trabajo-afectivo/app/policies/controllers/organizations_controller_policy.rb

# Copyright (C) 2012-2022 Zammad Foundation, https://zammad-foundation.org/

class Controllers::OrganizationsControllerPolicy < Controllers::ApplicationControllerPolicy
  permit! :import_example, to: 'admin.organization'
  permit! :import_start, to: 'admin.user'
  permit! %i[create update destroy search history], to: ['ticket.agent', 'admin.organization']

  def show?
    return true if user.permissions?(['ticket.agent', 'admin.organization'])

    record.params[:id].to_i == user.organization_id
  end
end