fab-manager/app/policies/slot_policy.rb

# frozen_string_literal: true

# Check the access policies for API::SlotsController
class SlotPolicy < ApplicationPolicy
  def update?
    # check that the update is allowed and the prevention delay has not expired
    delay = Setting.find_by(name: 'booking_move_delay').value.to_i
    enabled = (Setting.find_by(name: 'booking_move_enable').value == 'true')

    # these condition does not apply to admins
    user.admin? || user.manager? ||
      (record.reservation.user == user && enabled && ((record.start_at - DateTime.current).to_i / 3600 >= delay))
  end

  def cancel?
    user.admin? || user.manager? || record.reservation.user == user
  end
end
[manager] manage agenda + book machines for himself&others 2020-04-27 12:12:29 +02:00			`# frozen_string_literal: true`

			`# Check the access policies for API::SlotsController`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`class SlotPolicy < ApplicationPolicy`
			`def update?`
			`# check that the update is allowed and the prevention delay has not expired`
[manager] manage agenda + book machines for himself&others 2020-04-27 12:12:29 +02:00			`delay = Setting.find_by(name: 'booking_move_delay').value.to_i`
			`enabled = (Setting.find_by(name: 'booking_move_enable').value == 'true')`
release 2.0 rc 2016-03-23 18:39:41 +01:00
			`# these condition does not apply to admins`
[manager] manage agenda + book machines for himself&others 2020-04-27 12:12:29 +02:00			`user.admin? \|\| user.manager? \|\|`
			`(record.reservation.user == user && enabled && ((record.start_at - DateTime.current).to_i / 3600 >= delay))`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`end`

			`def cancel?`
[manager] manage agenda + book machines for himself&others 2020-04-27 12:12:29 +02:00			`user.admin? \|\| user.manager? \|\| record.reservation.user == user`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`end`
			`end`