mirror of
https://github.com/mastodon/mastodon.git
synced 2024-11-21 20:15:10 +01:00
ecb3bb3256
Still disallow edition of rank or permissions
20 lines
400 B
Ruby
20 lines
400 B
Ruby
# frozen_string_literal: true
|
|
|
|
class UserRolePolicy < ApplicationPolicy
|
|
def index?
|
|
role.can?(:manage_roles)
|
|
end
|
|
|
|
def create?
|
|
role.can?(:manage_roles)
|
|
end
|
|
|
|
def update?
|
|
role.can?(:manage_roles) && (role.overrides?(record) || role.id == record.id)
|
|
end
|
|
|
|
def destroy?
|
|
!record.everyone? && role.can?(:manage_roles) && role.overrides?(record) && role.id != record.id
|
|
end
|
|
end
|