34 lines
592 B
Ruby
34 lines
592 B
Ruby
# frozen_string_literal: true
|
|
class CandidatePolicy < ApplicationPolicy
|
|
# Candidate Access Policy
|
|
#
|
|
# Only Recruiters and Admins can view, create, or update, candidates
|
|
|
|
def index?
|
|
user.acts_as_recruiter?
|
|
end
|
|
|
|
def view?
|
|
user.acts_as_recruiter?
|
|
end
|
|
|
|
def create?
|
|
user.acts_as_recruiter?
|
|
end
|
|
|
|
def update?
|
|
user.acts_as_recruiter?
|
|
end
|
|
|
|
def resend_welcome?
|
|
user.acts_as_recruiter?
|
|
end
|
|
|
|
class Scope < Scope
|
|
def resolve
|
|
return scope if user.acts_as_recruiter?
|
|
raise Pundit::NotAuthorizedError, "No Access to Resource"
|
|
end
|
|
end
|
|
end
|