update?
|
|
|
|
updateable?
|
|
|
|
end
|
|
|
|
|
|
|
|
def update_image?
|
|
|
|
updateable?
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def setting
|
|
|
|
@setting ||= Setting.lookup(id: record.params[:id])
|
|
|
|
end
|
|
|
|
|
|
|
|
def authorized_for_setting?(query)
|
|
|
|
Pundit.authorize(user, setting, query)
|
|
|
|
true
|
|
|
|
rescue Pundit::NotAuthorizedError
|
|
|
|
not_authorized("required #{setting.preferences[:permission].inspect}")
|
|
|
|
end
|
|
|
|
|
|
|
|
def updateable?
|
|
|
|
return false if !user.permissions?('admin.*')
|
|
|
|
return false if !authorized_for_setting?(:update?)
|
|
|
|
|
|
|
|
service_enabled?
|
|
|
|
end
|
|
|
|
|
|
|
|
def service_enabled?
|
|
|
|
return true if !Setting.get('system_online_service')
|
|
|
|
return true if !setting.preferences[:online_service_disable]
|
|
|
|
|
|
|
|
not_authorized('service disabled')
|
|
|
|
end
|
|
|
|
end
|