0e504e67f3
Still disallow edition of rank or permissions
19 lines
400 B
Ruby
19 lines
400 B
Ruby
# frozen_string_literal: true
|
|
|
|
class UserRolePolicy < ApplicationPolicy
|
|
def index?
|
|
role.can?(:manage_roles)
|
|
end
|
|
|
|
def create?
|
|
role.can?(:manage_roles)
|
|
end
|
|
|
|
def update?
|
|
role.can?(:manage_roles) && (role.overrides?(record) || role.id == record.id)
|
|
end
|
|
|
|
def destroy?
|
|
!record.everyone? && role.can?(:manage_roles) && role.overrides?(record) && role.id != record.id
|
|
end
|
|
end
|