lib/ditty/templates/policy.rb.erb
# frozen_string_literal: true
require 'ditty/policies/application_policy'
module <%= namespace %>
class <%= model_name %>Policy < Ditty::ApplicationPolicy
def create?
user
end
def list?
create?
end
def read?
<%- if columns.include? :user_id -%>
user && (record.user_id == user.id || user.super_admin?)
<%- else -%>
user
<%- end -%>
end
def update?
read?
end
def delete?
user&.super_admin?
end
def permitted_attributes
%i[<%= (columns - meta_columns).join(' ') %>]
end
class Scope < Ditty::ApplicationPolicy::Scope
def resolve
<%- if columns.include? :user_id -%>
return scope if user&.super_admin?
return scope.where(user_id: user.id) if user
<%- else -%>
return scope if user
<%- end -%>
scope.where(id: -1)
end
end
end
end