Sutty/trabajo-afectivo
5
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
trabajo-afectivo/app/policies/user_policy.rb
Martin Gruner 5ddec48643 Maintenance: Improved updating of user records.
2021-10-05 06:42:26 +00:00

44 lines
1 KiB
Ruby
Raw Permalink Blame History

# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/
class UserPolicy < ApplicationPolicy
def show?
return true if user.permissions?('admin.*')
return true if own_account?
return true if user.permissions?('ticket.agent')
# check same organization for customers
return false if !user.permissions?('ticket.customer')
same_organization?
end
def update?
# full access for admins
return true if user.permissions?('admin.user')
# forbid non-agents to change users
return false if !user.permissions?('ticket.agent')
# allow agents to change customers only
return false if record.permissions?(['admin.user', 'ticket.agent'])
record.permissions?('ticket.customer')
end
def destroy?
user.permissions?('admin.user')
end
private
def own_account?
record.id == user.id
end
def same_organization?
return false if record.organization_id.blank?
return false if user.organization_id.blank?
record.organization_id == user.organization_id
end
end
Reference in a new issue View git blame Copy permalink