aiden
/
mastodon
mirror of https://github.com/mastodon/mastodon
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add `self_editing?` method to user role policy (#33476)

Browse Source
pull/33482/head
Matt Jankowski 5 days ago committed by GitHub
parent dd937e115a
commit edf62d4fe3
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File

10
app/policies/user_role_policy.rb
Unescape Escape View File

@ -10,10 +10,16 @@ class UserRolePolicy < ApplicationPolicy
end
def update?
role.can?(:manage_roles) && (role.overrides?(record) || role.id == record.id)
role.can?(:manage_roles) && (role.overrides?(record) || self_editing?)
end
def destroy?
!record.everyone? && role.can?(:manage_roles) && role.overrides?(record) && role.id != record.id
!record.everyone? && role.can?(:manage_roles) && role.overrides?(record) && !self_editing?
end
private
def self_editing?
role.id == record.id
end
end

Write Preview
Loading…
Cancel
Save