44 lines
927 B
Ruby
44 lines
927 B
Ruby
|
class Controllers::SettingsControllerPolicy < Controllers::ApplicationControllerPolicy
|
||
|
|
default_permit!('admin.*')
|
||
|
|
|
||
|
|
def show?
|
||
|
|
user.permissions!('admin.*')
|
||
|
|
authorized_for_setting?(:show?)
|
||
|
|
end
|
||
|
|
|
||
|
|
def update?
|
||
|
|
updateable?
|
||
|
|
end
|
||
|
|
|
||
|
|
def update_image?
|
||
|
|
updateable?
|
||
|
|
end
|
||
|
|
|
||
|
|
private
|
||
|
|
|
||
|
|
def setting
|
||
|
|
@setting ||= Setting.lookup(id: record.params[:id])
|
||
|
|
end
|
||
|
|
|
||
|
|
def authorized_for_setting?(query)
|
||
|
|
Pundit.authorize(user, setting, query)
|
||
|
|
true
|
||
|
|
rescue Pundit::NotAuthorizedError
|
||
|
|
not_authorized("required #{setting.preferences[:permission].inspect}")
|
||
|
|
end
|
||
|
|
|
||
|
|
def updateable?
|
||
|
|
return false if !user.permissions?('admin.*')
|
||
|
|
return false if !authorized_for_setting?(:update?)
|
||
|
|
|
||
|
|
service_enabled?
|
||
|
|
end
|
||
|
|
|
||
|
|
def service_enabled?
|
||
|
|
return true if !Setting.get('system_online_service')
|
||
|
|
return true if !setting.preferences[:online_service_disable]
|
||
|
|
|
||
|
|
not_authorized('service disabled')
|
||
|
|
end
|
||
|
|
end
|