app/policies/locomotive/membership_policy.rb in locomotivecms-4.0.0.alpha2 vs app/policies/locomotive/membership_policy.rb in locomotivecms-4.0.0.alpha3
- old
+ new
@@ -1,10 +1,10 @@
module Locomotive
class MembershipPolicy < ApplicationPolicy
def index?
- site_admin?
+ site_admin_or_designer?
end
def create?
site_admin_or_designer?
end
@@ -12,25 +12,21 @@
def update?
site_admin_or_designer? && change_role?
end
def destroy?
- site_admin? && change_role?
+ site_admin_or_designer? && change_role?
end
# The role cannot be set higher than the current one (we use the index in
# the roles array to check role presidence)
def change_role?
roles = Locomotive::Membership::ROLES
roles.index(resource.role.to_s) <= roles.index(membership.role.to_s)
end
def permitted_attributes
- if site_admin?
- [:email, :role]
- else
- []
- end
+ [:email, :role]
end
end
end