Add moderator role and add pundit policies for admin actions (#5635)
* Add moderator role and add pundit policies for admin actions * Add rake task for turning user into mod and revoking it again * Fix handling of unauthorized exception * Deliver new report e-mails to staff, not just admins * Add promote/demote to admin UI, hide some actions conditionally * Fix unused i18n
This commit is contained in:
Eugen Rochko
GitHub
41
app/policies/user_policy.rb
Normal file
41
app/policies/user_policy.rb
Normal file
@ -0,0 +1,41 @@
|
||||
# frozen_string_literal: true
|
||||
|
||||
class UserPolicy < ApplicationPolicy
|
||||
def reset_password?
|
||||
staff? && !record.staff?
|
||||
end
|
||||
|
||||
def disable_2fa?
|
||||
admin? && !record.staff?
|
||||
end
|
||||
|
||||
def confirm?
|
||||
staff? && !record.confirmed?
|
||||
end
|
||||
|
||||
def enable?
|
||||
admin?
|
||||
end
|
||||
|
||||
def disable?
|
||||
admin? && !record.admin?
|
||||
end
|
||||
|
||||
def promote?
|
||||
admin? && promoteable?
|
||||
end
|
||||
|
||||
def demote?
|
||||
admin? && !record.admin? && demoteable?
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def promoteable?
|
||||
!record.staff? || !record.admin?
|
||||
end
|
||||
|
||||
def demoteable?
|
||||
record.staff?
|
||||
end
|
||||
end
|
||||
Reference in New Issue
Block a user