mastodon/app/policies/user_policy.rb

# frozen_string_literal: true

class UserPolicy < ApplicationPolicy
  def reset_password?
    staff? && !record.staff?
  end

  def disable_2fa?
    admin? && !record.staff?
  end

  def confirm?
    staff? && !record.confirmed?
  end

  def enable?
    admin?
  end

  def disable?
    admin? && !record.admin?
  end

  def promote?
    admin? && promoteable?
  end

  def demote?
    admin? && !record.admin? && demoteable?
  end

  private

  def promoteable?
    !record.staff? || !record.admin?
  end

  def demoteable?
    record.staff?
  end
end
Add moderator role and add pundit policies for admin actions (#5635) * Add moderator role and add pundit policies for admin actions * Add rake task for turning user into mod and revoking it again * Fix handling of unauthorized exception * Deliver new report e-mails to staff, not just admins * Add promote/demote to admin UI, hide some actions conditionally * Fix unused i18n 2017-11-11 20:23:33 +01:00			`# frozen_string_literal: true`

			`class UserPolicy < ApplicationPolicy`
			`def reset_password?`
			`staff? && !record.staff?`
			`end`

			`def disable_2fa?`
			`admin? && !record.staff?`
			`end`

			`def confirm?`
			`staff? && !record.confirmed?`
			`end`

			`def enable?`
			`admin?`
			`end`

			`def disable?`
			`admin? && !record.admin?`
			`end`

			`def promote?`
			`admin? && promoteable?`
			`end`

			`def demote?`
			`admin? && !record.admin? && demoteable?`
			`end`

			`private`

			`def promoteable?`
			`!record.staff? \|\| !record.admin?`
			`end`

			`def demoteable?`
			`record.staff?`
			`end`
			`end`