33 lines
769 B
Ruby
33 lines
769 B
Ruby
# frozen_string_literal: true
|
|
|
|
class GroupMemberPolicy < BasePolicy
|
|
delegate :group
|
|
|
|
with_scope :subject
|
|
condition(:last_owner) { @subject.group.last_owner?(@subject.user) }
|
|
|
|
desc "Membership is users' own"
|
|
with_score 0
|
|
condition(:is_target_user) { @user && @subject.user_id == @user.id }
|
|
|
|
rule { anonymous }.policy do
|
|
prevent :update_group_member
|
|
prevent :destroy_group_member
|
|
end
|
|
|
|
rule { last_owner }.policy do
|
|
prevent :update_group_member
|
|
prevent :destroy_group_member
|
|
end
|
|
|
|
rule { can?(:admin_group_member) }.policy do
|
|
enable :update_group_member
|
|
enable :destroy_group_member
|
|
end
|
|
|
|
rule { is_target_user }.policy do
|
|
enable :destroy_group_member
|
|
end
|
|
end
|
|
|
|
GroupMemberPolicy.prepend_if_ee('EE::GroupMemberPolicy')
|