Fork: 0
opidor / dmpopidor
Transfer to URL with SHA Find file
Newer
Older
dmpopidor / app / policies / user_policy.rb
@FAURE Benjamin FAURE Benjamin on 13 Dec 2019 1 KB Added missing user policy preventing using pagination in the plan list on the user profile
Raw Blame History 
class UserPolicy < ApplicationPolicy
  attr_reader :signed_in_user
  attr_reader :user

  def initialize(signed_in_user, user)
    raise Pundit::NotAuthorizedError, "must be logged in" unless signed_in_user
    @signed_in_user = signed_in_user
    @user = user
  end

  def index?
    admin_index?
  end

  def admin_index?
    signed_in_user.can_grant_permissions?
  end

  def admin_grant_permissions?
    (signed_in_user.can_grant_permissions? && user.org_id == signed_in_user.org_id) || signed_in_user.can_super_admin?
  end

  def admin_update_permissions?
    (signed_in_user.can_grant_permissions? && user.org_id == signed_in_user.org_id) || signed_in_user.can_super_admin?
  end

  # Allows the user to swap their org affiliation on the fly
  def org_swap?
    signed_in_user.can_super_admin?
  end

  def activate?
    signed_in_user.can_super_admin?
  end

  def edit?
    signed_in_user.can_super_admin? || signed_in_user.can_org_admin?
  end

  def update?
    signed_in_user.can_super_admin? || signed_in_user.can_org_admin?
  end

  def user_plans?
    signed_in_user.can_super_admin? || signed_in_user.can_org_admin?
  end

  def update_email_preferences?
    true
  end

  def acknowledge_notification?
    true
  end

  def merge?
    signed_in_user.can_super_admin?
  end

  def archive?
    signed_in_user.can_super_admin?
  end

  def search?
    signed_in_user.can_super_admin?
  end

  def org_admin_other_user?
    signed_in_user.can_super_admin? || signed_in_user.can_org_admin?
  end

  class Scope < Scope
    def resolve
      scope.where(org_id: user.org_id)
    end
  end
end