Skip to content

Commit 37e487e

Browse files
committed
policy updates
1 parent f3dff72 commit 37e487e

3 files changed

Lines changed: 21 additions & 13 deletions

File tree

app/controllers/admin/users_controller.rb

Lines changed: 17 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -31,15 +31,23 @@ def index
3131
def show
3232
authorize @user
3333

34-
@enrollments_by_term = @user.enrollments
35-
.includes({ course: [ :faculties, :term, meeting_times: { rooms: :building } ] })
36-
.joins(course: :term)
37-
.order("terms.year DESC, terms.season DESC")
38-
.group_by { |e| e.course.term }
39-
40-
@oauth_credentials = @user.oauth_credentials
41-
.includes(:google_calendar)
42-
.order(created_at: :desc)
34+
@enrollments_by_term = if policy(@user).view_enrollments?
35+
@user.enrollments
36+
.includes({ course: [ :faculties, :term, meeting_times: { rooms: :building } ] })
37+
.joins(course: :term)
38+
.order("terms.year DESC, terms.season DESC")
39+
.group_by { |e| e.course.term }
40+
else
41+
{}
42+
end
43+
44+
@oauth_credentials = if policy(@user).view_oauth_credentials?
45+
@user.oauth_credentials
46+
.includes(:google_calendar)
47+
.order(created_at: :desc)
48+
else
49+
[]
50+
end
4351

4452
@friends = @user.friends.to_a
4553
@incoming_requests = @user.incoming_friend_requests.includes(:requester).to_a

app/policies/enrollment_policy.rb

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,15 +1,15 @@
11
# frozen_string_literal: true
22

33
class EnrollmentPolicy < ApplicationPolicy
4-
def index? = admin?
5-
def show? = owner_of_record? || admin?
4+
def index? = super_admin?
5+
def show? = owner_of_record? || super_admin?
66
def create? = owner_of_record? || super_admin?
77
def update? = owner_of_record? || super_admin?
88
def destroy? = owner_of_record? || can_perform_destructive_action?
99

1010
class Scope < ApplicationPolicy::Scope
1111
def resolve
12-
user&.admin_access? ? scope.all : scope.where(user_id: user&.id)
12+
(user&.super_admin? || user&.owner?) ? scope.all : scope.where(user_id: user&.id)
1313
end
1414
end
1515
end

app/policies/user_policy.rb

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ def force_calendar_sync? = super_admin?
1313
def manage_friendships? = super_admin?
1414

1515
def view_user_details? = show?
16-
def view_oauth_credentials? = admin?
16+
def view_oauth_credentials? = super_admin?
1717
def manage_oauth_credentials? = super_admin?
1818
def view_enrollments? = super_admin?
1919
def view_calendar_sync_info? = admin?

0 commit comments

Comments
 (0)