fab-manager/app/policies/slot_policy.rb

# frozen_string_literal: true

# Check the access policies for API::SlotsController
class SlotPolicy < ApplicationPolicy
  def update?
    # check that the update is allowed and the prevention delay has not expired
    delay = Setting.get('booking_move_delay').to_i
    enabled = Setting.get('booking_move_enable')

    # these condition does not apply to admins
    user.admin? || user.manager? ||
      (record.reservation.user == user && enabled && ((record.start_at - DateTime.current).to_i / 3600 >= delay))
  end

  def cancel?
    user.admin? || user.manager? || record.reservation.user == user
  end
end
[manager] manage agenda + book machines for himself&others 2020-04-27 12:12:29 +02:00			`# frozen_string_literal: true`

			`# Check the access policies for API::SlotsController`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`class SlotPolicy < ApplicationPolicy`
			`def update?`
			`# check that the update is allowed and the prevention delay has not expired`
refactored code to use Setting.get 2020-05-13 15:02:03 +02:00			`delay = Setting.get('booking_move_delay').to_i`
fix setting.get for boolean 2020-05-25 16:47:06 +02:00			`enabled = Setting.get('booking_move_enable')`
release 2.0 rc 2016-03-23 18:39:41 +01:00
			`# these condition does not apply to admins`
[manager] manage agenda + book machines for himself&others 2020-04-27 12:12:29 +02:00			`user.admin? \|\| user.manager? \|\|`
			`(record.reservation.user == user && enabled && ((record.start_at - DateTime.current).to_i / 3600 >= delay))`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`end`

			`def cancel?`
[manager] manage agenda + book machines for himself&others 2020-04-27 12:12:29 +02:00			`user.admin? \|\| user.manager? \|\| record.reservation.user == user`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`end`
			`end`