chuckya/app/policies/user_policy.rb
Eugen Rochko 771c9d4ba8
Add ability to skip sign-in token authentication for specific users (#16427)
Remove "active within last two weeks" exception for sign in token requirement

Change admin reset password to lock access until the password is reset
2021-07-08 05:31:28 +02:00

61 lines
841 B
Ruby

# frozen_string_literal: true
class UserPolicy < ApplicationPolicy
def reset_password?
staff? && !record.staff?
end
def change_email?
staff? && !record.staff?
end
def disable_2fa?
admin? && !record.staff?
end
def disable_sign_in_token_auth?
staff?
end
def enable_sign_in_token_auth?
staff?
end
def confirm?
staff? && !record.confirmed?
end
def enable?
staff?
end
def approve?
staff? && !record.approved?
end
def reject?
staff? && !record.approved?
end
def disable?
staff? && !record.admin?
end
def promote?
admin? && promoteable?
end
def demote?
admin? && !record.admin? && demoteable?
end
private
def promoteable?
record.approved? && (!record.staff? || !record.admin?)
end
def demoteable?
record.staff?
end
end