58 lines
1.0 KiB
Ruby
58 lines
1.0 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class WafPolicyPolicy < ApplicationPolicy
|
|
def index?
|
|
true # All authenticated users can view policies
|
|
end
|
|
|
|
def show?
|
|
true # All authenticated users can view policy details
|
|
end
|
|
|
|
def new?
|
|
user.admin? || user.editor?
|
|
end
|
|
|
|
def create?
|
|
user.admin? || user.editor?
|
|
end
|
|
|
|
def edit?
|
|
user.admin? || (user.editor? && record.user == user)
|
|
end
|
|
|
|
def update?
|
|
user.admin? || (user.editor? && record.user == user)
|
|
end
|
|
|
|
def destroy?
|
|
user.admin? || (user.editor? && record.user == user)
|
|
end
|
|
|
|
def activate?
|
|
user.admin? || (user.editor? && record.user == user)
|
|
end
|
|
|
|
def deactivate?
|
|
user.admin? || (user.editor? && record.user == user)
|
|
end
|
|
|
|
def new_country?
|
|
create?
|
|
end
|
|
|
|
def create_country?
|
|
create?
|
|
end
|
|
|
|
class Scope < ApplicationPolicy::Scope
|
|
def resolve
|
|
if user.admin?
|
|
scope.all
|
|
else
|
|
# Non-admin users can only see their own policies
|
|
scope.where(user: user)
|
|
end
|
|
end
|
|
end
|
|
end |