project_member_policy.rb 480 Bytes
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
class ProjectMemberPolicy < BasePolicy
  def rules
    # anonymous users have no abilities here
    return unless @user

    target_user = @subject.user
    project = @subject.project

    return if target_user == project.owner

    can_manage = Ability.allowed?(@user, :admin_project_member, project)

    if can_manage
      can! :update_project_member
      can! :destroy_project_member
    end

    if @user == target_user
      can! :destroy_project_member
    end
  end
end