1234567891011121314151617181920212223242526272829303132333435363738394041424344 |
- # Copyright (C) 2012-2024 Zammad Foundation, https://zammad-foundation.org/
- class OverviewPolicy < ApplicationPolicy
- # Permission to use an overview is not implicitly granted to
- # admins, so that they don't see all overviews in their list.
- def use?
- # User must always have one role assigned.
- return false if user_has_assigned_role?
- # If overview is restricted by individual users, user must be included.
- if record.user_ids.count.positive? && record.user_ids.exclude?(user.id)
- return false
- end
- true
- end
- def show?
- user_is_admin? || use?
- end
- def create?
- user_is_admin?
- end
- def update?
- user_is_admin?
- end
- def destroy?
- user_is_admin?
- end
- private
- def user_is_admin?
- user.permissions?('admin.overview')
- end
- def user_has_assigned_role?
- (user.role_ids.to_set & record.role_ids.to_set).count.zero?
- end
- end
|