class DeployTokenPolicy < BasePolicy
  with_options scope: :subject, score: 0
  condition(:master) { @subject.project.team.master?(@user) }

  rule { anonymous }.prevent_all

  rule { master }.policy do
    enable :create_deploy_token
    enable :update_deploy_token
  end
end