# frozen_string_literal: true class ReviewerVotePolicy < ApplicationPolicy # Voting Policy # # Only Reviewers and Managers can cast a vote on a quiz result # # Reviewers can vote any quiz they are linked to # Only Managers, and Admins, can veto a quiz result def up? return false unless user.commented_on?(record.candidate.test_hash) return false unless record.candidate.reviewers.include? user return false if user.admin? user.acts_as_reviewer? end def down? return false unless user.commented_on?(record.candidate.test_hash) return false unless record.candidate.reviewers.include? user return false if user.admin? user.acts_as_reviewer? end def approve? return true if user.acts_as_admin? return false unless record.candidate.reviewers.include? user user.acts_as_manager? end def decline? return true if user.acts_as_admin? return false unless record.candidate.reviewers.include? user user.acts_as_manager? end class Scope < Scope def resolve return ReviewerVote.none if user.recruiter? if user.reviewer? scope.where(user_id: user.id) else scope end end end end