2018-11-18 11:00:15 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
2016-09-29 09:46:39 +05:30
|
|
|
class ProjectMemberPolicy < BasePolicy
|
2023-01-13 00:05:48 +05:30
|
|
|
include MemberPolicyHelpers
|
2017-09-10 17:25:29 +05:30
|
|
|
delegate { @subject.project }
|
2016-09-29 09:46:39 +05:30
|
|
|
|
2022-06-21 17:19:12 +05:30
|
|
|
condition(:target_is_holder_of_the_personal_namespace, scope: :subject) do
|
2023-03-04 22:38:38 +05:30
|
|
|
@subject.holder_of_the_personal_namespace?
|
2022-06-21 17:19:12 +05:30
|
|
|
end
|
|
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
desc "Membership is users' own access request"
|
|
|
|
|
with_score 0
|
|
|
|
|
condition(:access_request_of_self) { record_is_access_request_of_self? }
|
|
|
|
|
|
|
|
|
|
condition(:target_is_self) { record_belongs_to_self? }
|
2020-07-28 23:09:34 +05:30
|
|
|
condition(:project_bot) { @subject.user&.project_bot? }
|
2016-09-29 09:46:39 +05:30
|
|
|
|
2017-09-10 17:25:29 +05:30
|
|
|
rule { anonymous }.prevent_all
|
2021-06-08 01:23:25 +05:30
|
|
|
|
2022-06-21 17:19:12 +05:30
|
|
|
rule { target_is_holder_of_the_personal_namespace }.policy do
|
2021-06-08 01:23:25 +05:30
|
|
|
prevent :update_project_member
|
|
|
|
|
prevent :destroy_project_member
|
|
|
|
|
end
|
2016-09-29 09:46:39 +05:30
|
|
|
|
2020-07-28 23:09:34 +05:30
|
|
|
rule { ~project_bot & can?(:admin_project_member) }.policy do
|
2017-09-10 17:25:29 +05:30
|
|
|
enable :update_project_member
|
|
|
|
|
enable :destroy_project_member
|
2016-09-29 09:46:39 +05:30
|
|
|
end
|
2017-09-10 17:25:29 +05:30
|
|
|
|
2020-07-28 23:09:34 +05:30
|
|
|
rule { project_bot & can?(:admin_project_member) }.enable :destroy_project_bot_member
|
|
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
rule { target_is_self }.policy do
|
|
|
|
|
enable :destroy_project_member
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
rule { access_request_of_self }.policy do
|
|
|
|
|
enable :withdraw_member_access_request
|
|
|
|
|
end
|
2016-09-29 09:46:39 +05:30
|
|
|
end
|
