12 lines
371 B
Ruby
12 lines
371 B
Ruby
class DeployKeyPolicy < BasePolicy
|
|
with_options scope: :subject, score: 0
|
|
condition(:private_deploy_key) { @subject.private? }
|
|
|
|
condition(:has_deploy_key) { @user.project_deploy_keys.exists?(id: @subject.id) }
|
|
|
|
rule { anonymous }.prevent_all
|
|
|
|
rule { admin }.enable :update_deploy_key
|
|
rule { private_deploy_key & has_deploy_key }.enable :update_deploy_key
|
|
end
|