skill-assessment-app/app/policies/user_policy.rb

26 lines
419 B
Ruby
Raw Normal View History

2016-09-20 14:22:20 -05:00
# frozen_string_literal: true
class UserPolicy < ApplicationPolicy
2016-09-20 17:19:11 -05:00
# User Access Policy
#
# Only Admins can view, create, or update, users
2016-09-20 14:22:20 -05:00
def view?
user.admin? && show?
end
def create?
user.admin?
end
def update?
user.admin?
end
class Scope < Scope
def resolve
return scope if user.admin?
raise Pundit::NotAuthorizedError, "No access to resource."
end
end
end