| 12345678910111213141516171819202122232425262728 |
- class OrganizationPolicy < ApplicationPolicy
- def show?
- return true if user.permissions?(['admin', 'ticket.agent'])
- return true if record.id == user.organization_id
- false
- end
- def update?
- return true if user.permissions?(['admin', 'ticket.agent'])
- false
- end
- class Scope < ApplicationPolicy::Scope
- def resolve
- if user.permissions?(['ticket.agent', 'admin.organization'])
- scope.all
- elsif user.organization_id
- scope.where(id: user.organization_id)
- else
- scope.none
- end
- end
- end
- end
|
