Class: Pageflow::UserPolicy Private

Inherits:

ApplicationPolicy

• Object
• ApplicationPolicy
• Pageflow::UserPolicy

Defined in:

app/policies/pageflow/user_policy.rb

This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.

Defined Under Namespace

Classes: Scope

Instance Attribute Summary

• #user ⇒ Object readonly private

Instance Method Summary

• #add_account_to? ⇒ Boolean private
• #admin? ⇒ Boolean private
• #create? ⇒ Boolean private
• #create_any? ⇒ Boolean private
• #delete_own_user? ⇒ Boolean private
• #destroy? ⇒ Boolean private
• #index? ⇒ Boolean private
• #initialize(user, managed_user) ⇒ UserPolicy constructor private

  A new instance of UserPolicy.

• #read? ⇒ Boolean private
• #redirect_to_user? ⇒ Boolean private
• #see_admin_status? ⇒ Boolean private
• #set_admin? ⇒ Boolean private
• #suspend? ⇒ Boolean private

Constructor Details

#initialize(user, managed_user) ⇒ UserPolicy

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns a new instance of UserPolicy.

# File 'app/policies/pageflow/user_policy.rb', line 36

def initialize(user, managed_user)
  @user = user
  @managed_user = managed_user
end

Instance Attribute Details

#user ⇒ Object (readonly)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

# File 'app/policies/pageflow/user_policy.rb', line 34

def user
  @user
end

Instance Method Details

#add_account_to? ⇒ Boolean

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns:

• (Boolean)

# File 'app/policies/pageflow/user_policy.rb', line 54

def add_account_to?
  Pageflow.config.allow_multiaccount_users
end

#admin? ⇒ Boolean

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns:

• (Boolean)

# File 'app/policies/pageflow/user_policy.rb', line 78

def admin?
  @user.admin?
end

#create? ⇒ Boolean

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns:

• (Boolean)

# File 'app/policies/pageflow/user_policy.rb', line 45

def create?
  index?
end

#create_any? ⇒ Boolean

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns:

• (Boolean)

# File 'app/policies/pageflow/user_policy.rb', line 41

def create_any?
  index?
end

#delete_own_user? ⇒ Boolean

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns:

• (Boolean)

# File 'app/policies/pageflow/user_policy.rb', line 94

def delete_own_user?
  Pageflow.config.authorize_user_deletion.call(@managed_user) == true
end

#destroy? ⇒ Boolean

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns:

• (Boolean)

# File 'app/policies/pageflow/user_policy.rb', line 74

def destroy?
  deny_sign_in?
end

#index? ⇒ Boolean

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns:

• (Boolean)

# File 'app/policies/pageflow/user_policy.rb', line 49

def index?
  @user.admin? ||
    @user.memberships.on_accounts.where(role: 'manager').any?
end

#read? ⇒ Boolean

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns:

• (Boolean)

# File 'app/policies/pageflow/user_policy.rb', line 58

def read?
  manager_accounts = AccountPolicy::Scope
                     .new(@user, Account).member_addable
  managed_user_accounts = AccountPolicy::Scope
                          .new(@managed_user, Account).resolve
  manager_accounts.intersect?(managed_user_accounts)
end

#redirect_to_user? ⇒ Boolean

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns:

• (Boolean)

# File 'app/policies/pageflow/user_policy.rb', line 66

def redirect_to_user?
  read?
end

#see_admin_status? ⇒ Boolean

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns:

• (Boolean)

# File 'app/policies/pageflow/user_policy.rb', line 86

def see_admin_status?
  if permissions_config.only_admins_may_see_admin_boolean
    admin?
  else
    read?
  end
end

#set_admin? ⇒ Boolean

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns:

• (Boolean)

# File 'app/policies/pageflow/user_policy.rb', line 82

def set_admin?
  admin?
end

#suspend? ⇒ Boolean

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns:

• (Boolean)

# File 'app/policies/pageflow/user_policy.rb', line 70

def suspend?
  deny_sign_in?
end