26 lines
443 B
Ruby
26 lines
443 B
Ruby
class AccountAuthPolicy < ApplicationPolicy
|
|
class Scope < Scope
|
|
def resolve
|
|
if user.admin?
|
|
scope.all
|
|
elsif user.account_manager?
|
|
scope.where(account: user.account)
|
|
else
|
|
scope.none
|
|
end
|
|
end
|
|
end
|
|
|
|
def create?
|
|
user.admin? || user.account_manager?
|
|
end
|
|
|
|
def update?
|
|
user.admin? || user.account_manager?
|
|
end
|
|
|
|
def destroy?
|
|
user.admin? || user.account_manager?
|
|
end
|
|
end
|