Fork: 0
opidor / dmpopidor
Transfer to URL with SHA Find file
Newer
Older
dmpopidor / app / policies / department_policy.rb
@John Pinto John Pinto on 4 Jun 2019 808 bytes Add functionality for School/Department for an organisation.
Raw Blame History 
# frozen_string_literal: true

class DepartmentPolicy < ApplicationPolicy

  attr_reader :user
  attr_reader :department

  def initialize(user, department)
    raise Pundit::NotAuthorizedError, "must be logged in" unless user
    @user = user
    @department = department
  end

  def new?
    @user.can_org_admin?
  end

  def create?
    @user.can_org_admin?
  end

  def edit?
    # Only org_admins can edit their own org's departments
    @user.can_org_admin? && @user.org.id === @department.org_id
  end

  def update?
    # Only org_admins can update their own org's departments
    @user.can_org_admin? && @user.org.id === @department.org_id
  end

  def destroy?
    # Only org_admins can delete their own org's departments
    @user.can_org_admin? && @user.org.id === @department.org_id
  end

end