24 lines
361 B
Ruby
24 lines
361 B
Ruby
class AccountPolicy < ApplicationPolicy
|
|
class Scope < Scope
|
|
def resolve
|
|
if user.admin?
|
|
scope.all
|
|
else
|
|
scope.where(id: user.accounts.map(&:id))
|
|
end
|
|
end
|
|
end
|
|
|
|
def create?
|
|
user.admin?
|
|
end
|
|
|
|
def show?
|
|
user.admin?
|
|
end
|
|
|
|
def update?
|
|
user.admin? || user.accounts.map(&:id).include?(record.id)
|
|
end
|
|
end
|