KumiSystems/Chatwoot
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
Chatwoot/app/policies/inbox_policy.rb
Sojan Jose 534acfbf96
chore: Ensure privilege validations for API endpoints (#2224) 
Co-authored-by: Pranav Raj S <pranav@chatwoot.com>
2021-06-11 11:44:31 +05:30

56 lines
986 B
Ruby
Raw Blame History

class InboxPolicy < ApplicationPolicy
class Scope
attr_reader :user_context, :user, :scope, :account, :account_user
def initialize(user_context, scope)
@user_context = user_context
@user = user_context[:user]
@account = user_context[:account]
@account_user = user_context[:account_user]
@scope = scope
end
def resolve
user.assigned_inboxes
end
end
def index?
true
end
def show?
# FIXME: for agent bots, lets bring this validation to policies as well in future
return true if @user.blank?
Current.user.assigned_inboxes.include? record
end
def assignable_agents?
true
end
def agent_bot?
true
end
def campaigns?
@account_user.administrator?
end
def create?
@account_user.administrator?
end
def update?
@account_user.administrator?
end
def destroy?
@account_user.administrator?
end
def set_agent_bot?
@account_user.administrator?
end
end
Reference in a new issue View git blame Copy permalink