22 lines
340 B
Ruby
22 lines
340 B
Ruby
|
# frozen_string_literal: true
|
||
|
class UserPolicy < ApplicationPolicy
|
||
|
def view?
|
||
|
user.admin? && show?
|
||
|
end
|
||
|
|
||
|
def create?
|
||
|
user.admin?
|
||
|
end
|
||
|
|
||
|
def update?
|
||
|
user.admin?
|
||
|
end
|
||
|
|
||
|
class Scope < Scope
|
||
|
def resolve
|
||
|
return scope if user.admin?
|
||
|
raise Pundit::NotAuthorizedError, "No access to resource."
|
||
|
end
|
||
|
end
|
||
|
end
|