fab-manager/app/policies/child_policy.rb

# frozen_string_literal: true

# Check the access policies for API::ChildrenController
class ChildPolicy < ApplicationPolicy
  def create?
    !user.organization? && user.id == record.user_id
  end

  def show?
    user.privileged? || user.id == record.user_id
  end

  def update?
    user.privileged? || user.id == record.user_id
  end

  def destroy?
    user.privileged? || user.id == record.user_id
  end

  def validate?
    user.privileged?
  end
end
(wip) add/edit user children 2023-04-03 18:23:49 +02:00			`# frozen_string_literal: true`

			`# Check the access policies for API::ChildrenController`
			`class ChildPolicy < ApplicationPolicy`
			`def create?`
			`!user.organization? && user.id == record.user_id`
			`end`

			`def show?`
(feat) child validation 2023-05-25 20:17:37 +02:00			`user.privileged? \|\| user.id == record.user_id`
(wip) add/edit user children 2023-04-03 18:23:49 +02:00			`end`

			`def update?`
(feat) child validation 2023-05-25 20:17:37 +02:00			`user.privileged? \|\| user.id == record.user_id`
(wip) add/edit user children 2023-04-03 18:23:49 +02:00			`end`

			`def destroy?`
(feat) child validation 2023-05-25 20:17:37 +02:00			`user.privileged? \|\| user.id == record.user_id`
			`end`

			`def validate?`
			`user.privileged?`
(wip) add/edit user children 2023-04-03 18:23:49 +02:00			`end`
			`end`