Fork: 0
opidor / dmpopidor
Transfer to URL with SHA Find file
Newer
Older
dmpopidor / app / policies / user_policy.rb
@Quentin Sonrel Quentin Sonrel on 16 May 2018 961 bytes Implemented Notifications
Raw Blame History 
class UserPolicy < ApplicationPolicy
  attr_reader :user

  def initialize(user, users)
    raise Pundit::NotAuthorizedError, "must be logged in" unless user
    @user = user
    @users = users
  end

  def admin_index?
    @user.can_grant_permissions?
  end

  def index?
    admin_index?
  end

  def admin_grant_permissions?
    @user.can_grant_permissions? && ((@users.org_id == @user.org_id) || @user.can_super_admin?)
  end

  def admin_update_permissions?
    @user.can_grant_permissions?  && ((@users.org_id == @user.org_id) || @user.can_super_admin?)
  end

  # Allows the user to swap their org affiliation on the fly
  def org_swap?
    user.can_super_admin?
  end

  def activate?
    user.can_super_admin?
  end

  def edit?
    user.can_super_admin?
  end

  def update?
    user.can_super_admin?
  end

  class Scope < Scope
    def resolve
      scope.where(org_id: user.org_id)
    end
  end

  def acknowledge_notification?
    true
  end
end