2015-05-05 03:10:25 +02:00
|
|
|
class UserPolicy < ApplicationPolicy
|
|
|
|
class Scope < Scope
|
|
|
|
def resolve
|
|
|
|
if user.is_admin?
|
2016-03-23 18:39:41 +01:00
|
|
|
scope.includes(:group, :training_credits, :machine_credits, :subscriptions => [:plan => [:credits]], :profile => [:user_avatar]).joins(:roles).where("users.is_active = 'true' AND roles.name = 'member'").order('users.created_at desc')
|
2015-05-05 03:10:25 +02:00
|
|
|
else
|
2016-06-16 09:30:38 +02:00
|
|
|
scope.includes(:profile => [:user_avatar]).joins(:roles).where("users.is_active = 'true' AND roles.name = 'member'").where(is_allow_contact: true).order('users.created_at desc')
|
2015-05-05 03:10:25 +02:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def show?
|
2016-03-23 18:39:41 +01:00
|
|
|
user.is_admin? or (record.is_allow_contact and record.is_member?) or (user.id == record.id)
|
2015-05-05 03:10:25 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
def update?
|
|
|
|
user.is_admin? or (user.id == record.id)
|
|
|
|
end
|
2016-03-23 18:39:41 +01:00
|
|
|
|
|
|
|
def destroy?
|
|
|
|
user.id == record.id
|
|
|
|
end
|
|
|
|
|
|
|
|
def merge?
|
|
|
|
user.id == record.id
|
|
|
|
end
|
2016-05-30 15:39:19 +02:00
|
|
|
|
2016-06-21 14:39:44 +02:00
|
|
|
%w(list create mapping).each do |action|
|
|
|
|
define_method "#{action}?" do
|
|
|
|
user.is_admin?
|
|
|
|
end
|
2016-05-30 15:39:19 +02:00
|
|
|
end
|
2015-05-05 03:10:25 +02:00
|
|
|
end
|